Click here to monitor SSC
SQLServerCentral is supported by Red Gate Software Ltd.
 
Log in  ::  Register  ::  Not logged in
 
 
 

K. Brian Kelley - Databases, Infrastructure, and Security

IT Security, MySQL, Perl, SQL Server, and Windows technologies.

Fake LinkedIn profiles with links to malware

This is a little old (five days based on the last update), but TrendMicro put on their blog about fake LinkedIn profiles which have links leading to malware.

The basics:

  • The fake profiles are for famous people others would likely be looking for (like Paris Hilton, Beyonce, etc.)
  • The malware isn't hosted on the profile page itself, but the links on the profile page take you to the malware locations.
  • The malware in question throws up a GUI that calls itself MS Antispyware 2009 and is reasonably well done (meaning a lot of people can be taken by it).
  • TrendMicro is calling it a trojan, but they didn't give what it does other than download itself.

With respect to the last point, it's still disturbing. Again it's a case of attackers going after a legitimate and trusted site to get users to be directed to malware. In this case they aren't hacking the site, rather using the functionality provided to end users.

 

Comments

No comments.

Leave a Comment

Please register or log in to leave a comment.