Incident Response, Malware, TDR

Fake Beyonce, Victoria Beckham LinkedIn pages carry malware

Researchers have identified malicious links present on fake LinkedIn profiles claiming to belong to Beyonce Knowles, Victoria Beckham and about 25 other celebrities.

Christina Ricci, Kirsten Dunst, Salma Hayek, Kate Hudson and Hulk Hogan were just some of the other celebrities with fake LinkedIn profiles, claiming to contain links to websites where nude videos of the celebrity could be seen. In reality, the links lead users through a series of redirections, with the goal of downloading a rogue anti-virus program to the user's machine.

The malicious links have been removed, but this type of attack is not going away anytime soon, Paul Ferguson, a threat researcher with computer security firm Trend Micro, told Wednesday.

This issue is not new -- similar exploits were identified recently on Google's Blogspot and Flickr -- and exploits such as this could remain a problem because few measures are in place to prevent cybercriminals from creating new malicious accounts on LinkedIn or similar websites.

“The tactics are similar but the platform is expanding,” Ferguson said, adding this is the first exploit of its kind to hit LinkedIn.

A LinkedIn spokesperson was not available Wednesday for comment.

Because of the openness of Web 2.0 platforms such as LinkedIn, users are able to interact easily, but the downside is that they are easily exploitable, Ferguson said.

Constructing an exploit such as this is a matter of creating the accounts, populating them with links that lead to malware and then using social engineering tactics to get people to click the links, he said. The best way to counter such attacks is to quickly respond to abuse reports.

Ferguson said LinkedIn removed the fraudulent profiles, likely created by Eastern European-based cybercriminals, in about 12 hours.

Richard Stiennon, chief research analyst of consultancy IT-Harvest, wrote this week on his Threat Chaos blog that exploits to LinkedIn are inevitable and that social networking sites such as Facebook and MySpace will need to start doing better checks for malware.

“As social media sites proliferate and mash together, there are more and more opportunities for hackers to post their spam and malicious links,” Stiennon wrote.

McAfee Avert Labs posted a blog about the malware, warning users to, “beware when following links, even on trusted Web 2.0 platforms like LinkedIn. Especially when they promise some nude celebrity videos.”

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.