A decade-old botnet malware that currently controls over 450,000 computers worldwide has recently shifted its operations from infecting machines with ransomware or crypto miners to abusing them for sending out sextortion emails to millions of innocent people.
Extortion by email is growing significantly, with a large number of users recently complaining about receiving sextortion emails that attempt to extort money from individuals by blackmailing them into exposing their sexual content.
Though until now, it wasn’t clear how scammers were sending such massive amounts of emails without getting blacklisted by the email providers, security researchers from CheckPoint finally found the missing block in this puzzle.
In its latest report shared with The Hacker News prior to the release, Tel Aviv-based security firm CheckPoint reveals that a botnet, called Phorpiex, has recently been updated to include a spam bot designed to use compromised computers as proxies to send out over 30,000 sextortion emails per hour—without the knowledge of the infected computers’ owners.
How Does Phorpiex Spam Bot Work?
The spambot module of Phorpiex downloads the list of its targets/receipts’ email…