• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • February 22nd, 2019
  • Home
  • About Us
  • Team
  • Advertise
  • Submit News
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Google+
    • Linkedin
    • Youtube
Home » Security » Scammers spreading celebrity nude PDFs on Facebook, pushing malware installation

Scammers spreading celebrity nude PDFs on Facebook, pushing malware installation

December 13th, 2016 Waqas Malware, Security, Social Network News 0 comments
Scammers spreading celebrity nude PDFs on Facebook, pushing malware installation
Share on FacebookShare on Twitter

Google Chrome is one of the most used Internet browsers but lately, it is being used by cybercriminals and scammers to infect users with adware, malware and other malicious programs due to the low level of scrutiny on its web store.

Recently, an Internet security firm Cyren discovered a malicious Chrome extension spreading nude celebrity PDFs all over the Internet including on Facebook. You might be thinking what’s the big deal about spreading PDFs? Well, that’s just a beginning of an irritating adware and malware campaign.

Also Read: Pakistani Hacker Gets $5000 for Reporting Flaws in Chrome and FireFox

PDF file that is being spread by scammers.

Upon clicking on the PDF file a new tab opens which looks like a video with a play button on it. Upon clicking the play button, those on FireFox, Internet Explorer or Safari browsers are redirected to several new web pages containing adverts and nude content.

Scammers using playing button to trick users into opening malicious sites.

Meanwhile, those on Chrome browser are redirected to a fake YouTube site. The victim is again asked to click on a play button and doing so opens a pop up that further asks to install Google Chrome extension. Once the extension is installed it can read and collect all personal data of a Facebook user including permission such as “posting on their behalf.”

The extension then posts “nude PDF” files on Facebook groups, timeline and also sends them to their friends’ private messages. It looks like the scammers behind this whole campaign are taking advantage of nude celebrity photos that were leaked back in 2014.

Also Read: Chrome App for Android To Alert Users on Visiting Malicious Sites

The security researchers at Cyren noted that this Chrome extension is specially developed to block antivirus software from detecting and deleting it. It also blocks users from opening dev tools tabs making it almost impossible for victims to get rid of it. However, good news is that Google has already deleted the extension but if you have mistakenly installed this extension you will have to delete the Registry key from the Registry Editor. Thanks to Cyren researchers who pointed out exactly what the key is:

This is the path to the Registry Editor:

HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extension

This is the path to the extension folder:

C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions
[fullsquaread][/fullsquaread]

Previously, Chrome browser was used for a similar campaign when “Facebook comment tagging malware” made its way to users browsers through a Chrome extension. So watch out and avoid installed unverified extensions and applications.

  • Tags
  • Chrome
  • Facebook
  • internet
  • Malware
  • Privacy
  • security
  • Social Media
Facebook Twitter Google+ LinkedIn Pinterest
Previous article Facebook Technical Glitch Making Old Pictures Reappear on Timeline
Next article Europol and US authorities bust 34 DDoS attackers and 101 suspects
Waqas

Waqas

Waqas Amir is a UK-based cybersecurity journalist with a passion for covering latest happenings in cyber security and tech world. In addition to being the founder of this website, Waqas is also into gaming, reading and investigative journalism.

Related Posts
Taking Care of Your Personal Online Security (For Paranoids)

Taking Care of Your Personal Online Security (For Paranoids)

Understanding VPN through open systems interconnection model

Understanding VPN through open systems interconnection model

Major Android ad fraud scam campaign drains battery & eats data

Major Android ad fraud scam campaign drains battery & eats data

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

LATEST POSTS
Taking Care of Your Personal Online Security (For Paranoids)
Surveillance

Taking Care of Your Personal Online Security (For Paranoids)

Feb 22nd, 2019 61
Understanding VPN through open systems interconnection model
Leaks

Understanding VPN through open systems interconnection model

Feb 21st, 2019 374
Major Android ad fraud scam campaign drains battery & eats data
Cyber Crime

Major Android ad fraud scam campaign drains battery & eats data

Feb 21st, 2019 301
Severe flaws in password managers let hackers extract clear-text passwords
Security

Severe flaws in password managers let hackers extract clear-text passwords

Feb 20th, 2019 1852

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in Milan, Italy.

Follow us