A crop of hackers were caught trying to steal money from the oldest profession in society.
Researchers with security provider Veriti reported finding scammers selling a piece of malware that would allegedly allow crooks to take control of an adult performer’s OnlyFans account.
The malware was disguised as a tool that would let the villain steal the credentials of a targeted performer that would yield the controls to their OnlyFans account and presumably allow the attacker to extort the performer for a ransom payment to get their account back.
Known in malware circles as a “checker,” the aspiring hackers were told that they would be given malware that was going to allow them to steal from others, but they learned the hard way that criminals can’t be trusted around other criminals.
“These ‘checkers’ are the digital lockpicks of the modern age, promising easy access to a treasure trove of sensitive information and potential financial gain,” explained Veriti.
“However, as our investigation reveals, sometimes these tools are trojan horses, designed to ensnare the very criminals seeking to use them.”
Adult entertainers are far from being the stupidest people on the planet, and these would-be hackers managed to walk into a trap that fed them far more than they bargained for. They ended up with an information-stealing infection that gave their sensitive data to another crook.
The malware that the criminals thought they could use to lift data from camboys and camgirls was, in fact, stealing their own info and handing it back to another cybercriminal. Can we really decide who is in the wrong here?
“What these aspiring cybercriminals didn’t realize was that they were walking into a trap,” Veriti explained.
“The supposed OnlyFans hacking tool was, in fact, a delivery system for a sophisticated malware known as Lummac stealer – happy to infect both innocent users and would-be hackers alike.”
Fortunately, there is an easy enough remedy to avoid getting infected with malware in this situation: don’t do crime.