The Latest in IT Security

Miley Sex Tape Spam Blows Smoke in your Eyes


It’s been a busy week for Miley Cyrus, what with all that bikini trying on and slimmer figure displaying and, er, whatever else she normally does. As you’ve likely guessed, people are currently posting up links that bank on the lure of Miley being too much to resist.

Presenting: some Miley Cyrus sex tape spam.

Click to Enlarge

As you can see, it’s on Tumblr. Clicking the link would redirect the end-user through two URLs (currently offline) and lead them to what appears to be a fashion website touting – of course – a sex tape.

Click to Enlarge

Clicking anywhere in the video will bring up the following prompt:

“Sorry, this server is currently overloaded. Install UTPlayer & watch video without browser”

Can you say “shenanigans”? I can, because taking a look at the source code reveals the following wheeze at the end-user’s expense:

Click to Enlarge

It doesn’t matter whether you click “Ok” or “Cancel”, the executable file will download onto the PC either way. If the end-user fires up the installer, they’ll be given a series of install prompts and the choice of installing the Babylon toolbar (and a “2yourface” component”).

Click to Enlarge

While the end-user can opt out of the Babylon install, they’re locked into the UTPlayer whatever they do – hitting “Decline”, “Agree” or even the red X will still result in UTPlayer lurching into life on the system.

In spectacular fashion, I might add. Of all the odd websites that could have popped up at install – and I’ve seen a few in my time – we get this:

Click to Enlarge

…a site selling cigarettes?

“We ship to the USA, Canada. All 50 states! We do not report any information about our consumers to any authorities!”

Uh, okay. I guess? That’s certainly different, if nothing else. We’re still no closer to the Miley sex tape though, so let’s fire up the UTPlayer and see what happens:

Click to Enlarge

The answer, of course, is “not much”.

I suppose the idea here is that it plays Youtube videos, which would be great if it wasn’t entirely non-functional. It doesn’t matter what you do – type something into the search bar and hit the button, press the favourites, forlornly click about in the middle of the screen – there’s no Youtube videos, there’s no sex tape, there’s no Miley Cyrus wagging an admonishing finger at you – just the creeping realisation that ten minutes of your life are gone, never to return. Humorously, you can click the “You need Adobe Flash Player to watch this video” link and all it’ll do is trigger tracking stat tracking links in the background:

Every now and then, a link for the Adobe Flash installer will join them but trying this on machines with Flash installed and fully updated made no difference.

Taking a look at the website for the UTPlayer (which the end-user would have to have the initiative to look for separately, because there’s no mention of it at install and the EULA only references the Babylon toolbar / 2yourface) reveals the following:

Click to Enlarge

You’re supposed to paste Youtube video URLs into the player, save them as favourites then hit the play button. Given the requirement to have Adobe Flash Player on board, I made sure the machine was dressed to the nines with more Flash than you could shake a stick at only for this to happen:

Click to Enlarge

“The Adobe Flash Player or an HTML5 supported browser is required for video playback.

Get the latest Flash Player”

….oh. At this point, I imagine the end-user has given up all hope of simply playing Youtube videos, never mind hunting for a mythical Miley sex tape. It doesn’t matter whether your launchpad to rude video failure is Facebook, Tumblr or any other social network – you can bet your bottom dollar that promises of dubious Miley antics will only result in spam, surveys or installs of software you can probably live without.

The VirusTotal score for this one is currently pegged at 4/42, and we detect this as Win32.Malware!Drop.

Christopher Boyd (Thanks to Jovi and James for additional research)

Leave a reply



Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...



Latest Comments