Rewterz Threat Alert – Large Email Extortion Campaign

Severity

Medium

Analysis Summary

A large email extortion campaign is underway telling recipients that their computer was hacked and that a video was taken through the hacked computer’s webcam. The attackers then demand $1,900 in bitcoins or the video will be sent to family and friends. While many would disregard these emails, some have been so concerned that a video would leak that they sent payments to the scammers. In the first week that these extortion emails began to be sent out, concerned recipients sent over $50,000 in bitcoin to the attackers. Therefore, attackers are emailing people stating that their computers were hacked, a video was taken using their webcam, and that they know their passwords. The listed passwords may be one of the recipient’s older passwords leaked through data breaches shared online. Below is the email.

Some of the bitcoin addresses receiving payments for extortion campaigns are given below:

 bc1q3h9lq7z4uke8q8uslx5rlr2xq0xgnu37zt8ywn 
bc1qzl2qlywq8fzfm49e7mvsuz4yvpdwpzfqs5g85r 
bc1qflasaggvrat2kavt5ygy043k9p5rjwr9kkql03 
bc1qzl2qlywq8fzfm49e7mvsuz4yvpdwpzfqs5g85r 
bc1qpq0ptyh6cwzksu0mkmg4t5xkhvp9q4vfgh4gyq 
bc1qehk8rsppsqtwh7hvmmgdz4rnkydtdsx8pqdwjw

Remediation

• Do not respond to emails blackmailing users for money.
• Do not send any payments to such scammers even if they know your password.
• In case your current password is given in an extortion email, immediately change it to a stronger password.
• Enable multi-factor authentication.