Here’s a slightly different twist on extortion that doesn’t involve ransomware. Steve Ragan describes for CSO Salted Hash how a Website offers Doxing-as-a-Service and customized extortion. The subtitle explains the business model:
Those posting Dox will get a commission, or they can pay to have someone’s personal details exposed
The amount of commission depends on the type of Doxing. In ascending order of payment:
- Paedophiles [the American spelling is used by the site: Cymmetria’s Nitsan Saddan is quoted as believing that it’s likely that ‘these are American players.’]
- Law enforcement
The DaaS-tardly doxing service is priced according to the type of information collected, from the barest details to a complete profile. Ragan observes that the service doesn’t seem to be collecting customers – at any rate:
…the Bitcoin wallet used to process payments for this service has received no transactions.
And he has seen little traction on the site since he’s been monitoring it. Nevertheless, he predicts that this kind of activity will become more common.