If you're indulging in adult content online, you might want to slap some electrical tape over your webcam pronto, according to a new report from WIRED. Cybersecurity experts at Proofpoint, a battle-tested firm, just dropped a bombshell detailing a nasty new strain of “infostealer” malware called Stealerium. This open-source digital menace can hijack your webcam to snap photos, snoop on your browser for NSFW keywords, and capture screenshots of anything spicy - all of which could be weaponized for blackmail and extortion schemes that’ll leave victims reeling.

“When it comes to infostealers, they typically are looking for whatever they can grab,” Proofpoint researcher Selena Larson told WIRED, exposing the chilling reality of this cyberthreat. “This adds another layer of privacy invasion and sensitive information that you definitely wouldn't want in the hands of a particular hacker.”“It’s gross,” Larson fumed. “I hate it.”

WIRED has more:

More hands-on sextortion methods are a common blackmail tactic among cybercriminals, and scam campaigns in which hackers claim to have obtained webcam pics of victims looking at pornography have also plagued inboxes in recent years—including some that even try to bolster their credibility with pictures of the victim's home pulled from Google Maps. But actual, automated webcam pics of users browsing porn is “pretty much unheard of,” says Proofpoint researcher Kyle Cucci. The only similar known example, he says, was a malware campaign that targeted French speaking users in 2019, discovered by the Slovakian cybersecurity firm ESET.

Larson laid bare the sinister tactics of sextortion spyware, which preys on individuals for profit while flying under the radar. “For a hacker, it’s not like you’re taking down a multimillion-dollar company that is going to make waves and have a lot of follow-on impacts,” she said. “They’re trying to monetize people one at a time. And maybe people who might be ashamed about reporting something like this.”

The malware’s creator, known as witchfindertr, identifies as a “malware analyst” based in London. To top it all off, Stealerium is freely available as an open-source tool on GitHub.

Despite the rapid pace of innovation in cyberhacking tools, spyware-driven sextortion cases remain uncommon.

In 2013, Cassidy Wolf, a 19-year-old Miss Teen USA, became a victim of sextortion involving spyware. Her former high school classmate, Jared James Abrahams, used malware to remotely control her webcam, capturing nude photos and videos without her knowledge. Abrahams then emailed Wolf, threatening to publish the compromising material unless she sent more explicit images or videos. Instead of complying, Wolf reported the threats to her mother, who contacted the police. The FBI investigated and found Abrahams had hacked into as many as 150 accounts, targeting multiple victims. Abrahams was arrested and sentenced to 18 months in federal prison for hacking and extortion.