Dad Catches Daughter on Webcam and Deploys Malefic Trojan

A bogus Facebook video of a daughter who got busted on webcam strikes users with a harmful Trojan. The malware can grab sensitive information and send it to a remote machine.

Sick of promoting the “dad catches daughter on webcam” scam in English, cyber-crooks went to scammers` school this summer, pulled an overnight “Omlette du fromage”, and translated the old masquerade into German and Serbian.

If German speakers click on the “Vater erwischt eigne Tochter bei Strippen und das alles via fb” link, and Serbians on “otac uhvatio kceru golu pred webcam,” the polyglot scammers lure them into installing a viperish Trojan.Dropper.TQX.

When clicking the install button, the malware comfortably sneaks into the system. There, it collects sensitive information such as Remote Access Service accounts, HTML content, running processes, passwords, and credentials. The Trojan gathers data from several browsers, but it only infects the Windows platform.

The malware can also install itself using a Java applet for a drive-by download, or it pops out a message after a few seconds of inactivity. If you click “ok” on the update, the message redirects you to the same malware.

Betting on people`s curiosity, the scam uses Facebook and public hosts for promotion. If users click anywhere on the infected web page, they automatically “like” the link, and the scam is put on their Facebook timeline, making it viral.

The version of Trojan.Dropper.TQX circulating on Facebook uses new packers to encapsulate older pieces of malware, according to Bitdefender Anti-Malware Labs. The Trojan is most likely bought from underground forums and embellished by each scammer with ornaments such as backdoors and keyloggers.

When executed, the Trojan copies itself in several locations on the device. This piece of malware is a conscientious tech-savvy “user.” Unlike people who rarely check for software updates, Trojan.Dropper.TQX may update itself to a newer version and also download other malware.

When new folders start to appear out of the blue or important folders start to disappear as in “X-Files,” the same Trojan is to blame. It can also set file attributes as it wishes, so your computer is practically at its mercy.

Spying on everything you do online or offline, the Trojan has other powers too. In the worst scenario, the click you make to peep on the wretched daughter on webcam can lead to identity theft and ginormous piles of money lost.

“Dad catches daughter” viral videos started to circulate on Facebook two years ago. Scammers hit it big by automatically posting “x like video y” messages on victims` profiles. Because most users log into social networks with the same credentials as for e-mail services, cyber-crooks could easily steal passwords and use them to make more money.

The scam is part of a general series of juicy family-theme stories and short movies of horrendous domestic interactions.

To stay safe online and have reinforced anti malware protection, you should always have your security software updated.

All product and company names mentioned herein are for identification purposes only and are the property of, and may be trademarks of, their respective owners.

This article is based on the technical information provided courtesy of Octavian Minea, Bitdefender Malware Researcher, and Tudor Florescu, Bitdefender Online Threats Analyst.