Sign-in buttons are built for convenience. On harmful undress and nudify websites, that convenience became part of a much darker system: quick account creation for services that use AI to make real people appear nude without consent.
A WIRED analysis found 16 of the biggest undress and nudify websites using login infrastructure from Google, Apple, Discord, Twitter, Patreon, and Line. The websites generally let users create accounts, buy credits, and generate images, while the presence of familiar technology brands can make the services look easier to trust.
How familiar logins reached harmful deepfake sites
The websites reviewed by WIRED used common authentication tools, including sign-in APIs that let people join a service with accounts they already have. Google’s login system appeared on 16 websites, Discord’s appeared on 13, and Apple’s appeared on six. X’s button was found on three websites, while Patreon and Line appeared on the same two websites.
These tools were not the only way to create accounts. Most of the websites also allowed people to register with just an email address. But the fact that the majority of reviewed websites had implemented more than one major technology company’s sign-in system shows how deeply these services had embedded themselves in ordinary web infrastructure.
Sign-In With Google was the most widely used option among the websites reviewed. When clicked, the Google prompt said the website would receive a user’s name, email addresses, language preferences, and profile picture. Google’s sign-in system also revealed some developer-account links, including four websites connected to one Gmail account and another six connected to another.
Why access matters in abuse
The websites described in the analysis are not simple image tools. They use AI to remove clothes from real photos and create nonconsensual intimate images. The source describes this abuse as especially harmful to women and girls, with teenage boys allegedly creating images of classmates.
Adam Dodge, a lawyer and founder of EndTAB (Ending Technology-Enabled Abuse), framed the issue as one of access, not only content. He said, “Sign-in APIs are tools of convenience. We should never be making sexual violence an act of convenience.”
That point is central to the controversy. A login button does not generate an image by itself. But it can lower the friction of joining a site, help users move quickly from curiosity to account creation, and give the service a surface-level association with companies people already know.
The source also says critics believe major technology companies have been slow to respond to the scale of the problem. The websites have appeared high in search results, paid advertisements have promoted them on social media, and apps have shown up in app stores.
A fast-growing commercial ecosystem
Deepfake technology emerged toward the end of 2017, and the number of nonconsensual intimate videos and images has grown exponentially since then. Videos are harder to make, but undress and nudify websites and apps have made image generation commonplace.
David Chiu, San Francisco’s city attorney, recently opened a lawsuit against undress and nudify websites and their creators. He said, “We must be clear that this is not innovation, this is sexual abuse.” Chiu said the 16 websites targeted by his office’s lawsuit had around 200 million visits in the first six months of this year alone.
The websites operate as businesses, often with little public information about who owns them or how they work. Some sites run by the same people look similar and use nearly identical terms and conditions. Some offer more than a dozen different languages, pointing to the worldwide nature of the problem.
The source also describes an ecosystem that is still being developed and monetized. Some linked Telegram channels have tens of thousands of members each. The websites frequently post about new features, generally charge people to generate images, can run affiliate schemes to encourage sharing, and in some cases have pooled into a collective to create their own cryptocurrency for payments.
Companies respond after being contacted
After WIRED contacted the companies, Discord and Apple said they had removed developer accounts connected to the websites. Google said it would take action against developers when it finds that its terms have been violated. Patreon said it prohibits accounts that allow explicit imagery to be created, and Line confirmed it was investigating but could not comment on specific websites. X did not respond to a request for comment.
Jud Hoffman, Discord vice president of trust and safety, told WIRED that Discord had terminated the websites’ access to its APIs for violating its developer policy. In the hours after that statement, one undress website posted in a Telegram channel that authorization via Discord was “temporarily unavailable” and claimed it was trying to restore access.
Apple spokesperson Shane Bauer said Apple had terminated multiple developer’s licenses, and that Sign In With Apple would no longer work on their websites. Adiya Taylor, corporate communications lead at Patreon, said Patreon prohibits accounts that allow or fund access to external tools that can produce adult materials or explicit imagery.
Google said developers using Sign in with Google must agree to terms that prohibit the promotion of sexually explicit content and behavior or content that defames or harasses others. The company said “appropriate action” would be taken if those terms are broken.
The bigger lesson for platform trust
The case shows how ordinary platform features can become part of abusive systems when enforcement fails to catch up. A sign-in API may be designed as neutral infrastructure, but on an undress website it can help a harmful service feel more normal, more accessible, and easier to use.
WIRED did not name the websites because they enable abuse. That choice also underlines the core issue: the services are not merely controversial AI experiments. They are tools that can be used to bully, humiliate, and threaten women and girls.
The responses from Google, Apple, Discord, Patreon, and Line suggest that platform rules already exist in broad terms. The harder question is whether those rules are enforced quickly enough when harmful deepfake businesses use mainstream tools to grow.