Some 450,000 hijacked computers have been used to send phishing scams in a large scale "sextortion" campaign, with victims receiving emails threatening to release compromising photos of recipients unless they cough up $800 in Bitcoin.
The campaign using botnets to target more than 27 million victims at a rate of 30,000 per hour with their own personal information, supposedly taken from previous data breaches.
There is a suggestion that only a small number have opened the emails, but researchers believe botnets still offered a great "return on investment" for hackers.
"A botnet can be used for many, many things," said Charles Henderson, from IBM's X-Force Red security team, according to the BBC. "This was just one task assigned to it."
A botnet is a network of computers that have been compromised by hackers, usually by malware spread via infected webpages of malicious email attachments. They can quickly send out and spread attacks across a wide number of machines and mask hackers tracks.
So far, the closest anyone has come to finding the culprits is through security firm Check Point, which monitored one of the Bitcoin wallets being used to collect funds from the scam.
In other sexploitation news, more than 300 people have been arrested after the world's "largest dark web child porn marketplace" was shut down by UK investigators.
The site had more than 200,000 videos, all of which had been downloaded more than a million times, but was taken down last year after a UK investigation into a child sex offender led to its existence.
Although it had been shut down a year ago, officials revealed on Wednesday that 337 suspects had been arrested in 38 countries with US authorities unsealing nine indictments against the site's owner, Jong Woo Son, a 23-year-old man from South Korea, according to TechCrunch.
The UK's National Crime Agency has revealed the arrests were made in the UK, Ireland, America, South Korea, Germany, Spain, Saudi Arabia, the United Arab Emirates, the Czech Republic and Canada - as well as many more.
-
What does modern security success look like for financial services?Sponsored As financial institutions grapple with evolving cyber threats, intensifying regulations, and the limitations of ageing IT infrastructure, the need for a resilient and forward-thinking security strategy has never been greater
-
Yes, legal AI. But what can you actually do with it? Let’s take a look…Sponsored Legal AI is a knowledge multiplier that can accelerate research, sharpen insights, and organize information, provided legal teams have confidence in its transparent and auditable application
-
Seized database helps Europol snare botnet customers in ‘Operation Endgame’ follow-up stingNews Europol has detained several people believed to be involved in a botnet operation as part of a follow-up to a major takedown last year.
-
Horabot campaign targeted businesses for more than two years before finally being discoveredNews The newly-discovered Horabot botnet has attacked companies in the accounting, investment, and construction sectors in particular
-
Brand-new Emotet campaign socially engineers its way from detectionNews This latest resurgence follows a three-month hiatus and tricks users into re-enabling dangerous VBA macros
-
Microsoft says “it’s just too difficult” to effectively disrupt ransomwareNews The company details its new approach to combatting cyber crime as the underground industry drains $6 trillion from the global economy
-
Beating the bad bots: Six ways to identify and block spam trafficIn-depth Not all traffic is good. Learn how to prevent bad bots from overrunning your website
-
Ukraine's vigilante IT army now has a DDoS bot to automate attacks against RussiaNews The 270,000-strong IT Army of Ukraine will now combine supporters' cloud infrastructure to strengthen the daily attacks against their invaders
-
Microsoft's secure VBA macro rules already being bypassed by hackersNews Recent analysis of Emotet activity has revealed a shift away from malicious Office documents to drop malware
-
Emotet infrastructure has almost doubled since resurgence was confirmed
News Researchers confirm the infrastructure has also been upgraded for a "better secured", more resilient operation
