Banned Lady Gaga video attack spreads on Twitter via rogue app

Filed Under: Celebrities, Nude Celebrities, Social networks, Spam, Twitter

Watch out for tweets about a banned Lady Gaga video, currently spreading across the Twitter network.

The tweets are being posted by rogue applications, that users are allowing to access their profiles in the belief that they will get to view a prohibited video of Lady Gaga

Tweet promoting banned Lady Gaga video

VIDEO PROHIBIDO LADY GAGA banned [LINK] @shakira @ladygaga como ganar dinero facil

(Please note that the precise wording can vary)

If you make the mistake of clicking on the link you are taken to a fake YouTube webpage.

Fake YouTube page

Of course, you believe that you're going to watch a banned video of Lady Gaga so you might very well click on the play button.

Doing so, however, asks you to grant permission to a third party app which wants to connect with your Twitter account.

Rogue Twitter application

Don't, whatever you do, give it permission to continue. Because if you do, your account can now be accessed by third parties - who will be able to post messages in your name to all of your followers.

Hopefully the fact that the messages we have seen so far have all been in Spanish may reduce the impact of this particular attack.

Interestingly, it seems that Lady Gaga herself has been having trouble with these Twitter hackers.

The eccentric songstress, who has more followers on Twitter than anyone else in the world, posted a message yesterday saying:

Whoever is hacking my Twitter must answer to 10 million monsters and Twitter police. #Don'tMakeMeCallTheApostles

Although the singer quickly deleted the rogue tweets that had upset her so much from her page, I was able to discover them cached elsewhere on the net:

TAROT de shakira [LINK] clarividente de @shakira #horoscopo ganar dinero navegando

and

VIDEO PROHIBIDO LADY GAGA @ladygaga [LINK] ganar dinero navegando

The bit.ly links used in the messages posted to Lady Gaga's Twitter page linked to the same fake YouTube page, and were created by the same person who appears to be behind the rogue application attack.

Lady GagaIs it possible that Lady Gaga, or the staff who manage her Twitter account, fell for the scam themselves? And that's why the rogue message appeared on Lady Gaga's Twitter page?

Lady Gaga has over 9.6 million followers on Twitter, making her the most popular person on the network (yes, beating even Justin Bieber..) and a prize goal for any scammer who wants their scammy spammy links to be spread to as wide an audience as possible.

If you were unfortunate enough to grant a rogue applications access to your Twitter account, revoke its rights immediately by going to the Twitter website and visiting Settings/Connections and revoking the offending app's rights.

Don't make it easy for scammers to make money in this way, and always exercise caution about which third party apps you allow to connect with your social networking accounts.

If you're on Twitter and want to learn more about threats, be sure to follow Naked Security's team of writers.

, , ,

You might like

One Response to Banned Lady Gaga video attack spreads on Twitter via rogue app

  1. Elisabeth Kuhn · 1084 days ago

    Wow! Thanks for sharing this info. It sure inspires me to be even more careful about what I click on!

    And I'm not surprised that Lady Gaga (or, more likely, her staff) "fell" for it. It's their job to monitor what's being tweeted about them, and so they were just doing due diligence, though they should have known better than to give those people access to Lady Gaga's account.

    A tip for the future? Why not have a test account that you can use to access potentially questionable apps. That way, the damage at least will be minimized...

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley is an award-winning security blogger, and veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.