Attacks face many working employees as the newest form of malware has been aimed at webcams in the workplace. The new malware is used to record employee’s private moment sin order to extort information out of them later. Sounds like everyone’s worst nightmare. The malware is called Delilah, a sweet sounding name for something so morally compromising. Delilah is the world’s first insider threat Trojan. It allows operators to capture sensitive and compromising footage of victims, which is then used to pressure victims into leaking important company secrets. The malware is being delivered via multiple popular adult and gaming sites. Thus far it is not clear if any engineering or software vulnerabilities are the source of the installed malware. The bot comes with a social engineering plug in that connects to the webcam operations so you never know you are being filmed. The attackers are using encrypted channels to communicate with victims. The bot itself needs a high level of management from a human to know who to recruit, choosing who to scam effectively. The bot, once installed, seeks to gather as much personal information about the candidate as possible, in order to bully the victim into complying with attacker requests. This can span to family and friend information as well. At the moment, not much has been accomplished as to checking for the malware. All that is known is that the bot is still buggy, and that because of the number of screenshots it is taking, often makes the screen freeze momentarily.
As security researchers look into this type of malware, more preventative information should follow.
If you would like to learn more about the information presented in this blog post please visit : www.zdnet.com
