PROFESSIONAL SOCIAL NETWORK Linkedin is suing a gang of anonymous hackers who created thousands of fake accounts to extract data from existing member profile pages.
According to court documents, the gang used Amazon's Elastic Compute Cloud (EC2) service to evade Linkedin security measures, running automated bots on virtual computers rented from Amazon to automatically harvest details on the business social networking website.
The activity, which is known as data scraping, is "explicitly barred" by Linkedin's User Agreement, which "prohibits access to Linkedin through scraping, spidering, crawling or other technology or software used to access data without the express written consent of Linkedin or its Members".
"Since May 2013, unknown persons and/or entities employing various automated software programs (often referred to as "bots") have registered thousands of fake Linkedin member accounts and have extracted and copied data from many member profile pages," the company's attorneys alleged in a complaint [PDF] filed against 10 unnamed "Doe" defendants this week in US District Court in Northern California.
"Registering so many unique new accounts allowed the Doe defendants to view hundreds of thousands of member profiles per day."
The hackers also managed to bypass Linkedin's CAPTCHA dialogue system to perpetrate their mischievous deeds, a technology that usually flags abusive attempts to register at the website.
Other security measures the attackers managed to dodge included the Sentinel activity monitoring system, which limits the number of requests permitted from a single IP address.
Linkedin's lawsuit requests the court's permission to discover the identities of the 10 hackers. µ