Sex, Games, Extortion

 In ITC's Threat of the Week

Situation normal.

Earlier this week an associate of ours received an email from a miscreant claiming to be from Belarus suggesting that he had webcam footage of our man performing whilst watching p0rn on Tinterwebs.

Handsome devil isn’t he?

The text of the message was something like this:

————–

Ȟi,

If you were more attentive while playing with yourself, I wouldn\’t write dis message. I don\’t think that playing with yourself is very awful, but when all your friends, relatives, сolleagues get video record of it- it is undoubtedly [bad for you.

I placed virus on a porn web-site which you have visited. When the object click on a play button, device starts recording the screen and all cameras on your device begins working.

Мoreover, my program makes a remote desktop supplied with key logger function from ur system , so I was able to save all contacts from ur e-mail, messengers and other social networks. I\’ve chosen this e-mail cuz It\’s your working address, so u must check it.

Ï think that 560 usd is pretty enough for this little misstep. I made a split screen vid(records from screen (u have interesting tastes ) and camera ooooooh… its funny ằF)

ŝo its ur choice, if u want me to destroy ur disgrace use my itсоin wаllеt аďdrеss:  k0nt3ntr3m0v3d
ou have one day after opening my message, I put the special tracking pixel in it, so when you will open it I will know.If ya want me to share proofs with ya, reply on this message and I will send my creation to five contacts that I\’ve got from ur device.

P.S. You are able to complain to cops, but I don\’t think that they can help, the inquisition will last for 5 month- I\’m from Belarus – so I dgf LOL

————-

So, after we finished crying with laughter we had a little look round and it transpires that this is part of a fairly sophisticated and automated ‘Sexploitation’ racket currently underway.

The automation extends to including passwords associated with your email account, which have been breached prior, should they be available, in order to validate the bona fides of the actor. Some of these passwords are ten to fifteen years old.

The esteemed Mr Krebs has written an excellent piece on this scam, which no doubt will eventually reach a climax.

On the one hand, the use of really old breached passwords in these emails would be easy to dismiss as a bit of a joke, but if you think about it, automated blackmailing tooling which uses stolen credentials presents quite a gloomy prospect as an increasing number of credentials become brokered for pennies, if not less.

We strongly urge you to visit the omnipotent Lord of breached credentials that is Troy Hunt’s site and see if any of your email addresses have been compromised. If they have, please make sure that you have changed the password and do not reuse it on other sites. Use a password manager, go on.

Alternatively, you might not give one foxtrot if footage of you waxing the dolphin wearing nothing but an Indian headdress hits the news channels. You are our kind and we salute you.

In yet more hacking automation news, it turns out that online games are being used to launder real life cash monies. Back in the old days of money laundering, an ironic truth is that Dry Cleaners were amongst the most popular channels for the cleansing of the dirty cash.

Fast forward to 2018 (how did that actually happen?) and criminals are using stolen credit cards to purchase in-game goodies; Gems, Lettuces, Elven Bows, Gilted Dolphin Polishers etc. These are then sold on to unsuspecting, although presumably quite disturbed or very young players, for real cash in what is known as GameToGame (G2G) purchases.

Not only is G2G against the rules and regulations of any app, the credential sharing between the innocent player and the gangsters is likely to be further exploited.

Please warn any children or ‘friends’ of yours who play online games not to let these opportunists, who are serious criminals, get away with this and be safe. Try not to do anything, not even accidentally on porpoise.

If you would like to discuss the increasing automation of nefarious online activity, or anything about cyber security, please contact us at enquiries@itcsecure.com or call 020 7517 3900. If our crack team can tear themselves away from Far Cry or Candy Crush, they will be more than happy to help.

Author: Kevin Whelan

Recent Posts
Showing 2 comments
  • Tim Fewster
    Reply

    Thanks to Mr Whelan and Mr Krebs for doing an excellent job of informing us of real threats, in an understandable and entertaining way!

    • Sophia Casimir
      Reply

      Thanks Tim – lovely to hear the positive feedback.

Leave a Comment

Contact ITC Secure

If you have a question, request, comment or requirement, please send us an email now and we will get back to you by return