The number of cases of cryptocurrency extortion using botnets is growing

According to researchers, criminals are increasingly using botnets to send emails demanding ransom in cryptocurrencies for not disseminating information compromising the victim.

At the Advance in Financial Technology conference last week in Zurich, a team of researchers from the Austrian Institute of Technology and GoSecure security service provider experts demonstrated examples of such emails and said that the extortion process is usually easy and very profitable.

Using publicly available data hacking information, the researchers found that one copy of the popular Necurs botnet launched over 80 campaigns and sent out 4.3 million emails. Experts examined these letters and found that in almost all cases, the criminals did not actually have compromising information about the victims.

Researchers said the botnet was surprisingly profitable – renting it for $ 10,000 a month, extortionists earned at least $ 130,000. Masarah Paquet-Clouston of GoSecure noted that such campaigns are incredibly simple compared to most other schemes. extortion, thanks in large part to the use of cryptocurrencies.

“If you look at traditional spam mailings, you will see that there are much more complicated income generating schemes. However, with cryptocurrencies, extortion has become easier, ”said Pak-Kluston.

The examples presented by the researchers describe emails informing the victim that the hacker will reveal compromising personal information if the victim does not pay the ransom in cryptocurrencies in a timely manner. For example, in one letter, hackers monitored the victim’s computer using malware:

“Hello! As you may have noticed, I sent you an email from your account. This means that I have full access to your account. I have been watching you for several months. The fact is, you got infected with malware through the adult site you visited. ”

Read This Now: Cryptocurrency Debit Card Appears in Venezuela

Tracking bitcoin addresses and the languages used in emails allowed researchers to better understand how botnets work. For example, fraudsters have levied higher ransoms on certain nationalities. Moreover, the size of the ransom from native English speakers averaged around $ 745 compared with Hispanic victims, who demanded about $ 249 on average.

The botnet reused Bitcoin addresses more than 3 million times, and the researchers suggested that this was done to simplify payments. Only 0.135% of bitcoins received by criminals could be traced on publicly verified wallets on exchanges, which indicates the use of CoinJoins and other methods of masking transactions before withdrawing funds to fiat currencies.

According to researchers, along with bitcoin, ransomware also often uses lightcoin. Surprisingly, confidential cryptocurrencies such as Monero and Zcash are used by fraudsters much less often.

Extortions involving cryptocurrencies have long been popular with scammers. Typically, criminals use ransomware viruses to attack the victim’s computers, and then require a ransom in cryptocurrencies to decrypt the files. In the summer of this year, the small American city of Lake City was attacked by a cryptographic virus, as a result of which the authorities had to transfer 42 BTC to ransomware.

Read This Now: Samsung gets Intel 14nm orders for motherboard controllers