Bomb threat extortion campaign yielded less than $1 for the spammers.
By Catalin Cimpanu for Zero Day | December 15, 2018 -- 14:51 GMT (06:51 PST) | Topic: Security
Thursday's massive spam campaign that sent bomb threats to hundreds of thousands of users across the US and Canada, and caused evacuations of buildings across several cities, was carried out by the same group of spammers responsible for the recent wave of sextortion scams, two cyber-security firms said on Friday.
"Multiple IPs involved in sending these bomb threats also sent various types of sextortion email that we saw in the previous campaign," said Jaeson Schultz of Cisco Talos.
Also: 7 tips for SMBs to improve data security TechRepublic
According to AppRiver, the bomb threat emails and the older sextortion campaigns all came from the 194.58.X.X IP space.
The bomb threats send on Thursday tried to scare users by threating to detonate a bomb at their workplace if the victim didn't pay $20,000 worth of Bitcoin within a few hours.
The spammers behind this campaign stopped sending bomb threats on Friday, most likely realizing that this campaign won't yield any results, especially after the FBI, the police, and the media told everyone to ignore the threats and not pay the ransom demand.
And according to Cisco Talos, no one did. Schultz said that Talos discovered 17 Bitcoin addresses inside the bomb threat extortion emails, but none held any money.
"Only two of the addresses have a positive balance, both from transactions received Dec. 13, the day the attacks were distributed," Schultz said. "However, the amounts of each transaction were under $1, so it is evident the victims in this case declined to pay the $20,000 extortion payment price demanded by the attackers."
But the spammers have not given up. Talos said that as soon as their bomb threat campaign appeared to hit a dead end, the group switched to another one.
Also: The best facial recognition cameras you can buy today CNET
"The attackers have returned to their empty threats of harming the individual recipient," Schultz said. "This time, they threaten to throw acid on the victim." A copy of an email carrying this latest threat is available below.
In October, another Cisco Talos report revealed that the group behind this week's bomb threats, at that time operating using the "sextortion" scheme, made $146,380 in just three days' work.
21 Oct, 2019  0  Comments
In the United States, the month of October is no longer just for marking the arrival of Fall and celebrating Halloween – it’s now an occasion for improving cyber security... ...Read More
19 Oct, 2019  0  Comments
An Airbnb scam saw an American family turn up to Sir Alan Sugar's house believing they had booked it, the peer has claimed.
The business magnate, 72, said six people arrived at one... ...Read More
NAIROBI (Reuters) - A Kenyan judge’s ruling that a county governor accused of corruption must step aside pending his trial could have widespread ramifications in the country, where... ...Read More
MESA, AZ — A Mesa mother and grandmother have been charged with child abuse after drugs were found in the blood samples of two young children who lived in their home.
Court records... ...Read More
Sign up to receive our free newsletters!
We do not spam. We value your privacy!
© 2019 Just40days.com. All Rights Reserved. Developed by HariOm Technologies