Security

Extortion trojan watches until crims find you doing something dodgy

And then the extortion starts and you're asked to steal critical data


A newly-detected piece of malware dubbed "Delilah" has been fingered as probably the first such code created with the intention of extorting victims into stealing insider data.

The "Delilah" malware was found on exclusive crime forums by Israeli intelligence outfit Diskin Advanced Technologies, who say the trojan relies on a combination of social engineering, extortion and ransomware.

Deliah is distributed in tight circles only and kept off open crimeware forums .

Gartner fraud analyst Avivah Litan received information on the trojan and says it targets employees at their homes and offices.

"Once installed the hidden bot gathers enough personal information from the victim so that the individual can later be manipulated or extorted," Litan writes.

"This includes information on the victim’s family and workplace.

"This will only add to the volume of insider threats caused by disgruntled employees selling their services on the Dark Web in order to harm their employers."

"The bot comes with a social engineering plug-in that connects to webcam operations so that the victim can be filmed without his or her knowledge."

Diskin is staffed by former founders of Israel's ShinBet intelligence agency. The company says criminals need to apply intense social engineering skills when using the malware in order to parse those targets who could be extorted or convinced into committing insider theft.

Delilah is being loaded onto victim machines from gaming and adult sites and is reportedly still buggy, chewing conspicuous quantities of resources on some victims' machines and invoking approval messages when activating webcams.

Criminals have many other avenues to socially engineer victims. Traditional remote access trojans have the capability to activate webcams, monitor keystrokes, and download web browser histories.

That could be combined with social engineering skills, either learnt or bought through online services, to find sufficient information on a target to extort them into stealing corporate data. ®

Send us news
14 Comments

Microsoft Copilot for Security prepares for April liftoff

Automated AI helper intended to make security more manageable

In the rush to build AI apps, please, please don't leave security behind

Supply-chain attacks are definitely possible and could lead to data theft, system hijacking, and more

AI hallucinates software packages and devs download them – even if potentially poisoned with malware

Simply look out for libraries imagined by ML and make them real, with actual malicious code. No wait, don't do that

Fujitsu: Miscreants infected our systems with malware, may have stolen customer info

Sneaky software slips past shields, spurring scramble

Microsoft confirms memory leak in March Windows Server security update

ALSO: Viasat hack wiper malware is back, users are the number one cause of data loss, and critical vulns

Infosec teams must be allowed to fail, argues Gartner

But failing to recover from incidents is unforgivable because 'adrenalin does not scale'

Over 170K users caught up in poisoned Python package ruse

Supply chain attack targeted GitHub community of Top.gg Discord server

March Patch Tuesday sees Hyper-V join the guest-host escape club

Critical bugs galore among 61 Microsoft fixes, 56 from Adobe, a dozen from SAP, and a fistful from Fortinet

Truck-to-truck worm could infect – and disrupt – entire US commercial fleet

The device that makes it possible is required in all American big rigs, and has poor security

Five Eyes tell critical infra orgs: Take these actions now to protect against China's Volt Typhoon

Unless you want to be the next Change Healthcare, that is

FreeBSD Foundation hands out Beacon gongs for safer software

Multiple CHERI-related projects win money for important research that prizes safety over speed

Row breaks out over true severity of two DNSSEC flaws

Some of us would be happy being rated 7.5 out of 10, just sayin'