Sophos Cloud Optix
Here’s an unusual cocktail: Internet celeb and former Apple Mac evangelist Guy Kawasaki, a sex video of Leighton Meester (the star of hit TV show “Gossip Girl”), a sprinkle of Twitter, and a shot of web-based malware.
My suspicions were raised when I saw that Guy Kawasaki has posted a message saying
Leighton Meester sex tape video free download!
on his Twitter account.
Sure enough, following the link hops you between a series of websites, offering to show you a sex video of the young Hollywood actress.
(Enjoy this video? You can check out more on the SophosLabs YouTube channel and subscribe if you like)
As we’ve seen in other attacks in the past, agreeing to download the codec to view the sex video is not a good idea. The webpage can tell if you are visiting the site using an Apple Mac or a Windows computer, and will serve up the relevant piece of malware. In the case of Macs the malware is detected by Sophos as OSX/Jahlav-C.
The fact that the post was published on Guy Kawasaki’s Twitter account (which has almost 140,000 followers) is particularly worrying. I wonder how many people might have thought it was worth the risk of clicking on the link, if there was a chance of watching a free Leighton Meester sex video.
It’s only a couple of weeks since we reported on other instances of hackers spreading the Jahlav-C Trojan horse via an X-rated lure to Mac users. The worry is that many Mac users are not running any anti-virus protection – something maybe they need to reconsider.
After all, if you really want to watch a sexy video of a celebrity chances are that you probably will be prepared to enter your system password to allow a video codec plugin to install.
I’m sorry, but anyone who follows Guy Kawasaki will be smart enough not to install some unknown plugin just to see a sex video.
You could argue that Guy Kawasaki would have been too smart to allow unfiltered malicious tweets to appear on his Twitter page too… but that still managed to happen, didn't it? :-/
No, I won't argue that, because I don't think the two situations can and should be compared.
I don't know the reason about how these messages got into Guy's Twitter page, but I doubt it's because he has done something so stupid as to download a special plugin to watch some porn clip, so the same goes for the audience.
Please, keep in mind that I don't say it's impossible to get infected. It might happen even if you are the smartest guy in the world, but for the situation we are talking about I don't find it likely that Guy's followers would be so stupid as to fall into the obvious trap. Some of them might have clicked on the links to see what's that stuff, fearless they are, because of the mighty and invulnerable Linux or MacOS that they are using, but downloading a plugin for watching a porn clip is just too much.
All I can tell you is that every day, thousands of Windows users fall for tricks exactly like this…
they're in such a rush to see a sexy video that they don't think twice about installing a "flash update" or a video codec.
Personally, I don't believe that Mac users are any different from Windows users in this regard. In fact – if anything – perhaps Mac users are more relaxed about the threat of malware and are *more* likely to take the risk if it means they'll get to see a naked video of Erin Andrews or Leighton Meester.
Computers are pretty sophisticated in the 21st century. Unfortunately, the people using them are still cavemen.
I also used to believe that no-one would fall for these kind of tricks… until I heard about the numbers, and the demographics.
In fact, I think I once read somewhere that people who are confident or believe they are 'tech savvy', the kind of people who might follow Guy's twitter, are actually quite susceptible to social engineering attacks because they believe they're protected. Though I can't be bothered to find the link, so you'd have to look into it yourself… I'm sure there's been plenty of research done on this stuff…