back to article US bitcoin bomb threat ransom scam looks like a hoax say FBI, cops

Police departments around the US say they've been apprised of emailed bomb threats seeking payment in cryptocurrency or else explosions will ensue. On Thursday morning, the New York Police Department issued an advisory about an email message being circulated that threatens to detonate a bomb in the recipient's workplace unless …

  1. IceC0ld Bronze badge

    Just wondering here ?

    Ironically, the campaign itself appears to have bombed: No transactions have been recorded yet, at least at the bitcoin addresses we checked.

    ===

    you are able to 'check' the addresses in the threat, so wouldn't it be possible for law enforcment to access and strip said accounts of their ill gotten ?

    serious question, as I have only a passing knowledge of the whole bit chain malarky TBH

    1. EarthCitizen

      Re: Just wondering here ?

      There have been no transactions, so there is nothing to "strip".

      1. MonkeyBob
        Black Helicopters

        Re: Just wondering here ?

        You can't just take the money out of a bitcoin wallet, transactions have to be signed by the wallets private key, and as it wasn't made by a TLA it doesn't have any backdoors in to bypass this.

        Icon cos can't be 100% sure on the TLA bit.

    2. Naich

      Re: Just wondering here ?

      My understanding is that while the transactions are (necessarily) public, there is nothing in the transaction to link it to an actual person. It's only when they try to turn the bitcoins into something real that there is any chance of finding out who owns them. e.g. they buy something that is delivered to an address.

  2. Malcolm Weir Silver badge

    Optional

    Ah, but if you were a slightly cunning scumbag, you might say something like:

    "20.000 dollars is the value for your safety and business. Tansfer it to me in BTC and I warrant that I will withdraw my man and the bomb won't detonate. But do not try to deceive me- my warranty will become actual only after 3 confirmations in blockchain."

    Now, it's not entirely sure what is meant, but I read that as once you send the bitcoin to the scumbag, he'll bounce it to three more wallets before he withdraws his man, so it will be hard to track after the first drop.

    (Of course, one of the remaining issues is that he intends to leave the freakin' bang-machine in place, which seems a bit of a downer!)

  3. Anonymous Coward
    Anonymous Coward

    OK, I'm Putin down my money

    The reason the cops are Russian around is down to Donny's mates.

  4. EarthCitizen

    If these crimes are threatening to explode bombs unless paid then they are by definition "terrorists" in spite of their disclaimer.

    1. Chris G Silver badge

      @EC.

      No, by definition they would be extortionists.

    2. katrinab Silver badge

      It is not terrorism if the motivation is to make money out of it.

    3. ratfox Silver badge

      Disagree. Terrorists use random attacks to make the whole population fear they could get attacked at any time. The goal is to spread terror and influence the public opinion though intimidation. Unless there is this element of influencing a larger amount of people, it's not terrorism. That's why terrorists don't generally announce specific targets, because it removes the fear that anybody could get attacked at any time.

      Making threats and demanding money is just extortion.

      1. Pascal Monett Silver badge

        I think that, as far as the FBI is concerned, if you're making bomb threats, you're a terrorist.

        BTW, what kind of fucking idiot thinks that mass-mailing bomb threats is going to fly under the radar of the law ? If you've encrypted some poor sap's data and demand money, I don't think the Feds are going to get involved and the cops are submerged in more important stuff, so you're safe.

        But bomb threats ? Country-wide ? Unless you're in some other country (no idea which, komrad), you're going to learn what life is looking over your shoulder all the time.

    4. GnuTzu Bronze badge
      Headmaster

      Terrorists Also Need Funding...

      Yes, by definition they are extortionists. However, that does not mean that terrorists would never demand money, because they need funding as any group does.

      But, that leaves the question: can a funding campaign also be a terror campaign? And, for that, I'm going to go with: not so much. Yes, one could fear that terrorists have found a new way to raise funds, but, well, that's still not a terror campaign.

      Will the feds want to declare it terrorism? Oh, hell yes. That way they get to use special terrorism laws to get special snooping rules and tools and nail them to the wall stiffer punishments.

      1. J. Cook Silver badge

        Re: Terrorists Also Need Funding...

        Will the feds want to declare it terrorism? Oh, hell yes. That way they get to use special terrorism laws to get special snooping rules and tools and nail them to the wall stiffer punishments.

        And they can engage other resources to get the exact location of the terrorist, and make a personal visit to insure they don't do it again...

      2. katrinab Silver badge

        Re: Terrorists Also Need Funding...

        The definition of terrorism:

        The use or threat or an action

        Which is designed to influence the government or an international governmental organisation or to intimidate the public or a section of the public, and

        the use or threat is made for the purpose of advancing a political, religious, racial or ideological cause.

        And

        (a)involves serious violence against a person,

        (b)involves serious damage to property,

        (c)endangers a person’s life, other than that of the person committing the action,

        (d)creates a serious risk to the health or safety of the public or a section of the public, or

        (e)is designed seriously to interfere with or seriously to disrupt an electronic system.

        In this case, we have the threat, which intimidates a section of the public, and involves serious damage to property + endangers a person's life

        However, it isn't made for the purpose of advancing a political, religious, racial or ideological cause; it is just to make money.

        So the terrorism test fails.

  5. Snivelling Wretch

    I found one of these in the spam folder of my personal email this morning. They claim to have someone monitoring the building for unusual activity. I'm not sure what that would entail at my house - possibly someone *genuinely* attempting to deliver a parcel?

  6. druck
    Mushroom

    WTF/WFH

    Dear bomber,

    I'm working from home today, so whatever...

    Cheers

    ---druck

    1. MiguelC Silver badge

      Re: WTF/WFH

      ...and I really don't like my coworkers at the office anyway...

  7. Joe Harrison Silver badge

    Wandering totally offtopic

    As it's Friday...

    Firstly "ransom scam looks like a hoax say FBI, cops" does not make grammatical sense. It really should be "FBI and cops." Yes I know it's a common form of words in America but we're a .co.uk here and arrogating my right to speak on behalf of all British gentlefolk I can say it does boil our piss. You're welcome.

    Secondly working at/from home. So common these days that for the sake of status whiteboards everywhere we really need to resolve the industry standard acronym - is it WAH or WFH. No effort required with WFP (working from pub) as that one is sufficiently established already.

    1. Rob

      Re: Wandering totally offtopic

      I've always gone with WfH, seems to be the most widely used in our outlook calendars (and I usually colour code these with green, not that is relevant).

      I'm now thinking I might bugger off at lunchtime to WfH for the afternoon, obviously in the interests of testing the impact of using WfH.

    2. FrogsAndChips Bronze badge

      Re: Wandering totally offtopic

      To me it's WFH. First time I've seen WAH is in the post I'm replying to.

  8. Jason Bloomberg Silver badge
    Coat

    Protection Racket 101

    The hyperbolic email text does make the threat seem implausible, especially when sent to so many companies.

    I would have thought a threat that "you will get a bomb and it will detonate sometime in the future if the money isn't paid" might have been more effective and provide a more guaranteed and regular income stream.

    Though I'm not sure if mere threats ever work at all. It seems to me that one needs to demonstrate actual ability to cause harm to get any results.

    Mine's the one with the ransom notes and fingers in the pocket.

    1. Pascal Monett Silver badge

      Indeed, because mass-emailing bomb threats ? Easy.

      Mass-producing actual bombs when you're nothing but a lowlife ? Um, nope. Not gonna happen.

  9. FrogsAndChips Bronze badge

    No transactions have been recorded yet

    Hardly surprising, is it? If you receive such an email, what are you most likely to do?

    a) Pay the ransom

    b) a), but first, circulate a basket to put your colleagues to contribution

    c) Forward to your Security team just in case

    d) Evacuate the building

    e) Continue as if nothing had happened and post snarky comments on El Reg

    1. Antonius_Prime

      Re: No transactions have been recorded yet

      Isn't (e) default for ALL El Reg readers?

      Threat or not?

      Sasser: better post on the reg.

      ILOVEU: Same

      Random Acts of Terror: "Where's the IT angle?"

      Random Acts of Tay-Tay: "Uuuughhh her again! (while secretly drooling...)"

      Bitcoin Bombers: "lol, better announce how the perps will be hunted by the feds now..."

    2. Graham 2
      Pint

      Re: No transactions have been recorded yet

      f) Do b to d and then naff off to the pub with the money from b because it's Friday.

  10. Anonymous Coward
    Anonymous Coward

    While in the UK

    Interestingly, I received a similar extortion attempt just today, and that was the first phishing attempt in a long time.

    Except in my case it was for a paltry $1000, or 0.306891 BTC as he very helpfully pointed out, to prevent the miscreant from releasing a video of my sexual exploits (which hasn't me very worried, certainly not in the same vein as a potential bomb would :) )

    Some variation of language which may corrobarate the theory that "they" are just sharpening their toolkit:

    - I was given 72 hours to comply, presumably to give me time to figure out what a bitcoin is

    - He helpfully suggested I googled it if I had no clue.

    - I was told not to contact the police, because they wouldn't care and wouldn't bat an eyelid anyway (this, I actually believe!)

    - The typical bad language was due to the translating software since he "doesn't live in my country"

    1. Velv Silver badge
      Coat

      Re: While in the UK

      I wonder if any pornstars have received these video release emails...

      1. Anonymous Coward
        Anonymous Coward

        Re: While in the UK

        "I wonder if any pornstars have received these video release emails..."

        Now *that* would end the scumbags. Extortion is one thing, but releasing sex videos of porn starts is messing with copyright laws, that will bring the lawyers running!

    2. FrogsAndChips Bronze badge

      Re: While in the UK

      The one I received last week didn't mention my sexual exploits, but rather suggested that I had quite embarrassing browsing habits. He knew that because, you see, he had hacked into my mailbox (sent me an email with my address as From:, actually).

    3. katrinab Silver badge

      Re: While in the UK

      I got that, but the description of the video footage suggested he had got a man rather than me.

  11. Huw D

    Standards in extortion and terrorism went downhill after Hans Gruber fell from the Nakatomi Plaza...

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019