The jailed man used a Trojan horse to spy on his young victim via
her webcam.
Experts at SophosLabs™, Sophos's global
network of virus, spyware and spam analysis centers, are reminding
computer users about the importance of properly securing PCs,
following news that a man has been jailed for prey upon young women
via internet webcams.
The 47-year-old man from Cyprus has been given a four year jail
sentence after hacking a teenage girl's webcam, in order to take
illicit pictures of the young woman in her bedroom.
The man, who has not been named but is a computer technician in
Nicosia, spied on the then 17-year-old girl through her webcam
after infecting her PC with a spyware Trojan horse that he sent her
as an email attachment.
The middle-aged hacker took compromising photos of the teenager
while she was alone in her bedroom for an extended period of time
without her knowledge, and then threatened to send the pictures to
her email contacts unless she posed naked in front of the webcam.
The girl refused and the police were contacted, resulting in the
man's
arrest in 2005.
"Most spyware is designed to steal your identity, your
passwords, your banking information - but it is just as easy to
program a Trojan horse to take over your webcam," said Graham Cluley, senior
technology consultant for Sophos. "This case highlights that as
well as malware being used for financial gain, it can also be used
by voyeurs. Everyone needs to treat computer security as paramount
importance to ensure they do not fall victim to an internet
blackmailer or peeping tom."
Sophos notes that there have been other cases in the past where
hackers have taken remote control of innocent users' webcams in
order to spy upon them.
In early 2005, Spanish authorities fined a
student who captured movie footage from unsuspecting users, and
arrested
a 37-year-old man who spied on victims via a webcam while stealing
banking information. The following year, Adrian Ringland, from the
British town of Ilkeston, Derbyshire, was sentenced to
jail for ten years after admitting posing as a minor on
internet chatrooms and using spyware to take explicit photographs
via children's webcams. Earlier this year, a 27-year-old Canadian
man was charged with
using spyware to take over the webcams of women as young as 14 and
coercing them into posing naked for him.
Business employees can fall victim too
Sophos experts note that the problem of poorly-defended PCs does
not just affect young home users, but workers too.
"These attacks are not just a problem for youngsters," continued
Cluley. "Home and remote workers use computers often equipped with
webcams and may have lax protection in place. The danger of people
using a 'work' computer for non-approved use such as instant
messaging chat are well documented. Companies should deploy
application
control technology to set a strict policy as to which programs,
such as chat clients, can be used by their employees."
Sophos recommends that companies protect their email gateways
with a consolidated solution to defend
against viruses, spyware and spam, as well as secure their desktop
and servers with automatically updated protection. Sophos's
Application Control functionality - which is integrated into
Sophos
Endpoint Security and Control - puts the power in system
administrator's hands to control usage of many different types of
programs amongst their users.
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.