FBI Busts Alleged Skype 'Sextortionist'

Man is accused of extorting over 350 women into posing nude on Skype by threatening to post compromising photos of them to Facebook.

Mathew J. Schwartz, Contributor

January 30, 2013

5 Min Read
Dark Reading logo in a gray background | Dark Reading

Who Is Hacking U.S. Banks? 8 Facts

Who Is Hacking U.S. Banks? 8 Facts


Who Is Hacking U.S. Banks? 8 Facts (click image for larger view and for slideshow)

The FBI Tuesday announced the arrest of Karen "Gary" Kazaryan, a 27-year old man, for allegedly coercing female Internet users into posing topless via Skype. Investigators said they recovered 3,000 nude and semi-nude pictures from Kazaryan's PC and suspect him of victimizing over 350 women between 2009 and 2011.

An indictment unsealed Tuesday in U.S. District Court charges Kazaryan with 15 counts of computer intrusion and 15 counts of aggravated identity theft. If convicted on all counts, Kazaryan faces up to 105 years in jail.

According to the indictment, Kazaryan's "sextortion" campaigns began with hacking into people's e-mail and Facebook accounts, harvesting naked or semi-naked pictures and collecting information about the account holders' friends.

[ Want more on Skype security? Read Skype Deals With Account Hijacking Exploit. ]

"Using the accounts to which he had obtained unauthorized access, defendant Kazaryan would then, in the guise of the victims' online identities, contact friends or associates of the victims in order to fraudulently persuade, or extort, those individuals into removing their clothing so that defendant Kazaryan could view, and take pictures of, their naked or semi-naked bodies on their webcams," said the indictment. "Defendant Kazaryan would also use naked or semi-naked images of victims to further extort those and other victims to remove their clothing so that defendant Kazaryan could view, and take pictures of, their naked or semi-naked bodies."

The FBI said that it hasn't yet linked all of the nude and semi-nude images with people's actual identities. "Anyone who believes they may have been a victim in this case should contact the FBI's Los Angeles Field Office at (310) 477-6565," said a statement issued by the bureau.

A related search warrant, executed in 2011 and unsealed Tuesday, details Kazaryan's alleged working methods, which left some of his victims "fearful of using the Internet and computers." The search warrant was written by FBI special agent and cyber squad investigator Tanith Rogers, who has previously investigated numerous sextortion cases.

In one series of creepy extortion attacks described in the search warrant, Kazaryan contacted a female target ("A.M."), posing as her female friend ("L.A."), and inviting her to connect via a Skype account that "she" had just created. But after several minutes, the victim suspected that the person on Skype wasn't really L.A., and confirmed that fact by calling L.A. on the phone. A.M. told the unknown person to stop contacting her.

"While still logged into Skype, the unknown person told A.M. that he had damaging photo (sic) of her sister, D.M., and another friend, M.O. To prove that he had the photo, the unknown person changed his Skype profile photo to the pornographic photo of D.M. The photograph was sexually explicit and embarrassing to D.M. and M.O." and showed them both in a hot tub, naked from the waist up, according to the search warrant.

From there, the unknown person demanded that both A.M. and her sister D.M. pose naked for their webcam or he would post the embarrassing photo to their Facebook walls. He gave them 10 seconds. When they attempted to stall him, he logged into L.A.'s Facebook account and added the hot-tub photo to her Facebook wall. That led the two women to comply with the unknown person's demands, and briefly flash their breasts via a Skype video chat. When the unknown person said they hadn't posed long enough, the pair again posed for him via Skype.

After that episode, the unknown person removed the embarrassing photo from L.A.'s Facebook wall. Both of the victims, meanwhile, immediately closed down their Facebook and webmail accounts. But the unknown person continued to contact them and demand that they pose naked for new photos and threatened to post more embarrassing photos of them to Facebook unless they complied.

According to the FBI's search warrant, as a result of the sextortion campaign, "A.M. stated she is emotionally distraught and stated that D.M. said she felt as if she was raped."

Although Kazaryan allegedly amassed hundreds of victims, the search warrant suggests he was no hacking wunderkind and that he took few if any steps to try to cover his online tracks. Notably, access records for victims' hacked Facebook accounts, shared by Facebook with the FBI, showed that the same IP address had been used to access 176 different hacked Facebook accounts between Nov. 1, 2010 and Dec. 26, 2010 -- including the aforementioned victims.

According to the search warrant, in that timeframe, the same IP address used to hack into those pages was also the most-used IP address -- used 190 times, and nearly every day -- for accessing Kazaryan's Facebook page. According to Facebook personnel, the IP address also corresponded with Kazaryan's regularly used PC, and Kazaryan had never reported that his account had been hacked.

According to the search warrant, Kazaryan had been previously arrested, and as of Jan. 18, 2011, had a pending trial for a 2008 rape charge.

Offensive cybersecurity is a tempting prospect. It's also way too early to go there. Here's what to do instead. Also in the new, all-digital Nuclear Option issue of InformationWeek: Military agencies worldwide are figuring out the tactics and capabilities that will be critical in any future cyber war. (Free registration required.)

About the Author

Mathew J. Schwartz

Contributor

Mathew Schwartz served as the InformationWeek information security reporter from 2010 until mid-2014.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights