Fake Beyonce, Victoria Beckham LinkedIn pages carry malware

Powered by SC Magazine
 

Researchers have identified malicious links present on fake LinkedIn profiles claiming to belong to Beyonce Knowles, Victoria Beckham and about 25 other celebrities.

Researchers have identified malicious links present on fake LinkedIn profiles claiming to belong to Beyonce Knowles, Victoria Beckham and about 25 other celebrities.

Christina Ricci, Kirsten Dunst, Salma Hayek, Kate Hudson and Hulk Hogan were just some of the other celebrities with fake LinkedIn profiles, claiming to contain links to websites where nude videos of the celebrity could be seen. In reality, the links lead users through a series of redirections, with the goal of downloading a rogue anti-virus program to the user's machine.

The malicious links have been removed, but this type of attack is not going away anytime soon, Paul Ferguson, a threat researcher with computer security firm Trend Micro, told SCMagazineUS.com.

This issue is not new -- similar exploits were identified recently on Google's Blogspot and Flickr -- and exploits such as this could remain a problem because few measures are in place to prevent cybercriminals from creating new malicious accounts on LinkedIn or similar websites.

“The tactics are similar but the platform is expanding,” Ferguson said, adding this is the first exploit of its kind to hit LinkedIn.

A LinkedIn spokesperson was not available for comment.

Because of the openness of Web 2.0 platforms such as LinkedIn, users are able to interact easily, but the downside is that they are easily exploitable, Ferguson said.

Constructing an exploit such as this is a matter of creating the accounts, populating them with links that lead to malware and then using social engineering tactics to get people to click the links, he said. The best way to counter such attacks is to quickly respond to abuse reports.

Ferguson said LinkedIn removed the fraudulent profiles, likely created by Eastern European-based cybercriminals, in about 12 hours.

Richard Stiennon, chief research analyst of consultancy IT-Harvest, wrote this week on his Threat Chaos blog that exploits to LinkedIn are inevitable and that social networking sites such as Facebook and MySpace will need to start doing better checks for malware.

“As social media sites proliferate and mash together, there are more and more opportunities for hackers to post their spam and malicious links,” Stiennon wrote.

McAfee Avert Labs also posted a blog about the malware, warning users to “beware when following links, even on trusted Web 2.0 platforms like LinkedIn. Especially when they promise some nude celebrity videos.”

See original article on scmagazineus.com

Copyright © SC Magazine, US edition


Fake Beyonce, Victoria Beckham LinkedIn pages carry malware
 
 
 
Top Stories
Parliament passes law to let ASIO tap entire internet
Greens effort to limit devices fails.
 
Business-focused Windows 10 brings back the Start menu
Microsoft skips 9 for the "greatest enterprise platform ever".
 
Feeling Shellshocked?
Stay up to date with patching for the Bash bug.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Which is the most prevalent cyber attack method your organisation faces?




   |   View results
Phishing and social engineering
  65%
 
Advanced persistent threats
  5%
 
Unpatched or unsupported software vulnerabilities
  11%
 
Denial of service attacks
  6%
 
Insider threats
  12%
TOTAL VOTES: 1395

Vote