This extortion scheme has received massive attention from the media, although it has not achieved so many funds
Police departments across the United States mention that they have received multiple reports on emails that include bomb threats against different organizations. According to experts in digital forensics from the International Institute of Cyber Security, the operators of this campaign threaten to activate explosives in organizations’ facilities if they do not receive cryptocurrency transactions.
“Although this threat has been sent to multiple organizations in several locations, we have made evacuations and inspections without finding any trace of an explosive device”, the New York Police Department (NYPD) said through its Twitter page. A few hours later, the NYPD stated that, although it intends to respond to the reports of the people who have received this message, this appears to be a campaign of unsubstantiated threats.
According to reports of experts in digital forensics, the police departments of Chicago, Illinois, Montgomery County, Maryland, San Francisco, California, Los Angeles, California and Washington, DC, among others, have also issued similar statements reporting what is known about this threat campaign.
Although it seems unlikely that a group of criminals has actually implanted explosives in the places that have received this message, the incident has crippled the operations of multiple organizations, as a security protocol must be implemented before this kind of threats, making evacuations or security closures in companies.
Regarding the incident, the FBI’s cybersecurity and digital forensics team has stated: “We are aware of recent bomb threats in different locations across the country. We keep in touch with law enforcement agencies to provide assistance to organizations that may receive this message”.
The federal agency has asked people to stay alert for any signs of anomalous activity that could pose a threat to public safety. With the information collected so far, the FBI believes that these kinds of messages will continue to be present over the next few days.
Multiple victims of this campaign have posted via Twitter the messages received, which include various Bitcoin addresses. In most messages, criminals demand a $20k USD cryptocurrency payment.
“There is an explosive device (Tetryl) in the building where your company is located”, is read in one of the messages received in a company. Other posted online messages are similar, though not identical, suggesting that attackers use trial and error to find ways to earn more incomes.
The threat also includes a disclaimer: “In the event of an explosion and in case the authorities find this message, we state that we are not a terrorist organization and we are not responsible for explosions in other buildings”.
For the bad fortune of the attackers, there is no record of any cryptocurrency transactions made to the address mentioned in the message.
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.