Networks Of Foreign Scammers Are Extorting American Kids
The Wiretap is your weekly digest of cybersecurity, internet privacy and surveillance news. To get it in your inbox, subscribe here.
Sextortion campaigns are happening across internet platforms, TikTok being one of the more prominent. (Photo Illustration by Michael M. Santiago/Getty Images)
Getty Images
In June, a child in Kansas, John, sent a picture of his father’s rifle to a woman called Sarah, whom he’d befriended on TikTok earlier that day. That’s because she’d tricked him into sending her nude images of himself and had told him to send her $100 or the pictures would be posted online. Unable to get the money, John (not his real name) threatened to take his own life with the gun if Sarah didn’t leave him alone. Over iMessage, John pleaded with her not to post the images, but Sarah continued to hound him for money. Soon after, he was dead. According to a search warrant reviewed by Forbes, it’d been less than an hour from John and Sarah’s becoming friends on TikTok to a 911 call to El Dorado Police Department reporting a self-inflicted gunshot wound.
This was another example of the devastating impact that sextortion schemes are having on America’s young people, with a significant number of cases linked back to scammers based outside of the U.S. In this case, information provided by Apple from Sarah’s iMessage account linked it to other sextortion scams as well as IP addresses and a phone number based in Nigeria. In recent years, many sextortion cases have been linked to West African scam groups, including the so-called Nigerian-based Yahoo Boys.
Last week, research reported by Wired showed that massive scam compounds across Asia are also carrying out sextortion at scale. According to anti-slavery organization International Justice Mission (IJM), at least 40 scam compounds in Cambodia, Myanmar and Laos can be linked to child sextortion reports made to the National Center for Missing and Exploited Children (NCMEC) in the U.S. over the last two years. Tech companies are required to report incidences of child sexual abuse to NCMEC. The IJM found that over 18,000 child exploitation reports made to NCMEC contained IP addresses used at the scam compounds, most of which were based in Cambodia.
While the rise of financially-motivated sextortion from abroad is raising alarm bells, not all cases stem from abroad. Another investigation, detailed in court documents reviewed by Forbes, looked into the case of a Virginia man, who’d posed as a teenager across TikTok, Discord and Snapchat to solicit nude images from underage girls. According to both a warrant and media reports, the man is a married youth pastor.
Got a tip on surveillance or cybercrime? Get me on Signal at +1 929-512-7964.
THE BIG STORY:
Russia’s Enforced Messaging App Is Always Watching
VK makes Max, which security experts say is lacking in security protections from Kremlin spies. (Photo by Artur Widak/NurPhoto via Getty Images)
NurPhoto via Getty Images
Starting next month, the Kremlin is mandating that messaging app Max be pre-installed on phones sold in Russia. That’s good news for its developer, VK, which reported nearly $1 billion in revenue for the first half of the year. The company is effectively controlled by the Russian state–its CEO, Vladimir Kiriyenko, is the son of Putin’s chief of staff.
Analyses of VK’s Max app show it does not encrypt its users’ messages and constantly monitors user activities on the device. The technical review, carried out by a security researcher for Forbes, appeared to confirm users’ worst fears that Max could be used by the Russian government to spy on millions of citizens.
Stories You Have To Read Today
Customs and Border Protection had access to camera feeds from AI surveillance company Flock Safety, according to local media in Colorado and new reporting from 404 Media. The news broke amid concerns by privacy advocates around immigration agencies’ access to Flock’s extensive network of cameras. Flock says it’s shutting down some pilot projects with federal agencies.
Ethan Foltz, a 22 year-old Oregon resident, was charged with creating the Rapper Bot botnet, which has been used to implement substantive distributed denial of service (DDoS) attacks since 2021, according to the Justice Department. The botnet, which uses hacked digital video recorders and WiFi routers, was used to target as many as 18,000 victims, the DOJ added.
The FBI is warning that Russian hackers are targeting known vulnerabilities in Cisco networking equipment. The agency linked the attacks to a specific unit within the Russian Federal Security Service’s (FSB), called Center 16, which is also referred to as “Beserk Bear.” Cisco has patched the flaws but its customers’ systems will remain vulnerable until they update.
A complaint by Social Security Administration chief data officer Charles Borges alleges that the Department of Government Efficiency uploaded a copy of all federal Social Security numbers to a high-risk server in June, creating “enormous vulnerabilities” for people’s private information.
Winner of the Week
Europol announced a successful operation with its global law enforcement partners to intercept counterfeit currency. They cops seized fake euros, U.S. dollars and British pounds worth an estimated $77 million.
Loser of the Week
Stalkerware app TheTruthSpy is vulnerable to an attack that allows people to take over any user account and steal the sensitive data within. Such apps contain all kinds of sensitive information, given they’re typically used to spy on people without their knowledge. This isn’t the first security lapse by TheTruthSpy, as TechCrunch reports. In 2021, a data breach exposed information on about 400,000 people targeted by the spyware.
More On Forbes