133rd Day Of Lockdown

Maharashtra45019628703015842 Tamil Nadu2632222022834241 Andhra Pradesh166586886781537 Karnataka139571625002594 Delhi1384821242544021 Uttar Pradesh97362553931778 West Bengal78232548181731 Telangana6766048609551 Gujarat64684476632504 Bihar5956738508336 Rajasthan4555532051719 Assam4527633429109 Haryana3717330470440 Odisha3629723074248 Madhya Pradesh3428524099900 Kerala268731527885 Jammu and Kashmir2200614032407 Punjab1852711882442 Jharkhand135004794125 Chhatisgarh9820725661 Uttarakhand7800453890 Goa6816487656 Tripura5389360527 Puducherry3982241156 Manipur292017667 Himachal Pradesh2818165813 Nagaland21296574 Arunachal Pradesh175810633 Chandigarh116070619 Meghalaya9022645 Sikkim6882971 Mizoram4962660
Technology Other News 12 Aug 2019 Watch porn? New malw ...

Watch porn? New malware waits until you visit porn site, then starts recording

DECCAN CHRONICLE.
Published Aug 12, 2019, 1:31 pm IST
Updated Aug 12, 2019, 1:36 pm IST
The Varenyky spambot starts recording your screen whenever you visit a porn website.
The malware is designed to target just French computer users with Varenyky being aimed at those subscribed to Orange customers. (Photo: Pixabay)
 The malware is designed to target just French computer users with Varenyky being aimed at those subscribed to Orange customers. (Photo: Pixabay)

Last week, security researchers at ESET revealed their findings of a strain of malware that pushes the trend of sextortion to a whole new level. As the researchers say, Varenyky, as the malware is called, and has been named by its discoverers, monitors activity on infected computers, watches in a dormant state and then as soon as you visit a pornographic state, it starts to record.

As per the researchers, Verenyky was first discovered in May when a malware strike was observed in France. The twist here is that as of now, the malware is designed to target just French computer users with Varenyky being aimed at those subscribed to Orange customers.

 

This malware is loaded by sending out a fake invoice of Microsoft Word to Orange customers as an email attachment.  Forbes explains it as “When those documents are opened, a macro is executed which ensures the computer and its user are indeed French, if not the malware slips away with no damage done. But if the targeted computer ticks its boxes, Varenyky checks back with its C&C to determine what elements of malware to download, executing further macros to install software that can "steal passwords and spy on victims’ screens using FFmpeg when they watch pornographic content online."

 

When prominent keywords are triggered or websites (including but not limited to PornHub, YouPorn, Brazzers and more) are detected, “the malware records a computer’s screen using an FFmpeg executable—the recorded video is then uploaded to the C&C server." The major risk here is for advanced forms of sextortion or blackmail. As of now, the current findings appear to target the French people in general; there is scope for it to target specific individuals.

As many as 1500 spam emails have been sent per hour with its focus being on” win a smartphone competitions—an iPhone X, a Galaxy S9 or S10." Initially, the victim of this sextortion racket asks for personal information and then it progresses to demand other information such as credit card details as well. This is a broad-brush approach and nothing indicates that it is related to video capture of sex sites.

 

Forbes states, “Varenyky is interesting because of its specific national targeting and its mix of credential theft and sextortion campaigning. The triggered screen recording, though, is grabbing the headlines. Not because of this particular campaign—there is no evidence of the videos having been used maliciously yet, but because it's a nasty twist on a theme, and we can expect to hear more about it. As ESET warns, "this shows that operators are inclined to experiment with new features that could bring a better monetization of their work."

 

ESET warns that there are many functions of Varenyky such as "related to possible extortion or blackmail of victims watching pornographic content." Also, the hackers behind the malware are also said to already be in the sextortion business even though, as of now, the videos haven’t been used.

Click on Deccan Chronicle Technology and Science for the latest news and reviews. Follow us on Facebook, Twitter

...




ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT