A study carried out by SophosLabs in conjunction with cryptocurrency intelligence company, CipherTrace, revealed that sextortion scams are a profitable business. Between September 1, 2019, and January 31, 2020, nearly $500,000 in profits we gained by cybercriminals engaging in sextortion.
According to the report, the modus operandi is that the scammers told victims through email that their computers were hacked and that they allegedly obtained information on their history of visits to pornographic pages.
They then proceeded to extort the recipient of the message, asking for $800 worth of Bitcoin (BTC) as payment.
Bigger criminal enterprises could be behind the sextortion scams
The investigation revealed that many of the cybercriminals behind these scams are connected to a large and organized network. The wallets investigated by SophosLabs and CipherTrace were found to be connected to other criminal enterprises.
SophosLabs highlighted the following in the report regarding such wallets:
“Tracking where physically in the world the money went from these sextortion scams is a difficult endeavor. Out of the 328 addresses provided, CipherTrace determined that 20 of the addresses had IP data associated with them, but those addresses were connected to VPNs or Tor exit nodes — so they were not useful in geo-locating their owners.”
Some of the wallets traced back to dark web markets such as WallStreetMarket, Hydra Market, and FeShop.
The study also revealed the following:
“As with many spam campaigns, the sextortion messages were launched from botnets using compromised personal computers all around the world, with PCs in Vietnam providing the greatest single share (7%). Some of the messages demonstrated some new methods being used by sophisticated spammers to evade filtering software.”
Compared to the revenue earned by ransomware attacks, SophosLabs claims that the profits from spam sextortion are relatively small. Even so, they still represent a significant source of revenue for cybercriminals.
Overall growth in crypto-related scams amid the coronavirus pandemic
Amid the COVID-19 crisis, the number of crypto scams has increased, as reported by CryptoNewspeople, citing an FBI press release published on April 13. These include (but are not limited to) fake charities and work from home scams.