The recent attack messages use new techniques to extort Bitcoin payments from Ashley Madison users hit in massive 2015 data breach.
Five years after a huge data breach at extramarital affair website Ashley Madison gave criminals access to the credentials of roughly 32 million users, some victims are being hit once again, this time with a highly personalized extortion attempt.
The extortion message includes detailed personal and financial information on the victim and demands a Bitcoin payment (the equivalent of $1,000 on up) to ensure that incriminating details won't be shared with friends, family, and employers. The message includes two factors that are becoming more popular in criminal attacks: Details of the ransom payment are in an encrypted .PDF file attached to the email, and the .PDF includes a QR code at the top as a way to access payment information.
Both of these newer details are attempts to evade email filters that increasingly target criminal attack content. According to researchers at Vade Secure, which published a blog post on the new attack, the form of the attack is similar to other messages in a wave of "sextortion" attacks that have been ongoing since July 2018.
For more, read here.
Check out The Edge, Dark Reading's new section for features, threat data, and in-depth perspectives. Today's top story: "7 Steps to IoT Security in 2020."
About the Author(s)
You May Also Like
Defending Against Today's Threat Landscape with MDR
April 18, 2024The fuel in the new AI race: Data
April 23, 2024Securing Code in the Age of AI
April 24, 2024Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024