125,000 people fooled by Tupac Shakur / Suge Knight Facebook scam

125,000 people fooled by Tupac Shakur / Suge Knight Facebook scam

Before I begin this article, here’s a quick summary of the key characters for those of you who have chosen not to show a keen interest in rap music and hip-hop:

* Tupac Shakur: Also known as “2Pac”, very popular rap music artist. Died, in September 1996, as a consequence of injuries sustained in a Las Vegas drive-by shooting. He was 25 years old. No-one has ever been convicted of his death.

* Suge Knight: Marion “Suge” Knight, the owner of Death Row Records, Tupac Shakur’s recording label. He was driving Tupac on the night of the shooting, and although he was hit himself in the cross-fire (he was shot in the back of the neck), survived his injuries.

Sign up to our free newsletter.
Security news, advice, and tips.

* Klasik: Real name unknown. Maker of a number of fake news videos (including this one which purports to be a news report that OJ Simpson has committed suicide). He describes himself on his Facebook page as an “upcoming artist” based in Dayton, Ohio.

With me? Okay, let’s begin.

Rumours have been spreading on hip-hop websites and social networks such as Twitter since the tail end of 2010, that Suge Knight has been arrested for the murder of Tupac Shakur. It appears that the rumours were kickstarted by a fake news video, made by Klasik, that was uploaded to YouTube on December 28th:

2Pac's Killer Arrested After 21 years

The video is nonsense, involving the splicing together of different news stories and a reporter whose voice has been overdubbed (between 1:18 and 1:30) to claim that Suge Knight has been charged with the death of Tupac Shakur. In fact, Knight was arrested by LAPD over a traffic offence.

That hasn’t stopped the video being viewed by more than 500,000 people to date, and the rumours to spread like wildfire.

Suge Knight and Tupac Shakur rumours spread on the net

So far, so very typical of the internet.

What’s most of concern to us, however, is that scammers are exploiting the rumours to trick Facebook users into permitting a rogue application to access their profiles, and post spam messages to their accounts.

Here’s a typical message that’s been seen on Facebook:

It seems they finally solved the mystery of TUPAC's killer, Suge Knight was arrested today, watch the full video!

It seems they finally solved the mystery of TUPAC’s killer, Suge Knight was arrested today, watch the full video! [LINK]

Suge Knight arrested for Tupac murder.
OMG The Video

Suge Knight killed Tupac Shakur? Watch the full video, this is insane I can’t believe the mystery has been solved after all this years

When you see a message like this posted by one of your friends, you may well be tempted to click on the link – especially if you’re interested in the hip-hop scene.

But doing so, takes you to a webpage asking for you to authorise a rogue application:

Suge Knight and Tupac Shakur rogue application

Of course, you might be curious to find out more details about who – after 14 years – the police have finally caught for Tupac Shakur’s killing. And so you might, unwisely, allow the application to have access to your Facebook profile.

If you do, then you’ll be taken to a typical page which says it is about to show you the “shocking video”, but actually wants you to take a quick online survey first.

Suge Knight and Tupac Shakur survey scam

And this is where the scammers make their money. Everytime someone fills in an online survey, they make a little bit of commission. If they can find an attractive enough lure (like a video “proving” who killed Tupac Shakur), they can potentially bring lots of people to the surveys.

What helps them even more, is that the rogue application which has just been given permission to post to your Facebook page is now spreading the link even further, sharing it with all of your friends via your Facebook wall.

Account compromised by Suge Knight and Tupac Shakur rogue application

And, of course, your friends may be more likely to click on the link as it appears to have been posted by you.

A little digging discovers that the scammers behind this scheme have tricked over 125,000 people so far into clicking on links related to the bogus news of Tupac Shakur and Suge Knight, and in the last day alone have set up over 10 different rogue applications designed to infect your Facebook profile.

List of Suge Knight and Tupac Shakur rogue applications via bit.ly

Of course, it’s possible that not all of these people made the mistake of authorising the rogue application – but you can bet your bottom dollar that very many did.

Another Suge Knight and Tupac Shakur survey scam

Oh, and in case you’re wondering, the scammers aren’t just spreading their scheme via Facebook. We’ve also seen evidence of Twitter accounts being used to send links to the rogue Facebook applications too.

Tweet linking to Suge Knight and Tupac Shakur rogue Facebook app

You can learn more about this particular scam on the FaceCrooks website.

Here’s a YouTube video where I show you how to clean-up your Facebook account if you were hit by this, or similar scams:

Keep your wits about you and stay informed about the latest scams spreading fast across Facebook.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.