July 31, 2015

The hack attack on the Ashley Madison site has prompted spammers to capitalise on interest in data stolen from the infidelity site.

On 20 July, hackers claimed to have stolen information about the 37 million accounts registered on the service.

A BBC investigation has found that many of these spam links involve fake data, scam pages and malware.

A few files are seeded with images and videos of people who commit adultery "burning in hell".

Suffering sinners

The attack on the Ashley Madison site was revealed by computer security blogger Brian Krebs earlier this month. Mr Krebs said he had seen and verified some of the data stolen by the gang behind the hack.

The attackers posted a small amount of information they claimed to have stolen on the Pastebin website at that time and said all the data would be dumped unless the site closed down. Swift action by Ashley Madison owner Avid Life Media got the initial links shared by the hackers removed.

Since then there have been no more reports of data supposedly stolen from the site being posted on the web by the attackers.

Spammers and other cyber-conmen have filled this gap by posting lots of links that purport to share stolen data on sites such as Pastebin, Slexy and other sites.

The BBC has visited many of the pages the links point to and found that all of them were fake.

The majority of the files contained a short list of email addresses and passwords that have been widely shared online since 2011 strongly suggesting they are not part of a cache of recently stolen data.