This year, cybercriminals were getting creative: playing on coronavirus panic, deepfake voices, using remote workers to hack into companies. Considering that sextortion has returned with new force, the creative ideas began to run out. But this time hackers focused on a specific group of people.
Bitdefender Antispam Lab experts recently discovered a new wave of ransomware targeting users of Zoom, a popular video conferencing service. Interestingly, this time the cybercriminals have worked on their mistakes and implemented more psychological tricks in their emails.
Anatomy of sextortion
To make sure the victim didn’t miss the message, the blackmailers decided to start with a catchy headline “Regarding a recent video conference at Zoom”. Further along in the first paragraphs, they draw attention with the words “you recently used Zoom and we have bad news for you.” Since during the coronavirus many people switched to working and studying remotely, the likelihood of hooking someone with such a phrase is very high. But that’s just the beginning.
Blackmailers are also referring to new 0-day vulnerabilities allegedly discovered in the app that allowed access to the camera and some other metadata in the user’s account. There have indeed been many reports this year of Zoom’s weak cybersecurity, from Zoom bombing to account theft.
Classically, cybercriminals insinuate that they managed to film sex scenes featuring you through a webcam. There seems to be nothing unique about this email, but the author suddenly starts making excuses and pressing pity. “I’m very sick, I lost my job, I’m about to be moved out, and I have no money to survive. It’s all because of a stupid virus. I’m very sorry. I have no other choice.”
The psychological pressure doesn’t stop there, and cyber blackmailer cites the recent case of CNN journalist Jeffrey Toobin, who was suspended for masturbating during a Zoom video chat at work. “I don’t want you to be the next Jeffrey Toobin,” he writes.
To keep the video from reaching your loved ones and employers, a hacker gives you three days to pay him $2,000 in bitcoins. The amount is non-negotiable, and he promises to delete the sensitive file after receiving payment.
Does it work?
You’d be surprised, but the psychological game based on shame and fear is very effective. Cybercriminals get millions of dollars out of their victims’ pockets every year. At the same time, the chances that such videos exist are negligible.
If you become the recipient of such an email, we advise you to delete it immediately, without opening it. Mostly, cybercriminals send out such threats randomly, using large batches of email addresses from data leaks.
The campaign targeted a quarter of a million recipients, mostly in the United States, and launched on Oct. 20.