Scammers are exploiting a new batch of leaked celebrity nudes, using the stolen selfies to lure in gawpers and make a fast buck.
Voyeurs are told to install a smartphone app that promises to reveal comprising photos of British WWE star Paige – whose intimate private photos and videos were leaked online this month without permission. The wrestler is among a clutch of celebs whose nude pics and sex tapes were very recently snatched and spread on the web, an act dubbed The Fappening 2.0 after similar leaks in 2014.
Pervs hoping for an illicit glimpse of Paige are tricked into allowing the app to access their Twitter account, and then led along a warren of URLs that go nowhere and serve no purpose other than to make crooks money from affiliate marketing and advertising link clicks.
Determined gawpers will eventually wind up on an internet survey page that promises to reward you with an Amazon gift card after you hand over details about yourself. "Filling this in hands your personal information to marketers," said Chris Boyd, a malware intelligence analyst at Malwarebytes. A writeup of the scam – complete with screenshots – can be found in a blog post by Boyd, here.
While surfers are looking through all these links, the dodgy phone app spams out tweets from their accounts, complete with yet more pictures and URLs as bait. It's another example – only days after the Twitter Counter app was hacked to send out propaganda branding the Dutch and Germans as Nazis – why netizens should be wary of third-party Twitter apps.
This month's Fappening 2.0 leak has cropped up in other cybercrime scams. For example, message board denizens are warning others of dodgy download links and random zip files claiming to contain stolen nude photos and video clips.
"As freshly leaked pictures and video of celebrities continue to be dropped online, so too will scammers try to make capital out of image-hungry clickers," Boyd warned.
"Apart from the fact that these images have been taken without permission so you really shouldn't be hunting for them, anyone going digging on less-than-reputable sites is pretty much declaring open season on their computers. Do yourself a favor and leave this leak alone. It probably won't be long before the Malware authors and exploit slingers roll into town." ®
Sponsored: Webcast: Ransomware has gone nuclear