The same threat actor continues to target celebrity Instagram accounts to push scam sites to their wide audience. Recently the Instagram account of the popular actor Robert Downey Jr. (43.3M followers) has been hacked, other victims are the singer Nicole Scherzinger (3.9; followers), and the actresses and TV stars Yanet García (11.5M followers) and Chloë Moretz.
Once the hackers have taken over the celebrity Instagram accounts have posted multiple shortened links leading to pages with surveys that were used to collect personal information.
In this way attackers could generate profits in two way, reselling the information provided by the users and earning a fee for each survey completed.
The experts observed the threat actors behind the attacks following a specific scam pattern.
“Each of the Instagram accounts were hijacked over the past couple of weeks and the attackers were in control enough to rotate multiple shortened links leading to webpages with surveys that collect personal information; this is sold for marketing purposes, typically of a darker shade.” reported BleepingComputer.
Once hacked the celebrity Instagram accounts the modify the bio to post messages saying that the celebrity was allegedly giving away 2000 iPhone XS devices and directing followers to his Story page for more offers like this.
The hackers also published a link, created with the URL shortening service, in the account bio that was pointing to a survey page likely set up to collect personal information.
The landing pages used in the attacks are hosted on the same domain, dudemobile[.]net.
In the hack of Nicole Scherzinger and Yanet García accounts, the threat actor used a more effective bait, it announced in the bio section the availability of a sex tape through an app available at a provided link.
The attackers promise to release the sex tape when the app download counter hit 5,000. The hacked account showed a fake nude image in the attempts to lure the visitor.
Security experts are warning users to secure their online accounts, using strong passwords and enabling two-factor authentication when available.
| [adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – celebrity Instagram accounts, hacking)
[adrotate banner=”5″]
[adrotate banner=”13″]
Palo Alto Networks addressed multiple vulnerabilities and included the latest Chrome patches in its solutions.…
Fog ransomware operators used in a May 2025 attack unusual pentesting and monitoring tools, Symantec…
Cyberattack on United Natural Foods Inc. (UNFI) disrupts deliveries, causing Whole Foods shortages nationwide after…
Resecurity researchers found 7.4 million records containing personally identifiable information (PII) of Paraguay citizens on…
Apple confirmed that a security flaw in its Messages app was actively exploited in the…
Trend Micro fixed multiple vulnerabilities that impact its Apex Central and Endpoint Encryption (TMEE) PolicyServer…
This website uses cookies.
![](data:image/svg+xml;charset=utf-8,<svg height="245px" width="212px" xmlns="http://www.w3.org/2000/svg" version="1.1"/>)
![](data:image/svg+xml;charset=utf-8,<svg height="378px" width="535px" xmlns="http://www.w3.org/2000/svg" version="1.1"/>)
![](data:image/svg+xml;charset=utf-8,<svg height="624px" width="300px" xmlns="http://www.w3.org/2000/svg" version="1.1"/>)