Crypto-based extortion has recently become one of the most predominant crime in the virtual space. It involves using spam-flinging botnet armies to “ransom” dirty pictures and compromising information in exchange for bitcoin.
An international team comprised of researchers from the Austrian Technology Institute and security provider GoSecure recently attended the Advances in Financial Technology conference in Zurich. In the conference, they stated that the extortion process was quick, easy and very lucrative after they examined several email spams.
The researchers used the public hack info to find that a single instance of the popular Necurs botnet launched over 80 campaigns and in the 4.3 million emails surveyed by the team. In most cases, the criminals had no damaging information on the victims. The research team stated that the botnet was surprisingly lucrative. The extortionists were possibly making at least $130,000 after renting a botnet for $10,000 per month.
Masarah Paquet-Clouston, a security researcher at GoSecure, said that the spam campaign is very simple because of its employment of cryptocurrencies. On account of this, the researchers strongly believe that the crypto-backed email extortions will increase. Paquet-Clouston said:
“If you look at traditional [product] spam, it’s much more complicated … [crypto] extortion spam is much simpler”
The researchers provided examples where a victim receives an email from the hacker threatening to release compromising personal information if bitcoin isn’t provided on time. For example, one email claimed the hackers were performing surveillance via malware:
“Hello! As you may have noticed, I sent you an email from your account. This means that I have full access to your account. I’ve been watching you for a few months now. The fact is that you were infected with malware through an adult site that you visited.”
English Speakers Asked For More Crypto In Extortion
Furthermore, researchers figured out how botnets operate after tracking the bitcoin addresses used and languages employed in emails. For example, certain nationalities were charged higher than others, with English speakers topping out around $745 per recipient compared to Spaniards on the lowest end at $249.
The bitcoin addresses were used over 3 million times. The researchers believe that it was done to simplify payments. The team also said that awareness about bitcoin and methods to track payments have lead botnet campaigns. On the other hand, privacy coins like monero and zcash are not used that much in the extortions.