Temptation to look is once again being used as bait for a variety of malware attacks, thanks in part to the widespread coverage of the recent nude celebrity photos leaks on 4chan and reddit. The old bait-and-switch move, a well-worn social engineering attack on Twitter and other social networking services, has now been updated with promises of intimate photos of Jennifer Lawrence. In reality, the link delivers malware “dropper” software instead.
Researchers at Trend Micro have uncovered a number of new social engineering attacks based on the celebrity photos. One in particular uses Lawrence as the bait, with a shortened URL that the Twitter lure promises will take you to “Jennifer Lawrence Leaked Photos.” The tweet uses hashtags for Jennifer Lawrence both by her full name and by “JLaw” in order to target people actively seeking information about her.
Those who fall for the bait are taken to a website with a “video”—which is in fact a link to fake “Video Converter” software. What really gets delivered is a malware package that Trend Micro calls ADW_BRANTALL, an adware installer that targets Microsoft Windows 7 and earlier Windows versions.