Research: Ashley Madison Bitcoin Blackmail is Cheap and Profitable

A cybersecurity firm has released the results of a blockchain analysis into blackmail attempts against online infidelity website Ashley Madison.

AccessTimeIconSep 4, 2015 at 5:55 p.m. UTC
Updated Dec 12, 2022 at 12:50 p.m. UTC

How much have Ashley Madison customers been blackmailed for since their personal data was leaked last month? One cybersecurity firm thinks it might have the answer.

In a 1st September  blog post from network security firm CloudMark, software engineer and research analyst Toshiro Nishimura suggested that as much as $6,400 may have been extracted from those seeking to buy the silence of the blackmailer.

CoinDesk reported last month that customers Ashley Madison, a website that advertised itself as a platform for infidelity, were receiving blackmail threats by email that contained personal information derived from the cache of released information.

Nishimura said the team tracked bitcoin payments around the time the blackmail threats emerged using blockchain analysis. The process looked for payments with bitcoin amounts consistent with the demands they reviewed – for 1.05 BTC – and showed little transaction history prior to the period.

Nishimura wrote of the findings:

"We found 67 suspicious transactions totaling 70.35 BTC or approximately $15,814 USD within the extortion time frame of approximately four days paying 1.05 BTC to addresses, with no previous activity, and with two or fewer transaction outputs.... (We conservatively restricted ourselves to ordinary transactions with two or less outputs, thus excluding those which were less likely to be simple one-to-one payments.)”

Nishimura – who tempered his post by saying that the results are not as yet conclusive – went on to say that those conducting the blackmail attempts stand to benefit given the free cost of exploitable information and the cheap resources – an email and a bitcoin address – required.

He also speculated that, in the future, blackmailers may seek to further obfuscate their efforts in order to avoid identification, which he suggested could be achieved by tracing the addresses used in the blackmail emails.

“Since this search would not have been possible without the consistent extortion amount, we suspect that future attempts at Bitcoin-based blackmail will randomize the amount they demand,” he wrote.

Image via Shutterstock


Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. In November 2023, CoinDesk was acquired by the Bullish group, owner of Bullish, a regulated, digital assets exchange. The Bullish group is majority-owned by; both companies have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary with an editorial committee to protect journalistic independence. CoinDesk employees, including journalists, may receive options in the Bullish group as part of their compensation.