Experts analyse extortion email origins following blackmail attempts

After some blackmail attempts were made on victims of the Ashley Madison story, security experts at Cloudmark tried to follow the extortion emails and analyse how many folks are caving in to the extortionist's demands and paying in Bitcoin to avoid the disclosure of their information.

Toshiro Nishimura, research analyst at Cloudmark, and fellow colleagues began their investigation by noting that the addresses in their samples were all dissimilar, having had no prior activity on the Bitcoin blockchain that they could trace. They realised that all the emails persistently demanded “exactly 1.05” BTC from their victims.

Nishimura and his team found 67 suspicious transactions amounting to 70.35 BTC, about £10,328 within the extortion time period of four days of paying 1.05 BTC to addresses, with no prior activity and with two or less transaction outputs.  

In the three months before 22 August when the extortion emails came to their attention, they discovered transactions matching this pattern at a rate of about 5.3 per 100,000 transactions as opposed to 8.9 during the extortion period.

They strongly refuse the hypothesis that the incidence of matching transactions during the extortion period came after a Poisson distribution at the historical rate. This admitted the experts to conclude that maybe the 40 percent of the 67 transactions totaling to about £4,176 may attribute to victims paying the blackmail.