News and Threat Analysis

YOU ARE HAVING FUN WITH PORN, PORN IS HAVING FUN WITH YOUR PRIVACY!

For most teens and some adult individuals in the age group of 20-30, porn is a major source of fun for them. Though, it is legally ban in many countries but still many surf the porn videos through ways like VPN, Proxy, etc. We all know that porn serves adult content that is not good for a teenager, but still if we see the statistics, the major counts are for the teenagers grouped in the age group of 14-18. Moreover in this lockdown, a drastic increase of traffic has been recorded across these porn sites.

The major issue which every individual faces while seeing porn is to get a privacy where no one can see or disturb him/her. Thus, for getting the sake of privacy, an individual tries his best possible where no one can interfere. In the last 5 years, one thing which we all can see is the emerging dating sites which deliver an experience of Live sex and dating opportunities. Therefore, porn sites along with dating sites, serves the best source of entertainment for individuals who considers themselves that they are under the cover of privacy. But are they really?

Researchers from 360 Fiberhome Labs have discovered a batch of pornographic softwares which steals user’s privacy along with live video recording and transfers it to the server that can be used for the purpose of blackmailing and extortioning the victim’s privacy. Let’s see how they do this.

PORN STEALING PRIVACY

Analyzing activity from around 2 months, researchers come across some of the pornographic softwares some of them which are popularly known, An Dong Kindergarten, Ye All Exchange, Charm Live, etc. (popular dating softwares in North and South America, Europe and Asia Pacific and other countries) with millions of followers, in which they have found some suspicious activities running behind the white screen and stealing the personal and live data of the user. These all softwares are build using low development frameworks like E4A, Cocos2d-Lua or APICloud.

For a normal user who comes to entertain himself by installing these softwares, a login page will get appear in front of them asking them for the user ID and password. After logging in, the user is generally asked for the subscription of premium content or to buy something related to porn with some sort of “tempting” short porn video running as advertisement along with it. After successfully logging in with the required account, the user finally lands into the page where he/she can browse porn videos.

Then according to the batch of softwares, researchers have analyzed, these softwares tend to upload the below information from the victim’s device to the target FTP server:

  • It will first read the address book, call history and SMS inbox information from victim’s device and create a text file silently in the victim’s device which contains all the information and then upload it to the target FTP server. One of the TXT which has been intercepted by brute-forcing the server:
  • It reads and upload all the files in the DCIM folder on the SD card which are basically your personal photos, videos, etc.
  • It also turn on the front camera for silent recording after a specific user has performed a specific behavior. After the recording ends, it will locally generate an MP4 file and upload it to the specified FTP. The records for MP4 files on the target FTP server which were found by the researchers.
  • It also reads and uploads the personal mailboxes and message inboxes to the target server.

CONCLUSION

In addition to the porn software, researchers have also detected same behavior in other softwares also based on the same framework some of them which are Gambling chess and card games, mobile phone remote monitoring software with a certain disguise nature and other such softwares.

It has also been noticed by researchers of Ethical Debuggers with some monetizing, gaming as well as other entertainment websites which are indulged in stealing user’s data and then selling it. We urge our readers to:

  • Do not Play online games or do transactions in gambling websites.
  • Keep yourself and your loved ones away from such contents to stay safe online.

Suggested deals and offers:

  • Protect your system with Heimdal™ Thor Premium: All-in-One Security Suite at just $59.99 for 5 years. To buy it, click here. Original Price: $499
  • Protect your wordpress site with WordPress Security Course at just $33 for 3 years. To buy it, click here. Original Price: $37
  • Protect your online identity and data with Vault- The Online Security Cloud at just $99 per year. With this pack, you are fully secured as it contains Panda antivirus, Nord VPN, Dashlane to protect your identity online, Degoo 2TB Plan for backing up your data and Adguard. To buy it, click here. Original Price: $455

Disclaimer: The above suggested deals are from third party vendors and prices mentioned for the above deals may or may not change at the time you buy. We are not responsible for the change in price after 24 hours.