Sextorting campaigns return with a vengeance.
According to a new report from Check Point Research, an IT security company, the root of the campaign is a botnet that is currently active on more than 450,000 infected hosts.
The botnet – a network of malicious computers – spits millions of threats of sextortion, up to 30,000 per hour, according to Check Point.
'SEXTORTION – SCAM USES PASSWORD INFRINGEMENTS TO AIM VICTIMS It happens while we speak [and] and we can assume that they will shrink, "said a check Point spokesman to Fox News. "The numbers are crazy and alarming for us. The speed and volume is unprecedented. "
The basic email is pretty simple. It demands payment and threatens to release sexual content, usually a video, if the claim is not met. The person or organization sending the e-mail usually threatens to send the sexual content to family members, friends, co-workers, or social network contacts.
Here is an example of a spam bot-created sextortion email provided by Check Point: [1
Your computer was infected with my private malware. My malware gave me full access to all your accounts (see password above), full control of your computer and it was also possible to spy on you through your webcam.
I've collected all your private information and I've RECORDED YOU (via your webcam) to be SATISFIED!
I can post the video of you and all your private information across the web, on social networks and via email through all contacts. "
Sextorting is a Growing Threat The FBI's Internet Crime Complaint Center received 51,146 blackmailed complaints with adjusted data losses of over $ 83 million, an increase of 242 percent from 2017 levels.
E-mail fraud "CIA SEXTORTION" makes its debut
And the majority of blackmail complaints in 2018 was part of a blackmail campaign FBI said in the report.
The Phorpiex (aka Trik) botnet behind the latest attacks has been active for nearly a decade, according to Check Point, and has just recently added a spam bot to conduct extensive sex-screening campaigns.
The Phorpiex / Trik spam bot accesses databases of leaked passwords and e-mail addresses. The password of a victim is usually included in the spam email to determine the shock value and make the email more convincing, added Check Poi nt added.
"The spam bot can create a large amount of spam emails – up to 30,000 per hour. Each spam campaign can cover up to 27 million potential victims, "the Check Point report said.
It seems to pay off. In the five months that Check Point supervised the operation, remittances of more than 11 Bitcoin – about $ 87,000 – were reported to the criminals behind the operation.