The emailed bomb threats, which demanded up to $20,000 bitcoin payments from banks, courthouses, schools, universities, news outlets, and organizations for not detonating bombs — and later morphed into emailed threats to throw acid on victims — seems to have come from sextortion scammers.

Cisco Talos researcher Jaeson Schultz discovered the phony bomb threat scare campaign was an evolution of a sextortion campaign that occurred in October. He pointed out similarities between the way the emails were written, as well as the bitcoin demand.

“Multiple IPs involved in sending these bomb threats also sent various types of sextortion email that we saw in the previous campaign,” he said.

Of the 17 different bitcoin addresses used in the bomb scare scam, only two had a positive balance.

“However, the amounts of each transaction were under $1, so it is evident the victims in this case declined to pay the $20,000 extortion payment price demanded by the attackers,” Schultz said.

After the mass bomb threat campaign bombed, the attackers went back to threatening individuals — this time threatening to throw acid on the victim if the attackers did not get their demanded bitcoin payment.

Source link