Experts observed a new sextortion scam Xvideos-themed

A sextortion scam campaign attempts to trick victims into believing that the adult site Xvideos.com was hacked and that crooks recorded its visitors.

The creativity of cybercriminals is inexhaustible, a new variant of sextortion scam appeared in the threat landscape. A new sextortion scam campaign attempts to trick victims into believing that the popular adult site Xvideos.com was hacked and that crooks used a malicious script that records a visitor through their webcam.

In a classic social engineering scam, the emails sent to the victims also states inform them that hackers have stolen their data and contacts, the messages include a user’s old password obtained from third-party data breaches. Hackers threaten to publish the stolen material and the alleged videos if the victims will not pay $969 worth of Bitcoin.

“This variant of the sextortion scam has been under way for about a month now, but we first learned about last night when a reader contacted us to see if it was real.” reads a blog post published by BleepingComputer. “Like previous variants, this scam email includes a user’s old password obtained from data breaches and threatens to send videos of the recipients in compromising activities unless they send the attackers a bitcoin payment of $969.”

This is the first time that experts observed attackers using as bait the news of the hacked adult site.

Bleeping computers also published the full text of the messages used in this sextortion campaign.

"xxx is your pass. Lets get straight to purpose. Neither anyone has paid me to check about you. You do not know me and you are most likely wondering why you are getting this e-mail?" reads the message sent to the victims.

"Well, i setup a software on the X video clips (porn material) web site and you know what, you visited this site to have fun (you know what i mean). When you were watching videos, your browser began functioning as a RDP with a key logger which gave me access to your display and also web camera. after that, my software program gathered all your contacts from your Messenger, FB, as well as emailaccount. Next i made a double-screen video. 1st part displays the video you were viewing (you've got a good taste lol . . .), and 2nd part shows the recording of your web camera, yeah its you." 

Is the campaign effective?

To give you the answer we have to check the balance of the bitcoin addresses included in the email used by the scammers.

One of the addresses, 18z5c6TjLUosqPTEnm6q7Q2EVNgbCy16Td, used in this sextortion scam since early January 2019 received approximately .95 bitcoins ($3,200).

Unfortunately, sextortion scams are very profitable for crooks, they are very easy and cheap to arrange and associated risks are very low. 

Other variants of sextortion trick victims into installing malicious attachment that allow crooks to deliver data stealers and ransomware.

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – cybercrime, spam)

[adrotate banner=”5″] [adrotate banner=”13″]