Cybercriminals are currently utilizing a new piece of malware to gather private moments of employees, which in turn is used as blackmail for these people to disclose secrets of companies they work for.
Threat intelligence firm Diskin Advanced Technologies (DAT) initially discovered the malware, which is named 'Delilah.' It is known as 'the world's first insider threat trojan' due to its ability to capture and record footage of a company's employees, which they can use to threaten them into divulging private company information, harming them in the long run.
The malware is distributed via multiple adult and gaming websites. Avivah Litan, a Gartner analyst, stated: "the bot comes with a social engineering plug in that connects to webcam operations so that the victim can be filmed without his or her knowledge." Delilah gathers whatever information it can get, like the employee's family and workplace.
Furthermore, to communicate with its victims, criminals are using encrypted channels like VPN software and Tor. Also, the malware's victimization process requires a high amount of human involvement to be able to identify and prioritize individuals who can be extorted into operating as the malware's insiders at desirable target firms.
As of now, DAT reports that the malware is still buggy, causing the screen to freeze for about 10 seconds, which is reportedly caused by the high volume of screenshots that the malware is taking. It also produces error messages when attempting to turn on a victim's webcam.
Source: Gartner via Computerworld | Image via Wikimedia
7 Comments - Add comment