A report by Check Point Research, says a well known botnet and malware agent is engaging in a massive sextortion campaign. The researchers say this botnet is acting as a spambot to target innocent recipients.
The makers of the Phorpiex botnet also called Trik seem to have added a new sextortion scam to make money. Researchers say victims have been duped into sending over than 11BTC, around $89,370 to the hackers wallet addresses over about five months.
First reported on in 2016, and likely active since around ’06, the Phorpiex botnet has served to deliver a distribute malicious payloads. Now the botnet has around 450,000 infected hosts and has been used for just about every kind of known exploit.
The Next Web points out this latest exploit comes just days after researchers from the cybersecurity firm Reason discovered the sextortion malware they called “Save Yourself” was also used for cryptojacking, and was mining Monero on users devices.
The MO is simple, and has been done before. The botnet uses a database of email addresses, and a message a victim randomly for a controlled device. The email is a standard “I know what you’ve done” scare tactic, demanding that targets pay up or have their sexual content published online. In this case the threat, the email also contained the recipient’s email password to create an “offer you cannot refuses” I suppose.
From the report “The spam bot creates a total of 15,000 threads to send spam messages from one database. Each thread takes a random line from the downloaded file. The next database file is downloaded when all the spam threads finish. If we consider the delays, we can estimate that bot is able to send about 30,000 emails in an hour”
Header Image by btckeychain