A week in security (May 11 – May 17)

Last week on Malwarebytes Labs: Attackers replaced JDownloader installer downloads with malware Meta’s confusing new approach to chat privacy Why Malwarebytes blocks some Yahoo Mail redirects Fake Claude search results lure Mac users into ClickFix attack Deepfake sextortion forces schools to remo...

Deepfake sextortion forces schools to remove student photos from websites

Schools love a good photo, whether it's from a trip to a castle, a science prize ceremony, or sports day shot from three angles. For two decades, celebratory images like these have gone straight onto school websites, captioned with a name and a grade. But those days are gone, because it's the...

ThreatsDay Bulletin: Hybrid P2P Botnet, 13-Year-Old Apache RCE and 18 More Stories

Thursday. Another week, another batch of things that probably should've been caught sooner but weren't. This one's got some range — old vulnerabilities getting new life, a few "why was that even possible" moments, attackers leaning on platforms and tools you'd normally trust without thinking twic...

NSFW app leak exposes 70,000 prompts linked to individual users

MyLovely.AI, an AI “artwork” generation platform, has reportedly been compromised, affecting 106,362 registered users. The AI girlfriend app allows users to generate personalized NSFW content and engage in real-time conversations with AI-generated personas, often sharing highly personal prompts a...

Sextortion “I recorded you” emails reuse passwords found in disposable inboxes

Our malware removal support team recently flagged a new wave of sextortion emails, with the subject line: “You pervert, I recorded you!” If the message sounds familiar, that's because it's a variation of the long-running "Hello pervert" scam. The email claims the target’s device has been infected...

Intimate products maker Tenga spilled customer data

Tenga confirmed reports published by several outlets that the company notified customers of a data breach. The Japanese manufacturer of adult products appears to have fallen victim to a phishing attack targeting one of its employees. Tenga reportedly wrote in the data breach notification: “An...

A week in security (December 22 – December 28)

Last week on Malwarebytes Labs: Pornhub tells users to expect sextortion emails after data exposure Hacktivists claim near-total Spotify music scrape Stay safe! We don 't just report on threats—we help safeguard your entire digital identity Cybersecurity risks should never spread beyond a headlin...

Pornhub tells users to expect sextortion emails after data exposure

After a recent data breach that affected Pornhub Premium members, Pornhub has updated its online statement to warn users about potential direct contact from cybercriminals. “We are aware that the individuals responsible for this incident have threatened to contact impacted Pornhub Premium users...

AI-driven scams are preying on Gen Z’s digital lives​

Gone are the days when extortion was only the plot line of crime dramas—today, these threatening tactics target anyone with a smartphone. As AI makes fake voices and videos sound and look real, high-pressure plays like sextortion, deepfakes, and virtual kidnapping feel more believable than ever...

260 romance scammers and sextortionists caught in huge Interpol sting

Online crime of all kinds is deplorable, but romance scammers and sextortionists who target the most vulnerable victims are among the worst. Now, there’s likely a place for 260 of them in jail, thanks to international law enforcement. Interpol's Operation Contender 3.0 targeted alleged criminals...

493 Cases of Sextortion Against Children Linked to Notorious Scam Compounds

Scam compounds in Cambodia, Myanmar, and Laos have conned people out of billions. New research shows they may be linked to child sextortion crimes too...

A week in security (June 23 – June 29)

Last week on Malwarebytes Labs: Gmail’s multi-factor authentication bypassed by hackers to pull off targeted attacks Thousands of private camera feeds found online. Make sure yours isn’t one of them Sextortion email scammers increase their "Hello pervert" money demands Many data brokers are faili...

Sextortion email scammers increase their “Hello pervert” money demands

Every so often the sextortion emails that start with “Hello pervert” get a redesign. You may have received one yourself: The emails claim that the sender has been watching your online behavior and caught you red-handed doing activities that you would like to keep private. The email usually starts...

Scammers are constantly changing the game, but so are we. Introducing Malwarebytes Scam Guard

Mobile scams are becoming increasingly sophisticated, leaving people vulnerable to cybercriminals. We recently reported on the ever-increasing number of scams that are created by AI-supported tools, with attackers crafting highly convincing phishing emails that target both individuals and...

“I sent you an email from your email account,” sextortion scam claims

In a new version of the old “Hello pervert” emails, scammers are relying on classic email spoofing techniques to try and convince victims that they have lost control of their email account and computer systems. Email spoofing basically comes down to sending emails with a false sender address, a...

Your partner “is cheating on you” scam asks you to pay to see proof

As if they weren’t annoying enough already, scammers have recently introduced new pressure tactics to their sextortion and scam emails. Last week we reported how cybercriminals are using photographs of targets homes in order to scare them into paying money. Now theyre throwing in the name of...

A week in security (September 2 – September 8)

Last week on Malwarebytes Labs: Lowe’s employees phished via Google ads Planned Parenthood partly offline after ransomware attack "Hello pervert" sextortion scam includes new threat of Pegasus—and a picture of your home How to avoid election related scams London’s city transport hit by...

Hackers Threaten to Leak Planned Parenthood Data

Plus: Kaspersky’s US business sold, Nigerian sextortion scammers jailed, and Europe’s controversial encryption plans return...

“Hello pervert” sextortion scam includes new threat of Pegasus—and a picture of your home

After using passwords obtained from one of the countless breaches as a lure to trick victims into paying, the “Hello pervert” sextortion scammers have recently introduced two new pressure tactics: Name-dropping the infamous Pegasus spyware and adding pictures of your home environment. They do thi...

Sextortion Scams Now Include Photos of Your Home

An old but persistent email scam known as "sextortion " has a new personalized touch: The missives, which claim that malware has captured webcam footage of recipients pleasuring themselves, now include a photo of the target's home in a bid to make threats about publishing the videos more...