loader gif

Scammers make false claim of using EternalBlue exploit kit in new extortion scam

Scammers make false claim of using EternalBlue exploit kit in new extortion scam
  • The scammers make a false claim of distributing a Remote Access Trojan that is capable of stealing victims’ private videos.
  • The email goes with the subject of ‘Security Alert. Your account was compromised. Password must be changed’.

A new variant of an extortion scam that tricks users into giving away with their money has been discovered recently. In this case, the scammers make a false claim of distributing a Remote Access Trojan that is capable of stealing victims’ private videos.

What’s new about the scam?

As per the information shared to Bleeping Computer, Sigtrap has reported that scammers are sending extortion emails to victims that go with a subject of ‘Security Alert. Your account was compromised. Password must be changed’. The phishing email claims that a RAT - capable of taking private videos - has been installed on the recipient’s computer using the EternalBlue exploit.

To make it scarier, the victims are informed that they have been caught red-handed while visiting a porn site and that they must pay a ransom to retain the videos. The email further goes on to say that if the victim fails to pay the ransom, then their private videos will be sent to all of their contacts.

What is the ransom amount?

Scammers falsely claim that the RAT has taken the victim’s private videos and stolen their contacts and passwords as well. In order to recover the stolen data, the scammers ask the victim to pay a ransom of $600.

What is the catch?

The reality of this scam is that the senders have not used any exploits to install RAT on your system. Any passwords or email addresses listed in these types of emails are simply from data breaches where your account info was publicly disclosed.

Worth noting

If ever the email does contain your legitimate password, make sure to change it immediately. By leveraging such emails, scammers intend to provoke anxiety and fear within users. Thus, you should just mark these emails as spam and delete them.

loader gif