For years, criminals have been tricking people into performing embarrassing sexual acts on the internet, and then blackmailing them with recordings. Now there's an Android app for this sort of extortion.
Trend Micro has found that criminals have developed advanced mobile applications and tools that siphon their victims' online passwords and contacts to increase the chance that they will pay up. In a latest report ‘sextortion in the far east’, Trend Micro's researchers detailed a new Android app that criminals are using to pressure their victims into blackmail.
WHAT IS SEXTORTION?
It's the act of coercing cybercrime victims to perform sexual favors or to pay large amounts of money in exchange for the non-exposure of their explicit images, videos, or conversations.
Development in SEXTORTION
Cybercriminals lure, record, and threaten their victims online, which includes a mobile malware component. During their chat or Skype session, cybercriminals convince victims to install a data stealer or disguised Android malware that steals victim data off their device. Cybercriminals can then threaten their victims with the possibility of sending the explicit content to their victim's contact list. The malware these cybercriminals used are persistent and exhibit various intrusive behaviors.
Researchers found that the extortionists first lure their victims through a number of online chatting tools. Once the trap is set, they feign audio or messaging problems to persuade their target to download one of four malicious Android apps. Using their email, social media and bank accounts, Trend Micro traced several of the Android app developers and their money go-betweens to China.
The company found evidence that the criminals opened different bank accounts for each extortion campaign, which typically, lasted for a few weeks.
"The extortion schemes we uncovered are complex operations that involve people across cultures and nations working together to run a lucrative business," Dhanya Thakkar, Managing Director- APAC, Trend Micro said. He added, “These once again prove that cybercriminals are not just becoming more technologically advanced— creating stealthier mobile data stealers, using complex stolen data drop zone infrastructures, and outsmarting banks to better evade detection—they are also improving their social engineering tactics, specifically targeting those who would be most vulnerable because of their culture.”