Cyber criminals have crippled New Zealand’s internet with a false promise of illicit pictures of Hollywood stars such as Hunger Games actor Jennifer Lawrence.
Several dozen computer users may have clicked emails, links on Facebook and Twitter hashtags on the promise of views of naked stars and without knowing it, turned their computer into a device to attack the rest of the world.
The attack was launched on Friday night from somewhere outside New Zealand and quickly impacted internet services, slowing them down and sometimes cutting them off completely.
Spark spokesman Conor Roberts says they do not know what is behind the attack at the moment – they are too busy just repairing the battered network.
But IT specialists around the world know exactly what is going on: the internet is crashing because a lot of people want to see Jennifer Lawrence naked.
Computer security company Symantec and security experts TrendMicro issued alerts on Friday – just as New Zealand came under attack.
TrendMicro says that with the big iCloud hacking leak of Hollywood stars it was only a matter of time “before some enterprising cybercriminal decided that things were ripe for leveraging with socially-engineered threats.
“And that’s just what happened.”
TrendMicro say they found the first attack on Twitter, in the form of a tweet being posted with hashtags that contain the name of one of the leak’s victims – Jennifer Lawrence.
“The tweet spots a shortened link that, if clicked, leads the user to a website offering a video of the actress in question.”
The tweets with the hashtag #jenniferlawrence include a shortened link to a video but users are directed to download a “video converter” that is actually malicious software.
Symantec say scammers are sending fake texts and emails pretending to be from Apple support and saying that as part of the nude photo hacking, their computers have been compromised.
In a classic phishing scam, the cyber villains send messages that appear to be legitimate, convincing victims to enter their account information.
Spark says the company has no information linking their woes to the global scam at this stage.
Roberts says in the attack they are seeing in New Zealand – which on a global scale is decidedly average but is large here – the cyber crooks aim to get malware or bugs planted into innocent computers.
And it is from those computers that a massive amount of data is fired back out on the internet, creating a “denial of service” attack.
These select particular targets – such as banks – in an attempt to hack their computers.
Roberts says they do not yet know where the initial attack is coming from.
The malware installed onto the innocent computers is generating denial of service attacks toward Europe.
“That’s been done by international cyber criminals who have installed this malicious software,” he said.He said Spark have identified a dozen or more computers that have got the malware accidentally installed on them.
Their IT people have called those who have been found and are seeking to neutralise the malware.
While Spark has come under criticism for the internet slowdown, Roberts says it is not their fault but a result of being part of a global fibre network.
“We’re working as quickly as we can and obviously apologise to those people who have been impacted.”