• simonlyu

A Closer Look at Sextortion Methods: Social Media and Malware

Sextortionist activity is rampant on social media platforms such as Facebook and Google Hangouts. Malwares also offer a convenient way for sextortionists to blackmail after gaining access to your system.

Not limited to dating services

In our previous post about sextortion, we introduced some examples of conventional and new forms of sextortion schemes, the majority of which were leveraging dating apps. Unfortunately, however, sextortion is not limited to dating services and instead spans across cyberspace — it works hand-in-hand with malwares and social media platforms.

Using Facebook, Google Hangouts, and Skype

Considering how Facebook recommends its users to publish personal information online, many victims reveal that they met their sextortionist on Facebook.

Sextortion begins with something as innocuous as a simple friend request from a stranger who has a friend in common. After you accept their friend request, the sextortionist will begin a harmless conversation with you, eventually leading to a video call on Skype or Google Hangouts. During the video call, the sextortionist (disguised as a female interested in getting to know you better) will try to convince you to reveal your face and other explicit parts of your body, while they are screen recording.

Once you comply, they will show you that they have screen recordings or screenshots of your explicit behavior. They will then threaten to distribute the explicit content to your friends, family, and co-workers unless you send money to them. If they cannot gain access to your contacts, they will post the screen-recorded videos as bait and post them on YouTube. Ignoring or paying them will not work.

Racoon Malware

Many scammers are also using malware to carry out sextortion attacks. A popular malware among sextortionists called, Racoon, is used to steal personal information. The Racoon payload is delivered via malicious email attachments and has the ability to extract information from 60 different applications, including your web browsers.

Victims will receive an email from the “Red Skull hacker crew” who claim that they have gained access to a friend’s email account where they “found images of his naked girlfriend and demanded $500 from him”. They state that because this friend has not paid, they have decided to send these photos to everyone in his contact list, including you. They end the email with a line saying that you will find these pictures attached.

Curiosity will have deadly effects: upon clicking on the malicious attachment in the email, the malware payload will be deployed on the computer at which point the malware will begin stealing most of your personal information.

After your system is compromised by Racoon malware, you no longer have ownership of your system and all your personal information stored within it. From there, you may be vulnerable to blackmailing and other forms of harassment from Racoon malware operators.

How to protect yourself online

CI2 recommends that:

1. First and foremost, from a “Physical Safety” point of view, NEVER take a photo of yourself in the nude, or have a photo taken of yourself. From a “Digital Safety” point of view, make sure you have a very good anti-virus, internet security software protecting your computer. In addition, make sure you have something covering your webcam, whether it be a sticky note, a cloth, or a makeshift divider. No matter who asks during dating online, never reveal yourself in the nude.

2. Never send a video or image of yourself to someone because you were pressured, even from someone you care about. This is paramount to revealing yourself. Some of those times, it is a hacker, or a stalker in disguise that is trying to bait you.

3. If you fall victim to a sextortion, revenge porn, or revealing photos of you posted online, contact those websites and get them taken down, contact the police to report this, and contact an attorney for further considerations to the law from a criminal and civil point of view.

4. If someone shares a sexual image with you, do not reciprocate, do not share, post, or forward these images. If it is a minor under 18, this is a serious offense and needs to be reported to law enforcement, and/or the National Center for Missing and Exploited Children. Sharing of any of these images could be criminal or civil in nature.

5. If a stranger asked for a video, photo, or webcam of you, it could be a scam, and could lead to further problems. Do not respond and consider reporting to police. If it involved a minor or anyone under 18 years of age, contact the Cyber Tip Line at 1-800-843-5678.

6. There are resources for victim advocacy, if you have already had problems, these resources are the Cyber Civil Rights Initiative at https://www.cybercivilrights.org/, National Organization for Victim Assistance https://www.trynova.org/. If the victim is under 18, consider contacting the National Center for Missing and Exploited Children at https://www.missingkids.org/.

7. If you feel that you need any further assistance, please contact us with any questions at contact@cyberanalysis.org.

686 views0 comments

Recent Posts

See All

Far-right platform Gab confirms it was hacked

The hacker says that they exfiltrated Gab's data via an SQL injection vulnerability in the site. Hacked data includes all of Gab's public posts and profiles, private group and individual posts and mes

China creates its own digital currency

A cyber yuan stands to give Beijing power to track spending in real time and the advantage of money that isn’t linked to the dollar-dominated global financial system. Digitized money has the potential

Harmful code

GitHub is now asking project owners to clearly designate the nature of their code and if it could be used to harm others. GitHub is advocating for the ability to intervene in certain cases. It wants t