'Lady Gaga Found Dead in Hotel Room' Facebook Likejacking Scam Leads to Malware
Quirky songtress Lady Gaga brought art to life when she performed in drag as Joe Calderone, an alter ego featured on her CD cover, at this year's MTV Video Music Awards. Staying in full character, reportedly, she too stood alongside the guys in the little boy's room. Fans may have questioned the extremity of her commitment, but I'm certain they never thought it would leave her dead in a hotel room.
Facebook fans and tweeters received grim news that the eccentric pop singer was found dead in a hotel room through a message similar to Figure 1 below. The attention grabbing headline was preceded by a somber subtitled that read, 'This is the most awful day in US history.' Readers were provided a link to a BBC World News video to confirm the story. Unless Lady Gaga has a paternal twin or nine lives, she too was 'found dead in a hotel room' last month and I think even the month before that. Okay, it is safe to say this is a hoax and the award winning singer and songwriter is alive and well.
Figure 1. - Lady Gaga Found Dead in Hotel Room Facebook likejacking hoax image.
Cybercriminals enjoy feeding off of human emotions, making it easy to exploit social networkers' obsession with celebrities. They use sensationalized links and videos to lure victims into scams, likejacking traps, and often infringe on the copyright or branding of popular businesses to gain trust. For instance on the Facebook playground, clicking either the title or subtitle tease will route you to a rogue BBC World News Facebook page. In order to watch the purported video, one must 'pay with a tweet.' Although a legitimate 'pay with a tweet' app exist that grants access to free online products when you actually tweet about a particular topic, this tweet request is poisonous and mere fraud. Clicking could download the malicious parasite identified as Troj/Iframe-ET and potentially trigger spam or tweets to your family, friends and followers.
The fraudulent 'pay with a tweet' link also takes you to a rogue video player window overlain with a hidden iframe. Clicking anywhere within the iframe 'likes' the page, which post or spreads the germ to your Facebook wall in wait of your family and trusting Facebook friends.
Currently, the malicious web page hosting the rogue video player window is down or unavailable. Scams like these come a dime a dozen on the web and until PC users 'think before they click', they will continue being victimized by greedy and cynical cybercriminals.
Is The 'Lady Gaga' Virus Dangerous?
Like in real life, any virus or infection threatens one's health and livelihood. We know, you only clicked because you are a very compassionate and caring (but not nosey) person. But what do you do now? You need to disinfect your system. First, however, you should clean your Facebook wall and send a tweet to inform others so they do not fall victim to this distasteful hoax. Next, you need to act fast to find and remove malware you accidentally downloaded onto your PC.
Online Scamming is big business and there's a lot of money to be made or stolen. Greedy cybercriminals exploit any and everything and invest lots of your money to hire the best hackers and programmers to shape and build malware. All malware has a purpose. Some common threats are theft of vital data out of a browser's cache, copying data off of web-based forms, spoofing email accounts to spam everyone on the contact list, or opening a backdoor and giving a hacker remote access. Nefarious programmers are infusing malicious programs with stealth programming techniques to help hide and camouflage infectious files and programs so prying eyes or scanning tools cannot detect and remove.
Chances are the Trojans or viruses that slid inside are using rootkit technology and as a result:
- The malicious executable is looped and will run at every boot.
- Weaker anti-virus or anti-spyware programs have been deactivated and to keep victims in the dark, a shell will remain that misfires.
- Administrative controls like Task Manager and the firewall have been disabled.
- Legitimate system, registry or .dll directory files have been injected with poisonous script to run and mask malicious activity.
- Infectious files have been masked and hidden deep in the system kernel, BIOS or MBR.
If you are not skilled in editing the registry, system, or .dll directory, you should instead use a reputable anti-malware solution known to contain an anti-rootkit component to find and safely remove viruses. Otherwise, you could delete the wrong files and damage your hard drive.
Okay tweeters, our readers are ready for you to sing. Did the jaw dropping headline really get you to ‘click’ or tweet?
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.