• simonlyu

A Closer Look at Sextortion Methods: Social Media and Malware

Sextortionist activity is rampant on social media platforms such as Facebook and Google Hangouts. Malwares also offer a convenient way for sextortionists to blackmail after gaining access to your system.

Not limited to dating services

In our previous post about sextortion, we introduced some examples of conventional and new forms of sextortion schemes, the majority of which were leveraging dating apps. Unfortunately, however, sextortion is not limited to dating services and instead spans across cyberspace — it works hand-in-hand with malwares and social media platforms.

Using Facebook, Google Hangouts, and Skype

Considering how Facebook recommends its users to publish personal information online, many victims reveal that they met their sextortionist on Facebook.

Sextortion begins with something as innocuous as a simple friend request from a stranger who has a friend in common. After you accept their friend request, the sextortionist will begin a harmless conversation with you, eventually leading to a video call on Skype or Google Hangouts. During the video call, the sextortionist (disguised as a female interested in getting to know you better) will try to convince you to reveal your face and other explicit parts of your body, while they are screen recording.

Once you comply, they will show you that they have screen recordings or screenshots of your explicit behavior. They will then threaten to distribute the explicit content to your friends, family, and co-workers unless you send money to them. If they cannot gain access to your contacts, they will post the screen-recorded videos as bait and post them on YouTube. Ignoring or paying them will not work.

Racoon Malware

Many scammers are also using malware to carry out sextortion attacks. A popular malware among sextortionists called, Racoon, is used to steal personal information. The Racoon payload is delivered via malicious email attachments and has the ability to extract information from 60 different applications, including your web browsers.

Victims will receive an email from the “Red Skull hacker crew” who claim that they have gained access to a friend’s email account where they “found images of his naked girlfriend and demanded $500 from him”. They state that because this friend has not paid, they have decided to send these photos to everyone in his contact list, including you. They end the email with a line saying that you will find these pictures attached.

Curiosity will have deadly effects: upon clicking on the malicious attachment in the email, the malware payload will be deployed on the computer at which point the malware will begin stealing most of your personal information.

After your system is compromised by Racoon malware, you no longer have ownership of your system and all your personal information stored within it. From there, you may be vulnerable to blackmailing and other forms of harassment from Racoon malware operators.

How to protect yourself online

CI2 recommends that:

1. First and foremost, from a “Physical Safety” point of view, NEVER take a photo of yourself in the nude, or have a photo taken of yourself. From a “Digital Safety” point of view, make sure you have a very good anti-virus, internet security software protecting your computer. In addition, make sure you have something covering your webcam, whether it be a sticky note, a cloth, or a makeshift divider. No matter who asks during dating online, never reveal yourself in the nude.

2. Never send a video or image of yourself to someone because you were pressured, even from someone you care about. This is paramount to revealing yourself. Some of those times, it is a hacker, or a stalker in disguise that is trying to bait you.

3. If you fall victim to a sextortion, revenge porn, or revealing photos of you posted online, contact those websites and get them taken down, contact the police to report this, and contact an attorney for further considerations to the law from a criminal and civil point of view.

4. If someone shares a sexual image with you, do not reciprocate, do not share, post, or forward these images. If it is a minor under 18, this is a serious offense and needs to be reported to law enforcement, and/or the National Center for Missing and Exploited Children. Sharing of any of these images could be criminal or civil in nature.

5. If a stranger asked for a video, photo, or webcam of you, it could be a scam, and could lead to further problems. Do not respond and consider reporting to police. If it involved a minor or anyone under 18 years of age, contact the Cyber Tip Line at 1-800-843-5678.

6. There are resources for victim advocacy, if you have already had problems, these resources are the Cyber Civil Rights Initiative at https://www.cybercivilrights.org/, National Organization for Victim Assistance https://www.trynova.org/. If the victim is under 18, consider contacting the National Center for Missing and Exploited Children at https://www.missingkids.org/.

7. If you feel that you need any further assistance, please contact us with any questions at contact@cyberanalysis.org.

826 views0 comments

Recent Posts

See All

Crypto-mining gangs

During the last few months, crypto-mining gangs have switched their modus operandi from attacking and hijacking unpatched servers to abusing the free tiers of cloud computing platforms. The gangs have

Dark Web monitoring

Cybersecurity officials are monitoring the dark web for evidence of dumped data from the HSE ransomware attack. The suspected gang behind the attack, believed to be in Russia, last year established a

No ransom will be paid

The Irish Government insisted that no ransom will be paid to hackers who stole Health Service Executive data despite the cyber gang's threat to publish the files on the dark web. The gang sent a decry