Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Porn websites. Show all posts

Malware recorded video once pornographic websites are visited








ESET’s security researchers last week disclosed the discovery of new malicious malware that is being predominantly used for online extortion.

The malware popularly called as “Varenyky” was named by its founder, watches the activity of infected computer until the pornographic website is visited and then it starts recording the screen, later the video is used for blackmailing and extortion

Varenyky was first discovered in May, in France according to the ESET reports. Varenyky is designed to target French computer users. 

The malware starts by sending attached malicious code through fake email attachments as invoices in the form of Microsoft word attachments, the macro attached to malware ensures the user is French, if the targeted computer ticks its boxes, Varenyky determines which elements have to be downloaded on the target computer, and then execute macros that further install software which can steal passwords and can spy on the target system.

The moment target computer goes to the network that uses trigger keywords like “YouPorn, Pornhub, Brazzers” Varenyky starts recording computer screen using an FFmpeg executable - after that video is uploaded on the C&C server.

The risks involve blackmailing and sextortion. while the current reports suggest that the malware is relatively generic and is meant to target French computer users but in future could be potentially used to attack other individuals as well.

Google, Facebook tracking porn preferences of users








Researchers at Microsoft, Carnegie Mellon University, and the University of Pennsylvania found out that Google and Facebook are tracking users porn consumption data, even in incognito mode. 

The experts analyzed 22,484 porn sites and 93 percent of them send data to several domains that are owned by third-party companies.

“[E]veryone is at risk when such data is accessible without users’ consent, and thus can potentially be leveraged against them,” write the authors. “These risks are heightened for vulnerable populations whose porn usage might be classified as non-normative or contrary to their public life.” 

According to the study, Google is the No.1 company who receives data from the third parties. The research found that Google or its subsidiaries had trackers on 74% of the pornography sites, while  Facebook had trackers on 10% of the sites. 

“[M]any sites and apps include code from other parties of which users are typically unaware,” the authors say. “Such ‘third-party’ code can allow companies to monitor the actions of users without their knowledge or consent and build detailed profiles of their habits and interests.”

Only 17 percent of all the analyzed sites in the research sample were encrypted. More ever, 49.97 percent of porn site URLs expose or strongly suggest the identities, sexual orientation, and intimate interests of visitors.

“[T]hese porn domains contain words or phrases that would likely be generally understood as an indicator of a particular sexual preference or interest inherent in the site’s content,” the researchers say. [T]hese might also likely be assumed to be tied to the user accessing that content.”

The study found that only 17 percent of porn sites have a privacy policy and encrypted data transfer. 


“The policies were written such that one might need a two-year college education to understand them,” the authors note.