New porn mails in circulation

12. March, 2019

Already in January this year, the IKARUS spam filters recorded an outbreak of blackmail emails: recipients are urged to make Bitcoin payments in order to prevent so-called extremely private videos from being published.

A second wave of spam emails, also called sextortion or packet portion, is now launched to increase the credibility of the threat: Again, the blackmailers (allegedly) use the recipient’s own email address to pretend that they have gained access to all accounts and data. The last digits of the victim’s mobile phone number, which are mentioned in the subject and in the text, should now provide additional “proof”.

As usual, it is also claimed that the victim has been observed for some time, even when visiting an “adult website”. A Trojan was captured there, which allowed unnoticed access and control over all devices – including camera, microphone and contact data. With the threat to send such a recorded compromising video to the entire address book, Bitcoins are to be blackmailed.

All-clear: all threats fictitious

The huge collections of user data, which are freely accessible on the net, make the methods of social engineering constantly easier for criminals. Knowledge protects: Technically, it is very easy to specify any sender address. You can use the Identity Checker https://sec.hpi.de/ilc/ of the Hasso Plattner Institute (HPI) to check whether, when and which of your user data has already been leaked.

Take the opportunity to delete accounts you no longer need and update old user data!

Even the allegedly in the email integrated tracking pixel to let the spammer know when the message was read, and leaves 48 hours time to $ 933 dollars in Bitcoin to transfer, can not be found in our samples.  Accordingly, forwarding the message can not have  unpleasant consequences for you, as threatened in the text.

Although the authors of the ransom emails claim that they are not making any mistakes, it is obvious that the language and currency in the message (yet?) do not quite match those of the selected victims. Maybe that will change in the following outbreaks. Subjects, email addresses and the required sum often vary from attack wave to attack wave. Only the empty threats remain the same

Tips for more security on the Internet

  • Regularly scan your computer for malware.
  • Renew old or insecure passwords – the more characters, the more secure.
  • Use different passwords for different services, password managers are recommended (e.g. KeePass).
  • Activate automatic updates so you always use the most secure program version.
  • Use effective spam filters to avoid empty threats in the first place.
  • Protect all devices – even mobile ones – with professional antivirus software and ensure secure connections, especially in free WLAN.
  • Do not download cracked programs from the Internet, do not click on all tempting links and use URL filters if necessary.
  • Create regular backups of your data in order to be able to reinstall your system without data loss and to prevent being attacked by Ransomware.
  • Google suspicious emails, in doubt get advice from the IKARUS Support Team and keep up to date with the latest threats and scams.
Bedrohung
Indicators of Attack
Gefahren durch vertrauenswürdige Services
Threat Intelligence
SQL Injection
SMTP Smuggling
Cyber-Risiken in der Ferienzeit
passkey
Dynamische Cybersicherheit
NIS2
Harmony Mobile by Check Point
EU Machinery Regulation
Sergejs Harlamovs, Malware-Analyst bei IKARUS

Plugin IdaClu accelerates malware analysis

IdaClu: IKARUS malware analyst Sergejs Harlamovs wins Hex-Rays plugin contest
NIS2
Infostealer
Cybercrime

WE ARE LOOKING FORWARD TO HEARING FROM YOU!

IKARUS Security Software GmbH Blechturmgasse 11
1050 Vienna

Phone: +43 (0) 1 58995-0
Sales Hotline:
+43 (0) 1 58995-500

SUPPORT HOTLINE

Support hotline:
+43 (0) 1 58995-400

Support hours:
Mon – Thu: 8am – 5pm
Fri: 8am – 3pm

Remote maintenance software:
AnyDesk Download