Botnet sending millions of sextortion emails

Comments are off
1
Marcelo Orlandi
Botnet sending millions of sextortion emails

You have heard about phishing, ransomware and many other ways of sending threats through email. But have you heard about sextortion emails? There is always something new over the horizon….keep reading

A decade-old botnet malware, which is currently controlling more than 450,000 computers, (yes you read it right, more than 450,000 computers worldwide!!) have recently shifted operations from infecting machines with ransomware or crypto miners to sending out sextortion emails to millions of people.

What is a sextortion email?

Sextortion emails are emails that attempt to extort money from individuals by blackmailing them with threats of exposing their sexual content.

How does Phorpiex spam bot work? When the spambot downloads the list of its targets’ email addresses from a remote command-and-control server and uses them to send sextortion email like the one below:

Hi, I know one of your passwords is: XXXXX.

Your computer was infected with my private malware. Your browser wasn’t updated / patched. In such case, it’s enough to just visit a website where my iframe is placed to get automatically infected if you want to find out more – Google “Drive-by exploit”.

My malware have given me full access to all your accounts (see password above), full control over your computer and it also was possible to spy on you over your webcam.

I collected all your private data and I RECORDED YOU (through your webcam) SATISFYING YOURSELF!

After that, I removed my malware to not leave any traces and this email was sent from a hacked server.

I can publish the video of you and all your private data on the whole web, social networks, over email of all contacts.

But you can stop me and only I can help you out in this situation.

The only way to stop me, is to pay exactly 800$ in bitcoin (BTC).

Scary, right? Well this botnet is sending over 30,000 of these sextortion emails per hour—without the knowledge of the infected computers’ owners

Have you seen or heard of this type of email before? Then you know what I am talking about. This means that your email address is in a spam database and you may expect to receive a lot of them.

What can you do? Well, a very good spam filtering engine will catch most of them. However, you may expect every now and then something pass through it and reach your inbox. Therefore, be alert and stop, think before you click.

And as always, be safe out there until the next Malware Monday.