Researchers at WebARX found that several website owners are being blackmailed by fake hackers, for a ransom amount of thousands of dollars in Bitcoin. Adversaries here are carefully crafting the blackmail emails and are fake threatening owners about leaking databases, selling stolen customer data, and even de-indexing their sites from Google with blackhat techniques.
Fake Extortion Emails
Extortions aren’t new but often happens with the real cause. As security researchers at WebARX found, several crooks are targeting website owners of all kinds and extorting them to pay the ransom with proof-less hacks. Scammers here are warning website owners to damage their reputation in levels. And this starts by explaining that they’ve been breached.
A sample ransom note shared by BleepingComputer says the particular website was hacked, and its databases were extracted to hacker’s offshore servers. And they explain this because they’ve got their website’s credentials by exploring vulnerability in their site’s software. Further, they call to damage the reputation of them and their site using that.
They warn about selling those stolen databases for the highest bidder (probably in dark web marketplaces) or leak them completely to be exploited by others. While these can strip down their reputation, that’s not true actually. Scammers are also pressing owners that they would use some blackhat techniques to de-index their website from Search engines like Google!
And at last, they act to be giving the victim a chance to retrieve those databases by paying hackers the asked amount of Bitcoin. This varies between $1,500 to $3,000 and should be sent to their wallets within 5 days of receiving the ransom notification. Many website owners have reported receiving these emails in StackOverflow, Blogger, and WordPress forums, and to be glad, none of them has paid.
A check into scammers’ Bitcoin address revealed no payments coming since mid-April, thus no victims yet. And as for advice to website owners, updating your site and plug-ins with the latest patches is recommended. Further, checking for proofs in such e-mails before surrendering to scammers’ is a must.