Mobile ‘sextortion' schemes on rise, Trend Micro reports

Sextortion rings convince victims to record themselves performing sexual acts and threaten to distribute the recordings to all their contacts unless they pay up, according to a report by Trend Micro.

Sextortion rings that dupe victims into recording themselves performing sexual acts and afterward demanding ransom or they will publicly distribute the recordings are on the rise according to a report by Trend Micro.

The report details how the masterminds behind the scam in Asian countries rope in victims and collect payments but also how they developed their software tools, according to evidence gathered in cases in South Korea and Japan.

+ More on Network World: What network technology is going to shake up your WAN? +

One gang extorted $29,204 from 22 victims before being caught. The male victims were convinced by criminals posing as women via chat to video themselves performing explicit acts, according to the report.

The victims were also persuaded that their mobile-device connection was having audio problems and to download an Android app that would purportedly fix it, but the app actually stole their contact lists. The criminals used four separate versions of the data-stealing app, indicating an ongoing effort to improve their illegal operation. "The malware were classified according to package name. Differences in code and functionality were seen from variant to variant, which suggests ongoing malware development," the report says.

Investigators found evidence in a criminal's email account of receiving payment from at least five victims between Sept. 29 and Oct. 7, 2013. The emails also showed that accounts under two names were set up at three banks and all the account correspondence was sent to the same email address, zhuninhaoyun13 @ 163 . com.

The criminals carried out their scheme in campaigns that lasted a few weeks at a time, then set up in new accounts, the report says.

Code for the app that stole the contacts was found in a Google Code repository owned by a Chen Weibin, who worked on other projects including applications and Web sites for Android games, escort services and tax preparation, the report says.

Trend Micro says its investigation led them to believe the malware was written by a group of developers who live in Yanbian Korean Autonomous Prefecture, an area of China where Chinese and Korean are spoken.

"The sextortion schemes we uncovered are complex operations that involve people across cultures and nations working together to effectively run a very lucrative business," the report says. "These once again prove that cybercriminals are not just becoming more technologically advanced-- creating stealthier mobile data stealers, using complex stolen data drop zone infrastructures, and outsmarting banks to better evade detection--they are also improving their social engineering tactics, specifically targeting those who would be most vulnerable because of their culture."

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Follow our new CSO Australia LinkedIn
Follow our new social and we'll keep you in the loop for exclusive events and all things security!
Have an opinion on security? Want to have your articles published on CSO? Please contact CSO Content Manager for our guidelines.

Tags trend micro

More about GoogleTrend Micro

Show Comments

Featured Whitepapers

Editor's Recommendations

Brand Page

Stories by Tim Greene

Latest Videos

More videos

Blog Posts