2018 Bitcoin bomb threats

From Wikipedia, the free encyclopedia

On December 13, 2018, thousands[1] of businesses, individuals, schools, news agencies, and other places throughout the United States, Canada, and Australia received emailed bomb threats, warning that a "mercenary" of the sender of the email had placed a bomb in the receiver's workplace and demanding that a ransom of $20,000 be sent to a Bitcoin address to prevent the bomb from being detonated. Six schools in Australia's capital city Canberra were evacuated after threats.[2] The explosive stated to be used in the bomb, along with the Bitcoin address, varied between emails. Police departments in New York City, Oklahoma City, Massachusetts, and Calgary, among other areas of the United States and Canada, stated that the threats were likely not credible and that no explosive devices had been found in any of the threatened areas.[3]

On December 14, Jaeson Schultz of Cisco Talos wrote that the bitcoin addresses associated with the bomb threats received only two transactions, both of which were under $1. He also wrote that the same group was behind an earlier sextortion scheme which was more profitable and that they started making new threats of throwing acid onto individual recipients.[4]

In January 2019, anti-spam researcher Ronald Guilmette found that a GoDaddy security weakness was exploited to help the spam campaign.[5][6]

See also[edit]


  1. ^ Cleary, Tom (December 13, 2018). "Bitcoin Bomb Threat Emails Spark Evacuations Nationwide". Heavy.com. Retrieved December 13, 2018.
  2. ^ Groch, Dan Jervis-Bardy , Sherryn (December 14, 2018). "Bomb threat forces school evacuations across Canberra". Canberra Times. Retrieved December 15, 2018.
  3. ^ Robertson, Adi (December 13, 2018). "Bitcoin scammers send bomb threats across US, causing evacuations". The Verge. Retrieved December 13, 2018.
  4. ^ Cimpanu, Catalin (December 13, 2018). "'Bomb threat' scammers are now threatening to throw acid on victims". ZDNet. Retrieved January 28, 2019.
  5. ^ Krebs, Brian (January 22, 2019). "Bomb Threat, Sextortion Spammers Abused Weakness at GoDaddy.com". Krebs on Security. Retrieved January 28, 2019.
  6. ^ Johnson, Tim (January 23, 2019). "Those bomb hoaxes last month? GoDaddy may have played unwitting role". McClatchy Washington Bureau. Retrieved January 28, 2019.