Sextortion campaigns are back with a vengeance.

At the root of the campaign is a botnet currently operating on more than 450,000 infected hosts, according to a new report from Check Point Research, an IT security firm.

The botnet – a network of malicious computers – spits out millions of sextortion threats, as many as 30,000 per hour, Check Point said.


“It is happening while we speak [and] we can expect them to scale out,” a Check Point spokesperson told Fox News. “The numbers are insane and alarming to us. The sheer speed and volume is unprecedented.”

The basic email is pretty simple. It demands payment and threatens to release sexual content, typically a video, if the demand is not met. The person or entity sending the email usually threatens to send the sexual content to family, friends, co-workers or social network contacts.

Here’s a sample of a sextortion email created by the spam bot, as provided by Check Point:

“Hi, I know one of your passwords is: {password}

Your computer was infected with my private malware…My malware gave me full access to all your accounts (see password above), full control over your computer and it also was possible to spy on you over your webcam.

I collected all your private data and I RECORDED YOU (through your webcam) SATISFYING YOURSELF!

I can publish the video of you and all your private data on the whole web, social networks, over email of all contacts."

Sextortion is a growing threat. In 2018, the FBI’s Internet Crime Complaint Center received 51,146 extortion-related complaints with adjusted losses of over $83 million, a 242 percent increase from 2017.


And the majority of extortion complaints in 2018 were part of a sextortion campaign, the FBI said in the report.

The Phorpiex (aka Trik) botnet behind the latest attacks has been active for almost a decade, according to Check Point. But it is only recently that it has added a spam bot to run large-scale sextortion campaigns.

The Phorpiex/Trik spam bot taps into databases with leaked passwords and email addresses. A victim’s password is usually included in the spam email message for shock value and to make it more convincing, Check Point added.

“The spam bot can produce a large amount of spam emails – up to 30,000 per hour. Each individual spam campaign can cover up to 27 million potential victims,” Check Point said in the report.

It appears to be paying off. In the five months that Check Point has been monitoring the operation, it has recorded transfers of more than 11 Bitcoin – roughly $87,000 – to the criminals behind the operation.