Bomb Scam Blackmail Campaign Via Email

We have been made aware of a new type of extortion spam campaign. The attackers try to scare the recipient with the threat that they have hidden a bomb in the recipient’s business building, and that it will detonate if the recipient does not pay a ransom. The payment has to be transferred in Bitcoin and a Bitcoin address is given directly in the email.

We have seen a very similar campaign earlier this year. In this so-called “sextortion campaign” the themes were “filmed while porn watching” or “filmed with your mistress” and the amounts demanded at this time ranged between $250 and $550 USD. Now the attackers are more greedy, and choose a highly dangerous threat scenario.

The used Bitcoin addresses change frequently and have several subjects:

  • My device is inside your building
  • No need to be heroic
  • Bomb is in your building
  • I advise you not to call the police
  • Use your time wisely
  • We can make a deal
  • Do not panic
  • Do not waste your time
  • Dont get on my nerves
  • I give you a chance
  • Rescue service will complicate the situation
  • Think about how they can help you
  • You don’t have much time
  • keep calm
  • Better listen to me
  • Dont play with me
  • Think twice
  • You are responsible for people
  • You can avoid problems

Indicators of Compromise

Top 20 Bitcoin wallets:

  • 1LVZqNEUHnhGxZ2qgJApd3qbHWZtpMhkAo
  • 1GHKDgQX7hqTM7mMmiiUvgihGMHtvNJqTv
  • 1BTuxsCpAGtCzcszvFV2g4beqAZ2AUnyFh
  • 1CDs3JXUU6wNmndAF7EFcrJ6GGSYRKXd7w
  • 1Dnw2qJxGFCZdE3PzCaVioBB9zERc7SzRB
  • 1Hov6Xo2Bss7K3p56gGKfy7UGY37TfXG2k
  • 1L5SWCu4ZTLiyPyTAvfSVjhKrYNSnYgBKk
  • 149oyt2DL52Jgykhg5vh7Jm1QpdpfuyVqd
  • 161JE4rHfvygXUVLya8N2WFptjwon2172t
  • 19nShJMkTbP6VCVaoAjzzTQuXLPzXH1Qb7
  • 1BHasGex1jhRZeY7KyUGGKUNRtVgKedRY8
  • 1DKej2QVvLWf2B8kJpqvnUGycmoS3Rm7C9
  • 1GYAJY3GRsC5twdPgmQiEeNjdn7Kx6KSPd
  • 1P3cNFy3SdfZ8PvMSdgLRcb2TtaLvxfqat
  • 15F7TCqGRWE66xrBNxyt9ko1XsKaQvEh9t
  • 1D3ArQebDneVBVCqLort9jwvUA3AoZaNq5
  • 1DRXeydtqfjAmvfrLY7XiCo2A1vCq32z3a
  • 1LT4WgSuTD71Emzc7DLeHxVoZ1RjkhNcFY
  • 1LTYBLzVSLe6GDFJ5NVVxLR2j5eQ8Wy51N
  • 1PcFPuZeEfuCCbdPu69nzUCvzsqu967xNm

Duncan Newell

Duncan is a technology professional with over 20 years experience of working in various IT roles. He has a interest in cyber security, and has a wide range of other skills in radio, electronics and telecommunications.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: