A transnational sextortion ring was uncovered and dismantled following a joint investigation between Interpol’s cybercrime division and police in Singapore and Hong Kong.
Interpol says that 12 suspects believed to be core members of this criminal organization were arrested in July and August after investigators found that they asked potential victims via online sex and dating platforms to download a malicious mobile app to engage in “naked chats.”
However, their targets didn’t know this app was designed to steal the contents of their phones’ contact lists which the cybercriminals would use to blackmail the victims, threatening to share their nude videos with relatives and friends in their address books.
“We conducted a proactive investigation and in-depth analysis of a zombie command and control server hosting the malicious application, which – along with the joint efforts by our counterparts – allowed us to identify and locate individuals linked to the criminal syndicate,” said Raymond Lam Cheuk Ho, the head of Hong Kong Police’s Cyber Security and Technology Crime Bureau.
Sextortion is a type of digital extortion where the criminals coerce or trick their targets into sharing explicit videos or images that will later be used for blackmail.
To make things even scarier for their targets, they’ll also often gain access to their social media or contact info, threatening to send the sexual imagery they got their hands on to the victims’ families and friends.
Scammers behind sextortion campaigns are also known to distribute various strains of malware via phishing emails, ranging from data-stealing trojans to ransomware.
Spike in sextortion attacks
Today’s announcement comes after Interpol launched an awareness campaign in June to warn Internet users of a striking increase in digital extortion threats like sextortion, ransomware, and Distributed Denial-of-Service (DDoS) attacks.
“A sharp rise in sextortion reports has been observed around the world in recent years, mirroring a rise in other types of cybercrime that has been exacerbated by the COVID-19 pandemic,” Interpol said.
“INTERPOL’s awareness campaigns on cyber threats have emphasized that just one click – on an unverified link or to send an intimate photo or video to someone – can suffice to fall victim to cybercrime.”
The FBI warned one year ago of a massive increase in sextortion complaints since the start of 2021, which resulted in total financial losses of more than $8 million until the end of July 2021.
As the FBI advised potential victims at the time to protect themselves from extortion attempts:
NEVER send compromising images of yourself to anyone, no matter who they are or who they say they are.
Do not open attachments from people you do not know. Links can secretly hack your electronic devices using malware to access your private data, photos, and contacts or control your web camera and microphone without your knowledge.
Turn off your electronic devices and web cameras when not in use.
“Having a criminal access the most intimate aspects of your life and using this information against you to extort enormous sums of cash is anyone’s nightmare – and the most frightening part is that anyone could fall victim to this type of crime,” added today Stephen Kavanagh, INTERPOL’s Executive Director of Police Services.
“Sextortionists sometimes count on their victims feeling too much shame to go to the police, but reporting these crimes is often the first step to bringing these criminals to justice.”
