Wave of Bomb Threats Linked to Group of Spammers

Last weeks wave of Bomb Threats has been linked to the same group of spammers responsible for mass sextortion scams.

• By Sydny Shepard
• Dec 18, 2018

Last week's massive spam campaign that sent bomb threats to hundreds of thousands of users across the U.S. and Canada, and caused evacuations of buildings across several cities, was carried out by the same group of spammers responsible for the recent wave of extortion scams, two cybersecurity firms said on Friday.

"Multiple IPs involved in sending these bomb threats also sent various types of sextortion email that we say in the previous campaign," Jaeson Schultz of Cisco Talos told ZDNet. 

The bomb threats sent last Thursday tried to scare users by threatening to detonate a bomb at their workplace if the victim didn't pay $20,000 worth of Bitcoin within a few hours.

The spammers behind the campaign stopped sending bomb threats on Friday, most likely after they realized the campaign would not yield any results, especially after the FBI, police and media told everyone to ignore the threats and not pay the ransom.

The firms believe this is why the wave of sextortion emails happened. When one campaign failed, they moved on to another one. 

"The attackers have returned to their empty threats of harming the individual recipient," Schultz said. "This time, they threaten to throw acid on the victim."

A copy of an email carrying the latest threat said that a person had "set me the order of empty acid in your visage," and that the recipient needed to pay for the threatener to be "inactive." 

In October, another Cisco Talos report revealed that the group behind this week's bomb threats, at that time operating just using the "sextortion scheme" made $146,380 in just three days.