Beware! There is a new type of malware out there used by sextortionists. It can detect when you are watching porn, take screenshots of your screen and record images captured from your webcam, simultaneously.
What Is Sextortion?
Sexual extortion or ‘sextortion‘ is a form of blackmail where someone threatens to share a nude or sexual image or video of you unless you give in to their demand(s).
For many years, sextortion has been a major tool in the playbook of cybercriminals. Most of the time, they bluff about being in possession of their targeted victims’ naked secret and threaten to expose them. Since the victims can neither decipher nor confirm if the criminals actually do or do not possess such erotic gallery of them, they usually end up dancing to the sextortionists tune.
Today, they might not be bluffing but actually possess your erotic secrets.
Sextortionists target victims of all ages. The US Homeland Security Investigation in 2022 received over 3,000 sextortion reports. While some predator requests more nude or sexual images as ransom for not exposing victims nude images to the public, majority demands payment.
Traditional Sextortionists Modus Operandi
Traditionally, predators leverage a means of contact, especially social media platforms which may include dating apps to establish connection with the prospective victims. They might send a friend request or post a compliment or flattery comments under victim’s photo posts. Once a connection is established via DM or private message channel, the criminals start by making you trust them as a genuine friend or even potential lover.
Most of the time, they encourage their victim to continue conversation on another platform aside from where they met. Such a platform uses encrypted messaging that make tracking the predators more difficult.
They may offer enticing opportunities such as the possibility of a modeling contract, gift cards, or cryptocurreny gift. All of these is to either obtain a sensual picture of the victim or assess their computers to unearth sensitive material which they can later use for blackmail.
A notable player in this criminal field are “The Yahoo Boys”, a group of scammers in West Africa, particularly Nigeria and the Ivory Coast, as well as the Philippines. The Yahoo Boys mainly go after English-speaking minors and young adults on Instagram, Snapchat, and Wizz, an online dating platform for teens. They’re the original Nigerian Princes, but have changed tactics in recent years to elder fraud, romance scams, fake job scams, and now the sexual extortion of children for profit.
Today, sextortionists leverage tools designed to fight malware and cybercrimes to commit their crime. A typical example is Stealerium, an open-source malware available for download on GitHub. GitHub is a platform that allows developers (programmers) to create, store, share, and manage their code.
How Does Sextortion Malware Work?
Stealerium became popular in 2022 as a free open-source malware on GitHub, downloadable for “educational purposes only”. The open-source malware are used by cybersecerity experts to understand the patterns of behavior of threat actors to design detection signatures against malwares. Unfortunately, threat actors are now using the source code to instead develop variants of malware that are not so easy to detect or defend against.
Researchers at Proofpoint uncover how threat actors are launching campaigns to lure victims to unknowingly install Stealerium on their gadgets. They impersonate well-known organizations including banks, courts, and charitable foundations. Victims may receive emails with subject lines like “Payment Due”, “Court Summons”, and “Donation Invoice”.
Once you click a malicious link or open a file, the malware installs itself on your device. Once installed, Stealerium scans your computer or phone for sensitive information like passwords, payment info, cryptocurrency login info, and broswer activity. It can detect specific keywords like ‘porn’ and ‘sex’.
Once it finds files related to porn, it instantly takes screenshots and webcam snapshots which are then sent to the cybercriminal s via the linked messaging channel (such as Discord, Telegram, and Email).
Tips to Avoid Being a Victim of Sextortion
The best protection against sextortionists is to avoid falling a victim in the first place:
- Be selective about what you share online. Avoid sharing intimate or explicit photos, videos, or webcam feeds with anyone online, regardless of how much you trust them. Once shared, you lose control to the receiver.
- Be cautious about sharing personal details online, such as your full name, location, school/work, and friends list, as predators can use this information to create believable threats or fake personas.
- Be very wary of strangers or new online contacts who quickly try to establish a romantic relationship, express intense emotion early on, or immediately ask you to move to a private messaging app for an explicit video chat or photo exchange.
- Set all your social media and messaging accounts to the highest privacy settings possible. Restrict who can view your profile, contact you, and see your friends list.
- Do not accept friend or follow requests from people you don’t know in real life. Remember that a person’s online profile (even with photos and friends) can be entirely fake.
- Use strong, unique passwords for all your online accounts, and enable two-factor authentication (2FA) whenever possible to protect against hacking.
- When not in use, cover the camera on your computer and other devices, as hackers can sometimes activate them remotely.
- Never click on suspicious links or open attachments from unknown sources, as they may lead to phishing scams or malware that can compromise your data.
- Beware of online friends who tries to fast-track their relationship with you. They push the relationship very quickly and pressures you to share explicit content or move to a more private communication channel.
Signs to watch out for
- Watch out for excuses for inactivity. A predator will claim their camera is broken, sends a stock or stolen photo of themselves, or is only willing to receive content from you.
- Red flag if an online friend constantly ask you to do sexual acts or send explicit photos, especially with your face visible.
- Sometimes they try to convince you with the phrase, “Show Me Yours, I’ll Show You Mine”. They are only intersted in your nude!
