Zark Muckerberg cover his webcam for a reason.
Automated Sextortion Spyware Takes Webcam Pics of Victims Watching Porn
Submitted 3 weeks ago by along_the_road@beehaw.org to technology@beehaw.org
https://www.wired.com/story/stealerium-infostealer-porn-sextortion/
Comments
psx_crab@lemmy.zip 3 weeks ago
dumbass@leminal.space 3 weeks ago
That photo is why I’ve covered my cameras, if that creepy spying fuck does it, there must be a reason.
FaceDeer@fedia.io 3 weeks ago
This is where having unusual fetishes pays off, so the software has no idea you're watching something "pornographic."
LaggyKar@programming.dev 3 weeks ago
The same thing spam e-mailed have claimed to have done for ages
Perspectivist@feddit.uk 3 weeks ago
So how does this work exactly?
“Pay up or we tell everyone that you watch porn”
scrubbles@poptalk.scrubbles.tech 3 weeks ago
Exactly that
knokelmaat@beehaw.org 3 weeks ago
There is a difference between telling and putting videos on the internet of you masturbating.
ready_for_qa@programming.dev 3 weeks ago
That only works if you masterbate while watching porn.
Deyis@beehaw.org 3 weeks ago
Blackmail can be very lucrative.
HubertManne@piefed.social 3 weeks ago
OMG! This is my kink. Where can I get this?! Oh no. Oh no. Don't put that video of me out on the internet for all to see. For all to see me doing those dirty dirty things. The shame. The humiliation. Please please. Ill do anything. ANYTHING!
fwygon@beehaw.org 3 weeks ago
I’d say they’re getting desperate to extort the few victims they manage to infect with this crap if they’re adding an extortion/blackmail component to this that isn’t your bog standard “oh files are now encrypted” malware.
Since ransomware is pretty much known to be common enough; it’s clear that people are backing up data on a regular enough basis to be resistant to it; especially if the criminal is demanding far more money than any data they managed to take hostage is worth to the person. Since cloud services are ubiquitous now; it’s likely they already have critical documents and photos backed up safely and the ransomware fails if all the user does is find someone techy to just nuke the whole system and reinstall everything from their cloud backup.
Using browser activity and webcam spying might seem clever but it’s just a reaching maneuver to extort people who would ordinarily just shrug off a ransomware infection but whom still have poor enough opsec online to be affected greatly by such blackmail.
cmnybo@discuss.tchncs.de 3 weeks ago
Don’t leave cameras uncovered. Webcam covers are cheap. Tape works too.
tal@lemmy.today 3 weeks ago
I mean, true. But I kind of feel like once you’ve got malware on your system, there are an awful lot of unpleasant things that it could manage to do. Would rather focus more on earlier lines of defense.
The “try and sextort” thing might be novel, but if the malware is on the system, it’s probably already swiping all the other data it can anyway.
It sounds like in this case, the aim is to try to get people to invoke executables by presenting them as ordinary data files:
Like, I kind of feel that maybe a better fix is to distinguish, at a UI level, between “safe” opening and “unsafe” opening of something. Maybe “safe” opening opens content in a process running in a container without broader access to the host or something like that, and maybe it’s the default. That’s what mobile OSes do all the time. Web browsers don’t — shouldn’t — just do unsafe things on the host just because someone viewed something in a browser — they have a restricted environment.
In a world that worked like that, you need to actively go out of your way to run something off the Internet outside of a containerized environment.