Proofpoint Uncovers Latest Bitcoin Sextortion Scam to Lure Victims into Installing Ransomware
In yet another bizarre case to come out of the world of cryptocurrency, it now appears as though there is a sextortion scam that plants ransomware on a user's device following which it asks the victim to pay a fixed sum of Bitcoin (to the miscreants).
In relation to the case, a cybersecurity firm by the name of Proofpoint has said that this latest sextortion campaign is primarily focusing on residents of the United States, where it sends certain individuals ‘legitimate looking emails’ that are embedded with a ransomware installer.
To be even more specific, as and when a person clicks on the links supplied within the email, their machine gets infected with a ransomware known as ‘GandCrab’. Once the software is successfully installed on a person’s computer, it starts demanding the victim to pay a sum of USD $500 (which has to be supplied in crypto).
Be Informed on how to use your Computer!
As per one of the head researchers over at Proofpoint, it appears as though the scandal relies on individuals who don't know how to use their PC’s very well. On the subject, a spokesperson for Proofpoint was quoted as saying:
“This particular attack combines multiple layers of social engineering as vulnerable, frightened recipients are tricked into clicking the link to determine whether the sender actually has evidence of illicit activity,”
Lastly, a sample email released by the cybersecurity firm shows that the extortionists first demand for US$381 (so as to keep compromising information about the victims from being leaked). As proof, the victim is provided with a false video link which when clicked on, installs the ransomware on the person's computer (as well as locks the machine in question).
Final Take
As mentioned above, the creators of the ransomware claim that once they access an individual's computer via email, they become privy to their login details. However, that is not the case since the folks over at Proofpoint have conclusively determined that the hackers at this point in time don't have the ability to obtain such sensitive data.
“The supposed password for the potential victim’s email address in this case appears to be the same as the email account. Therefore, in this case it may simply be a bluff and the attacker does not actually possess the victim’s password.”
Add comment