Hackers come to the rescue in a sex tape blackmail case 🕵️

· Lucas Videlaine

It was a Friday evening in November when I received a call for help from a mother who was being subjected to odious blackmail. Laure, as we will call her to protect her identity, had been given my contact details by one of her friends with whom I had already had the opportunity to work. She contacted me so that I could try to resolve the unfortunate situation.

Alongside my engineering studies at ENSIBS engineering school, I am developing an entrepreneurial activity providing cybersecurity services and consulting, but this situation is a first for me! No less motivated and particularly determined to defeat this despicable blackmail, I took stock of the situation, began to establish a context and drew up the premises for an action plan: we will not give in, we will not pay, and we will prevent the publication of the stolen content ✊

The troublemaker regularly renews his intimidation attempts using Laure's partner's stolen Messenger account, which contains photos and videos shared by the couple.
After several exchanges, I conclude that he is just an opportunist who took advantage of the account's weak password to set up his ransom demand. While buying time with the attacker, we complete the steps to close the Facebook account.

Drawing on my experience in crisis management, I advised Laure for over a week, reassuring her and listening to her concerns. I am fully aware of the constant stress she is under and am committed to helping her: people are my priority.
A few days later, there was relief: the account had been deleted by Facebook support, and the attacker no longer had access to the exchanged content. The attacker, who was likely operating from an internet café, did not take the time to back up his only means of leverage.

The mission is a success! 🔥 Still reeling from this experience, Laure and her partner ask me at length about the best habits to adopt to avoid going through this again:

✔️ Use passwords that are sufficiently long and include upper-case letters, lower-case letters, numbers, and special characters.
✔️ Use a different password for each of your accounts (use a password manager such as KeePass, Dashlane, or 1Password).
✔️ Enable and configure multi-factor authentication whenever possible.
✔️ Favour the use of secure messaging apps such as Signal.

The full article published in a local newspaper (in French) "Hackers Rennais" in PDF format.
The article in Le Télégramme newspaper in PDF format.