- Two low -level cybercrime groups use strealerium to extort the victims who look porn
- Malware takes screenshots and webcam photos, then requires payment
- It spreads through Phishing and is mostly aimed at individuals and small industries
Cybercriminals have begun to use spyware to take screenshots and web snapshots of people who look at pornography on their computers, and then extorted them for money, experts warned.
A report by security researchers, ProofPoint, claims to have seen at least two piracy groups doing this, describing how TA2715 and TA2536, two groups of cyber crimes of “low sophistication”, have been using an improved version of Stealerium, a well -known open source infoster.
The stirrup itself is distributed regularly, through electronic pHishing emails, invoices or payment notices. The criminals mostly attacked people in the hotel industry, education and finance, but ProofPoint added that other people, mostly people outside of any work environment, were probably also directed, but monitoring tools could not detect them.
Rare but disgusting
The previous versions of Stealarium are not very different from their garden variety infant -Variety: They steal login credentials, browser cookies, credit card data (through web scraping session tokens) of games of games such as Steam, cryptographic wallet data and all types of confidential files. However, this new variant can also detect when the victim opens a tab with pornographic content, when he will take screenshots and appear in the webcam for some snapshots.
“While this characteristic is not novel among the malware of cyber crime, it is not often observed,” said ProofPoint.
TA2715 and TA2536 are not popular, large or sophisticated threat actors. The previous reports do not link it to any nation-state, and have not been observed to participate in ransomware or extort the victims for seven-digit rescues. Therefore, it is possible that these criminals are more inclined to attack people without particular interest to the general public, who would also feel shame informing such an incident.
The best way to defend these attacks is to implement a strong antivirus program and think before clicking any email attachments or files.
