Following a five month investigation, Check Point Research has published its results on the “largest scale sextortion campaign” it has seen.
The sextortion campaign informs its victims that it has compromising images or videos of them and requests a ransom demand.
During the 5 month period, victims sent more than 14 Bitcoins (over $11,000) to the Phorpiex campaign wallets. Although the amount may not sound a lot, for a low maintenance operation it generates $22,000 per month.
The Phorpiex botnet, or Trik, utilises a spam bot which downloads a database of email addresses from a C&C server. An email address is then randomly selected and a message is composed.
The spam bot can produce a vast amount of spam emails – up to 30,000 per hour, with each individual campaign affecting up to 27 million potential victims.
The researchers noted one interesting feature being that the spam bot utilises databases with leaked passwords in combination with email addresses. This intensifies the threat as the attacker displays the victim’s password within the email.
The researchers Gil Mansharov and Alexey Bukhteyev discovered that during the five month period, approximately 150 victims paid the blackmail demand.
The simple scam technique is successful considering the low number of payments received. However, the passwords from the leaked databases are often not related to the victims’ email accounts, therefore the value of the data is low.
“The Phorpiex actors came up with a method of using such low quality data to earn a respectable amount of profit,” the researchers said.
Jake Moore, cybersecurity specialist at ESET told Forbes: “I’ve had close friends panic with this scam and forward me the email to ask if it’s valid”
“…these targeted friends of mine have been clever, computer-savvy people, which shows the power and impact such an email can have.”
The post #Privacy: Phorpiex botnet made $115,000 from spam sextortion emails in five months appeared first on PrivSec Report.