Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

How the FBI found Miss Teen USA’s webcam spy

From: InfoSec News <alerts () infosecnews org>
Date: Mon, 30 Sep 2013 06:50:53 +0000 (UTC)
http://arstechnica.com/tech-policy/2013/09/miss-teen-usas-webcam-spy-called-himself-cutefuzzypuppy/

By Nate Anderson
Ars Technica
Sept 27 2013
The sextortionist who snapped nude pictures of Miss Teen USA Cassidy Wolf through her laptop's webcam has been found and arrested, the FBI revealed yesterday. 19-year old Jared James Abrahams, a California computer science student who went by the online handle "cutefuzzypuppy," had as many as 150 "slave" computers under his control during the height of his webcam spying in 2012.
Watching all of those webcams to see when a young woman changes her clothes takes a serious time commitment, and Abrahams made one; he "was always at his computer," according the FBI complaint against him. Abrahams yesterday turned himself in after the complaint was unsealed, and a federal judge released him on a $50,000 bond. 


Anatomy of a RATer
How did Abrahams get his start learning the intricacies of remote administration tools (RATs), the malware used to spy on his victims? Not surprisingly, he was a regular user of hackforums.net, which features a large RAT forum that I profiled earlier this year. As cutefuzzypuppy, Abrahams asked for plenty of help distributing software like DarkComet to victims, since he "suck[ed] at social engineering" and needed to find better ways to spread his spyware.
He also announced his successes. On May 17, 2012, he told the RAT community at hackforums.net, "Recently I infected a person at my school with darkcomet. It was total luck that I got her infected because I suck at social engineering. Anyway, this girl happens to be a model and a really good looking one at that :D. I was hoping I could use her and her facebook account to further spread my darkcomet rat. I want to mass message all her friends on facebook but I have no idea what to message them to get them to download the rat. Any ideas or suggestions would be greatly appreciated :)." 

[...]



--
Find the best InfoSec talent without breaking your
recruiting budget! Post a Job, $99 for 31 days.
Hot InfoSec Jobs - http://www.hotinfosecjobs.com/
Previous By Date Next
Previous By Thread Next

Current thread: