Leveraging on the recent Pegasus spyware incidents, an unknown threat actor is conducting sextortion campaigns and demanding money from victims.
He’s found emailing iPhone users with a note that he’s been spying on their private lives and can share the videos with their family members if the ransom is not paid. While no payments are made to the mentioned Bitcoin address, he could be using other addresses.
Extortion Campaigns Leveraging Pegasus
A report from Amnesty International and Forbidden Stories last month has stirred the world since they detailed about Pegasus spyware exploiting zero-day vulnerabilities in updated iPhones through zero-click exploits.
A zero-day vulnerability is something that the hacker acknowledges before the software maker or the users. And a zero-click exploit is something that doesn’t need user interaction for being hacked. A message sent or a call made to the target’s device is enough for compromising.
And this is where Pegasus spyware excelled at, as it’s reported that governments worldwide are using it for spying on journalists, opposition politicians, and others.
While this news is full-on swing even now, a threat actor is seen leveraging the situation by running sextortion campaigns through emails. As seen by BleepingComputer, a malicious campaign that includes sending sextortion emails to iPhone users is spotted in the wild.
The unreliable hacker extorts users to pay a ransom of 0.035 Bitcoin ($1,600) not to leak their private videos to their contacts. The email reads as below;
You can read the full text of this email below.
“Hi there
Hello, I’m going to share important information with you.Have you heard about Pegasus?
You have become a collateral victim. It’s very important that you read the information below.Your phone was penetrated with a “zero-click” attack, meaning you didn’t even need to click on a malicious link for your phone to be infected.
Pegasus is a malware that infects iPhones and Android devices and enables operators of the tool to extract messages, photos and emails,
record calls and secretly activate cameras or microphones, and read the contents of encrypted messaging apps such as WhatsApp, Facebook, Telegram and Signal.Basically, it can spy on every aspect of your life. That’s precisely what it did.
I am a blackhat hacker and do this for a living. Unfortunately you are my victim. Please read on.As you understand, I have used the malware capabilities to spy on you and harvested datas of your private life.
My only goal is to make money and I have perfect leverage for this.
As you can imagine in your worst dream, I have videos of you exposed during the most private moments of your life, when you are not expecting it.I personally have no interest in them, but there are public websites that have perverts loving that content.
As I said, I only do this to make money and not trying to destroy your life. But if necessary, I will publish the videos.
If this is not enough for you, I will make sure your contacts, friends, business associates and everybody you know see those videos as well.Here is the deal. I will delete the files after I receive 0.035 Bitcoin (about 1600 US Dollars).
You need to send that amount here bc1q7g8ny0p95pkuag0gay2lyl3m0emk65v5ug9uy7I will also clear your device from malware, and you keep living your life.
Otherwise, shit will happen.The fee is non negotiable, to be transferred within 2 business days.
Obviously do not try to ask for any help from anybody unless you want your privacy to be violated.
I will monitor your every move until I get paid. If you keep your end of the agreement, you won’t hear from me ever again.Take care.”
When checked, the mentioned Bitcoin address didn’t have any deposits. While this is a good sign that people are not falling for the trick, there are rises in such campaigns, and some are even highly successful. Thus, it’s suggested to be aware and secured.
