Hackers Made Half a Million Dollars Pretending They Watched You Watch Porn

移动互联 2018-08-22 阅读原文

Sometimes scammers just need to say
they hacked you to pull in the cash. Since July, cybersecurity researchers, journalists
and victims, have seen a spike in extortion letters and emails demanding hefty sums of bitcoin. The twist is that the scammers send the victim one of their own passwords, likely gleaned from an already public breach, and use that as an intimidation tactic. The blackmailers then claim they have hacked into the target’s webcam while they were watching pornography. Pay up, or they’ll release the (made-up) video.

Now, researchers have found this scam has been pretty profitable, especially considering the low-level of work involved on the fraudsters’ part.

“What is worrying is that, scammers were able to siphon off [$500,000], from old passwords dumps, with very little effort,” Suman Kar, CEO of cybersecurity firm Banbreach, told Motherboard in an online chat.

In July, cybersecurity journalist Brian Krebs reported on the new wave
of sextortion emails.

“I’m aware that [victim’s password] is your password,” one part of an example email Krebs published reads. “First part recorded the video you were viewing (you’ve got a fine taste haha), and next part recorded your webcam (Yep! It’s you doing nasty things!),” the version Krebs published adds, before demanding the victim sends $1,400 in bitcoin to a specific bitcoin address.

It’s an enticing, if not devilish, proposition. Banbreach looked at around 770 wallets in total, according to a spreadsheet the company shared with Motherboard. The majority of those, around 540, did not receive any funds. But the remaining ~230 had over 1,000 transactions, receiving a total of around 70.8 BTC.

This figure is also likely only a conservative estimate, considering Banbreach’s methodology would not have captured all, or perhaps even the majority, of sextortion emails. Kar said Banbreach collected different bitcoin addresses used in this style of extortion by scraping comments on related media coverage, and picking them out from journalists’ articles. Kar said the company also fielded reports from victims in India, where scammers appear to be targeting at the moment in particular.

“$1000 is a lot of money for the average Indian,” Kar said.

Banbreach believes some of the passwords used to trick victims came from the LinkedIn and Anti-Public Combo list data breaches, the latter being a large collection of various data caches
from multiple sources. Those two breaches turn up when entering sextortion victims’ email addresses into breach notification site Have I Been Pwned, Banbreach said in a write-up of its research provided to Motherboard. However, it is still difficult to fully determine where a password did ultimately come from, the company added.

Motherboard

责编内容by:Motherboard阅读原文】。感谢您的支持!

您可能感兴趣的

比特币诞生十年 网络分布全球 比特币的出现给全球金融行业带来了一波浪潮,各个国家开始投入资源研究其技术—区块链。 比特币距今为止已经出现了十年之久,在这十年期间比特币逐渐进入大众的视野。 比特币时区块链的一部分,运行在强大的比特币网络之上。 这十年以来全球个区域对...
那个隐藏了310个比特币的密码画终于被女侠破解了... 小伙伴们大家好呀 杰克…不,女侠之前一直帮大家出漫画了 有人留言说画画多没意思呀 哼,你不知道现在研究画画能赚钱吗!!! 前段时间,一张图画刷屏朋友圈 这是款解密游戏,共有4关 通关者依次被奖励 0....
Early Crypto Adopter Dish Network Now Accepts Bitc... Dish Network, one of the first major firms to accept bitcoin as method of payment, has announced it now also accepts bit...
Argentina might be getting 150 Bitcoin ATMs by ear... Argentina is being eyed as prime territory for expansion by Bitcoin BTC ATM manufacturers, which appear to be preyin...
风光不再,三个理由证明比特币“巨鲸”的市场影响力将减弱... 加密行业的人可能都会熟悉“巨鲸”这个词,即那些持有大量比特币的人。许多潜在的投资者担心巨鲸会影响市场,因此对是否进入加密市场犹豫不决。然而,比特币IRA(一个加密货币退休投资公司)的联合创始人兼首席运营官Chris Kline认为 ...