Two young hackers have been on trial since September 25 in Paris, suspected of having remotely activated the cameras of thousands of computers thanks to a virus in 2019 and of having threatened Internet users with spreading intimate videos of them. The victims had in common that they used Windows in the French version.
These two French hackers, now 25 years old, will appear free before the 13th prison room for four half days, for extortion and attempted fraud, access and maintenance of an automated data processing system and organized money laundering .
Described by researchers as having “great skills” in computing and programming, between January and June 2019 they developed “malware” called Varenyky. A name devised by the specialized company ESET, which discovered the existence of this virus, in reference to a traditional Ukrainian dish.
Contained in an email attachment inviting people to pay a bill, it entered the computer if the victim opened the document, creating a “botnet,” a network of infected computers. A system that subsequently uses the mailboxes of the first victims to send new trapped messages to those around them.
Pornographic keywords
An extortion message was then sent to thousands of email addresses, purchased on the dark web or stolen thanks to the virus: it threatened victims with sending their contacts images of themselves masturbating in front of pornographic films if they did not pay a ransom of around 500 euros, in bitcoin in a digital “wallet”.
Initially, the blackmail with the webcams would have been based solely on bluffing, but the computer program would have allowed the webcams to be activated to film Internet users without their knowledge, as soon as it detected certain words in the search bar: pornographic keys. .
The two hackers estimate to have earned 150,000 euros, but investigations revealed 1.3 million euros in bitcoins in their wallet, without us knowing if all this money came solely from this fraud.
Cryptocurrencies were converted into cash, thanks in particular to a currency exchange office in Odessa, Ukraine, which was spent on everyday life (rent, hotels, restaurants, cars, IT equipment) and on his numerous trips between Ukraine , France and several Eastern European countries. countries, according to the results of the survey.
Among other things, files containing personal data of the victims and screenshots of videos of people recorded with their web cameras in front of pornographic sites were discovered on their computer equipment. During the investigation, closed in 2021, the two defendants acknowledged their participation but minimized their respective degree of involvement.
Shame of the victims
The investigation by the Paris prosecutor’s office was opened in 2019 after numerous people received this blackmail email. More than 20,000 people reported in June 2019 to the researchers’ exclusive email address and 1,300 people filed complaints. 47 had declared having made the payment.
Sources close to the case believe that many victims, out of shame, never dared to file a complaint or say that they had paid. After several months, investigators from the Central Office to Fight Crimes Related to Information and Communications Technologies (OCLTIC) managed to identify these two young people.
Never convicted by the courts, they met during their adolescence on video game sites and became friends. When they separated from their family, they would have earned a living thanks to these types of scams on the Internet.
The man who called himself “Aquazus” on the forums, holder of a BEP in digital electronic systems, was arrested in Roissy upon his return from Poland in September 2019.
The second, self-taught, went himself to a Paris police station two months later, knowing that he was wanted. Lawyers for the two defendants could not be reached or would not speak before the start of the trial.
Source: BFM TV
