South Korean police have uncovered a hacking operation that stole delicate knowledge from therapeutic massage parlours and blackmailed their male clientele.
In response to native media studies, the Gyeonggi Nambu Provincial Police Company believes that 15 folks have been concerned in a felony scheme that noticed the house owners of therapeutic massage parlours tricked into putting in apps that claimed to supply enterprise providers – however really helped hackers steal the personal particulars of shoppers.
Clients’ names, telephone numbers, name logs, and textual content messages have been reportedly stolen by means of the malicious app, enabling the extortionists to ship threatening messages to their meant victims:
We put in cameras within the therapeutic massage rooms and have your video. For those who don’t pay, we’ll ship it to your loved ones and pals.
In actuality, the hackers solely had the purchasers’ particulars, and didn’t have entry to any video footage of what occurred within the privateness of the therapeutic massage parlours. Nevertheless, in response to police, the mere risk of publicity was sufficient to persuade 36 folks to reply by sending cash to the criminals.
Victims are stated to have paid quantities starting from 1.5 million to 47 million Korean Received (roughly USD $1,000 to $32,000) every.
In all, the gang is alleged to have tried to extort almost 200 million Korean Received (roughly US $105,000) by means of the scheme.
Police consider that the hackers began gathering buyer particulars from therapeutic massage parlours in Seoul, Gyeonggi, and Daegu in January 2022, having tricked 9 therapeutic massage enterprise house owners into putting in the malicious app.
The gang arrange its personal workplace in Nam District in south-central Busan, with some members tasked with exfiltrating knowledge, some with pressuring focused victims into paying up, and others with laundering extorted funds.
The felony gang was uncovered unintentionally after an unrelated investigation by police the place they found a malicious app on a therapeutic massage parlour proprietor’s telephone.
In August 2023, the gang’s alleged chief and one other member have been arrested, whereas different suspects went on the run. Police say that the fugitives have been caught since – together with one who’s alleged to have continued working the scheme to extort much more cash from victims whereas evading arrest.
Sadly there was an extended historical past of cybercriminals blackmailing members of the general public by threatening to reveal embarrassing or delicate data.
Within the notorious case of Finnish psychotherapy supplier Vastaamo, a hacker stole remedy notes of 1000’s of sufferers and threatened to launch the main points if they didn’t individually pay a ransom.
The outcome was long-term trauma for a lot of of these affected, Vastaamo’s CEO finally resigning in shame, and the chapter of the corporate.
One other hacking group, generally known as The Darkish Overlord, constructed a repute for itself with comparable ways – stealing medical and different data, after which threatening to dump data publicly if they didn’t obtain a ransom.
What makes the most recent case from South Korean case notably placing is how strange the victims are. The hackers weren’t concentrating on banks, hospitals, or authorities businesses. As a substitute, their victims have been people who walked right into a therapeutic massage parlour anticipating a non-public service.
The personal disgrace of the sufferer was exploited in a felony marketing campaign that was extremely efficient and, if it had not been uncovered by police, might simply have gone unreported for a very long time.
