Hackers who make a sport of seizing control of people’s webcams to spy on and extort them would do well to recall that the FBI knows how it’s done, and all it takes is one phone call to put them on your trail.
It’s too late for 19-year-old Jared James Abrahams. The voyeurist California college student and serial blackmailer at one point had 150 “slaves” to his name—the term he and others of his ilk use to refer to computers that they’ve successfully infected with remote administration tools, or RATs, which allow them to access cameras and sensitive data.
The technology that facilitated Abrahams’ disturbing hobby of spying on women as they undressed (and later threatening to release nude images of them unless they delivered more) would prove to be his vulnerable spot. After he attempted to extort current Miss Teen USA Cassidy Wolf, his former high school classmate, she called the authorities, who quickly identified the malware and used it against him, according to Ars Technica:
The IP addresses behind the attacker’s e-mails resolved back only to a VPN provider which purposely kept no logs. But the RATs themselves had connected back to the attacker by accessing no-ip.org, a service which allows users to dynamically map their IP address to a domain name (in this case, to cutefuzzypuppy.zapto.org and schedule2013.no-ip.org), thereby allowing the “slaves” to phone home, even when the attacker was using a dynamic IP address from a home Internet account. No-ip.org did keep records, and the FBI obtained them.
Those records led to Abrahams’ family. From there, the FBI relied on Facebook, discovering a son named Jared who attended college in Temecula—pretty tough to be a shadowy hacker and active on social media simultaneously, it turns out. His school’s IT department confirmed that he “had accessed the ‘no logging’ VPN from the school’s network.”
Following a raid and arrest, which resulted in a confession from Abrahams and an apology from his family, the FBI uncovered evidence of the extent of his ratting: he had commandeered dozens of computers around the world, despite his claims that he found the social engineering part of his scheme—i.e., tricking people into downloading his spyware—rather difficult. He has since been released on a $50,000 bond but “must wear a GPS tracker and is prohibited from using a computer for anything other than academic work.”
Attractive though Wolf may be, achieving an illicit glance of her or anyone else hardly seems worth these consequences, and the methods for doing so are hardly foolproof. If Abrahams was able to elude capture for a few months, it was almost certainly because his victims were too scared to report his abuse. Wolf’s willingness to stand up for herself, by contrast, was what triggered the investigation that brought him down.
It also probably saved her friends from infection. In May, after Abrahams had weaseled into Wolf’s computer, he took to hackforums.net to ask how he might best capitalize on such a coup, in particular by exploiting her social networks. “I want to mass message all her friends on facebook but I have no idea what to message them to get them to download the rat,” he wrote. “Any ideas or suggestions would be greatly appreciated :). Preferably something that is believable for someone she rarely talks to. Not just ‘Check out my hot pics (Link to rat)” Thanks!!’”
Needless to say, other ratters had plenty of suggestions.
H/T Ars Technica | Photo by Once upon a time/Flickr