Ransomware 2.0

The latest internet scam is simple but the scammers’ bitcoin wallets show it to be very lucrative, so it is likely to grow.

Hackers steal passwords in bulk from websites such as Facebook, Adobe, or even government agencies. Smaller online services and niche websites are particularly vulnerable as they don’t have the benefit of dedicated IT security engineers. As shown on the list of publicly admitted thefts, bulk password theft is already shockingly common. Chances are you already have had some of your passwords stolen (which is why you should not use the same password for more that one service, but that’s another story).

The stolen passwords are sold on the dark net, where other scammers buy them in bulk. These scammers are not necessarily technically sophisticated. They use simple scripts to send extortion emails to everyone on their list. The emails simply display the stolen password with a story about how they have also stolen your contacts list, internet history and maybe even recorded you via your own webcam. They threaten to send the kompromat to all your contacts unless you send payment by some untraceable method (usually bitcoin).

The good news is that it’s all a bluff. They do not have your internet history or any webcam recordings. They do not have your contacts list nor any idea of what websites you have visited (other than the one where your stolen password came from). They are counting on a fraction of their victims being so rattled by the threat that they send payment, even though they haven’t proven they have anything more than the password, and even though paying an anonymous ransomer is hoping for honour from someone clearly dishonourable.

The risk from this scam is low if you know to ignore the ransom threat, but the risk of having your password stolen is ever-present, and who knows what other scams will be dreamed up for your password.

No matter how careful you are, your password’s security is partially out of your hands. If you have been re-using passwords, now is the time to fix that by changing all your passwords.