Hackers use Android app for ‘sextortion’

Online sexual blackmail is becoming more ruthlessly sophisticated, cyber security experts warn

Trend Micro, the cybersecurity firm based in the US, said criminals have developed advanced mobile applications and tools that siphon their victims’ online passwords and contacts to increase the chance that they will pay up

Trend Micro, the cybersecurity firm based in the US, said criminals have developed advanced mobile applications and tools that siphon their victims’ online passwords and contacts to increase the chance that they will pay up

 

For years, criminals have been tricking people into performing embarrassing sexual acts on the internet, and then blackmailing them with recordings of that behaviour.

Now there’s even an Android app for this sort of extortion.

Trend Micro, the cybersecurity firm based in the US, said criminals have developed advanced mobile applications and tools that siphon their victims’ online passwords and contacts to increase the chance that they will pay up.

Researchers at the firm said the extortionists first lure their victims through a number of online chatting tools, such as Skype or KakaoTalk, an Asian chat service.

Once the trap is set, they feign audio or messaging problems to persuade their target to download one of four malicious Android apps that can siphon off a phone number, stored passwords and address books.

In some cases, the Android app turned the victim’s device into a recording device. It also intercepted incoming and outgoing telephone calls and text messages.

This shift toward such sophisticated, moneymaking schemes is a significant escalation of what has been a longtime problem on the internet.

In 2008, Anthony Stancl, a Wisconsin teenager, created a fake female account on Facebook to bait classmates into sending naked pictures of themselves.

Stancl used those pictures to blackmail them into performing sexual favours. He was convicted and sentenced to 15 years in prison in 2010.

That same year, the FBI arrested a California man for hacking into 100 computers to gather information that was used to lure victims into sending sexual videos.

Over the past two years, such schemes have become more elaborate.

In April 2014, Interpol, together with the Philippine National Police, and law enforcement agencies around the world, arrested 58 people in the Philippines who were accused of posing as attractive women on Facebook, then baiting victims into sexual video chats on Skype.

Interpol said this group recorded the chats, then demanded fees between  $500 and $15,000 to keep those chats from becoming public.

Extortion in Japan

In sifting through their digital devices and bank accounts, police said they discovered that the gang had managed to extort more than $29,000 from 22 victims between December 2013 and January 2014.

Using their email, social media and bank accounts, Trend Micro traced several of the Android app developers and their money go-betweens to China. 

The firm found evidence that the criminals opened different bank accounts for each extortion campaign, which Trend Micro said typically lasted just a few weeks. The researchers suspect the criminals preyed predominantly on victims in China and Korea.

“The sextortion schemes we uncovered are complex operations that involve people across cultures and nations working together to effectively run a very lucrative business,” the researchers wrote in a report.

– (Copyright New York Times 2015)