Leighton Meester sex video lure spreads Mac and Windows malware to Twitter users

Here’s an unusual cocktail: Internet celeb and former Apple Mac evangelist Guy Kawasaki, a sex video of Leighton Meester (the star of hit TV show “Gossip Girl”), a sprinkle of Twitter, and a shot of web-based malware.

My suspicions were raised when I saw that Guy Kawasaki has posted a message saying

Leighton Meester sex tape video free download!

on his Twitter account.

Sure enough, following the link hops you between a series of websites, offering to show you a sex video of the young Hollywood actress.

(Enjoy this video? You can check out more on the SophosLabs YouTube channel and subscribe if you like)

As we’ve seen in other attacks in the past, agreeing to download the codec to view the sex video is not a good idea. The webpage can tell if you are visiting the site using an Apple Mac or a Windows computer, and will serve up the relevant piece of malware. In the case of Macs the malware is detected by Sophos as OSX/Jahlav-C.

The fact that the post was published on Guy Kawasaki’s Twitter account (which has almost 140,000 followers) is particularly worrying. I wonder how many people might have thought it was worth the risk of clicking on the link, if there was a chance of watching a free Leighton Meester sex video.

It’s only a couple of weeks since we reported on other instances of hackers spreading the Jahlav-C Trojan horse via an X-rated lure to Mac users. The worry is that many Mac users are not running any anti-virus protection – something maybe they need to reconsider.

After all, if you really want to watch a sexy video of a celebrity chances are that you probably will be prepared to enter your system password to allow a video codec plugin to install.