Ashley Madison hack miscreants may have earned $6400 from leak

Some blackmail attempts against victims of the ongoing Ashley Madison saga resulted in several – albeit modest – pay outs, according to new research.

Extortionists seized on the data dump of the cheaters’ website database last month with demands to pay up, or risk having their friends and family told about their dalliances, as previously reported.

An unknown group or individuals (probably unrelated to the self-styled Impact Team who pulled off the hack) sent extortion emails demanding Bitcoin for silence.

Toshiro Nishimura, research analyst at spam filtering firm Cloudmark, began investigating whether any payments had actually been made by looking at signs on the Bitcoin blockchain.

He first determined that a sample of Bitcoin addresses used to send extortionate demands were all freshly minted. This is an unsurprisingly discovery by itself but it did mean that some potential avenues of further inquiry were blocked off.

All the scam emails consistently demanded “exactly 1.05” BTC from their victims, so Nishimura searched the blockchain for transactions paying exactly that amount to infer if such extortion demands were being paid.

He found 67 suspicious transactions totalling 70.35 BTC or approximately $15,814 within the extortion time frame of approximately four days. Each transaction involved a payment of 1.05 BTC to addresses with no previous activity, and with two or fewer transaction outputs.

The latter restriction was designed to weed out simple one-to-one payments.

In the three months prior to start of the AshMad-related extortionate emails on 22 August, Cloudmark saw transactions matching the above pattern at a rate of approximately 5.3 per 100,000 transactions, versus 8.9 during the extortion period. This is more than a statistical glitch, according to Nishimura.

“We can strongly reject the null hypothesis that the incidence of matching transactions during the extortion period followed a Poisson distribution at the historical rate, thus allowing us to

Originally appeared at: