3 min read

Backscatter Spam Attack Used to Deliver Bitcoin Extortion Messages to Eastern Europe

Alina BÎZGĂ

January 11, 2022

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Backscatter Spam Attack Used to Deliver Bitcoin Extortion Messages to Eastern Europe

Bitdefender Antispam Lab researchers have been analyzing a wave of extortion messages sent via backscatter spam or “non-delivery report messages” (NDR). Beginning Jan. 4, spammers have been focusing on delivering tens of thousands of messages to recipients in Eastern Europe, including Romania, Hungary and Croatia.

Backscatter spam attacks are the result of malicious actors forging or spoofing the “From” address (using valid e-mail addresses) in a sent email. Once the spam email is assembled, the spammers send the messages to non-existent recipients, tricking the email servers into returning the undeliverable message to the forged e-mail address in the “From” section of the email header.

Backscattering is used to bypass spam filters and get recipients to read a message or access attachments. Most often, an NDR recipient will check the validity of the message before deleting it. The non-delivery report messages generated as a result of this spam campaign contain extortion messages claiming recipients’ devices are infected with malicious software.

The extortionists use a classic approach in their attempt to get victims to pay up. They warn recipients that they have access to devices, including webcam, microphone and keyboard, and that they have already harvested personal data, including photos and lewd videos of them watching adult material. The attackers deliver their coup de grâce by announcing their true intentions – they want you to transfer between €1,200 and €1,350 to their Bitcoin account.

“If you still have doubts about my serious intentions, please know that it only takes me a few mouse clicks to distribute this video to all your acquaintances, even relatives or co-workers,” the message reads. “I also have no problem making this video even public. I strongly believe that you do not want something like this, understanding how special those videos are that you watch with so much passion (and I'm sure you are aware of that), everything can turn into a real nightmare for you. Let's solve the problem like this: All you have to do is transfer €1200 to my account (the equivalent in Bitcoin at the exchange rate at the time of the transfer), and once the transaction is successful, I will immediately delete everything that means naughty materials.”

Recipients in Romania and Croatia are asked to pay 1,200 Euros or 9,000 Croatian Kuna, while victims in Hungary need to dig deeper in their pockets to transfer 1,350 Euros.

An analysis of a small batch of spam samples and cryptocurrency wallets revealed at least three Bitcoin transactions. The latest transaction, from Jan 7, is associated with a Bitcoin address provided in one of the Hungarian versions of the scam email and shows a balance of $1,490.03.

The spam campaign is ongoing, but our researchers have noticed a drop in received backscatter spam during the last 24 hours.

"The spread and popularity of digital currencies in Eastern Europe have pushed malicious actors into exploiting new hunting grounds, with little consequence," said Adrian Miron, Bitdefender's Cyber Threat Intelligence Lab Manager. "The decentralization of cryptocurrency offers excellent opportunities for cybercriminals to launder funds from illicit activities including ransomware attacks and extortion attempts. Since digital threats are no longer bound to particular geographic regions or countries and with no central authority to monitor transactions and crypto activities, threat actors will keep crypto-based extortions under their radar during 2022 and beyond."

Sextortion scams are highly popular, allowing cybercriminals to capitalize on the fear of having any indecent photos or videos exposed online. The extortionist always says your system is infected in some way and that sexually explicit images were snapped using your webcam or harvested from different files on your device.

We advise recipients of bounce-back emails containing threatening messages to not fall for the attackers’ extortion attempts. Simply ignore and delete the message.


Here at Bitdefender, we focus on keeping your devices protected from new and existing threats of all kinds. We know the importance of autonomy and safety in the digital world, and we want to ensure that your devices are ready to face any malicious or fraudulent attacks heading your way. Take care of your family’s devices for up to 90 days, with our extended Bitdefender Total Security trial. If you’re already set up, why not notify your close friend or family member, to help them overcome any potential attacks that may lead to severe financial damages.

Stay Safe!

tags


Author



Right now

Top posts

Abode IoT Security Camera Vulnerabilities Would Let Attackers Insert Images, Bitdefender Finds

Abode IoT Security Camera Vulnerabilities Would Let Attackers Insert Images, Bitdefender Finds

December 21, 2021

2 min read
Online Shoppers Beware, Mobile Scams Are on the Rise

Online Shoppers Beware, Mobile Scams Are on the Rise

December 17, 2021

2 min read
The Holiday Guide to Tech Support: Fixing the Family Computer

The Holiday Guide to Tech Support: Fixing the Family Computer

November 24, 2021

2 min read
Bitdefender Celebrates 20 Years of Cybersecurity Leadership

Bitdefender Celebrates 20 Years of Cybersecurity Leadership

November 04, 2021

3 min read
Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

October 26, 2021

3 min read
What are drive-by download attacks and how do you prevent them?

What are drive-by download attacks and how do you prevent them?

October 25, 2021

2 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Millions of Routers and IOT Devices Vulnerable to Malware Code Uploaded to Github Millions of Routers and IOT Devices Vulnerable to Malware Code Uploaded to Github
Vlad CONSTANTINESCU

January 27, 2022

2 min read
Mac webcam hijack flaw wins man $100,500 from Apple Mac webcam hijack flaw wins man $100,500 from Apple
Graham CLULEY

January 27, 2022

2 min read
Do You Still Need VPN If You Use HTTPS? Do You Still Need VPN If You Use HTTPS?
Vlad CONSTANTINESCU

January 26, 2022

4 min read