Xvideos.com Extortion Scam

The Xvideos.com Extortion Scam is a spam e-mail-based hoax that warns the victim that a remote attacker has gained access to their Xvideos.com Web-browsing history, webcam and contacts lists. Although the con artist demands money in exchange for not publicizing this information, the e-mail message is sent out randomly, and there is no evidence of Xvideos.com-related security breaches. The users should avoid clicking any attachments or links, which may contain unsafe content, and delete the Xvideos.com Extortion Scam from their inbox.

Someone Wants You to Think They're Watching

A new tactic is making the rounds via e-mail messages, and it's already gained several thousand dollars equivalent in Bitcoins. Although there is no actual threat to the readers in the text of this hoax, it describes a semi-plausible attack in such a way that many of the recipients are choosing 'better safe than sorry' and losing their cryptocurrency for no benefit. So far, malware analysts have yet to connect this the Xvideos.com Extortion Scam to threatening software, but past campaigns in the same category have been deploying both spyware and file-locker Trojans like the GandCrab Ransomware.

The Xvideos.com Extortion Scam is attacking English speakers, although the criminal's grasp of English is imperfect, and the message could be the output of a service such as Google Translate. The text claims that the author has hacked the Xvideos.com adult movie website and inserted a drive-by-download attack for installing an 'RDP with a keylogger' (a backdoor Trojan with keyboard-spying features) on any visitors' computers. After that, he supposedly uses the software to monitor the victim, up to and including through their webcam.

No such attack is being reported by the owners of the Xvideos.com domain or its visitors, however. The threat actor uses this fictitious scenario as bait for demanding money through Bitcoin unless the victim wants their erotica history revealed to all their contacts. Unfortunately, some recipients are paying the ransom; the Xvideos.com Extortion Scam's wallet has over three thousand USD in Bitcoin through ransom-related transactions.

Extortion with a Paper-Thin Backstory

There's absolutely no risk to the users if they delete the Xvideos.com Extortion Scam e-mails immediately, and malware experts are recommending either doing so or placing the messages in the spam folder. Because Bitcoin refunds require consent from both parties and have no bank or other, third-party capable of intervening, those who pay the ransom shouldn't expect ever getting anything back afterward. Although the nature of the attack that the Xvideos.com Extortion Scam describes isn't, technically, impossible, the degree of hands-on management it requires makes the real-world implementation of it implausible.

However, there is a theoretical possibility of the Xvideos.com Extortion Scam, also, using its attacks as transportation for other threats, such as real backdoor Trojans, file-locking ones or spyware. Extortionist tactics can endanger their victims with links to compromised websites that disguise themselves as reputable ones or attach harmful software with intentionally inaccurate names (such as an executable being named 'invoice.pdf). Users believing themselves potentially exposed to such security risks should scan their PCs with anti-malware tools immediately.

Even though the bait on the Xvideos.com Extortion Scam's hook isn't very believable, making a profit requires few successes. As long as anyone continues paying these con artists, similar attacks will remain out in the wild, taking advantage of those who are ashamed of their Web-browsing history for reasons best known to them, alone.