To Catch an Online Predator


She sits at her computer sipping from a crystal glass of wine while listening to music. The mixture drives her warfare like the berserker warriors of old Norse legends, while she focuses on the hunt and sharpens the proverbial ax.


Not with conventional weapons made of steel or iron. Rather, she’s a huntress within the realms of cyberspace, hidden somewhere within dark places, searching to slay apex predators and put an end to their reign, as well as try to end the trail of innocent victims they leave in their wake.


Somewhere between sips of wine and thundering bass drops, a target gets tangled into her web. She has them where she wants them. Thus is their undoing. After all, she is no greenhorn. She’s done this before. After all, she hunts pedophiles.


Her name is W1ntermute, and she is the leader of W1nterSecurity, known for its prolific and intensive labor in neutralizing online predators.


Imminent Threat


The internet as we know it is an ominous frontier, rife with snares, traps, and a broad caste of predators. This is because the one medium that ties us all together, however innocuous at its core, is so often weaponized by threat actors.


Threats against young internet users are commonplace, and that’s alarming. Statistics released by the FBI claimed that they believe more than half a million online predators are operating online every day and from multiple online profiles. They also reported victims between 12 to 15 years of age to exceed 50% and 89% of victims are propositioned by predators in chatrooms and private messages.


This rings true from my own experiences. I spent several years hunting online predators and learning about that underworld because it’s an epidemic, and crossing paths with a predator during online sting operations always yielded bountiful results.


The reasons why the epidemic exists will certainly constitute its own article because the wealth of information goes beyond the scope of a cybersecurity article. However, the reality remains prevalent.


The W1nter Storm Advances


Winter is usually associated with a season of cold and ice, which draws life from living things, bringing it into an element of stasis and death, where the vibrance of life has lost its fervor, only to be snatched away within the talons of frost.


As winter kills life, it also gives existing life a chance to invigorate in due time. This is why W1ntermute uses these symbols. W1ntermute says:


“We bring an end to the flagrant acts of sexual predators against minors by exposing them and informing authorities of their intentions to cause harm.”

“It’s not always what you think. They are just as many female predators,” she says, explaining how sexual predators aren’t always men. “Their approach or goals are just a little different than men. Women seem more geared towards mother-daughter role play, which is absolutely repulsive since mothers are supposed to fill the role of nurturers.”


She hunts on a variety of chatroom websites that caters to a broad spectrum of ages. Oftentimes, underage users will lie about their age, to use the platform, and also to chat with older users to sate their curiosity. “Men will actually lure underage girls from their homes, and even coerce them into meeting them. We strive to prevent them from accomplishing this goal,” W1ntermute said.


W1nterSec employs a variety of online open-source intelligence (OSINT) tools to deanonymize predators and report them to actionable authorities.


Deanonymizing Suspects Using Open-Source Resources


The fact that evidence obtained illegally by hackers and supplemented to law enforcement is considered permissible by law is risky, since it could possibly jeopardize the hacker. W1ntermute asserts that hacking isn’t necessary to affirm that a crime has been committed by a sexual predator.


“Most predators are going to commit sexual enticement of a minor within the first few minutes of a conversation with a supposed minor, if that,” she says. “This meets the conditions that constitute a federal crime.”


This is defined as whenever an adult attempts to persuade a minor with the goal to accompany them to commit sexual activities. Online solicitation of a minor is also defined as intentionally or knowingly communicating certain sexual material or content to a minor, or attempting to induce

an underage individual to perform a sexual act.


When this criterion is met, the conditions for committing a federal crime have been satisfied. Hacking the target isn’t necessary. At any rate, hackers pose a significant risk of self-incrimination by trying to hack their targets. However, she explains that open-source tools help to unmask the identity of each target. W1ntermute explained:


“The goal is to lure the target onto a platform you control. So, a little social engineering is necessary. The main objective is getting their phone number. If you can get that, the rest is easy.”

Many targets have a preferred messaging platform like Kik or Google Hangouts or Snapchat. However, these platforms are known to strip away metadata from media. Normally, engaging targets on platforms that do this make the task of deanonymizing the target rather daunting, requiring much more social engineering.


Getting the target to agree to send SMS messages is key because once the phone number is achieved, the rest is a matter of sleuthing public records databases. By performing a reverse phone search, you’re able to obtain the subscriber information which supplies their name, address, criminal history, and, most importantly, places the target in a geographical location.


Other free online resources allow users to extract metadata from media shared by the target, which helps determine the geographical coordinates of where the video of the picture was shot. This is important when you are trying to figure out where the target lives or the possible locations they visit.


“For extra measure, email addresses and phone numbers can be searched in breach report databases,” she said and added:


“When you confront the target, their first reaction is to flee, block your number, and hope that you don’t find a way to contact them ever again. But when you obtain every bit of info on them and need to confront them in some way, demonstrating a complete knowledge of the target usually can hold them in check while you obtain confessions in a more aggressive and direct way.”

This is how ordinary people do extraordinary things.


An article by

Jesse McGraw


Edited by

Ana Alexandre

53 views
Screen Shot 2022-06-13 at 4.57.16 PM.png

Detect, respond, prevent and SOAR with ORNA

Subscribe

Weekly cyber insights

Thanks for submitting!