The hacker knew every move the unsuspecting victim made. He controlled her computer webcam and microphone. He could see her in her bedroom, hear her conversations, knew every keystroke she made online. And he threatened to expose her secrets unless she bowed to his demands.
It may sound like the plot for a scary teen movie, but it actually happened, and there wasn’t just one victim—there were more than 200, and dozens of them were adolescent girls.
Don't Let It Happen to You
Here are a few precautions that can keep you from being victimized by a social engineering attack:
- Don’t take for granted that your computer’s anti-virus software is a guarantee against intrusions.
- Turn off your computer when you aren’t using it. (The majority of computers involved in the sextortion case were laptops; many of the victims chatted on social networks so much that they never turned off their machines.)
- Cover your webcam when not in use.
- Don’t open attachments without independently verifying that they were sent from someone you know.
- It’s okay to be suspicious. If you receive a message with an attachment from your mother at 3 a.m., maybe the message is not really from your mother. “Most people are too trusting when it comes to their computers,” Agent Kirkpatrick said.
- If your computer has been compromised and you are receiving extortion threats, don’t be afraid to talk to your parents or to call law enforcement.
Unlike many computer intrusions, where a hacker uses malicious software to steal identities or financial information, this case was primarily about spying and extortion—or as our Los Angeles cyber squad more aptly termed it, “sextortion.”
The hacker, a 31-year-old California man who was arrested in June after a two-year investigation, used malicious code to infect and control the computers of his victims. Then he searched for explicit pictures from their computers, downloaded them, and used the images in an attempt to extort more pictures and videos from them.
“What’s so frightening about this case was how easily the victims’ computers were compromised,” said Special Agent Jeff Kirkpatrick, one of our Los Angeles cyber investigators who worked the case.
After the hacker infected one computer, he used a popular social networking site—and a technique called “spear phishing”—to spread the virus. “It was a social engineering attack,” said Special Agent Tanith Rogers, co-investigator on the case. “The victims were tricked. They had no idea what had happened until it was too late.”
In several instances, the hacker posed online as a young woman’s friend or sister and sent messages with attachments asking if the victim wanted to see a scary video. Because the messages appeared to be from a trusted source, the victims usually didn’t think twice about opening the attachment. When they did, the virus secretly installed itself, and the hacker had total control over their computers—including all files and folders, webcams, and microphones.
Using similar spear phishing methods—posing as a friend or a trusted source—the hacker spread the virus through the social network like wildfire. In all, there were 230 victims and more than 100 computers impacted.
“And this guy was no computer genius,” Agent Kirkpatrick said. “Anybody could do what he did just by watching an online video and following the directions.”
Have Information on the Case?
The hacker in the sextortion case used a variety of screen names and e-mail addresses, which are listed below. If you have information regarding the case—there may be other victims—please contact your nearest FBI office or submit a tip online.
Victims—particularly teenage girls—were understandably devastated when they learned their privacy had been so completely violated. Many were afraid to tell their parents about the situation.
“He was smart,” Agent Rogers said of the hacker. “He used their fear to try to control them.”
For example, the hacker attached a pornographic picture of one victim in an e-mail and demanded sexually explicit video of her in return for not telling her parents about the pictures he had downloaded from her computer.
“If he hadn’t attempted to contact the victims,” Agent Rogers said, “he could have done this forever and gone undetected—the victims would never have known he was listening and watching. That,” she added, “is one of the most disturbing things about this case.”
This needs bumped back in focus. Please copy and paste this into a hub. You may save a life! Thanks for the information.
goldenpath thanks for your comment - serious business.
The ability to control another persons computer has been around since,,,,,, computers.
This is how those massive attacks happen. Thousands of computers get infected and are used as "host" to attack a server, website or whatever.
It's an old trick that's been around forever. What this guy did was just a variation of that. Old news but worth repeating since so many don't know how it works.
by theirishobserver. 7 years ago
In 2010 almost 8,000 Irish Females travelled to England to have their unborn babies terminated. Some of these females were as young as 11 years old; the majority of terminations were convenience terminations, Doctors being told that the women simply did not want another child or that they were...
by WD Curry 111 7 years ago
Call to all atheists! I have locked horns with a few of you already. I am brand new to Hub Pages, but you are out of line to call me a newbie. I worked on the first generation of graphic computers. They weren’t even available to the public yet. I worked for a government subsidized electronics...
by Prince Maak 9 years ago
Can we live or can we work without Computers? How will be our Life without COMPUTERS.
by Stacie L 4 years ago
ALICIA A. CALDWELL, Associated PressSondra Arquiett, who was arrested on drug charges 2010 for her role in a suspected drug distribution network, is suing the agent in federal court in the Northern District, in upstate New York. The case is scheduled go to trial in Albany, New York.In her complaint...
by DreamerMeg 11 months ago
Best children's computer for 6 - 9 year old?I am thinking of buying a child's laptop computer for Christmas for a 6 - 9 year old. I have looked at a number on Amazon and the best so far seems to be the Leap Pad version 2, it get a good rating. A number of children's computers get slated for...
by Dorsi Diaz 7 years ago
My HubPages account was hacked yesterday. I had posted about my earnings in one of the forums here in response to a question that was asked. This looks like a targeted attack on my account here. The hacker changed my password, changed my pic, wiped my bio clean and entered a different email under...
Copyright © 2018 HubPages Inc. and respective owners. Other product and company names shown may be trademarks of their respective owners. HubPages® is a registered Service Mark of HubPages, Inc. HubPages and Hubbers (authors) may earn revenue on this page based on affiliate relationships and advertisements with partners including Amazon, Google, and others.
|HubPages Device ID||This is used to identify particular browsers or devices when the access the service, and is used for security reasons.|
|Login||This is necessary to sign in to the HubPages Service.|
|HubPages Traffic Pixel||This is used to collect data on traffic to articles and other pages on our site. Unless you are signed in to a HubPages account, all personally identifiable information is anonymized.|
|Remarketing Pixels||We may use remarketing pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to advertise the HubPages Service to people that have visited our sites.|
|Conversion Tracking Pixels||We may use conversion tracking pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to identify when an advertisement has successfully resulted in the desired action, such as signing up for the HubPages Service or publishing an article on the HubPages Service.|