Online extortion campaigns keep growing. This time, data protection specialists report the emergence of a new extortion campaign that uses a network of nearly 500,000 infected devices to send threatening emails.
In this message, hackers threaten victims to post compromising photos & videos unless they make a payment of $800 USD in Bitcoin. The email includes some details about the victim, such as usernames and passwords for other platforms, probably collected from data breaches on other sites.
The scope of this attack could reach up to 27
million affected users. In addition, hackers have proven to be able to send up
to 30K “sextortion”
emails per hour.
Evidence collected so far suggests that only a
small portion of the victims have fallen into this scam, although this is not
the only concern regarding these hackers. Charles Henderson, IBM’s data
protection specialist, mentions: “Botnets can be used for multiple
malicious tasks. Massive sending of extortion messages is just one of their
possible uses for hackers.”
As mentioned before, a botnet is a network of computers or devices connected to the Internet controlled by hackers thanks to a malware variant usually sent by infected emails or pages. Using a botnet it is possible to perform attacks through a large number of machines, making it more difficult to stop their activities and trace the origin of the attack.
A later report from security firm Check Point
mentions that this campaign is using the Phorpiex botnet, active for nearly a
decade. According to the leader of this investigation, Yaniv Balmas, it is
almost certain that the owners of the machines compromised by this malware
would not be able to detect the infection.
Experts also point out that deploying a
sextortion campaign through a botnet is an efficient way for hackers to reduce
the risk of the message being labeled as spam, although the exact number of
victims is still unknown. “In order to reduce the trace of activity,
hackers have even limited the number of extortion emails sent by each machine
integrated into the botnet,” data protection experts mention.
In addition to analyzing the behavior of this
botnet, experts began monitoring the Bitcoin address used by hackers to collect
extortion payments, discovering that hackers have accumulated nearly 11
Bitcoins (about 100 thousand dollars). “On average, one in a thousand
people must be falling into this trap,” they mention in their report. This
is a campaign that requires a high level of planning and wide availability of resources,
so it is not ruled out that hackers are using this botnet for other malicious
tasks, such as denial of service (DoS) attacks or information theft Financial.
As a prevention measure, data protection
specialists from the International Institute of Cyber Security (IICS) recommend
using the latest versions of commonly used tools, such as web browsers or
antivirus software. In addition, if you receive the message from hackers, it is
recommended to ignore the threats.