Hackers attempting to gather “evidence” before blackmailing…
Security firm Proofpoint says it seen early evidence of new sextortion malware that drops a dedicated “pornmodule” onto a target’s computers.
The malware, PxiXBot – a Remote Access Trojan, or RAT – contains a dictionary with pornography-related keywords.
If an open window matches the text, it records audio and video on the infected machine, saves it with a “.avi” extension and sends it to command and control servers, Proofpoint said in a quarterly report.
The malware is a step up from typical sextortion scams, which really on social engineering to blackmail targets out of funds by threatening to release evidence of potentially embarrassing online activity.
“This module appears incomplete”, Proofpoint said however.