Technology
Malware sending 30,000 'sextortion' emails per hour: Report
New Delhi, Oct 17
A malware is sending 30,000 sextortion emails per hour after taking over people's inboxes and have, till date, sent 27 million such emails to innocent persons with a threat to expose sexual content captured via their webcams for blackmail payments.
Global cybersecurity company Check Point on Thursday said after a five-month research project, it exposed Phorpiex (aka Trik) botnet that is using people to unknowingly send 30,000 sextortion emails per hour.
"In the 5-month period that we have been monitoring this operation, we recorded transfers of more than 11 BTC to the wallets of Phorpiex sextortion - currently over $110,000," said the company.
The sheer speed and volume of emails being generated is staggering, it added.
"The idea behind sextortion is simple - an email demands blackmail payment threatening to expose sexual content relating to the recipient if not obeyed. Many of us received such emails or know others that have," said researchers Gil Mansharov and Alexey Bukhteyev.
The botnet under study uses thousands of infected hosts under its control to deliver millions of threats to innocent recipients.
Phorpiex (aka Trik) botnet has been active for almost a decade and currently operates more than 450,000 infected hosts.
In the past, Phorpiex monetized mostly by distributing various other malware families including GandCrab, Pony, Pushdo and used its hosts to mine cryptocurrency utilizing various cryptominers.
"Recently, Phorpiex has added a new form of revenue generation to its abilities; A spam bot described in the following article is used by Phorpiex to run large-scale sextortion campaigns," the findings showed.
This is how the botnet works.
It uses a spam bot that downloads a database of email addresses from a command and control (C&C) server.
Then, an email address is randomly selected from the downloaded database, and a message is composed from several hardcoded strings.
The spam bot can produce a large amount of spam emails - up to 30,000 per hour. Each individual spam campaign can cover up to 27 million potential victims.
"The most interesting feature of the last spam campaigns is that Phorpiex/Trik spam bot uses databases with leaked passwords in combination with email addresses," said the researchers.
"A victim's password usually included in a spam email message to make it more persuasive and show that password is known to the attacker. To shock the victim a spam message starts from the string with the password," they added.
Leaked credential lists, containing passwords that are often not compatible with their linked email addresses, are a common inexpensive commodity.
"Phorpiex, a veteran botnet, has found a way to use them to generate a low maintenance, easy income on a long-term basis and is continuously propagating sextortion emails - in the millions," the researchers noted.
Global cybersecurity company Check Point on Thursday said after a five-month research project, it exposed Phorpiex (aka Trik) botnet that is using people to unknowingly send 30,000 sextortion emails per hour.
"In the 5-month period that we have been monitoring this operation, we recorded transfers of more than 11 BTC to the wallets of Phorpiex sextortion - currently over $110,000," said the company.
The sheer speed and volume of emails being generated is staggering, it added.
"The idea behind sextortion is simple - an email demands blackmail payment threatening to expose sexual content relating to the recipient if not obeyed. Many of us received such emails or know others that have," said researchers Gil Mansharov and Alexey Bukhteyev.
The botnet under study uses thousands of infected hosts under its control to deliver millions of threats to innocent recipients.
Phorpiex (aka Trik) botnet has been active for almost a decade and currently operates more than 450,000 infected hosts.
In the past, Phorpiex monetized mostly by distributing various other malware families including GandCrab, Pony, Pushdo and used its hosts to mine cryptocurrency utilizing various cryptominers.
"Recently, Phorpiex has added a new form of revenue generation to its abilities; A spam bot described in the following article is used by Phorpiex to run large-scale sextortion campaigns," the findings showed.
This is how the botnet works.
It uses a spam bot that downloads a database of email addresses from a command and control (C&C) server.
Then, an email address is randomly selected from the downloaded database, and a message is composed from several hardcoded strings.
The spam bot can produce a large amount of spam emails - up to 30,000 per hour. Each individual spam campaign can cover up to 27 million potential victims.
"The most interesting feature of the last spam campaigns is that Phorpiex/Trik spam bot uses databases with leaked passwords in combination with email addresses," said the researchers.
"A victim's password usually included in a spam email message to make it more persuasive and show that password is known to the attacker. To shock the victim a spam message starts from the string with the password," they added.
Leaked credential lists, containing passwords that are often not compatible with their linked email addresses, are a common inexpensive commodity.
"Phorpiex, a veteran botnet, has found a way to use them to generate a low maintenance, easy income on a long-term basis and is continuously propagating sextortion emails - in the millions," the researchers noted.
7 hours ago
Indian American Pavan Davuluri Appointed Head of Windows and Surface Devices Teams by Microsoft
7 hours ago
The H-1B lottery will be held by USCIS, and initial registration is closed.
7 hours ago
On International Women's Day, Malabar Gold and Diamonds celebrates with the Indian Women's Club of Northshore, Illinois.
7 hours ago
Rights organizations unite to condemn the surge of Hindu supremacy in the US
9 hours ago
'Unacceptable, unwarranted': India again slams US' remarks on Arvind Kejriwal
9 hours ago
Kerala CPI-M legends' tombs vandalised in Kannur, probe launched
9 hours ago
The journey of Supreme Court and India’s fundamental rights has been a constant struggle: SG Tushar Mehta
10 hours ago
Mumbai doctors save micro-preemie baby born at 23 weeks weighing 620 grams
10 hours ago
New AI tool can predict fatal heart rhythm with 80 pc accuracy
10 hours ago
South Korea to bar intern doctors if they don't register for jobs
10 hours ago
Smart TV shipments drop 16 pc as premium TVs drive growth in India: Report
11 hours ago
New paper-based device to make on-spot glucose testing using smartphone
11 hours ago
Only 4 pc of Indian firms are 'mature' to tackle modern cyber attacks: Report