Last week, security researchers at ESET revealed their findings of a strain of malware that pushes the trend of sextortion to a whole new level. As the researchers say, Varenyky, as the malware is called, and has been named by its discoverers, monitors activity on infected computers, watches in a dormant state and then as soon as you visit a pornographic state, it starts to record.
As per the researchers, Verenyky was first discovered in May when a malware strike was observed in France. The twist here is that as of now, the malware is designed to target just French computer users with Varenyky being aimed at those subscribed to Orange customers.
This malware is loaded by sending out a fake invoice of Microsoft Word to Orange customers as an email attachment. Forbes explains it as “When those documents are opened, a macro is executed which ensures the computer and its user are indeed French, if not the malware slips away with no damage done. But if the targeted computer ticks its boxes, Varenyky checks back with its C&C to determine what elements of malware to download, executing further macros to install software that can “steal passwords and spy on victims’ screens using FFmpeg when they watch pornographic content online.”
When prominent keywords are triggered or websites (including but not limited to PornHub, YouPorn, Brazzers and more) are detected, “the malware records a computer’s screen using an FFmpeg executable—the recorded video is then uploaded to the C&C server.” The major risk here is for advanced forms of sextortion or blackmail. As of now, the current findings appear to target the French people in general; there is scope for it to target specific individuals.
Post Your Comments