2018-12-13 - RECENT BOMB THREAT EXTORTION (BOMBSTORTION) SPAM
NOTICE:
- The zip archives on this page have been updated, and they now use the new password scheme. For the new password, see the "about" page of this website.
ASSOCIATED FILES:
- Example of the spam: 2018-12-13-bomb-extortion-malspam-1836-UTC.eml.zip 1.9 kB (1,879 bytes)
DETAILS
On Thursday 2018-12-13, several users on Twitter reported several bomb threat emails demanding payment in bitcoin. This was quickly reported as a spam campaign hoax. Upon closer review, these bomb threat emails closely resemble previous waves of "sextortion" spam reported during the past several months.
These recent bomb threat emails are the same type of extortion spam previously seen as pornography-themed blackmail messages. These newer bomb-themed messages follow the same general format and ask for a bitcoin payment in the same manner. The only difference is the story that's being told.
Since the previous waves were often nicknamed "sextortion" spam, I'm calling today's wave "bombstortion" spam.
I only found one example that I can share, but several instances of bombstortion spam were reported across the United States earlier today.
Subject line examples:
- Your building is under my control
- My device is inside your buidling
- You don't have much time
- Think twice
Payment amount:
- $20,000 USD
Bitcoin addresses:
- 149oyt2DL52Jgykhg5vh7Jm1QpdpfuyVqd
- 1Dnw2qJxGFCZdE3PzCaVioBB9zERc7SzRB
- 1PcFPuZeEfuCCbdPu69nzUCvzsqu967xNm
- 1D3ArQebDneVBVCqLort9jwvUA3AoZaNq5
IMAGES
Shown above: Screenshot of one example from this bomb threat extortion spam.
Shown above: Email headers from the same example of bomb threat extortion spam.
Shown above: An example tweeted by @BreakinNewz01 (link).
Shown above: An example tweeted by @alexiszotos (link).
Shown above: An example someone forwarded to the SANS Internet Storm Center (ISC).
Click here to return to the main page.