Researchers have found scammers can rent botnets from a Mr Big for $10,000 a month, and extort $130,000 p/m from guilt-ridden porn lovers.
An international team of researchers from the Austrian Technology Institute and security firm GoSecure combed through more than 4 million sextortion spam emails and concluded it’s a quick and easy way to make a tonne of money.
As such, it’s only likely to increase.
Sextortion emails are those ones where someone claims your laptop is infected with malware that took over your webcam and videoed you masturbating to icky porn.
If you don’t pay a certain amount of Bitcoin as a ransom, they’ll release the footage to all your contacts.
It’s total B.S
Of course, there is no malware (except on the botnet army PCs), and no footage – there’s just an email making spurious claims in the hope you’ll bite.
They’re effective because many people have indeed masturbated to icky porn in front of their laptops and some of them are horrified enough at the possibility of footage emerging to pay up.
The Necurs botnet alone launched more than 80 campaigns and pumped out 4,340,736 emails.
Interestingly enough, there appears to be a Mr Big behind all of the different campaigns, who rents out his bots for other scammers to run.
He’s a kind soul, who charges only what people can afford: English speakers pay around $745 each while Spaniards get a discount rate around $250.
Those renting botnets are also using them for other scams as well, such as the theft of credit card details.
Sextortion easier than Nigerian Prince scams
Compared to most email scams, which take forever to convince some rube to pony up the dough with the promise of untold riches from a Nigerian prince, sextortion is quick and effective.
“If you look at traditional spam it’s much more complicated … crypto [extortion] spam is much simpler,” GoSecure’s Masarah Paquet-Clouston told CoinDesk.
27 million ‘caught’ with their pants down
Two weeks ago the BBC reported one instance of a sextortion botnet that was spreading 30,000 emails an hour from 450,000 hijacked computers to 27 million people in total.
The threatening emails demanded $800 or else compromising photos would be released.
The spam emails were targeted at those who the scammers had already obtained a genuine password.
They included this in the text to “prove” the claim their computer had been infected with malware and that the footage existed.
Ever wondered where do Sextortion emails come from? Read our latest post in the footsteps of a Sextortion campaign.https://t.co/APH5g7jOFx
— Check Point Research (@_CPResearch_) October 16, 2019
“The attacker is saying ‘Hey, we hacked your computer, we saw you doing this and that, and this proves it. This is your password’,” CheckPoint research head Yaniv Balmas told the BBC.
Very few people are taken in, of course, however, Charles Henderson from IBM’s X-Force Red security team said they still provided cybercriminals with “a great return on investment.”
Mr Balmas agreed: “It’s the rules of big numbers. If I’m sending 100,000 sextortion emails, its enough that 100 people fall for the trap. I get my money.”
Bitcoin: No.1 choice for cybercrime
Bitcoin is used by the sextortionists as its the most popular and easily accessible cryptocurrency.
However, transactions can also be traced much more easily than with true privacy coins like Monero and Zcash – which is fortunate, because that’s how the researchers gathered the data.
The researchers used “a simple, yet effective method for projecting Bitcoin addresses mentioned in sextortion spams onto transaction graph abstractions is computed over the entire Bitcoin blockchain.
“This allows us to track and investigate monetary flows between involved actors and gain insights into the financial structure of sextortion campaigns.”
“We conclude that sextortion spamming is a lucrative business and spammers will likely continue to send bulk emails that try to extort money through cryptocurrencies.”