Blogger and WordPress Sites Hacked to Show Sextortion Scams

Scammers are hacking into WordPress and Blogger sites and using the hacked accounts to create posts stating that the blogger's computer has been hacked and that they were recorded while using adult web sites.

These types of threats is called sextortion and are typically send via email to recipients whose information was disclosed in data breaches. These scam emails then threaten the recipient that their video will be released to everyone on the their contact list unless an extortion demand is paid.

While performing some related searches, BleepingComputer has noticed that attackers are also hacking into the accounts of popular blogging platforms such as Blogger and WordPress. Once they gain access to an account, they create a new blog post containing a similar extortion threat that users typically receive via email.

It is not known how the attacker's are gaining access to a user's site, but it is most likely through credentials stuffing attacks using credentials from leaked data breaches.

Sextortion is profitable

Hacking into a user's blog and using their credentials to create a new post with the extortion demand makes threats more convincing. This is because the attacker is really hacking into the user's blogging account, this is proven by the existence of the blog post, and thus it adds more legitimacy that the attacker may have hacked the user's computer as well.

While we all know this is purely a scam and no one has hacked your computer to record a video, after reviewing some of the over 1,500 hacked Blogger accounts and over 200 hacked WordPress accounts, it is clear that users are paying sextortion demands.

From just three bitcoin addresses that BleepingComputer commonly saw listed in the blog post sextortion posts, the attackers have generated approximately 12 bitcoins. This is equal to over $110,000 USD at current prices.

Bitcoin Address	BTC Payments	Value
1N6dubqFmnyQ2qDWvi32ppVbc3kKMTYcGW	4.38393994	$41,303.11
15yF8WkUg8PRjJehYW4tGdqcyzc4z7dScM	3.95021411	$37,216.78
1H1K8MfLEJgjCCfDEkTJmv9GJjD3XzEFGR	3.81985447	$35,988.61

As these bitcoin addresses are also used in traditional email sextortion scams, it is not clear whether it's the blog posts or the emails generating these payments.

It does, though, show that sextortion, regardless of how it is delivered, offers an easy way to generate revenue with little to no overhead.  This is why these scams have become common and will continue to be so in the future.