Miley Cyrus and cybercriminals make strange bedfellows

Graham Cluley
Graham Cluley
@[email protected]

Miley Cyrus and cybercriminals make strange bedfellows

Miley Cyrus will be eighteen years old tomorrow.

I don’t know if her father, legendary “Achy Breaky Heart” singer Billy Ray Cyrus, will be joining in her birthday celebrations, but I imagine he’ll be quietly wiping away a tear as his daughter finally becomes officially an adult (at least as far as the age of consent in her home state of Tennessee is concerned).

The pop singer and Hannah Montana star has had her fair share of encounters with the world of cybercrime during her short life.

Sign up to our free newsletter.
Security news, advice, and tips.

For instance, a couple of years ago, a hacker called “Trainreq” took advantage of the fact that Miley Cyrus was using the same password on multiple websites, and broke into her Gmail account, stealing candid photographs of her “posing provactively” in her underwear and swimsuit.

I found it astonishing that parts of the media felt comfortable reproducing the stolen photographs – did no-one at the time care that the poor girl was only fifteen years old?

And last year, Miley Cyrus proved that she hadn’t learnt many lessons about password security after her Twitter account was compromised by hackers who posted offensive messages in her name.

Miley Cyrus hacked on Twitter

You can’t really imagine her Disney overlords being too happy with that kind of image being associated with their squeaky-clean star.

But now Miley Cyrus is 24 hours from being all grown up. Not that another bunch of cybercriminals are waiting for her to reach the age of consent.

A message spreading across Facebook claims to link to video footage of Miley Cyrus with her latest boyfriend.

Miley Cyrus scam

Miley Cyrus went too far with her hot boyfriend. Wow! she is wild.
With hot boyfriend she went too far!
Fun Video

If you were an admirer of Miley, you might well be tempted to click on the link and ask questions later. Such an action would take you to a webpage which tricks you into believing that you are about to see scandalous video footage of the star going “too far” with her boyfriend.

Watch Miley Cyrus With Her New Boyfriend!! Wow She Went Too Far

And what do you know? The perpetrators of this latest scheme are using a photo that Miley Cyrus apparently took herself, baring her midriff – I wouldn’t be surprised if it’s one of the pictures that was stolen from her Gmail account when she was fifteen years old.

Clicking further will take you to a rogue Facebook application that asks you to grant it permission to access your Facebook profile, post to your wall and so forth. In this way it’s very similar to many other scams we’ve seen spreading virally in the past (we saw a rather sordid example involving another teen pop sensation, Justin Bieber, this weekend of instance).

The scammers’ end game is to trick you into taking an online survey. You’re tricked into believing that you need to complete the survey in order to see the promised content. The bad guys, meanwhile, are earning commission for every survey completed, and are using your Facebook account to spread the links even further.

If you’ve been hit by a scam like this, remove references to it from your newsfeed, and revoke the right of rogue applications to access your profile via Account/ Privacy Settings/ Applications and Websites.

Here’s a quick YouTube video where I show you how to clean-up your Facebook account from such an attack:

If you know young people who use Facebook, don’t forget to warn them about scams like this and teach them not to trust every link that is placed in front of them.

There’s only one thing left to say. Happy birthday for tomorrow, Miley. Your dad is a legend.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.