Webcams are among the latest tools being used by hackers, who literally peek into bedrooms. This from a report, Selling Slaving, just released by the Digital Citizens Alliance (DCA), focusing on a subset of hackers known as “ratters.”
The name is an acronym for “Remote Access Trojans,” an easily accessible type of malware that enables hackers to take control of individual computers from afar.
The computers ratters enlist in their efforts are known as slaves. DCA found international hackers invading the privacy of devices in 33 states, as well as other countries, with many providing commentary in Arabic about the response of their victims.
The malware is loaded by unknowing, often young users who frequent pirates sites like Pirate Bay and KickassTorrents. Once loaded the malware opens the door to everything on a computer, including its webcam. The invasion of privacy is made even worse by the fact that many ratters post videos, including victims’ names and IP addresses on videos posted on YouTube.
In a disturbing twist, many ratters make money through YouTube’s partner program, running ads on the videos for major brands, and splitting the revenues with YouTube.
The Digital Citizens Alliance also found that a number of ratters engage in the practice of “sextortion,” requiring victims to make videos or else face humiliation online though the use of information that they have acquired from their computers.
Here is a summary of some of the most compelling findings:
- “Ratters” are aggressively launching 1:1 attacks on consumers and “slaving” their devices, is a growing problem. It takes ratters little time to slave hundreds of devices. From there, they can gather private information off those devices, which they can then use to “sextort” the owners of the devices. Some of the ratters’ victims have been forced to make videos where they must do as the ratters say or be publicly humiliated.
- On the hackers’ chat room, Hack Forums, there are more than 1.5 million posts that discuss acquiring, creating, and spreading RATs (as of 7/22/15). Digital Citizens found one post where a Hack Forums participant offered access to the devices of girls for $5 and guys for $1. We found repeated posts where ratters said the best places to spread RATs were YouTube and content theft sites, like Pirate Bay and KickassTorrents.
- Digital Citizens went on to YouTube and scoured through hundreds of ratters’ videos with ads from well-known companies – running alongside the videos. Many videos had the faces of victims and IP addresses to hacked computers. In fact, Digital Citizens researchers found IP addresses potentially connected to devices in 33 states and dozens of other countries.
- On Hack Forums, ratters talked about how content theft sites, like Pirate Bay, and KickassTorrents, were great places from which to spread RATs. Researchers also found YouTube videos demonstrating how to use content theft sites to trick victims into downloading dangerous malware.
- Ratters can make money through YouTube Partner Program. If a ratter joins the YouTube Partner Program, and, like the videos in our report, their video is “approved” then it starts to be monetized. In the Partner Program, YouTube promises to split ad revenues with that approved videos for their traffic. You start getting views on YouTube, you start making money – potentially thousands of dollars. In a survey of 200 RAT videos Digital Citizens researchers found ads running on nearly 40 percent.