The NTIC Cyber Center is aware of an emailed bomb threat/cyber extortion campaign impacting multiple jurisdictions across the United States including the District of Columbia, Maryland, and Virginia. According to initial reports, emails associated with this campaign claim that bombs crafted out of Tetryl—an explosive compound commonly found in detonators and explosive booster charges—were placed in buildings where the email recipients worked. The emails threaten that the bombs will be detonated unless the recipients send $20,000 worth of Bitcoin to cryptocurrency wallet addresses specified in the email.
As of 4:30pm, multiple law enforcement agencies across the United States are currently investigating the email threats; however, there does not appear to be any confirmed explosive devices at any location where the emails have been received.
Based on multiple open and closed source reports, these emails are not personally addressed to the recipients. The senders’ email addresses appear to originate from compromised accounts of various legitimate organizations. According to various media outlets, the body of the emails contain the following content.
The NTIC Cyber Center recommends anyone who receives this or any similar emails to call 9-1-1 immediately. If the email is sent to their work account, alert their organization’s security team immediately. Email users should refrain from responding to the email or making any requested payments. If you have been a victim of this or any similar campaign, please submit a Cyber Incident Report at NTICCyberCenter@dc.gov.