Sextortion with a Bitcoin Twist

As Bitcoin is growing in popularity, everyone seems to want in on this revolutionary, moneymaking, crypto revolution. And it’s not just the people in business and finance, interestingly enough even modern day extortionists prefer Bitcoin.

However, we’re here to tell you about a rather scandalous sextortionist scam that is targeting the citizens of the United States. Sextortion scams usually claim to have possession of compromising intimate information that has been collected over months and ultimately complied in a video, kind of like a nightmarish montage.

According to researchers at cybersecurity firm Proofpoint, the targeted residents are sent blackmail emails containing links pointing to a ransomware installer, and the moment they are clicked on by any person for verification, people end up inadvertently installing ransomware known as GandCrab.

Upon the successful installation of the ransomware, the victims are bombarded with a payment demand $500 USD, however the catch is, the ransom must be paid in cryptocurrency, specifically Bitcoin or Dash. GrandCrab was discovered earlier this year back in January and emerged as the first known ransomware to demand payment Dash.

It seems that the sly team behind the ransomware are preying off of the fears of people. Considering the level of digitization that has been reached, cameras or other recording devices can pretty much be hidden in plain sight. As per the Proofpoint researchers, the cyber criminals are hoping that their target victims will be overcome by panic so much that they won’t even think twice about clicking on the mysterious link, despite the air suspicion around it.

This particular attack combines multiple layers of social engineering as vulnerable, frightened recipients are tricked into clicking the link to determine whether the sender actually has evidence of illicit activity

 The way these cybercriminals operate is tricky, because first they send out a sample blackmail email demanding a certain sum of money, for keeping the compromising information going public. But at this point they are very much safe from the ransomware. It is only when the victim actually click on the link in order verify this claim of the cyber criminals, is when the ransomware is actually installed which ends up locking the computer device. And now the victims are once again asked to send payment in the form of Bitcoin or Dash to unlock it.

Essentially in reality, all the claims of the ransomware creators of possessing necessary login credentials of their victims, is a lie. There have been cases where the attackers alleged that they had the password of the target, although the cyber security researchers determined that was not the case.

The supposed password for the potential victim’s email address in this case appears to be the same as the email account. Therefore, in this case it may simply be a bluff and the attacker does not actually possess the victim’s password

 In a nutshell, GrandCrab shouldn’t be taken lightly, as in the initial two months after its creation it claimed 50,000 victims via this fraud.

For further updates, stay tuned to BlockPublisher.

Abeer Anwaar

Abeer holds a Bachelors degree in Media studies and covers blockchain startups for BlockPublisher. An optimist, excels in the art of the written word and swears by the joy of all things sweet. Contact the editor at editor.startups@blockpublisher.com

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.