Proofpoint Uncovers Latest Bitcoin Sextortion Scam to Lure Victims into Installing Ransomware


In yet another bizarre case to come out of the world of cryptocurrency, it now appears as though there is a sextortion scam that plants ransomware on a user's device following which it asks the victim to pay a fixed sum of Bitcoin (to the miscreants).

In relation to the case, a cybersecurity firm by the name of Proofpoint has said that this latest sextortion campaign is primarily focusing on residents of the United States, where it sends certain individuals ‘legitimate looking emails’ that are embedded with a ransomware installer.

To be even more specific, as and when a person clicks on the links supplied within the email, their machine gets infected with a ransomware known as ‘GandCrab’. Once the software is successfully installed on a person’s computer, it starts demanding the victim to pay a sum of USD $500 (which has to be supplied in crypto).

Be Informed on how to use your Computer!

As per one of the head researchers over at Proofpoint, it appears as though the scandal relies on individuals who don't know how to use their PC’s very well. On the subject, a spokesperson for Proofpoint was quoted as saying:

“This particular attack combines multiple layers of social engineering as vulnerable, frightened recipients are tricked into clicking the link to determine whether the sender actually has evidence of illicit activity,”

Lastly, a sample email released by the cybersecurity firm shows that the extortionists first demand for US$381 (so as to keep compromising information about the victims from being leaked). As proof, the victim is provided with a false video link which when clicked on, installs the ransomware on the person's computer (as well as locks the machine in question).

Final Take

As mentioned above, the creators of the ransomware claim that once they access an individual's computer via email, they become privy to their login details. However, that is not the case since the folks over at Proofpoint have conclusively determined that the hackers at this point in time don't have the ability to obtain such sensitive data.

“The supposed password for the potential victim’s email address in this case appears to be the same as the email account. Therefore, in this case it may simply be a bluff and the attacker does not actually possess the victim’s password.”

Get Daily Headlines

Enter Best Email to Get Trending Crypto News & Bitcoin Market Updates

What to Know More?

Join Our Telegram Group to Receive Live Updates on The Latest Blockchain & Crypto News From Your Favorite Projects

Join Our Telegram

Stay Up to Date!

Join us on Twitter to Get The Latest Trading Signals, Blockchain News, and Daily Communication with Crypto Users!

Join Our Twitter

Add comment

E-mail is already registered on the site. Please use the Login form or enter another.

You entered an incorrect username or password

Sorry, you must be logged in to post a comment.
Bitcoin Exchange Guide