Blackmailers have reportedly managed to rake in over $330,000 worth of bitcoin, the flagship cryptocurrency, through an email-based ‘sextortion’ campaign that has been ongoing since at least 2017, and saw its activity surge last year.

According to a report published by UK firm Digital Shadows, the cybercriminals received said amount from over 3,100 unique BTC addresses. The funds ended up in 92 different bitcoin addresses believe to belong to the same organization, that could reportedly be making an average of $540 per victim.

The firm’s report, first spotted by The Next Web, tracked a sample of 792,000 emails sent to victims. The ‘sextortionists’ reportedly sent them an email that would include a known password as “proof” they hacked them, and claimed to have video evidence of them seeing adult content online.

The threat was that the video would be published online, if a ransom in BTC wasn’t paid. Last year, Cornell University computer science professor Emin Gün Sirer warned potential victims to “never pay, never negotiate” with cybercriminals trying to extort them.

Per Sirer, the emails were being sent to every email account on the popular website haveibeenpwned, which shows whether emails addresses had their data leaked on well-known online security incidents.

A Sophisticated Operation

The UK firm’s report seems to show the ‘sextortion’ operation was a sophisticated one, as scammers were seemingly trying to hire more people to help them target high-net-work individuals.

These hires could be getting high salaries, up to $768,000 a year, if they had experience in network management, penetration testing, and programming. The cybercriminals have notably also been using social media to target their victims.

The scammers’ capabilities are said to have varied in skill, as while some struggled to distribute a large amount of emails that could get past email server or spam filters, others managed to show high levels of sophistication, with emails sent from accounts specifically created for the campaigns.

Moreover, these campaigns were launched on a global scale, as the servers the emails came from were in five different continents. The highest amount of emails came from Vietnam, Brazil, and India. These servers could, however, have been compromised by the scammers as well.