资讯

Botnet evolves to use 'sextortion' threat to scam users

字号+ 作者:江苏新闻网 来源:资讯 2024-09-16 10:36:18 我要评论(0)

An old botnet has learned new tricks. It's leveraging our fear of privacy invasion via webcam to sca

An old botnet has learned new tricks. It's leveraging our fear of privacy invasion via webcam to scam people with an email spam attack.

Cyber-security firm Check Point is detailing the latest evolution of the Phorpiex botnet (also known as Trik) into a sextortion attack. The attacking malware spams victims with emails claiming to have compromising videos of them and demanding payment or else the photos will be released into the wilds of the web.

According to Check Point, the Phorpiex bot downloads an email database from a command and control server, randomly selects an email address from the database, and sends its spam message to the address, claiming to have the victim's private data and a video of the victim "SATISFYING YOURSELF" via the victim's webcam.

But the bot ups the spam game by using databases that include leaked passwords and including those in the email, thus making the attack seem more authentic to victims. The email, of course, demands payment via Bitcoin to prevent the alleged video from being spread.

Mashable Light SpeedWant more out-of-this world tech, space and science stories?Sign up for Mashable's weekly Light Speed newsletter.By signing up you agree to our Terms of Use and Privacy Policy.Thanks for signing up!
Mashable ImageA sample email involved in the current scamCredit: Check Point / Screenshot

The breadth of the operation is breathtaking; Check Point says the bot can shoot out up to 30,000 of these emails per hour and each campaign could affect up to 27 million users in total. According to the firm, the scam has a transfer of 14 Bitcoins in the five months they've been tracking it, which, as of Wednesday, is worth a little over $111,000.

Alexey Bukhteyev, Reverse Engineer at Check Point, told ZDNet that the emails exploited thus far were available in the Have I Been Pwned database, a growing collection of email addresses whose passwords have been affected by various hacks and breaches.

Phorpiex has previously been used to spread ransomware such as Gandcrab and the malware attack known as Pony. This new sadistic twist is simply the bot upping its game and a reminder to up your own password security game, remain skeptical of anything that might seem like a spam email, and, hey, cover your webcam while you're at it.

Just in case.

1.本站遵循行业规范,任何转载的稿件都会明确标注作者和来源;2.本站的原创文章,请转载时务必注明文章作者和来源,不尊重原创的行为我们将追究责任;3.作者投稿可能会经我们编辑修改或补充。

相关文章
  • Google is bringing AI summaries to ‘Files’ so you can find your docs quicker

    Google is bringing AI summaries to ‘Files’ so you can find your docs quicker

    2024-09-16 10:17

  • 江门米仓村:一菜兴村,勾“簕”和美乡村新丰景

    江门米仓村:一菜兴村,勾“簕”和美乡村新丰景

    2024-09-16 10:07

  • 宝兴县灵关镇大渔村小开学70多名学生上课

    宝兴县灵关镇大渔村小开学70多名学生上课

    2024-09-16 10:04

  • 加强水质监测 确保饮水安全

    加强水质监测 确保饮水安全

    2024-09-16 10:03

网友点评