A new scam is capitalizing on check up ons of ‘Celebgate 2.0′ by making off with users’ personal information and brace spam on Twitter.
According to several media outlets, hackers cause published the private photos of multiple female actresses including Emma Watson, Amanda Seyfried, Dylan Penn, and others. Some are pursuit these leaks “Celegate 2.0,” a designation which hearkens uphold to an incident in 2014 when hackers phished the Gmail and Apple accounts for Jennifer Lawrence and sundry other female celebrities. The attackers, some of whom received racketeers charges for their crimes, leveraged their unauthorized access to review their targets’ backups including their personal photos, some of which were susceptible in nature. Many of these images ultimately became available online for download.
Addicted the sensationalism of the incident, it’s no wonder scammers are seeking to capitalize on people’s interest for nefarious ends. Malwarebytes has detected one such spam that’s using hundreds of news to advertise nude pictures of Paige, a WWE wrestler.
Each of the messages contains a bit.ly tie-up that resolves to twitter(dot)specialoffers(dot)pw/funnyvideos/redirect(dot)php, where drugs can install a Twitter app that’s connected to viralnews(dot)com. They just desperate straits to agree to a host of sketchy permissions, including the app’s ability to access their Chirruping login information and update their profile. It even requests the capacity to post Tweets, a right which explains the automated Paige Tweet spam posts that start flowing from a linked account.
But the app isn’t done yet. Upon profitable installation, the app redirects the user to a site that promises leaked figures of Paige. This is the first step of a bit.ly link chain advertising reactive photos of the WWE wrestler. With that said, the final stop isn’t all that disconcerting.
Malwarebytes malware intelligence analyst Chris Boyd explains in a blog assignment:
“As per the screenshot, there’s one final redirect URL (a bit(dot)do address) which took us to an Amazon themed investigation gift card page. Suffice to say, filling this in hands your insulting information to marketers – and there’s no guarantee you’ll get any pictures at the end of it (and given the images receive been stolen without permission, one might say the people jumping wholly hoops receive their just desserts in the form of a large serving of ‘nothing at all’).”
Users can protect themselves against this scam by not on suspicious web pages offering leaked images of celebrities. They should assign this data dump alone and find something more prolific to do online.