Bogus celebrity LinkedIn profiles hide malware
Published: 07 Jan 2009 14:23 GMT
A security researcher has discovered fake profiles for celebrities on LinkedIn that have links to malicious code, according to a blog posting on Trend Micro's site.
The celebrity profiles that are not to be trusted include ones created using the names: Beyoncé Knowles, Victoria Beckham, Christina Ricci, Kirsten Dunst, Salma Hayek and Kate Hudson. They were uncovered by Trend Micro Advanced Threats Researcher Ivan Macalintal.
In its blog posting late on Monday, Trend Micro said it was continuing its investigation. The links on the professional networking site attempt to lure viewers by purporting to be nude shots of the celebrities.
McAfee's Avert Labs Blog has more details and screenshots.
"So when an unsuspecting user gets tricked to follow the lure, he will end up on different malicious websites trying the classical social-engineering tricks of either the 'missing video codec' or of showing a fake AV scan and telling the user his computer was infected with malware and offering a 'free' AV scanner software, which in fact is the real threat," the McAfee blog says.
Graham Cluley of Sophos also found many other fake celebrity profiles and said that as recently as Thursday, the Troj/Decdec-A malicious JavaScript code was being found on them.
"It's a shame that LinkedIn [isn't] keeping a closer eye on obviously bogus profiles being created on [its] site," Cluley wrote. "Undoubtedly, spammers, malware authors and other cybercriminals may be abusing the system to link to their web pages in the hope that it will generate a higher ranking in search engines like Google."
Representatives from LinkedIn did not immediately return a call seeking comment on Tuesday.
Credit: Fake celebrity LinkedIn profiles from CNET News.com
Did you find this article useful?
Digg
Slashdot
Del.ici.ous
Stumble
Reddit
