It’s fair to assume that most people don’t take sextortion emails seriously anymore due to their abundance. However, it was recently unveiled that hackers are relying on infected PCs to complete their work and are profiting off this move as well!
In case you are unaware, sextortion emails attempt to convince you that they are from a hacker who was able to record you while surfing adult sites. The “hacker” then demands ransom in order to not publicly share the recorded video.
Check Point Research recently published a report, in which the researchers explained how the Phorpiex botnet is being utilized to issue countless sextortion emails.
Phorpiex botnet (also known to many as Trik) is a worm that distributes through email. Once it infects a system, it will download additional malware or proceed with malicious activities like transmitting spam via the system. Check Point also found out that Phorpiex now has an additional payload that serves as a spam bot to spread sextortion emails.
The report mentioned that the Phorpiex spam bot is downloaded and executed by other Phorpiex modules.
Upon being downloaded, the bot module will link with the malware’s command and control servers and try to download email databases (with each database including around 20,000 email addresses). If that doesn’t sound concerning enough, the bot can also utilize databases with leaked passwords coupled with email addresses. This makes the victim believe that the hacker has their password.
Phorpiex generates 15,000 threads while sending the spam. Each thread is used to send spam. At this rate, around 30,000 sextortion emails per hour are sent from an individual infected computer (estimated by Check Point). With these numbers, it doesn’t take a genius to realize how profitable these emails can be for the Phorpiex botnet.
Although the above mentioned amount is quite less when compared to revenue generated due to other kinds of cyber threats, it should be kept in mind that this malware is a final payload on an infected system. There is basically no overhead of the spam bots. This enables hackers to concentrate on other rewarding tasks while still racking up a stable amount.
Photo: Shutterstock
Read next: Facebook increases its bug bounty but how would it help the company?
In case you are unaware, sextortion emails attempt to convince you that they are from a hacker who was able to record you while surfing adult sites. The “hacker” then demands ransom in order to not publicly share the recorded video.
Check Point Research recently published a report, in which the researchers explained how the Phorpiex botnet is being utilized to issue countless sextortion emails.
Phorpiex botnet (also known to many as Trik) is a worm that distributes through email. Once it infects a system, it will download additional malware or proceed with malicious activities like transmitting spam via the system. Check Point also found out that Phorpiex now has an additional payload that serves as a spam bot to spread sextortion emails.
The report mentioned that the Phorpiex spam bot is downloaded and executed by other Phorpiex modules.
Upon being downloaded, the bot module will link with the malware’s command and control servers and try to download email databases (with each database including around 20,000 email addresses). If that doesn’t sound concerning enough, the bot can also utilize databases with leaked passwords coupled with email addresses. This makes the victim believe that the hacker has their password.
Phorpiex generates 15,000 threads while sending the spam. Each thread is used to send spam. At this rate, around 30,000 sextortion emails per hour are sent from an individual infected computer (estimated by Check Point). With these numbers, it doesn’t take a genius to realize how profitable these emails can be for the Phorpiex botnet.
"Each individual spam campaign can affect up to 27 million potential victims."Check Point discovered that since April 2019, a total of 157 payments have been made with respect to 74 bitcoin addresses (amounting to 11.99454 bitcoins). The current prices indicate that this equals to around $95,721.89.
Although the above mentioned amount is quite less when compared to revenue generated due to other kinds of cyber threats, it should be kept in mind that this malware is a final payload on an infected system. There is basically no overhead of the spam bots. This enables hackers to concentrate on other rewarding tasks while still racking up a stable amount.
Photo: Shutterstock
Read next: Facebook increases its bug bounty but how would it help the company?