Naked celebrities on LinkedIn lead to malware

A blog post by our friends at Trend Micro caught my eye this morning, and got some of the guys inside SophosLabs looking a little closer at some of the profiles listed on the business networking site, LinkedIn.

It’s surprising how many people signed-up on LinkedIn have words like “nude” and “naked” in their job title. It’s possible that some of these are genuine (for instance, the person who claims to be the Chief Nude Parachutist at a New York-based company), but many of them are not.

For instance, I think it’s very unlikely that Paris Hilton works for a firm called “company B”, and that she would want to post links claiming to be of her infamous sex video.


Paris Hilton sex tape on LinkedIn

Another celebrity who has fallen foul of a private home movie becoming public is Kim Kardashian. It seems that the hackers who have peppered LinkedIn with fake profiles also believe that people will be searching for videos of her, and so they have created a page for her too.

Kim Kardashian naked on LinkedIn

Other names (of various levels of fame) with fake profiles on LinkedIn include Jaime Pressly, Christina Aguilera, Keri Russell, Zooey Deschanel, Lizzy Caplan, Brooke Hogan and Tila Tequila.

Some of the links contained in these profiles are currently down, but SophosLabs can confirm that as recently as January 1st 2009 the malicious Troj/Decdec-A Javascript code was being found on them, downloading further malware onto visiting computers.

It’s a shame that LinkedIn aren’t keeping a closer eye on obviously bogus profiles being created on their site. Undoubtedly spammers, malware authors and other cybercriminals may be abusing the system to link to their webpages in the hope that it will generate a higher ranking in search engines like Google.