Back to All Attacks
Attack Details
Attack Date:
Apr 20, 2022

Fake Malware Infection Extortion Attack

Initial Email Content

Subject
notification
Body

Hi!
As you may have noticed, I sent you an email from your account. This means that I have full access to your account.
I’ve been watching you for a few months now.
The fact is that you were infected with njrat through an adult site that you visited.
If you are not familiar with this, I will explain.
Njrat gives me full access and control your device.
This means that I can see everything on your screen, turn on the camera and microphone, but you do not know about it.
I also have access to all your contacts and all your correspondence.
I made a video showing how you satisfy yourself in the left half of the screen, and in the right half you see the video that you watched.
With one click of the mouse, I can send this video to all your emails and contacts on social networks.
I can also post access to all your e-mail correspondence and messengers that you use.
If you want to prevent this,
transfer the amount of 1300 EURO to my bitcoin address (if you do not know how to do this, write to Google: “Buy Bitcoin”).

My bitcoin address (BTC Wallet) is: 1PBfPDTCirqxu36DYri2iKTjsEKLuzPCc

After receiving the payment, I will delete the video and you will never hear me again. I give you 48 hours to pay.
I have a notice reading this letter, and the timer will work when you see this letter.
Filing a complaint somewhere does not make sense because this email cannot be tracked like my bitcoin address. I do not make any mistakes.
If I find that you have shared this message with someone else, the video will be immediately distributed.
Best regards!

Attack Screenshots

No items found.

Malicious Artifacts

Additional Indicators of Compromise

Type

Description

No items found.

Attack Description

This text-based extortion attack uses email spoofing and a fake malware infection theme to demand a payment.

Analysis Overview

Tactic
Spoofed Email Address
Goal
Extortion
Impersonated Party
Vector
Text-based
Theme
Fake Malware Infection
Language