Hackers have used webcams to spy upon victims for sexual
kicks.
Experts at SophosLabsâ„¢, Sophos's global
network of virus, spyware and spam analysis centers, are warning
computer users about the importance of properly securing PCs,
following news that a man who allegedly used computer malware to
prey upon young women has been charged in Canada.
According to media reports,
27-year-old Daniel Lesiewicz has been charged with using spyware to
take over the webcams of women as young as 14 and coerced them into
posing naked for him.
Lesiewicz, the owner of a computer support company, has appeared
in a Montreal courtroom on charges of possessing and producing
child pornography, extortion and threats. According to the Sûreté
du Québec, Lesiewicz made friends with teenage girls in internet
chatrooms, sent them emails which infected their computers with
malware, and then persuaded them to pose naked online.
The victims are then said to have been contacted by another
internet user called "Dave", who told the women that nude photos of
them would be posted on the net unless they posed again in front of
their webcams.
According to a police spokeswoman, most of the young women who
had their computers hacked were between the ages of 14 and 19, but
some were in their twenties.
Sophos notes that there have been other cases in the past where
hackers have taken remote control of innocent users' webcams in
order to spy upon them.
In early 2005, Spanish authorities fined a
student who captured movie footage from unsuspecting users, and
arrested
a 37-year-old man who spied on victims via a webcam while stealing
banking information. In the same year, a 45-year-old computer
technician from Nicosia, Cyprus was apprehended
after taking compromising pictures of a teenager via her webcam,
and threatening to send the pictures to her friends unless she
posed naked. 18 months ago, Adrian Ringland, from the British town
of Ilkeston, Derbyshire, was sentenced to
jail for ten years after admitting posing as a minor on
internet chatrooms and using spyware to take explicit photographs
via children's webcams.
"Many young people may have poorly-defended PCs in their
bedroom, leaving them potentially open to abuse. Although most
malware these days is designed to steal money from its victims,
clearly some hackers are being motivated by sexual kicks instead,"
said Graham
Cluley, senior technology consultant for Sophos. "The message
is simple: keep your PC protected against the latest threats with
anti-malware software, security patches and firewalls, and if in
any doubt unplug your webcam when you're not using it."
Business employees can fall victim too
Sophos experts note that the problem of poorly-defended PCs does
not just affect young home users, but workers too.
"It's important to recognize that these kind of attacks are not
just a problem for youngsters," continued Cluley. "Home and remote
workers use computers often equipped with webcams and may have lax
protection in place. The danger of people using a 'work' computer
for non-approved use such as instant messaging chat are well
documented. Companies should deploy application
control technology to set a strict policy as to which programs,
such as chat clients, can be used by their employees."
Sophos recommends that companies protect their email gateways
with a consolidated solution to defend
against viruses, spyware and spam, as well as secure their desktop
and servers with automatically updated protection. Sophos's
Application Control functionality - which is integrated into
Sophos
Endpoint Security and Control - puts the power in system
administrator's hands to control usage of many different types of
programs amongst their users.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.