Sextortion scam by allegedly WannaCry hacker group
- Updated at March 19, 2021
- By Gatefy
- Blog, Threat Research
“We know that you adore ad0lt sites and we know about your sexual addictions. You have a very interesting and sp3cial taste (you understand what I mean)”. This is an excerpt from a malicious message intercepted by Gatefy’s email protection.
The email is a sextortion scam, a type of fraud in which the scammer extorts or blackmails someone by threatening to post sexual videos or photos of the person on the internet.
The author of the malicious email claims to represent the hacker group WannaCry.
In fact, WannaCry is the name of a ransomware. This type of malware became very well known in 2017, when it reached different companies and more than 200,000 people worldwide.
In this case of sextortion, the cybercriminal is taking advantage of an already known threat to put even more fear on his targets.
According to the hacker, the attack happened in 3 steps. First, your email has been compromised. Then the operating system of your device or machine was hacked. Finally, he had access to your camera.
“While browsing these (adult) sites, your device’s camera automatically turns on”, says the cybercriminal.
“From the moment you read this letter, after 60 hours, all your contacts on this email box and in your instant messengers will receive these clips and files with your correspondence”.
To destroy the videos, the hacker demands a USD 550 payment, in bitcoins.
This case is similar to another sextortion fraud that Gatefy’s email solution blocked.
Table of Contents
Sextortion causes several losses
It’s important to understand that sextortion is a type of extortion. In fact, it’s the most common type of extortion that exists.
According to the FBI, losses involving extortion cases increased by almost 30% from 2018 to 2019. The damage went from USD 83 million to USD 107 million.
In 2019, 43,000 extortion incidents were reported.
What to do in cases of sextortion
Extortion fraud is, in general, part of massive campaigns. That is, attacks sent to many people at the same time. What the cybercriminal does is change only a few fields, so that the message has a more personal approach.
If you receive such an email, don’t despair. Simply ignore the message and report it. And never click on suspicious links or attachments, because they’re often dangerous, carrying malware and other types of threats.
If you want to improve your company’s email security, contact Gatefy. Our team will introduce you to our email protection solutions and answer your questions.
Check out the malicious email
The email content is reproduced as we detect it, including any grammatical errors.
“Hello!
I am a representative of the WannaCry hack3r group.
In the period from 25/04/2020 to 19/05/2020 we got acc3ss to your account ([email protected]) by hacking your mail server.
You already changed the passwd?
Sumptuously! But my program fixes this every time. And every time you change your passwd I will received it using my installed program in your server to know your new passwd!
Using acc3ss to your account, it turned out to be easy to infect the OS of your device.
At the moment, all your contacts are known to us. We also have acc3ss to your messengers and to your correspondence.
All this information is already stored with us.
We are also aware of your intimate adventures on the Internet. We know that you adore ad0lt sites and we know about your sexual addictions.
You have a very interesting and sp3cial taste (you understand what I mean).
While browsing these sites, your device’s camera automatically turns on. Video-rec0rd you and what you watch is being sav3d. After that, the video clip is automatically sav3d on our server.
At the moment, several analogy video records have been collected. From the moment you read this letter, after 60 hours, all your contacts on this email box and in your instant messengers will receive these clips and files with your correspondence.
If you do not want this, transfer 550$ to our Bitcoin cryptocurrency wallet: xxxxxxxxxxxxxx.
I gu@rantee that we will then destr0y all your secrets!
As soon as the money is in our wallet your data will be immediately destroyed!
If no money arrives, files with video and correspondence will be sent to all your contacts.
You decide… Pay or live in hell out of shame…
We believe that this whole story will teach you how to use gadgets properly!
Everyone loves ad0lt sites, you’re just out of luckk.
For the future – just cover a sticker on your device’s camera when you visiit ad0lt sites!
Take care of yourself!”