PDiddySploit Malware Hidden in Files Claiming to Reveal Deleted Diddy Posts

Cybercriminals are exploiting the ongoing Sean “Diddy” Combs scandal by spreading the new PDiddySploit malware hidden in infected files, targeting curious and unsuspecting social media users, particularly those on X.com (formerly Twitter).

Cybercriminals are wasting no time exploiting the recent scandal involving Sean “Diddy” Combs. As the public’s curiosity surges over the music mogul controversy, cybercriminals have seized the moment to spread a new strain of malware designed to take advantage of the growing interest.

According to Veriti’s research team, a new Trojan malware dubbed PDiddySploit has been identified. This malware, part of the PySilon RAT (Remote Access Trojan) family, is developed to exploit those seeking information about Diddy’s now-deleted social media activity on platforms like X.com (formerly Twitter).

The Trojan, which has advanced capabilities for stealing sensitive data, monitoring keystrokes, recording screen activity and remotely controlling infected systems, can severely compromise anyone’s security and privacy.

****The PDiddySploit Threat****

First discovered on September 13, 2024, PDiddySploit is a direct variant of the PySilon RAT, which is notorious for its adaptability and malicious functionalities. PySilon, an open-source Python-based malware, has become a preferred tool for threat actors due to its ability to evolve and spread quickly.

The current version of PySilon RAT is version 3.6 and since June 2023 alone over 300 samples have been found on VirusTotal, showing how cybercriminals are continuously refining this tool.

****Celebrity Scandals as a Gateway for Malware Attacks****

According to Veriti’s report shared with Hackread.com ahead of publishing on Tuesday, one of the most alarming aspects of this wave of attacks is how closely they are tied to Diddy’s deleted social media content.

One major part of this malware attack is how cybercriminals are uploading files that claim to contain “removed” posts and replies from Diddy’s X.com account, and these files are being used as bait to lure unsuspecting users. Curious individuals who want to see what was deleted are being tricked into downloading these files, unknowingly infecting their devices with the PDiddySploit Trojan.

One of the malicious files with deleted Diddy posts was uploaded by a now-deleted account @lamps_apple on Virus Total (Screenshot via Veriti)

This tactic is effective because of the public’s curiosity. As the scandal gets more media attention, attackers know that many users will search for more information, especially content that has been taken down.

Veriti’s analysis uncovered several of these malicious files on platforms like VirusTotal, all associated with Diddy’s deleted posts. These files, packaged to appear like legitimate screenshots or documents, are loaded with malware, turning curiosity into a cybersecurity nightmare.

****Diddy and Malware****

Interestingly, this is not the first time Sean “Diddy” Combs’ name has been associated with malware. Back in 2013, a similar attack was launched, using Diddy’s hit song “I’m Coming Home” as the bait. That malware, disguised as an MP3 file, targeted users who wanted to download the track.

In similar attacks, hackers exploited the nude celebrity photo leaks scandal in December 2016 to lure victims into downloading malicious PDF files loaded with malware. In February 2020, cybercriminals used Oscar movie nominations as bait, tricking users into downloading malware disguised as “free downloads” of movies nominated for the 2020 Oscar Best Picture award.

Nevertheless, while it may be tempting to explore deleted content or hidden details, letting curiosity take over can expose your device to malware. Additionally, the increasing sophistication of malware like PySilon RAT, added with the lure of celebrity conspiracy, sets the stage for successful cyberattacks. Therefore, watch out for social media trends, especially those addressing high-profile scandals.

1. Hackers Hiding DcRAT Malware in Fake OnlyFans Content
2. Crooks using Marvel’s Black Widow movie to spread malware
3. Torrent uploader CracksNow distributed GrandCrab ransomware
4. Fake OnlyFans Checker Tool Infects Hackers with Lummac Stealer
5. Russian Hackers Control Malware via Britney Spears Instagram Posts