Sextortion-Scam

Extortion by email has grown significantly over the current years, in specific sextrotion has been on the rise.

Millions of users are complaining that they have received sextortion emails that attempt to blackmail individuals by exposing their sexual content; images, texts, online search history, etc.

Sextortion is a form of blackmail in which sexual information or images are used to extort individuals into paying money to the hacker to keep quiet.

Social media and text messages are often the source of the sexual material and the threatened means of sharing it with others.

A decade old botnet malware that controls over 450,000 computers worldwide has recently changed its operations from infecting computers with ransomware or crypto miners, to sending out sextortion emails to millions of people.

In a recent report shared with The Hacker News, Tel Aviv-based security firm Checkpoint revealed that a botnet called Phorpiex has been sending out over 30,000 sextortion emails per hour, making this type of ransomware a rapidly growing problem.

How Does the Phorpiex Spam Bot Work?

The Phorpiex Spam Bot module downloads a list of targets/receipt’s email addresses from a remote command-and-control server.

It then uses a simple SMTP protocol to send extortion emails out to these targets/receipts.

An example of a sextortion email could looks something like this:

Hi, you have been hacked and I know one of your passwords is: xxxxxx

I made a full dump of your disk including; address book, history of sites you have viewed, all files, phone numbers, and addresses of all your contacts. I even have access to your personal photos and messages.

After looking at the personal data I collected from you, I was shocked to see the sites you were visiting and the personal photos and messages I found.

So I proceeded to watch your online activity and I RECORDED YOU through your webcam SATISFYING YOURSELF!

I created a file with all of your “secrets” including adult sites and content you have visited recently.

I’m sure you wouldn’t want this personal information to be leaked to your friends, families, coworkers and boss….

To avoid this embarrassment, you must pay $XXX by this date: X/X/XXXX.

Pay ONLY in Bitcoin.

According to researchers at Checkpoint, once the e-mail is created, “an email address is randomly selected from the downloaded database, and a message is composed from several hard coded strings. The spam bot can produce a large amount of spam emails – up to 30,000 per hour. Each individual spam campaign can cover up to 27 million potential victims.”

To make these e-mails seem more legitimate and intimidate recipients, criminals behind these campaigns will insert one of the victims online passwords in the e-mail, like the example above.

This makes it more personal and intimidating.

The reality is that these passwords and e-mail addresses were previously collected from compromised databases.

The passwords might be old or from an old online service but, often times when recipients see a password they have used, even an old password, they fall for the sextortion attempt and pay off the attacker to avoid any exposure or embarrassment.

In fact, sextortion campaigns are so effective that cyber-criminals behind these campaigns have made more than 11 BTC.

11 BTC is the equivalent to roughly $88,000 USD.

Although this number might not seem large in comparison to other ransomware attacks, researchers say this has been going on for years and there is only new research data, making this number an underestimate.

In latest news, hackers are also using litecoin in order to avoid spam filter detection.

For sure by now this number is in the millions of dollars and growing.