Fake Beyonce, Victoria Beckham LinkedIn pages carry malware

Powered by SC Magazine
 

Researchers have identified malicious links present on fake LinkedIn profiles claiming to belong to Beyonce Knowles, Victoria Beckham and about 25 other celebrities.

Researchers have identified malicious links present on fake LinkedIn profiles claiming to belong to Beyonce Knowles, Victoria Beckham and about 25 other celebrities.

Christina Ricci, Kirsten Dunst, Salma Hayek, Kate Hudson and Hulk Hogan were just some of the other celebrities with fake LinkedIn profiles, claiming to contain links to websites where nude videos of the celebrity could be seen. In reality, the links lead users through a series of redirections, with the goal of downloading a rogue anti-virus program to the user's machine.

The malicious links have been removed, but this type of attack is not going away anytime soon, Paul Ferguson, a threat researcher with computer security firm Trend Micro, told SCMagazineUS.com.

This issue is not new -- similar exploits were identified recently on Google's Blogspot and Flickr -- and exploits such as this could remain a problem because few measures are in place to prevent cybercriminals from creating new malicious accounts on LinkedIn or similar websites.

“The tactics are similar but the platform is expanding,” Ferguson said, adding this is the first exploit of its kind to hit LinkedIn.

A LinkedIn spokesperson was not available for comment.

Because of the openness of Web 2.0 platforms such as LinkedIn, users are able to interact easily, but the downside is that they are easily exploitable, Ferguson said.

Constructing an exploit such as this is a matter of creating the accounts, populating them with links that lead to malware and then using social engineering tactics to get people to click the links, he said. The best way to counter such attacks is to quickly respond to abuse reports.

Ferguson said LinkedIn removed the fraudulent profiles, likely created by Eastern European-based cybercriminals, in about 12 hours.

Richard Stiennon, chief research analyst of consultancy IT-Harvest, wrote this week on his Threat Chaos blog that exploits to LinkedIn are inevitable and that social networking sites such as Facebook and MySpace will need to start doing better checks for malware.

“As social media sites proliferate and mash together, there are more and more opportunities for hackers to post their spam and malicious links,” Stiennon wrote.

McAfee Avert Labs also posted a blog about the malware, warning users to “beware when following links, even on trusted Web 2.0 platforms like LinkedIn. Especially when they promise some nude celebrity videos.”

See original article on scmagazineus.com

Copyright © SC Magazine, US edition


Fake Beyonce, Victoria Beckham LinkedIn pages carry malware
 
 
 
Top Stories
Westpac interim CIO resigns
Group CIO yet to be appointed.
 
Five emerging technologies that will transform financial services
[Blog post] Far out ideas that aren't far off.
 
Earning the right to innovate
Breaking down the barriers to innovation is a long, but rewarding process, says Bank of Queensland Group CIO, Julie Bale.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
What is delaying adoption of public cloud in your organisation?







   |   View results
Lock-in concerns
  28%
 
Application integration concerns
  3%
 
Security and compliance concerns
  27%
 
Unreliable network infrastructure
  9%
 
Data sovereignty concerns
  22%
 
Lack of stakeholder support
  3%
 
Protecting on-premise IT jobs
  4%
 
Difficulty transitioning CapEx budget into OpEx
  3%
TOTAL VOTES: 954

Vote