New Threat Research: Uncovering Adversarial LDAP Tradecraft

Read Threat Research


Blogger and WordPress Sites Hacked to Show Sextortion Scams

Scammers are hacking into WordPress and Blogger sites and using the hacked accounts to create posts stating that the blogger’s computer has been hacked and that they were recorded while using adult web sites. These types of threats are called sextortion and are typically sent via email to recipients whose information was disclosed in data breaches. These scam emails then threaten the recipient that their video will be released to everyone on their contact list unless an extortion demand is paid.

Analyst Notes

Most “Sextortation” scams play on a person’s fear, but usually are not backed up by any actual video or screenshots. It is highly recommended to not click on any links that are provided in the scam email, report the email to the proper law enforcement agency, then delete the email. It is also recommended to place a removable cover on the webcam of any computer that includes a camera, and leave it covered when not in use. There are many malware variants, including features in the popular penetration testing tool Metasploit, that can capture pictures, video, and audio from a computer infected with that malware. If an attacker does access the webcam, a cover will ensure that no video is obtained.

To read more: