Hacker Hijacked School Webcams to Produce Child Pornography, Indictment Alleges

A man from Ohio was charged on Wednesday for allegedly producing child pornography from footage obtained by spying through the webcams of computers used by children.

Phillip Durachinsky, 28, was indicted for infecting thousands of computers with malware that allowed him to secretly hijack webcams in order to watch and listen to unknowing victims for over a decade.

The indictment alleges that Durachinsky took part in the hacking scheme from 2003 until January 2017, using computers owned by individuals, organizations and schools.

“For more than 13 years, Phillip Durachinsky allegedly infected with malware the computers of thousands of Americans and stole their most personal data and communications,” said Acting Assistant Attorney General John Cronan. “This case is an example of the Justice Department’s continued efforts to hold accountable cybercriminals who invade the privacy of others and exploit technology for their own ends.”

Durachinsky has been charged with Computer Fraud and Abuse Act violations, Wiretap Act violations, production of child pornography, and aggravated identity theft.

The so-called Fruitfly malware that Durachinsky allegedly developed and used also alerted him if a victim used their search engine to look for terms associated with pornography.

“This defendant is alleged to have spent more than a decade spying on people across the country and accessing their personal information,” said First Assistant U.S. Attorney David Sierleja.

Special Agent in Charge Stephen Anthony added: “Durachinsky is alleged to have utilized his sophisticated cyber skills with ill intent, compromising numerous systems and individual computers.

“The FBI would like to commend the compromised entities that brought this to the attention of law enforcement authorities. It is this kind of collaboration that has enabled authorities to bring this cyber hacker to justice.”

webcam hacker child pornography ohio An Ohio man allegedly used malware to secretly hijack thousands of webcams. LIONEL BONAVENTURE/AFP/Getty Images

The case once again highlights the issue of webcam security, as well as other internet-connected devices like smart baby monitors.

Read more: Are hackers spying on your baby?

A 2016 investigation by Newsweek found hundreds of web-connected CCTV cameras, webcams and smart baby monitors listed on an online search engine called Shodan.

Security researchers say device manufacturers are largely to blame for the issue, as they tend to prioritize other features over security.

“The problem here is that many Internet of Things devices [smart devices that connect to the internet] are horribly broken security-wise because it costs money to ensure a reasonable standard of protection on a product,” Chris Boyd, an analyst at the security firm Malwarebytes, said at the time.