Septile-based hacker Hijacking victims’ webcams or blackmailing them with nude blackmails that they were cheated or forced to share, long represented one of them The most disturbing form of cybercrime. Now, a widely available spyware specimen turns relatively manual crime into an automation feature that detects when users browse porn on their PC, filters it, and takes candid photos of victims through their webcams.
On Wednesday, researchers at security company Proofpoint released their analyze Open Source Variants “InfoStealer” malware Since May this year, the company has seen the company use STEALERIUM in multiple cybercrime activities. Like all InfoStealer, malware is designed to infect target computers and automatically send various stolen sensitive data to hackers, including bank information, usernames and passwords, and keys to victims’ cryptocurrency wallets. Stealerium, however, adds another, more humiliating form of espionage: It also monitors the victim’s browser for web addresses that include certain NSFW keywords, screenshots browser tabs that include those words, photographs the victim via their webcam while they’re watching those porn pages, and sends all the images to a hacker—who can then blackmail the victim with the threat of releasing them.
“With InfoStealers, they’re usually looking for everything they can grab,” said Selena Larson, one of the proof researchers who worked on company analysis. “This adds to privacy intrusions and sensitive information that you absolutely do not want in the hands of a particular hacker.”
“It’s rough,” Larson added. “I hate it.”
Tens of thousands of emails were found among hackers found by two different hacker groups (operated by two different scales of cybercriminals) and many other email-based hacker activities, proving that Point mined the capabilities of Sheterium. Strangely, Sheterium is available on Github as a free open source tool. The developer of the malware was described by a developer named Witchfindert as a “malware analyst” in London and stated on the page that the program is for “only educational purposes”.
“It is your responsibility to use this program,” the page reads. “I will not be responsible for any illegal activities. I won’t give you how to use it. ”
In the analysed hacker campaign proof, cybercriminals attempted to trick users into downloading and installing ketherium as an attachment or web link, attracting typical baits such as fake payments or invoices. These emails are targeted at victims within the hospitality industry as well as in education and finance, and although the proof point points indicate that users outside the company may also be targeted, their monitoring tools will not be seen.
Once installed, Sheterium is designed to steal all kinds of data and send it to hackers via services like Telegram, Discord, or SMTP protocols such as spyware, all relatively standardized in InfoStealers. The researchers were even more surprised to see the automated seven-point line feature, which monitors a list of terms related to porn by browser URLs such as “sex” and “porn” that can be customized from users’ webcams and browsers by hackers and triggered image capture. Proofpoint notes that it has not identified any specific victims of the breakdown feature, but the presence of the feature indicates that it may have been used.
