Spams meet Cryptocurrencies: Sextortion in the Bitcoin Ecosystem
This addresses the emerging issue of cryptocurrency-based sextortion for cybersecurity and law enforcement, providing novel insights into spammers' financial strategies.
The paper tackled the problem of understanding the financial operations of sextortion spammers using Bitcoin by analyzing a dataset of 4.3 million spams, finding that a single entity likely controls most campaigns and generated a lower-bound revenue of $1.3-1.35 million over 11 months.
In the past year, a new spamming scheme has emerged: sexual extortion messages requiring payments in the cryptocurrency Bitcoin, also known as sextortion. This scheme represents a first integration of the use of cryptocurrencies by members of the spamming industry. Using a dataset of 4,340,736 sextortion spams, this research aims at understanding such new amalgamation by uncovering spammers' operations. To do so, a simple, yet effective method for projecting Bitcoin addresses mentioned in sextortion spams onto transaction graph abstractions is computed over the entire Bitcoin blockchain. This allows us to track and investigate monetary flows between involved actors and gain insights into the financial structure of sextortion campaigns. We find that sextortion spammers are somewhat sophisticated, following pricing strategies and benefiting from cost reductions as their operations cut the upper-tail of the spamming supply chain. We discover that one single entity is likely controlling the financial backbone of the majority of the sextortion campaigns and that the 11-month operation studied yielded a lower-bound revenue between \$1,300,620 and \$1,352,266. We conclude that sextortion spamming is a lucrative business and spammers will likely continue to send bulk emails that try to extort money through cryptocurrencies.