According to a new report by Check Point Research, a decade-old malware — the Phorpiex botnet — sends across millions of sextortion emails to people and has developed a method of revenue generation. This way, the malware earns a significant amount of money as part of a large scale sextortion campaign.
Phorpiex: The Botnet
It is suggested that the Phorpiex botnet, also known as Trik, now makes use of a new spam bot (to spread spam emails) to install a database of email addresses from a C&C server.
Email addresses are randomly picked to send across sextortion emails to them made from several hard-coded strings. Hard-coded strings help embed the sextortion email data directly into the user’s source code.
Following this process, the malware can generate around 30,000 sextortion emails an hour and each spam campaign can affect about 27 million victims.
With the ability to infect around thousands of computers by sending across millions of sextortion emails, Phorpiex can earn around $22,000 per month.
For those who don’t know, the earning capability is a new one, as Phorpiex previously used to generate money by spreading other malware. The malware included GandCrab, Pony, Pushdo, and utilized its hosts to mine cryptocurrency.
The report further suggests that the new Phorpiex spam bot doesn’t have its own persistence mechanism as it is installed and spread via other Phorpiex modules.
How Does The Phorpiex Spam Bot Work?
Once the malware infects a particular computer, its spam bot module connects with its C&C (command and control) servers and tries to download t ..