{"id":14153,"date":"2018-12-21T06:30:21","date_gmt":"2018-12-21T14:30:21","guid":{"rendered":"https:\/\/www.palada.net\/index.php\/2018\/12\/21\/news-7919\/"},"modified":"2018-12-21T06:30:21","modified_gmt":"2018-12-21T14:30:21","slug":"news-7919","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2018\/12\/21\/news-7919\/","title":{"rendered":"Blackmail demand claims to have nailed you watching porn"},"content":{"rendered":"

Credit to Author: Leonid Grustniy| Date: Fri, 21 Dec 2018 14:00:13 +0000<\/strong><\/p>\n

One fine (or not so fine) day, you check your inbox and discover a message that starts like this:<\/p>\n

“I’m aware, ********** is your password. You don’t know me and you are probably thinking why you are getting this email, right? Well, I actually placed a malware on the adult video clips (porn) web site…”<\/p>\n

Or like this:<\/p>\n

“I hacked this mailbox and infected your operating system with a virus…”<\/p>\n

Or even:<\/p>\n

“I’m part of an international hacker group. As you can guess, your account was hacked…”<\/p>\n

\"\"<\/a> <\/p>\n

All sorts of variants exist, but the message boils down to a claim that the sender infected your computer by hacking your account or placing malware on a porn site you visited. They appear to have harvested your e-mail contacts, social networks, instant messengers, and phone book. They appear to have total access to your device, and they’ve also, it appears, hijacked your webcam to make a video of you watching something.<\/p>\n

\"This<\/a> <\/p>\n

The cybercriminals threaten to send the video to all of your friends and colleagues. The only way to stop them, they say, is to transfer a specified sum of cryptocurrency to an anonymous wallet.<\/p>\n

Some scammers give you only a few days, claiming to know exactly when you opened the e-mail, which supposedly contains a tracking pixel<\/a> that lets them monitor the message’s status. In some cases, as part of their effort to convince you of the existence of a compromising video<\/a>, you are asked to reply to the message, whereupon the scammers say they will send the video to a selection of your contacts.<\/p>\n

Of course, they say if payment is made, they’ll immediately destroy the video and the database of your contacts.<\/p>\n

Calm down, no one’s filmed you<\/h3>\n

In reality, there is no omnipotent “virus” or shameful video. How does someone know your password? Simple: The blackmailer has got hold of one of the many databases of user accounts and passwords available on the darknet, leaked from a variety of online services. Alas, such leaks are not uncommon \u2014 in the United States alone, no fewer than 163 million user records were compromised<\/a> in just the first three quarters of 2017.<\/p>\n

As for “knowing” that you’ve been viewing adult content, it’s a shot in the dark. The e-mail you received was sent to thousands, perhaps millions of people, with the addressee’s password (and other personal details) automatically merged into the message from the database. Even if only a few dozen recipients pay up, that will be more than enough for the scammer.<\/p>\n

The same goes for the promise to send a video to some of your friends as proof. Few people would want to verify the existence of such delicate material in this manner. Most would prefer not to risk even a limited disclosure of this kind of secret.<\/p>\n

Ransom message \u2014 with a bonus Trojan encryptor<\/h3>\n

Recently, scammers have come up with an even more effective way to make victims pay up: In early December, researchers at Proofpoint found a spam wave offering victims to personally verify the existence of an embarrassing video<\/a> without involving family and friends. All they had to do was follow the link in the message.<\/p>\n

Naturally, no video appeared. Instead, users were prompted to download a ZIP archive, which if unpacked and run really did infect the system \u2014 big time.<\/p>\n

Don’t worry, cybercriminals still won’t be filming you watching porn. What they do, however, is encrypt your files with the GandCrab malware<\/a>, and demand more ransom \u2014 this time, to recover your data.<\/p>\n

How to stay safe<\/h3>\n

To avoid falling victim to ransomware scammers, we advise being cautious and following a few simple steps. Here’s what you don’t<\/em> want to do:<\/p>\n