A NEW online scam has hit the region, including Bahrain, with many Internet users being blackmailed to wire funds abroad or have their search history on porn sites publicly released.
Cyber criminals have sent e-mails to people in Bahrain and other Gulf countries claiming their computers and mobile phones were hacked and they had videos and information about visits to pornographic websites.
They threatened to release the data within 48 hours if they did not receive payments – some ranging between $1,000 and $7,000 in Bitcoin.
According to reports, 600 Bitcoin addresses were involved in the sextortion scam which received a whopping total of more than $4 million by the end of September.
Bahrain-based cyber security firm CTM360 said it was aware of the scam which has targeted employees working in the private sector in the country.
“We can confirm that certain bank employees and others employed in different sectors have received the sextortion e-mail,” a company spokesman told the GDN.
“There are also those who have not come forward to register a complaint, but have transferred the money in Bitcoins.”
He revealed that based on an investigation around 50 per cent of the messages originated from five countries: Vietnam, Russia, India, Indonesia, and Kazakhstan.
“Over the course of 58 days, these campaigns sent a combined 233,236 spam e-mails, transmitted from 120,659 unique IP (Internet Protocol) addresses,” he added.
“Each sextortion e-mail contained a payment demand which was randomly generated, ranging from $1000 to $7000.”
He explained that the e-mail started off with claiming the hacker has the victim’s password which in fact would have been extracted from leaked public breaches.
“The victim is then threatened into paying an unreasonable amount of money in Bitcoin or else the scammer will release the so-called recording to the victim’s contact list, who they claim to have attained from the e-mail account,” he said.
The spokesman urged Internet users in Bahrain to refrain from replying to such e-mails and immediately report them to the authorities concerned.
“The best solution is to ignore these e-mails which is a big scam that is riding on the fear of the public, especially those who have visited adult sites,” he said.
“We strongly recommend e-mail users to keep updating their passwords, do not open suspicious attachments and also to not share any personal photographs.”
The GDN previously reported that Information and eGovernment Authority (iGA) chief executive Mohammed Al Qaed said Bahrain needed to invest about BD70 million on cyber infrastructure to protect its assets against online security threats.
He said that around 27,000 attacks on government systems, managed by the iGA, were prevented last year, while the Bahraini government dealt with over 23 million malware messages from Iranian hackers in the first quarter of last year.
Malware
The Central Bank of Bahrain, the nation’s financial regulator, in August also instructed all retail banks, financing companies and other entities in the country to inform customers about the possibility of cyber criminals carrying out a sophisticated scheme using malware to access personal bank card information.
The heist, known as an “ATM cash out”, aimed at stealing millions of dollars from bank accounts worldwide.
In July, hackers based in Iran, dubbed ‘Leafminer’, attacked networks in Saudi Arabia, the UAE, Qatar, Kuwait, Bahrain, Egypt, Israel and Afghanistan, according to a report issued by US cyber security firm Symantec.
The cyber espionage group’s targets include the “energy, telecommunications, financial services, transportation and government” sectors.
sandy@gdn.com.bh
&uuid=(email))