According to Trend Micro, crooks in Asia are conducting the sextortion practice to the next level, including the used of mobile malware to get huge profits.
Trend Micro released a new report to bring to light a criminal activity known as sextortion.
“Sextortion is a means of coercing cybercrime victims to perform sexual favors or to pay a hefty sum in exchange for the none exposure of their explicit images, videos, or conversations. These extortion tools are normally obtained through various chat programs. Skype was used most though because of its text-, voice-, image-, and video-recording capability”
Unfortunately sextortion is a common practice in the cyberspace, but experts highlighted recent innovations observed in this kind of illegal practice.
In a recent case observed in Asia, a crook posed as a woman, chatting with male victims on several chat services, like Kakao Talk, and setting them up for blackmail. The attacker improved the efficiency of the attack convincing the victim into download and install a malicious mobile malware, an Android data stealer. In the end, the victim is threatened by the cyber criminal which requested the victim to pay $908.02.
In this scheme, the Android data stealer is used to steal sensitive data from the victim’s mobile device, including contact list, to enforce the blackmail and mare more effective the sextortion. One thing to note too, is that the process of extortion is evolving as so the development of malware.
TrendMicro reported that:
“…certain gangs in East Asia have improved on the sextortion modus operandi, creating a far more damaging effect on the victims,” “The new modus operandi involves Android malware that can steal the victims’ contact list and send them to the attackers. Attackers are then able to contact the victims’ families and friends directly—making for a more intimidating threat.” continues TrendMicro.
The Android data stealer allows attackers to be very aggressive against their victims by accessing their personal data, intercepting and logging the incoming SMS, preventing them from receiving calls.
“Our investigation revealed the use of four Android data stealer families for sextortion,” blogged Flores. “The malware were classified according to package name. Differences in code and functionality were seen from variant to variant, which suggests ongoing malware development.”
“The sextortion schemes we uncovered are complex operations that involve people across cultures and nations working together to effectively run a very lucrative business,”
The sextortion phenomenon is rapidly expanding all over the world, even if the TrendMicro’s report focuses on crimes occurred in East Asia, there are many other cases of sextortion in Canada and US.
“These once again prove that cybercriminals are not just becoming more technologically advanced— creating stealthier mobile data stealers, using complex stolen data drop zone infrastructures, and outsmarting banks to better evade detection—they are also improving their social engineering tactics, specifically targeting those who would be most vulnerable because of their culture.”
About the Author Elsio Pinto
Elsio Pinto is at the moment the Lead Mcafee Security Engineer at Swiss Re, but he also as knowledge in the areas of malware research, forensics, ethical hacking. He had previous experiences in major institutions being the European Parliament one of them. He is a security enthusiast and tries his best to pass his knowledge. He also owns his own blog http://high54security.blogspot.com/
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer.
Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US.
Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines.
Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.