Botnet spreads 30,000 sextortion emails in an hour
Recipients ordered to pay $800 in Bitcoin under threat of compromising photos leaking online
Some 450,000 hijacked computers have been used to send phishing scams in a large scale "sextortion" campaign, with victims receiving emails threatening to release compromising photos of recipients unless they cough up $800 in Bitcoin.
The campaign using botnets to target more than 27 million victims at a rate of 30,000 per hour with their own personal information, supposedly taken from previous data breaches.
There is a suggestion that only a small number have opened the emails, but researchers believe botnets still offered a great "return on investment" for hackers.
"A botnet can be used for many, many things," said Charles Henderson, from IBM's X-Force Red security team, according to the BBC. "This was just one task assigned to it."
A botnet is a network of computers that have been compromised by hackers, usually by malware spread via infected webpages of malicious email attachments. They can quickly send out and spread attacks across a wide number of machines and mask hackers tracks.
So far, the closest anyone has come to finding the culprits is through security firm Check Point, which monitored one of the Bitcoin wallets being used to collect funds from the scam.
In other sexploitation news, more than 300 people have been arrested after the world's "largest dark web child porn marketplace" was shut down by UK investigators.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
The site had more than 200,000 videos, all of which had been downloaded more than a million times, but was taken down last year after a UK investigation into a child sex offender led to its existence.
Although it had been shut down a year ago, officials revealed on Wednesday that 337 suspects had been arrested in 38 countries with US authorities unsealing nine indictments against the site's owner, Jong Woo Son, a 23-year-old man from South Korea, according to TechCrunch.
The UK's National Crime Agency has revealed the arrests were made in the UK, Ireland, America, South Korea, Germany, Spain, Saudi Arabia, the United Arab Emirates, the Czech Republic and Canada - as well as many more.
Bobby Hellard is ITPro's Reviews Editor and has worked on CloudPro and ChannelPro since 2018. In his time at ITPro, Bobby has covered stories for all the major technology companies, such as Apple, Microsoft, Amazon and Facebook, and regularly attends industry-leading events such as AWS Re:Invent and Google Cloud Next.
Bobby mainly covers hardware reviews, but you will also recognize him as the face of many of our video reviews of laptops and smartphones.