SQLServerCentral is supported by Red Gate Software Ltd.
 
Log in  ::  Register  ::  Not logged in
Search:  
 
Home Articles Editorials Forums Scripts Videos Blogs QotD Books Ask SSC SQL Jobs Training Authors About us Contact us Newsletters Advertise Write for us


 

K. Brian Kelley - Databases, Infrastructure, and Security

Add to Technorati Favorites Add to Google
Author Bio
Brian is a SQL Server author, columnist, and Microsoft MVP focusing primarily on SQL Server security. He is a contributing author for How to Cheat at Securing SQL Server 2005 (Syngress) and Professional SQL Server 2008 Administration (Wrox). Brian currently serves as a database administrator / architect for AgFirst Farm Credit Bank where he can concentrate on his passion: SQL Server. He previously was a systems and security architect for AgFirst Farm Credit Bank where he worked on Active Directory, Windows security, VMware, and Citrix. In the technical community, Brian is president of the Midlands PASS Chapter, an official chapter of PASS. Brian is also a junior high youth minister at Spears Creek Baptist Church in Elgin, SC.
Author's SSC Profile
View this Author's Articles
 

Fake LinkedIn profiles with links to malware

By K. Brian Kelley in K. Brian Kelley - Databases, Infrastructure, and Security | 01-20-2009 10:31 PM | Categories: Filed under: ,
Rating: (not yet rated) |  Discuss | 2,416 Reads | 159 Reads in Last 30 Days |no comments

This is a little old (five days based on the last update), but TrendMicro put on their blog about fake LinkedIn profiles which have links leading to malware.

The basics:

  • The fake profiles are for famous people others would likely be looking for (like Paris Hilton, Beyonce, etc.)
  • The malware isn't hosted on the profile page itself, but the links on the profile page take you to the malware locations.
  • The malware in question throws up a GUI that calls itself MS Antispyware 2009 and is reasonably well done (meaning a lot of people can be taken by it).
  • TrendMicro is calling it a trojan, but they didn't give what it does other than download itself.

With respect to the last point, it's still disturbing. Again it's a case of attackers going after a legitimate and trusted site to get users to be directed to malware. In this case they aren't hacking the site, rather using the functionality provided to end users.

 

Comments
There are no comments on this post
Leave a Comment
Only members of SQLServerCentral may leave comments. Register now for your free account or Sign-In if you are already a member.
 
 
Copyright © 2002-2009 Simple Talk Publishing. All Rights Reserved. Privacy Policy. Terms of Use