What just happened? Law enforcement across the United States, Canada, New Zealand, and Australia are investigating dozens of hoax bomb threat emails that were sent to businesses, schools, government buildings, and other locations. The messages warned that explosives would be detonated unless $20,000 in Bitcoin was paid to specific wallet addresses.
All the emails are very similar, though the bitcoin wallet changes between messages, which allows the person or persons responsible to discover who has paid. The named explosive type also varies, with tetryl, tronitrotoluane [sic], and hexigen all appearing. One of the emails is shown below.
My man carried a bomb (Hexogen) into the building where your company is located. It is constructed under my direction. It can be hidden anywhere because of its small size, it is not able to damage the supporting building structure, but in the case of its detonation you will get many victims.
My mercenary keeps the building under the control. If he notices any unusual behavior or emergency he will blow up the bomb.
I can withdraw my mercenary if you pay. You pay me 20.000 $ in Bitcoin and the bomb will not explode, but don’t try to cheat -I warrant you that I will withdraw my mercenary only after 3 confirmations in blockchain network.
Here is my Bitcoin address : 1GHKDgQX7hqTM7mMmiiUvgihGMHtvNJqTv
You have to solve problems with the transfer by the end of the workday. If you are late with the money explosive will explode.
This is just a business, if you don’t send me the money and the explosive device detonates, other commercial enterprises will transfer me more money, because this isnt a one-time action.
I wont visit this email. I check my Bitcoin wallet every 35 min and after seeing the money I will order my recruited person to get away.
If the explosive device explodes and the authorities notice this letter:
We are not terrorists and dont assume any responsibility for explosions in other buildings.
The NYPD and several other police departments have dismissed the threat as a hoax, but not before a number of buildings and locations were evacuated.
At this time, it appears that these threats are meant to cause disruption and/or obtain money. We’ll respond to each call regarding these emails to conduct a search but we wanted to share this information so the credibility of these threats can be assessed as likely NOT CREDIBLE.— NYPD NEWS (@NYPDnews) 13 December 2018
Infinity Ward, the developer behind several Call of Duty games, evacuated its offices after police arrived and told staff to leave. Five Toronto subway stations were shut down because of the threat, as was a Facebook building, hospitals, schools, the News & Observer, and many more.
The FBI issued a statement yesterday afternoon, urging the public to remain vigilant. “We are aware of recent bomb threats made in cities around the country, and we remain in touch with our law enforcement partners to provide assistance,” the agency wrote.
Multiple businesses throughout LVMPD’s jurisdiction have received an email bomb threat, similar to those reported nationally. These hoax bomb threats seem to be related to each other. The threats are being investigated and no devices have been located at this time. #LVMPDnews— LVMPD (@LVMPD) 13 December 2018
We've seen email scams like this one before, such as the one that claimed to have webcam footage of the recipients watching porn—a practice known as sextortion. So far, it appears this campaign has been unsuccessful, as the included Bitcoin addresses that have been checked show virtually no recorded transactions. Bleeping Computer reports that one did show a payment of $18, which could indicate someone mistaking the period for a decimal point and trying to send $20 instead of $20,000. The publication also writes that the emails originated from Russia.
Image credit: SPF via Shutterstock