Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Child pornography. Show all posts
VPM
Child pornography Extortion Honeytrap malware VPM

Malware Author Lures Child Abusers Into Honeytrap to Extort Them

 

You rarely root for online criminals, but a new malware campaign targeting child exploiters does not make you feel awful about the victims. 

Since 2012, threat actors have developed a range of malware and ransomware that impersonate government agencies and earn affected Windows users that they are seeing CSAM. The software informs users that they must pay a "penalty" to keep their information from being transferred to law enforcement. 

One of the first "modern" ransomware operations, known as Anti-Child Porn Spam Protection or ACCDFISA, used this extortion strategy in conjunction with initially locking Windows systems and eventually encrypting files. 

Similar extortion techniques were used by cybersecurity researcher MalwareHunterTeam to share an executable malware sample named "CryptVPN" [VirusTotal] with BleepingComputer last week. This time, though, the malware creator is going after people who actively seek child pornography rather than innocent people. 

Security specialists investigated the malware and discovered that threat actors posed as UsenetClub, a subscription service that allows users to download films and images from Usenet with "uncensored" access.

Usenet is an online discussion platform that allows users to discuss different topics in "newsgroups" to which they have subscribed. While Usenet is used for valid discussion of a variety of topics, it is also a notorious source of child pornography.

Threat actors designed a fraudulent site pretending to be UsenetClub and offered three subscription tiers for the site's content. The first two were paid subscriptions, ranging from $69.99 per month to $279.99 annually. However, a third option claimed to allow free access if you install and employ the free "CryptVPN" software to access the site. 

Clicking the "Download & Install" button will download a CryptVPN.zip file from the website, which when unpacked will contain a Windows shortcut called "CLICK-HERE-TO-INSTALL". 

This file is a shortcut to the PowerShell.exe executable that downloads and saves the CryptVPN.exe executable to C:\Windows\Tasks.exe before executing it. The malware executable is packaged with UPX, however when unpacked, it contains a PDB string indicating that the creator titled the malware "PedoRansom". 

The malware does nothing uncharacteristic except change the target's wallpaper to an extortion demand and drop a ransom note named README.TXT on the desktop, which includes similar extortion demands. 

"You were searching for child exploitation and/or child sexual abuse material. You were stupid enough to get hacked," reads the extortion demand. "We have collected all your information, now you must pay us a ransom or your life is over.”

The extortion goes on to say that the victim must pay $500 to the bc1q4zfspf0s2gfmuu8h5k0679sxgxjkd7aj5e6qyl Bitcoin address within ten days or their identity will be leaked. Currently, this bitcoin address has only received roughly $86 in payments. 

Threat actors have long used "sextortion" strategies, such as sending bulk emails to a large number of people in an attempt to scare them into paying an extortion demand. 

These approaches worked very well at first, with spammers extorting more than $50,000 per week during the early operations. However, as time passes and the victims of these frauds become more aware, sextortion operations no longer yield the same money. 

While this strategy is more innovative and will scare many individuals looking for this type of stuff, we doubt many people will pay the extortion demand.
Read more »
Technology
Child pornography Cyber Attacks Online Predators Technology

Online Predators Target Children’s Webcams, Study Finds

 


The Internet Watch Foundation has reported a significant rise in the production of sexual abuse images using webcams and similar recording equipment across the globe. The increase has been staggering, with the number of such images having multiplied ten times since 2019. 

Social media platforms and chatrooms are frequently utilized by perpetrators to initiate contact with minors, and the abuse may take place both in virtual and real-world settings. With the ongoing advancements in technology, predators are increasingly resorting to technology-based means to carry out sexual exploitation of children. Predators can exploit a child's webcam to produce, capture, and distribute child pornography. 

The approach researchers followed was to develop a set of automated chatbots impersonating 13-year-old girls. These bots were deployed as bait to lure online predators present in various chatrooms typically frequented by children. The chatbots were designed to remain passive and respond only to individuals indicating that they were above 18 years of age. 

At the outset of each conversation, the bots revealed their age, sex, and geographical location, adhering to established chatroom norms. This ensured that the conversations were exclusive with adults knowingly and voluntarily conversing with an underage individual. Although it is plausible that some chat partners were underage and posing as adults, existing research indicates that online predators usually misrepresent their age, portraying themselves as younger rather than older. 

According to the research, their chatbots engaged in a total of 953 conversations with individuals who self-identified as adults and were informed that they were communicating with a 13-year-old girl. Almost all of these exchanges had a sexual undertone, with a particular focus on webcam usage. Some perpetrators were explicit in their requests and offered payment for child sexual abuse material, while others tried to persuade the child to provide such content through the promise of love and future prospects. 

Moreover, as per the report published by the researcher, they have found that 39% of the conversations involved unsolicited links. Upon forensic examination of these links, they discovered that 19% of them (71 links) contained malware, while 5% (18 links) directed the user to phishing websites. Additionally, the researchers noted that 41% (154 links) of the links were linked to Whereby, a video conferencing platform operated by a Norwegian company. 

The initial step towards creating a secure and dependable cyberspace is through raising awareness. The team of researchers said that parents and policymakers should start recognizing such problems and start taking measures against cyber threats. Following this, the researchers recommended following safety steps. 

Firstly, make sure to cover your child's webcam to prevent potential predators from spying on them. Although this may not entirely prevent online sexual abuse, it is an essential measure to protect your child's privacy. Secondly, closely monitor your child's online activities, as the anonymity of social media platforms and chatrooms can provide a means for predators to initiate contact. 

It is important to remind your child that online strangers should be treated with caution, just like strangers in the real world. Educate them about the potential dangers of interacting with unknown individuals online.
Read more »
Webcam abuse
Chatbots Chatrooms Child pornography Cyber Crime Internet Watch Foundation online sexual abuse Webcam abuse

Online Predators are Targeting Children Webcams


The Internet Watch Foundation reports that since 2019, there has been an increase in sexual abuse imagery generated with webcams and other recording devices worldwide. 

One of the most frequently used platforms to contact kids is social media chatrooms, through which abuse may happen both online and offline. Predators are increasingly leveraging technological advancements to commit sexual abuse with the aid of technology.

Once a predator has succeeded in getting access to a child’s webcam, the content is then used to record, produce and distribute child pornography.

Chatbots: How was the Study Conducted 

A team of criminologists, studying cybercrime and cybersecurity, conducted research to investigate the methodologies used by online predators to hack children’s webcams.

For this, the researchers posed as children (potential victims) to assess the movements of online predators. They started by creating several automated chatbots to lure online predators in some of the chatrooms popular among children.

The bots are programmed in a way that they would not initiate any conversation and will respond only to users who are above 18 years of age.

Furthermore, they are programmed to start each conversation by mentioning their age, sex, and location. This was done to ensure that the conversations documented were with individuals over the age of 18 who were knowingly and voluntarily conversing with a minor. It is standard procedure in chatroom culture. Although it is likely that some of those involved were minors impersonating adults, a prior study has shown that online predators tend to portray themselves as younger rather than older, not the other way around.

Methods of Attack 

The chatbots recorded 953 chats with self-identified adults who claimed to be adults who were told they were conversing with a 13-year-old girl. The chats were almost exclusively sexual in nature, with a focus on webcams. Some predators made their demands clear and offered to pay for films of the child performing sexual acts right away. Others made an attempt to solicit videos by making promises of future love and partnerships. Along with these frequently employed strategies, it was being discovered that 39% of chats had an unsolicited link.

A forensic investigation conducted on the links reports that 19% (71 links) were embedded with malware, 5% (18 links) led to phishing websites, and 41% (154 links) were associated with whereby, a video conferencing platform operated by a company in Norway. 

It was very obvious how some of these links were used by a predator to harm the child victims. Online predators can remotely access a child's camera by infecting their computer with spyware. Personal information can be collected from phishing websites and utilized by the predator to harm their victim. For instance, phishing scams can give a predator access to a child's computer password, which can then be used to log in and control the child's camera remotely.

How can you Keep Your Child Safe From Online Predators? 

Awareness is the initial step towards a safe and trustable virtual space. These attack methods are mentioned for the parents and policymakers so that they could protect and educate the otherwise vulnerable individuals.

Since the issue is now made transparent to videoconferencing firms, they are looking forward can modifying their platforms to prevent such assaults in the future. In the long run, putting more emphasis on privacy could stop designs that could be used for evil purposes.

Here, we are recommending some of the ways that could help in keeping your child safe while in cyberspace: 

  • Protect your child's webcam at all times. While this does not stop sexual abuse, it will prevent online predators from eavesdropping on victims through a webcam. 
  • It is highly advised to actively monitor your child’s online activities. Chatrooms and social media’s attribute of anonymity serve as an advantage to predators to facilitate initial contact following up on a case of online sexual assault. One must keep in mind that online strangers are still strangers, thus making it crucial for your child to be taught about ‘stranger danger’.  

Read more »
Subscribe to: Posts (Atom)