There hasn’t been a lack of strange things turning up in the Ashley Madison data leak.
One of the latest discoveries comes from Trend Micro, which found bogus Ashley Madison profiles that used email addresses the company created solely for collecting spam samples.
The email addresses are known as “honeypots,” a general term for systems set up by researchers in the hope that they will be attacked. Studying the attacks can shed light on new methods used by malicious hackers.
One of Trend’s addresses was used for a profile describing a 33-year-old Los Angeles woman who is “sexy, aggressive” and “knows what she wants,” wrote Ryan Flores, a threat research manager with Trend, in a blog post.
So why would someone use one of Trend’s honeypot addresses to register an Ashley Madison account?
There’s no definite answer but there are a couple of theories. Flores looked at the IP addresses used to register the honeypot addresses.
Those IP addresses, which were contained in the large batches of data about users, were distributed across various countries and on consumer DSL lines, Flores wrote.
About 90 percent of the profiles, however, were male. It has been theorized that Ashley Madison may have padded out the site with fake female profiles in order to attract more male customers, so that finding doesn’t quite fit.
If the accounts weren’t created by Ashley Madison, there’s another possibility — forum and comment spammers, Flores wrote.
“These forum and comment spammers are known to create website profiles and pollute forum threads and blog posts with spam comments,” Flores wrote.
Ashley Madison didn’t require non-paying users to confirm their email addresses, so there was no need for the spammers to have access to the accounts they registered.
“It leaves the possibility that at least some of the profiles were created by these spambots,” Flores wrote.
Trend Micro stumbled on the finding after their honeypot addresses began receiving extortion attempts from scammers.
Following a large release of data last month, Ashley Madison users reportedly received ransom requests in order to keep scammers from revealing their information to employers and family.