A new scam is capitalizing on reports of 'Celebgate 2.0' by making off with users' personal information and posting spam on Twitter. According to several media outlets, hackers have published the private photos of multiple female actresses including Emma Watson, Amanda Seyfried, Dylan Penn, and others. Some are calling these leaks "Celegate 2.0," a designation which hearkens back to an incident in 2014 when hackers phished the Gmail and Apple accounts for Jennifer Lawrence and several other female celebrities. The attackers, some of whom received criminals charges for their crimes, leveraged their unauthorized access to peruse their targets' backups including their personal photos, some of which were sensitive in nature. Many of these images ultimately became available online for download. Given the sensationalism of the incident, it's no wonder scammers are seeking to capitalize on people's curiosity for nefarious ends. Malwarebytes has detected one such spam that's using hundreds of messages to advertise nude pictures of Paige, a WWE wrestler.
Spam messages advertising sensitive images of Paige. (Source: Malwarebytes) Each of the messages contains a bit.ly link that resolves to twitter(dot)specialoffers(dot)pw/funnyvideos/redirect(dot)php, where users can install a Twitter app that's connected to viralnews(dot)com. They just need to agree to a host of sketchy permissions, including the app's ability to access their Twitter login information and update their profile. It even requests the ability to post Tweets, a right which explains the automated Paige Twitter spam posts that start flowing from a linked account.
Twitter spam involving Paige. (Source: Malwarebytes) But the app isn't done yet. Upon successful installation, the app redirects the user to a site that promises leaked images of Paige. This is the first step of a bit.ly link chain advertising sensitive photos of the WWE wrestler. With that said, the final stop isn't all that surprising. Malwarebytes malware intelligence analyst Chris Boyd explains in a blog post:
"As per the screenshot, there’s one final redirect URL (a bit(dot)do address) which took us to an Amazon themed survey gift card page. Suffice to say, filling this in hands your personal information to marketers – and there’s no guarantee you’ll get any pictures at the end of it (and given the images have been stolen without permission, one might say the people jumping through hoops receive their just desserts in the form of a large helping of 'nothing at all')."
Users can protect themselves against this scam by not visiting suspicious web pages offering leaked images of celebrities. They should leave this data dump alone and find something more productive to do online.
