Online Porn Pays Off For Fraudsters

hacker

Like it or not, pornography — among the most ancient human creative endeavors — is a central player in the digital world we inhabit.

By some accounts, pornography played a central role in the rise of the internet (and provided significant funding for cable and telecom operators). Between 4 and 30 percent of internet traffic is related to porn, roughly, according to which estimates you trust (and recent estimates have been on the lower end of the scale). And when it comes to one of the emerging digital commerce technologies, virtual reality, pornography is serving as a trailblazer of sorts (to no one’s actual surprise, perhaps).

Pornography also plays a role in online fraud and cyberattacks involving ransom, as demonstrated this week in a case involving a 24-year-old student sentenced to six years imprisonment in the U.K. The story not only shows how online, organized hackers operate, but how they take advantage of consumer mindsets to steal money via digital channels.

Ransom Operation

The student, Zain Qaiser, reportedly “made hundreds of thousands of pounds blackmailing pornography website users with cyberattacks,” according to account from the BBC.

The operation went like this, according to press accounts: Qaiser, who was arrested five years ago, would hijack another person’s computer via malware and demand a ransom payment to unfreeze that person’s machine. “The teenager posed as a legitimate supplier of online promotions and booked advertising space on some of the world’s most popular legal pornography websites,” the report said. “Any visitor to the adult site who clicked on one of Qaiser’s fake adverts would trigger the download to their own computer of the attack kit.”

Qaiser’s ransomware then would display a message designed to mimic the look and feel of a communication from law enforcement, a message that said the person on the other end had broken the law by accessing online pornography. But the allegedly guilty party — the porn viewer — could make things right by paying Qaiser a “fine” of up to approximately $260.

In other words, as reported in press accounts, Qaiser preyed upon victims with guilty consciences, or who feared being embarrassed by having their online porn viewing habits exposed to others.

Payment Details

Qaiser allegedly bolstered the threat by telling victims that their webcams had captured proof of their alleged misdeed, and by giving them payment deadlines. U.K. authorities said they don’t know exactly how much money Qaiser made from the scam, but reports said the take was significant. For one month, for instance, he apparently made more than $14,000 from the con. Officials “calculated just one of the fake adverts appeared on 21 million web browsers every month — including 870,000 appearances on pornography pages accessed in the UK,” the BBC report said.

Cryptocurrency reportedly also played a role  in the operation — U.K. investigators said Qaiser moved about $5.2 million “through a string of crypto-currency platforms — although a great deal of these profits were ploughed back into the scam by buying more and more advertising space,” the BBC said.

The student allegedly also had the help of others who helped him move his ill-gotten gains through such locations as Gibraltar and Belize and back to U.K. accounts accessible online. Authorities also said Qaiser had ties to a Russian who supplied cyberattack technology for the operation, and that he “forged contacts with online criminals from China and the USA to help shift the cash.”

Ransomware Trends

It’s hard to get a clear picture of how many ransomware attacks take place — not just against consumers, but also companies — as the very nature of the attack discourages reporting them to authorities.

“When ransomware first emerged, enterprise security teams rarely saw it as a major security threat,” reads one recent analysis of that type of cyberattack. “Typical victims were home computer owners who were unaware of the importance of avoiding suspicious websites or exercising caution with mysterious email attachments.” But that changed in 2013, with the release of the Cryptolocker Trojan, which sent a shocking message to victims that their files had been encrypted and would be deleted if a ransom wasn’t paid within three days. It was almost impossible to defend against.

Now ransomware attackers are increasingly going after bigger, higher-level targets — those with the potential of more lucrative paydays than offered by Qaiser’s online porn-centered operation. “Today analysts are seeing an increase of hardcore extortionists using ransomware to target prime organizations with high-value targets,” that analysis reads.

Porn Appeal

This type of con that Qaiser did offers a unique appeal, of course: Victims are very unlikely to alert authorities when they experience the malware attack and are told to pay up. In fact, there is no evidence that any victim of this operation ever alerted law enforcement. Qaiser reportedly was caught only because a Canada-based advertising firm asked him to stop selling those ads — the advertisements meant to trap victims. In response to that request, Qaiser allegedly launched a distributed denial of service (DDOS) attack against that firm in an attempt to blackmail it. Instead, that company contacted the police.

The attacks took place between 2012 and 2014, though Qaiser’s case was delayed in part because of his defense raising issues about his mental health. It doesn’t seem Qaiser did anything that could be called pragmatic with his gains. Reports based on court records said he blew much of it on gambling, a luxury watch, drugs and a regular supply of prostitutes, among other purchases.

No matter how he used, or wasted, the stolen money, Qaiser’s imprisonment and the details of his operation show that online fraud can come from any angle, and involve activities that consumers — or even companies — would rather keep under wraps.