New Threat Research: Uncovering Adversarial LDAP Tradecraft

Read Threat Research


New Email Extortion Campaign Brings Back Old Scam Using Breached Passwords

An old scare tactic has been reenergized and is on the rise again. Attackers are circulating emails that state that the recipient’s computer was hacked, a video was taken through the victim’s webcam while viewing an adult website and the email includes the victim’s password. Attackers have been combing through old breaches to obtain email addresses and old passwords and sending that to their victims to “prove” that they had hacked their computer. The attackers hope that at least a few of the recipients will be intimidated into paying the attackers $1,900 ransom payment in Bitcoin. They claim that if the payment isn’t made within 24 hours of receiving their email that they will send the video to everyone in the victim’s contact list.

Analyst Notes

As intimidating as this may seem, the scammers do not have a video and are only using this as a scare tactic. Recipients of these emails are recommended to simply delete the email and don’t respond or make any payments to the attackers. If the password in the extortion email is currently in use, change that password on all accounts to be unique and complex. Binary Defense has recently tracked a botnet that has sent out many scam emails very similar to these and found that the same botnet has also been used to deliver ransomware and other malware. Businesses should inform employees to report any messages such as these, and use those reports to help block other potential threats that arrive by email. It is advisable to place a cover over webcams when not in use because there are real malware threats that can capture images from attached cameras. There are many commercially available webcam covers on the market—do not use tape as it could leave a residue on the webcam which would reduce its performance.

To read more: