Skyrocketing Bitcoin Fees Hit Carders in Wallet — Krebs on

Skyrocketing Bitcoin Fees Hit Carders in Wallet – Krebs on Security

submitted by leftok to atbitcoin [link] [comments]

The Blackmail Email Scam (part 4)

THIS THREAD IS NOW ARCHIVED, THE LATEST THREAD CAN BE FOUND HERE: https://old.reddit.com/Scams/comments/g8jqnthe_blackmail_email_scam_part_5/

TEXT, PHONE CALL, AND PHYSICAL MAIL VARIANTS ARE COVERED IN THE LATEST THREAD.

IF YOU RECEIVE A BLACKMAIL EMAIL, PLEASE REDACT THE PERSONAL INFORMATION AND POST IT AS A COMMENT ON THIS THREAD SO THAT OTHERS WHO RECEIVE THE SAME EMAIL CAN FIND IT THROUGH GOOGLE.

FIRST THREAD: https://www.reddit.com/Scams/comments/8gsjba/the_blackmail_email_scam/

SECOND THREAD: https://www.reddit.com/Scams/comments/9srjen/the_blackmail_email_scam_part_2/###

THIRD THREAD: https://old.reddit.com/Scams/comments/biv65o/the_blackmail_email_scam_part_3/

There have been many recent posts about the blackmail email scam, so I have written this post and will keep it stickied until the posts about the scam die down. If you are reading this because you have received one of these emails and you are worried, you can stop worrying. The blackmail email scam is a spam campaign that is sent out to thousands of addresses at a time. In al cases, the threats are lies and you do not have anything to worry about. In many cases, the emails will contain information about you such as your name, part or all of your phone number, and your password. The emails may also look like they were sent from your own email address. The data is gathered from data breaches, and if the email looks like it came from your account that is due to email spoofing. You can use the service Have I Been Pwned? to see if you are in any publicly known data breaches. If you receive an email that contains a password that you currently use, you should immediately change that. Current recommended password guidelines say that you should use a different, complex password for every account. You can generate and save passwords using a password manager for convenience. You should also be using two factor authentication using an app like Google Authenticator instead of receiving codes through SMS.
Here are some news articles about this scam. Here is a story from Brian Krebs, and here is a story from the New York Times.
Below are a few examples, but if you receive an email that is similar but not the same as the examples you see, that does not matter and does not mean that the email is real. The spammers constantly switch up their templates in order to bypass spam filters, so it's normal to receive an email that hasn't yet been posted online.
Hey there
So I am the hacker who cracked your email address and device a few weeks back.
You typed in your pwd on one of the sites you visited, and I intercepted that.
Here is your password from (redacted) upon time of compromise: (redacted)
Obviously you can can change it, or even already changed it.
However it won't really matter, my malware modified it every time.
Do not really try to contact me personally or find me.
Via your email, I uploaded harmful code to your Operation System.
I saved your entire contacts together with buddies, fellow workers, loved ones along with a entire history of visits to the World wide web resources.
Also I set up a Virus on your system.
You aren't my only target, I generally lock computers and ask for a ransom.
But I was hit by the web pages of romantic material that you normally stop by.
I am in shock of your own fantasies! I have never ever noticed anything at all like this!
Consequently, when you had enjoyment on piquant web-sites (you know what I am talking about!) I made screenshot with utilizing my program from your camera of yours device.
There after, I put together them to the content of the currently viewed site.
There will certainly be giggling when I send these pics to your connections!
Nevertheless I am certain you do not need this.
Therefore, I expect to have payment from you for my silence.
I feel $859 is an satisfactory price for this!
Pay with Bitcoin.
My Bitcoin wallet is xxxxxxxxxxxxxxxxxxxxxxxxxxxxx
If you do not really understand how to do this - submit in to Google 'how to transfer money to the bitcoin wallet'. It is easy.
Immediately after getting the given amount, all your files will be right away destroyed automatically. My computer virus will also get rid of itself through your operating-system.
My Trojan viruses have auto alert, so I know when this specific e mail is read.
I give you 2 days (48 hours) to make a payment.
If this does not occur - just about all your associates will get outrageous pictures from your darkish secret life and your system will be blocked as well after two days.
Do not end up being foolish!
Police or buddies won't support you for sure ...
P.S I can provide you with recommendation for the future. Do not type in your security passwords on risky web pages.
I wish for your wisdom.
Bon voyage.
Your computer device was attacked by the malicious app . Whats the trouble? I placed my malicious agent on a erotica portal, you clicked on this data and promptly adjusted the malware to your computer . The hostile program made your selfie-camera shooting and I enjoy the videotape with you dash your doodle. In next 5 hours this hostile program copied all your contacts. Right now, I receive your all your contact information and video with you masturbating, and now if you wish me to destroy all the data affect payment 350 $USD in BTC digital currency. Other way I want forward that this record to all your contacts . I forward you my Bitcoin wallet - XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX You possess 27 hours after reading. In a case if I possess transaction I am going to undo that this record once for all. I beg pardon for my mistakes- I live in China . P.S. this postal address, I have thieved it
Good day,
If you had been more careful while caressing yourself, I wouldn't worry you. I don't think that playing with yourself is very bad, but when all your colleagues, relatives and friends get a video recording of it - it is definitely bad for you.
I placed malicious software on a website for adults (with porn) which was visited by you. When the target taps on a play button, your device starts recording the screen and all cameras on your device begin to work.
Moreover, my program allows a remote desktop connection with keylogger function from the device, so I could collect all contacts from your e-mail, messengers and other social networks. I'm writing on this e-mail cuz it's your working address, so you must check it.
I suppose that three hundred twenty usd is good enough for this little misstep. I made a split screen video (recorded from your screen (u have interesting tastes ) and camera ooooooh... its awful AF)
So it's your choice. If you want me to erase this compromising evidence, use my Bitcoin wallet address: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX You have one day after opening my message; I put a special tracking pixel in it, so when you will open it I will see. If you want me to show you the proofs, reply to this message and I will send my creation to five contacts that I got from your contacts.
P.S. You can try to complain to the police, but I don't think that they can help, the investigation will last for 5 month- I'm from Ukraine - so I dgf lmao
Hey there
So I am the hacker who cracked your email address and device a few weeks back.
You typed in your pwd on one of the sites you visited, and I intercepted that.
Here is your password from (redacted) upon time of compromise: (redacted)
Obviously you can can change it, or even already changed it.
However it won't really matter, my malware modified it every time.
Do not really try to contact me personally or find me.
Via your email, I uploaded harmful code to your Operation System.
I saved your entire contacts together with buddies, fellow workers, loved ones along with a entire history of visits to the World wide web resources.
Also I set up a Virus on your system.
You aren't my only target, I generally lock computers and ask for a ransom.
But I was hit by the web pages of romantic material that you normally stop by.
I am in shock of your own fantasies! I have never ever noticed anything at all like this!
Consequently, when you had enjoyment on piquant web-sites (you know what I am talking about!) I made screenshot with utilizing my program from your camera of yours device.
There after, I put together them to the content of the currently viewed site.
There will certainly be giggling when I send these pics to your connections!
Nevertheless I am certain you do not need this.
Therefore, I expect to have payment from you for my silence.
I feel $859 is an satisfactory price for this!
Pay with Bitcoin.
My Bitcoin wallet is xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
If you do not really understand how to do this - submit in to Google 'how to transfer money to the bitcoin wallet'. It is easy.
Immediately after getting the given amount, all your files will be right away destroyed automatically. My computer virus will also get rid of itself through your operating-system.
My Trojan viruses have auto alert, so I know when this specific e mail is read.
I give you 2 days (48 hours) to make a payment.
If this does not occur - just about all your associates will get outrageous pictures from your darkish secret life and your system will be blocked as well after two days.
Do not end up being foolish!
Police or buddies won't support you for sure ...
P.S I can provide you with recommendation for the future. Do not type in your security passwords on risky web pages.
I wish for your wisdom.
Bon voyage.
I Have YOUR code. I rule phone xxxx
I SENT this newsletter from YOUR ACCOUNT.
I look your device.
I am in daze of your sex act fantasies!
I made backup your contacts and files. I made screenshots from your digital camera of yours device.
I want 888 $ to my (Bitcoin
My )Bitcoin currency
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
If YOU don't transaction )Bitcoin. I share my quake of your golden age of porn fantasies with your contacts!
If you do not know how to do this - enter into Google/
=how to transfer money to a Bitcoin& wallet-
Time 30 hours.
This excellent post as Subway & Dairy Queen.
Hello!
I'm a programmer who cracked your email account and device about half year ago. You entered a password on one of the insecure site you visited, and I catched it.
Of course you can will change your password, or already made it. But it doesn't matter, my rat software update it every time.
Please don't try to contact me or find me, it is impossible, since I sent you an email from your email account.
Through your e-mail, I uploaded malicious code to your Operation System. I saved all of your contacts with friends, colleagues, relatives and a complete history of visits to the Internet resources. Also I installed a rat software on your device and long tome spying for you.
You are not my only victim, I usually lock devices and ask for a ransom. But I was struck by the sites of intimate content that you very often visit.
I am in shock of your reach fantasies! Wow! I've never seen anything like this! I did not even know that SUCH content could be so exciting!
So, when you had fun on intime sites (you know what I mean!) I made screenshot with using my program from your camera of yours device. After that, I jointed them to the content of the currently viewed site.
Will be funny when I send these photos to your contacts! And if your relatives see it? BUT I'm sure you don't want it. I definitely would not want to ...
I will not do this if you pay me a little amount. I think $877 is a nice price for it!
I accept only Bitcoins. My BTC wallet: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
If you have difficulty with this - Ask Google "how to make a payment on a bitcoin wallet". It's easy. After receiving the above amount, all your data will be immediately removed automatically. My virus will also will be destroy itself from your operating system.
My Trojan have auto alert, after this email is looked, I will be know it!
You have 2 days (48 hours) for make a payment. If this does not happen - all your contacts will get crazy shots with your dirty life! And so that you do not obstruct me, your device will be locked (also after 48 hours)
Do not take this frivolously! This is the last warning! Various security services or antiviruses won't help you for sure (I have already collected all your data).
Here are the recommendations of a professional: Antiviruses do not help against modern malicious code. Just do not enter your passwords on unsafe sites!
I hope you will be prudent. Bye.
Same as before but they increased the amount
I got an order from someone to kill you and your family
but I am far from your house
if you still love your family, I ask you to transfer 0.1 BTC to me.
If you report this email, I will immediately kill your family.
FORWARD THIS MAIL TO WHOEVER IS IMPORTANT IN YOUR COMPANY AND CAN MAKE DECISION!
We Hacked network. We Caught Communications. We Backuped DATA And DOCUMENTS. We send this mail to you in YOUR account.
After analyzing documents. We found Illegal activity - HIDING TAXES.
That we want?
I want two (2) Bitcoin To wallet Bitcoin. 1Dz7DbQmE7SNm3C5mb9syPcctgZECcCEbL
That we do if you don't pay bitcoin?
We send these Documents and Proofs to your Tax Department.
And in this time Your network will be DDoS. Read that in this link https://en.wikipedia.org/wiki/Denial-of-service\_attack
We are locking your operation system. Our friends, WannaCry, ready start and waiting command. Read that in this link https://en.wikipedia.org/wiki/WannaCry\_ransomware\_attack
This is our guarantee, that you don't clean evidence and building a protection policy.
If you don't pay by in 7 days, attack will start.
Attack including.
1.DDOS 2.Locking operation system 3.Sending all documents in Tax Departament
Yours service going down permanently and price to stop will increase to Four (4) BTC, Price will go up one (1) BTC for every day of the attack.
This is not a joke.
Our attacks are extremely powerful - sometimes over 1 Tbps per second. And we pass CloudFlare and others remote protections! So, no cheap protection will help.
Prevent this problem all with just Two (2) BTC Pay to our wallet Bitcoin. 1Dz7DbQmE7SNm3C5mb9syPcctgZECcCEbL
AND YOU WILL NEVER AGAIN HEAR FROM US!
If you read, hear fake-experts and assure yourself that this is not true. Remember that they are not responsible and your life don't important him. Their business is to speak and make money. Your business to do and make money and stay freedom.
All mistakes in text we do specily.
Bitcoin is anonymous, nobody will ever know you cooperated.
Time started after open this mail. To track the reading of a message and the actions in it, I use the facebook pixel. Read that in this link
Hello!
I am a hacker who has access to your operating system.
I also have full access to your account.
I've been watching you for a few months now.
The fact is that you were infected with malware through an adult site that you visited.
If you are not familiar with this, I will explain.
Trojan Virus gives me full access and control over a computer or other device.
This means that I can see everything on your screen, turn on the camera and microphone, but you do not know about it.
I also have access to all your contacts and all your correspondence.
Why your antivirus did not detect malware?
Answer: My malware uses the driver, I update its signatures every 4 hours so that your antivirus is silent.
I made a video showing how you satisfy yourself in the left half of the screen, and in the right half you see the video that you watched.
With one click of the mouse, I can send this video to all your emails and contacts on social networks.
I can also post access to all your e-mail correspondence and messengers that you use.
If you want to prevent this,
transfer the amount of $500 to my bitcoin address (if you do not know how to do this, write to Google: "Buy Bitcoin").
My bitcoin address (BTC Wallet) is: x
After receiving the payment, I will delete the video and you will never hear me again.
I give you 50 hours (more than 2 days) to pay.
I have a notice reading this letter, and the timer will work when you see this letter.
Filing a complaint somewhere does not make sense because this email cannot be tracked like my bitcoin address.
I do not make any mistakes.
If I find that you have shared this message with someone else, the video will be immediately distributed.
Best regards.
Hey, I know your password is:
Your computer was infected with my malware, RAT (Remote Administration Tool), your browser wasn't updated / patched, in such case it's enough to just visit some website where my iframe is placed to get automatically infected, if you want to find out more - Google: "Drive-by exploit".
My malware gave me full access and control over your computer, meaning, I got access to all your accounts (see password above) and I can see everything on your screen, turn on your camera or microphone and you won't even notice about it.
I collected all your private data and I was spying on you, I RECORDED (through your webcam) embarrassing moments of you, you know what I mean!
After that I removed my malware to not leave any traces.
I can publish all your private data everywhere and I can send the videos to all your contacts, post it on social network, publish it on the whole web, including the darknet, where the sick people are!
Only you can prevent me from doing this and only I can help you out in this situation.
Transfer exactly 1200$ with the current bitcoin (BTC) price to my bitcoin address.
It's a very good offer, compared to all that horrible shit that will happen if I publish everything!
You can easily buy bitcoin here: www.paxful.com , www.coingate.com , www.coinbase.com , or check for bitcoin ATM near you, or Google for other exchanger. You can send the bitcoin directly to my address, or create your own wallet first here: www.login.blockchain.com/en/#/signup/ , then receive and send to mine.
My bitcoin address is:
Copy and paste my address, it's (cAsE-sEnSEtiVE)
I give you 3 days time to transfer the bitcoin!
As I got access to this email account, I will know if this email has already been read. If you get this email multiple times, it's to make sure you read it and after payment you can ignore it. After receiving the payment, I will remove everything and you can life your live in peace like before.
Next time update your browser before browsing the web!
НЕLLО!
I’m going to cut to thе chӓsе.I know ӓbout thе sеcrеt you ӓrе kееping from your wifе.Morе importӓntly,I hӓvе еvidеncе of whӓt you hӓvе bееn hiding.I won’t go into thе spеcifics hеrе in cӓsе your wifе intеrcеpts this,but you know whӓt I ӓm tӓlking ӓbout.
You don’t know mе pеrsonӓlly ӓnd nobody hirеd mе to look into you.Nor did I go out looking to burn you.It’s just your bӓd luck thӓt I stumblеd ӓcross your misӓdvеnturеs whilе.I thеn put in morе timе thӓn I probӓbly should hӓvе looking into your lifе.Frӓnkly,I ӓm rеӓdy to forgеt ӓll ӓbout you ӓnd lеt you gеt on with your lifе.And I ӓm going to givе you two options thӓt will ӓccomplish thӓt vеry thing.Thosе two options ӓrе to еithеr ignorе this lеttеr,or simply pӓy mе $822.Lеt’s еxӓminе thosе two options in morе dеtӓil.
Option 1 is to ignorе this lеttеr.Lеt mе tеll you whӓt will hӓppеn if you chosе this pӓth.I will tӓkе this еvidеncе ӓnd sеnd it to your wifе. And ӓs insurӓncе ӓgӓinst you intеrcеpting it bеforе your wifе gеts it,I will ӓlso sеnd copiеs to hеr friеnds ӓnd fӓmily.So,Evеn if you dеcidе to comе clеӓn with your wifе,it won’t protеct hеr from thе humiliӓtion shе will fееl whеn hеr friеnds ӓnd fӓmily find out your sordid dеtӓils from mе.
Option 2 is to pӓy mе $822.Wе’ll cӓll this my ‘confidеntiӓlity fее.’Now lеt mе tеll you whӓt hӓppеns if you choosе this pӓth.Your sеcrеt rеmӓins your sеcrеt.You go on with your lifе ӓs though nonе of this еvеr hӓppеnеd.Though you mӓy wӓnt to do ӓ bеttеr job ӓt kееping your misdееds sеcrеt in thе futurе.
At this point you mӓy bе thinking,‘I’ll just go to thе cops.’Which is why I hӓvе tӓkеn stеps to еnsurе this lеttеr cӓnnot bе trӓcеd bӓck to mе.So thӓt won’t hеlp,ӓnd it won’t stop thе еvidеncе from dеstroying your lifе.I’m not looking to brеӓk your bӓnk.I just wӓnt to bе compеnsӓtеd for thе timе I put into invеstigӓting you. $822 will closе thе books on thӓt.
Lеt’s ӓssumе you hӓvе dеcidеd to mӓkе ӓll this go ӓwӓy ӓnd pӓy mе thе confidеntiӓlity fее.In kееping with my strӓtеgy to not go to jӓil,wе will not mееt in pеrson ӓnd thеrе will bе no physicӓl еxchӓngе of cӓsh.You will pӓy mе ӓnonymously using bitcoin.If you wӓnt to kееp your sеcrеt thеn sеnd $822 in bitcoin to thе Rеcеiving Bitcoin Addrеss listеd bеlow.Pӓymеnt must bе rеcеivеd within 1 dӓys of thе post.
You should mӓkе ӓ trӓnsӓction of using bitcoins (cryptocurrеnsy): x
[Bitcoin dеtӓils]
Tеll no onе whӓt you will bе using thе bitcoin for or thеy mӓy not givе it to you.Thе procеdurе to obtӓin bitcoin cӓn tӓkе ӓ dӓy or two so do not put it off.Agӓin pӓymеnt must bе rеcеivеd within 1 dӓys of this lеttеr’s post mӓrkеd dӓtе.If I don’t rеcеivе thе bitcoin by thе dеӓdlinе,I will go ӓhеӓd ӓnd rеlеӓsе thе еvidеncе to еvеryonе.If you go thӓt routе,thеn thе lеӓst you could do is tеll your wifе so shе cӓn comе up with ӓn еxcusе to prеpӓrе hеr friеnds ӓnd fӓmily bеforе thеy find out.Thе clock is ticking.
And here are some common keywords used in the email so that this thread can be found by people Googling the email:
"Marlware, international hacker group, No‌ p‌erso‌n has co‌mp‌ensat‌ed, very o‌wn vid‌eo‌ cli‌p, software on the adult, porno sitio, one of your pass word, .br, specific pixel, sexual content web portal, a malware on the adult, a malware on the, double-screen, is a reasonable price tag for our little secret, you have a good taste lmao, I placed a malware on the adult vids, your browser began operating as a RDP, had been abusing yourself in front of computer display, you are one of those people that downloaded the malicious, I made a split-screen video, While you were watching the video, your web browser acted as, malware on the porn website and guess what, an unique pixel, you jerked off while watching an online video, When you pressed the play button the virus begins saving all the things thru, ja.scr, My malicious soft started your front cam, and also send the video link to all of yourfriends, I infected your gadget with a malware and now, AnywaysI downloaded all contacts, my program quickly got into your system, To a time where you jerk off watching","For the present moment I have at my disposal all, When you arouse sexually watching porno, In such a way all needed compromising material and contact, All information to yours SNSs user accounts, You watched sexual content portal and toss","Hello! WannaCry is back! All your, in front of the screen browsing adult stuff, As you flog the dummy watching, U are going to be offered 5 days after checking this notice, RAT 68006, the damnific malware, pastime and entertainment there, not my single victim, beat the dummy, buff the muffin, choke a chicken, front camera capturing video, with you frigging, with you chaturbating, with you masturbating, web digicam, U are going to have 5 dayss, i utilize just hacked wi, pressured this trojan to, glue a pair of videos, glue two videos, the RAT, if you want me to destroy this whole video, downloaded all contacts from your computer, your list of contacts or relatives will, I made a video that shows how you masturbate, hacked you through a virus in an ad on a porn website, my illiteracy, nоt mind on my illiterаcy, I рilfered all рrivy bаckground, videоtaре with yоur masturbаtion, my delеtеrious soft, cаmеra shооt the videоtaрe, you sеlf-аbusing, Differently I will send the video to all your colleagues and friends, your front-camera made the videotape with you self-abusing, RAT 98390 malware, the minute you went to one adult page, information to contact info I discovered on your devices and remember there is a lot of these, not including Double VPN As a result, I forced my malware to hook up to a mic, web camera and catch the video from it, poisoned a number of adult sites, video clip to fit on a single tv screen, This letter has invisible monitoring program inside and i will be aware of when you are going to check, doing ur stuff and a clip u jerked to, the investigation will last, I uploaded our malicious program on your device, furthermore malware saved exactly the video you chose, its a record with your wanking, friends will see u taking proper care of yourself, Your system is controlled by the malicious program, If you were more careful while playing with yourself, that whacking off to adult web-sites is, adult website which was poisoned with my malware, nor i think that jerking off to porn sites is really a gross thing, so I dgf lmao, proof just reply to this email with, if you want me to destroy all this compromising evidence, will send your video to 5 contacts, amount in Usd that can cope with this scenario, You are welcome to contact your local authorities, If you want proof, reply with, i pride myself in being apart of an internet group, so i dgf, I take good care of my being anonymous, information related to the RAT virus, been able get in to all ur units, to all of your contacts including, search engines like goo, case sensitive, so copy,, and at this moment I, It is a non-nego, don't waste my perso, thi s mes, back while visiting, showe ring, what should you do ?, porno webpage, this embarrassing situation, navigated to the page, bare-assed, on well-known websites and publications, I got an order from someone to kill you and your family, immediately kill your family, is an explosive device, My mercenary is, explosive device detonates, triggered your webcam, piquant websites, my exploit downloaded, replenish btc wallet, i‌nstanta‌neo‌usly ‌erase, actua‌l r‌eco‌rded ma‌t‌eri‌al, n‌egl‌ect this ‌ema‌i‌l, my RAT trojan, video you jerked, I used keylogger, your disk dump, malware intercepts, installed a malware, remo‌v‌e yo‌ur vi‌deo‌ fo‌o‌ta‌ge, RAT onto your computer, greasy stimulating actions, excentric preferrables, porn web-page, to your Tax Department, network will be DDoS, friends, WannaCry, building a protection policy, in Tax Departament, Yours service going, we pass CloudFlare, hear fake-experts, backuped phone, -1663, of your joys, digits your phone, (porno), BIG pervert, both files and scale, naughty video clips, Soy un hacker, I installed spyware, n website with teen, malware on the porn website, very own recorded material""Marlware, international hacker group, No‌ p‌erso‌n has co‌mp‌ensat‌ed, very o‌wn vid‌eo‌ cli‌p, software on the adult, porno sitio, one of your pass word, specific pixel, sexual content web portal, a malware on the adult, a malware on the, double-screen, is a reasonable price tag for our little secret, you have a good taste lmao, I placed a malware on the adult vids, your browser began operating as a RDP, had been abusing yourself in front of computer display, you are one of those people that downloaded the malicious, I made a split-screen video, While you were watching the video, your web browser acted as, malware on the porn website and guess what, an unique pixel, you jerked off while watching an online video, When you pressed the play button the virus begins saving all the things thru, ja.scr, My malicious soft started your front cam, and also send the video link to all of yourfriends, I infected your gadget with a malware and now, AnywaysI downloaded all contacts, my program quickly got into your system, To a time where you jerk off watching","For the present moment I have at my disposal all, When you arouse sexually watching porno, In such a way all needed compromising material and contact, All information to yours SNSs user accounts, You watched sexual content portal and toss","Hello! WannaCry is back! All your, in front of the screen browsing adult stuff, As you flog the dummy watching, U are going to be offered 5 days after checking this notice, RAT 68006, the damnific malware, pastime and entertainment there, not my single victim, beat the dummy, buff the muffin, choke a chicken, front camera capturing video, with you frigging, with you chaturbating, with you masturbating, web digicam, U are going to have 5 dayss, i utilize just hacked wi, pressured this trojan to, glue a pair of videos, glue two videos, the RAT, if you want me to destroy this whole video, downloaded all contacts from your computer, your list of contacts or relatives will, I made a video that shows how you masturbate, hacked you through a virus in an ad on a porn website, my illiteracy, nоt mind on my illiterаcy, I рilfered all рrivy bаckground, videоtaре with yоur masturbаtion, my delеtеrious soft, cаmеra shооt the videоtaрe, you sеlf-аbusing, Differently I will send the video to all your colleagues and friends, your front-camera made the videotape with you self-abusing, RAT 98390 malware, the minute you went to one adult page, information to contact info I discovered on your devices and remember there is a lot of these, not including Double VPN As a result, I forced my malware to hook up to a mic, web camera and catch the video from it, poisoned a number of adult sites, video clip to fit on a single tv screen, This letter has invisible monitoring program inside and i will be aware of when you are going to check, doing ur stuff and a clip u jerked to, the investigation will last, I uploaded our malicious program on your device, furthermore malware saved exactly the video you chose, its a record with your wanking, friends will see u taking proper care of yourself, Your system is controlled by the malicious program, If you were more careful while playing with yourself, that whacking off to adult web-sites is, adult website which was poisoned with my malware, nor i think that jerking off to porn sites is really a gross thing, so I dgf lmao, proof just reply to this email with, if you want me to destroy all this compromising evidence, will send your video to 5 contacts, amount in Usd that can cope with this scenario, You are welcome to contact your local authorities, If you want proof, reply with, i pride myself in being apart of an internet group, so i dgf, I take good care of my being anonymous, information related to the RAT virus, been able get in to all ur units, to all of your contacts including, search engines like goo, case sensitive, so copy,, and at this moment I, It is a non-nego, don't waste my perso, thi s mes, back while visiting, showe ring, what should you do ?, porno webpage, this embarrassing situation, navigated to the page, bare-assed, on well-known websites and publications, I got an order from someone to kill you and your family, immediately kill your family, is an explosive device, My mercenary is, explosive device detonates, triggered your webcam, piquant websites, my exploit downloaded, replenish btc wallet, i‌nstanta‌neo‌usly ‌erase, actua‌l r‌eco‌rded ma‌t‌eri‌al, n‌egl‌ect this ‌ema‌i‌l, my RAT trojan, video you jerked, I used keylogger, your disk dump, malware intercepts, installed a malware, remo‌v‌e yo‌ur vi‌deo‌ fo‌o‌ta‌ge, RAT onto your computer, greasy stimulating actions, excentric preferrables, porn web-page, to your Tax Department, network will be DDoS, friends, WannaCry, building a protection policy, in Tax Departament, Yours service going, we pass CloudFlare, hear fake-experts, backuped phone, -1663, of your joys, digits your phone, (porno), BIG pervert, both files and scale, naughty video clips, Soy un hacker, I installed spyware, n website with teen, malware on the porn website, very own recorded material"
submitted by EugeneBYMCMB to Scams [link] [comments]

The Blackmail Email Scam (part 3)

THIS THREAD IS NOW ARCHIVED, THE LATEST THREAD CAN BE FOUND HERE: https://old.reddit.com/Scams/comments/g8jqnthe_blackmail_email_scam_part_5/

TEXT, PHONE CALL, AND PHYSICAL MAIL VARIANTS ARE COVERED IN THE LATEST THREAD.

IF YOU RECEIVE A BLACKMAIL EMAIL, PLEASE REDACT THE PERSONAL INFORMATION AND POST IT AS A COMMENT ON THIS THREAD SO THAT OTHERS WHO RECEIVE THE SAME EMAIL CAN FIND IT THROUGH GOOGLE

FIRST THREAD: https://www.reddit.com/Scams/comments/8gsjba/the_blackmail_email_scam/

SECOND THREAD: https://www.reddit.com/Scams/comments/9srjen/the_blackmail_email_scam_part_2/

There have been many recent posts about the blackmail email scam, so I have written this post and will keep it stickied until the posts about the scam die down. If you are reading this because you have received one of these emails and you are worried, you can stop worrying. The blackmail email scam is a spam campaign that is sent out to thousands of addresses at a time. The threats are lies and you do not have anything to worry about. In many cases, the emails will contain information about you such as your name, part or all of your phone number, and your password. The emails may also look like they were sent from your own email address. The data is gathered from data breaches, and if the email looks like it came from your account that is due to email spoofing. You can use the service Have I Been Pwned? to see if you are in any publicly known data breaches. If you receive an email that contains a password that you currently use, you should immediately change that. Current recommended password guidelines say that you should use a different, complex password for every account. You can generate and save passwords using a password manager for convenience. You should also be using two factor authentication using an app like Google Authenticator instead of receiving codes through SMS.
Here are some news articles about this scam. Here is a story from Brian Krebs, and here is a story from the New York Times.
Below are a few examples, but if you receive an email that is similar but not the same as the examples you see, that does not matter and does not mean that the email is real. The spammers constantly switch up their templates in order to bypass spam filters, so it's normal to receive an email that hasn't yet been posted online.
Hey there
So I am the hacker who cracked your email address and device a few weeks back.
You typed in your pwd on one of the sites you visited, and I intercepted that.
Here is your password from (redacted) upon time of compromise: (redacted)
Obviously you can can change it, or even already changed it.
However it won't really matter, my malware modified it every time.
Do not really try to contact me personally or find me.
Via your email, I uploaded harmful code to your Operation System.
I saved your entire contacts together with buddies, fellow workers, loved ones along with a entire history of visits to the World wide web resources.
Also I set up a Virus on your system.
You aren't my only target, I generally lock computers and ask for a ransom.
But I was hit by the web pages of romantic material that you normally stop by.
I am in shock of your own fantasies! I have never ever noticed anything at all like this!
Consequently, when you had enjoyment on piquant web-sites (you know what I am talking about!) I made screenshot with utilizing my program from your camera of yours device.
There after, I put together them to the content of the currently viewed site.
There will certainly be giggling when I send these pics to your connections!
Nevertheless I am certain you do not need this.
Therefore, I expect to have payment from you for my silence.
I feel $859 is an satisfactory price for this!
Pay with Bitcoin.
My Bitcoin wallet is xxxxxxxxxxxxxxxxxxxxxxxxxxxxx
If you do not really understand how to do this - submit in to Google 'how to transfer money to the bitcoin wallet'. It is easy.
Immediately after getting the given amount, all your files will be right away destroyed automatically. My computer virus will also get rid of itself through your operating-system.
My Trojan viruses have auto alert, so I know when this specific e mail is read.
I give you 2 days (48 hours) to make a payment.
If this does not occur - just about all your associates will get outrageous pictures from your darkish secret life and your system will be blocked as well after two days.
Do not end up being foolish!
Police or buddies won't support you for sure ...
P.S I can provide you with recommendation for the future. Do not type in your security passwords on risky web pages.
I wish for your wisdom.
Bon voyage.
Your computer device was attacked by the malicious app . Whats the trouble? I placed my malicious agent on a erotica portal, you clicked on this data and promptly adjusted the malware to your computer . The hostile program made your selfie-camera shooting and I enjoy the videotape with you dash your doodle. In next 5 hours this hostile program copied all your contacts. Right now, I receive your all your contact information and video with you masturbating, and now if you wish me to destroy all the data affect payment 350 $USD in BTC digital currency. Other way I want forward that this record to all your contacts . I forward you my Bitcoin wallet - XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX You possess 27 hours after reading. In a case if I possess transaction I am going to undo that this record once for all. I beg pardon for my mistakes- I live in China . P.S. this postal address, I have thieved it
Good day,
If you had been more careful while caressing yourself, I wouldn't worry you. I don't think that playing with yourself is very bad, but when all your colleagues, relatives and friends get a video recording of it - it is definitely bad for you.
I placed malicious software on a website for adults (with porn) which was visited by you. When the target taps on a play button, your device starts recording the screen and all cameras on your device begin to work.
Moreover, my program allows a remote desktop connection with keylogger function from the device, so I could collect all contacts from your e-mail, messengers and other social networks. I'm writing on this e-mail cuz it's your working address, so you must check it.
I suppose that three hundred twenty usd is good enough for this little misstep. I made a split screen video (recorded from your screen (u have interesting tastes ) and camera ooooooh... its awful AF)
So it's your choice. If you want me to erase this compromising evidence, use my Bitcoin wallet address: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX You have one day after opening my message; I put a special tracking pixel in it, so when you will open it I will see. If you want me to show you the proofs, reply to this message and I will send my creation to five contacts that I got from your contacts.
P.S. You can try to complain to the police, but I don't think that they can help, the investigation will last for 5 month- I'm from Ukraine - so I dgf lmao
Hey there
So I am the hacker who cracked your email address and device a few weeks back.
You typed in your pwd on one of the sites you visited, and I intercepted that.
Here is your password from (redacted) upon time of compromise: (redacted)
Obviously you can can change it, or even already changed it.
However it won't really matter, my malware modified it every time.
Do not really try to contact me personally or find me.
Via your email, I uploaded harmful code to your Operation System.
I saved your entire contacts together with buddies, fellow workers, loved ones along with a entire history of visits to the World wide web resources.
Also I set up a Virus on your system.
You aren't my only target, I generally lock computers and ask for a ransom.
But I was hit by the web pages of romantic material that you normally stop by.
I am in shock of your own fantasies! I have never ever noticed anything at all like this!
Consequently, when you had enjoyment on piquant web-sites (you know what I am talking about!) I made screenshot with utilizing my program from your camera of yours device.
There after, I put together them to the content of the currently viewed site.
There will certainly be giggling when I send these pics to your connections!
Nevertheless I am certain you do not need this.
Therefore, I expect to have payment from you for my silence.
I feel $859 is an satisfactory price for this!
Pay with Bitcoin.
My Bitcoin wallet is xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
If you do not really understand how to do this - submit in to Google 'how to transfer money to the bitcoin wallet'. It is easy.
Immediately after getting the given amount, all your files will be right away destroyed automatically. My computer virus will also get rid of itself through your operating-system.
My Trojan viruses have auto alert, so I know when this specific e mail is read.
I give you 2 days (48 hours) to make a payment.
If this does not occur - just about all your associates will get outrageous pictures from your darkish secret life and your system will be blocked as well after two days.
Do not end up being foolish!
Police or buddies won't support you for sure ...
P.S I can provide you with recommendation for the future. Do not type in your security passwords on risky web pages.
I wish for your wisdom.
Bon voyage.
I Have YOUR code. I rule phone xxxx
I SENT this newsletter from YOUR ACCOUNT.
I look your device.
I am in daze of your sex act fantasies!
I made backup your contacts and files. I made screenshots from your digital camera of yours device.
I want 888 $ to my (Bitcoin
My )Bitcoin currency
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
If YOU don't transaction )Bitcoin. I share my quake of your golden age of porn fantasies with your contacts!
If you do not know how to do this - enter into Google/
=how to transfer money to a Bitcoin& wallet-
Time 30 hours.
This excellent post as Subway & Dairy Queen.
Hello!
I'm a programmer who cracked your email account and device about half year ago. You entered a password on one of the insecure site you visited, and I catched it.
Of course you can will change your password, or already made it. But it doesn't matter, my rat software update it every time.
Please don't try to contact me or find me, it is impossible, since I sent you an email from your email account.
Through your e-mail, I uploaded malicious code to your Operation System. I saved all of your contacts with friends, colleagues, relatives and a complete history of visits to the Internet resources. Also I installed a rat software on your device and long tome spying for you.
You are not my only victim, I usually lock devices and ask for a ransom. But I was struck by the sites of intimate content that you very often visit.
I am in shock of your reach fantasies! Wow! I've never seen anything like this! I did not even know that SUCH content could be so exciting!
So, when you had fun on intime sites (you know what I mean!) I made screenshot with using my program from your camera of yours device. After that, I jointed them to the content of the currently viewed site.
Will be funny when I send these photos to your contacts! And if your relatives see it? BUT I'm sure you don't want it. I definitely would not want to ...
I will not do this if you pay me a little amount. I think $877 is a nice price for it!
I accept only Bitcoins. My BTC wallet: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
If you have difficulty with this - Ask Google "how to make a payment on a bitcoin wallet". It's easy. After receiving the above amount, all your data will be immediately removed automatically. My virus will also will be destroy itself from your operating system.
My Trojan have auto alert, after this email is looked, I will be know it!
You have 2 days (48 hours) for make a payment. If this does not happen - all your contacts will get crazy shots with your dirty life! And so that you do not obstruct me, your device will be locked (also after 48 hours)
Do not take this frivolously! This is the last warning! Various security services or antiviruses won't help you for sure (I have already collected all your data).
Here are the recommendations of a professional: Antiviruses do not help against modern malicious code. Just do not enter your passwords on unsafe sites!
I hope you will be prudent. Bye.
Same as before but they increased the amount
I got an order from someone to kill you and your family
but I am far from your house
if you still love your family, I ask you to transfer 0.1 BTC to me.
If you report this email, I will immediately kill your family.
FORWARD THIS MAIL TO WHOEVER IS IMPORTANT IN YOUR COMPANY AND CAN MAKE DECISION!
We Hacked network. We Caught Communications. We Backuped DATA And DOCUMENTS. We send this mail to you in YOUR account.
After analyzing documents. We found Illegal activity - HIDING TAXES.
That we want?
I want two (2) Bitcoin To wallet Bitcoin. 1Dz7DbQmE7SNm3C5mb9syPcctgZECcCEbL
That we do if you don't pay bitcoin?
We send these Documents and Proofs to your Tax Department.
And in this time Your network will be DDoS. Read that in this link https://en.wikipedia.org/wiki/Denial-of-service\_attack
We are locking your operation system. Our friends, WannaCry, ready start and waiting command. Read that in this link https://en.wikipedia.org/wiki/WannaCry\_ransomware\_attack
This is our guarantee, that you don't clean evidence and building a protection policy.
If you don't pay by in 7 days, attack will start.
Attack including.
1.DDOS 2.Locking operation system 3.Sending all documents in Tax Departament
Yours service going down permanently and price to stop will increase to Four (4) BTC, Price will go up one (1) BTC for every day of the attack.
This is not a joke.
Our attacks are extremely powerful - sometimes over 1 Tbps per second. And we pass CloudFlare and others remote protections! So, no cheap protection will help.
Prevent this problem all with just Two (2) BTC Pay to our wallet Bitcoin. 1Dz7DbQmE7SNm3C5mb9syPcctgZECcCEbL
AND YOU WILL NEVER AGAIN HEAR FROM US!
If you read, hear fake-experts and assure yourself that this is not true. Remember that they are not responsible and your life don't important him. Their business is to speak and make money. Your business to do and make money and stay freedom.
All mistakes in text we do specily.
Bitcoin is anonymous, nobody will ever know you cooperated.
Time started after open this mail. To track the reading of a message and the actions in it, I use the facebook pixel. Read that in this link
And here are some common keywords used in the email so that this thread can be found by people Googling the email:
"Marlware, international hacker group, No‌ p‌erso‌n has co‌mp‌ensat‌ed, very o‌wn vid‌eo‌ cli‌p, software on the adult, porno sitio, one of your pass word, .br, specific pixel, sexual content web portal, a malware on the adult, a malware on the, double-screen, is a reasonable price tag for our little secret, you have a good taste lmao, I placed a malware on the adult vids, your browser began operating as a RDP, had been abusing yourself in front of computer display, you are one of those people that downloaded the malicious, I made a split-screen video, While you were watching the video, your web browser acted as, malware on the porn website and guess what, an unique pixel, you jerked off while watching an online video, When you pressed the play button the virus begins saving all the things thru, ja.scr, My malicious soft started your front cam, and also send the video link to all of yourfriends, I infected your gadget with a malware and now, AnywaysI downloaded all contacts, my program quickly got into your system, To a time where you jerk off watching","For the present moment I have at my disposal all, When you arouse sexually watching porno, In such a way all needed compromising material and contact, All information to yours SNSs user accounts, You watched sexual content portal and toss","Hello! WannaCry is back! All your, in front of the screen browsing adult stuff, As you flog the dummy watching, U are going to be offered 5 days after checking this notice, RAT 68006, the damnific malware, pastime and entertainment there, not my single victim, beat the dummy, buff the muffin, choke a chicken, front camera capturing video, with you frigging, with you chaturbating, with you masturbating, web digicam, U are going to have 5 dayss, i utilize just hacked wi, pressured this trojan to, glue a pair of videos, glue two videos, the RAT, if you want me to destroy this whole video, downloaded all contacts from your computer, your list of contacts or relatives will, I made a video that shows how you masturbate, hacked you through a virus in an ad on a porn website, my illiteracy, nоt mind on my illiterаcy, I рilfered all рrivy bаckground, videоtaре with yоur masturbаtion, my delеtеrious soft, cаmеra shооt the videоtaрe, you sеlf-аbusing, Differently I will send the video to all your colleagues and friends, your front-camera made the videotape with you self-abusing, RAT 98390 malware, the minute you went to one adult page, information to contact info I discovered on your devices and remember there is a lot of these, not including Double VPN As a result, I forced my malware to hook up to a mic, web camera and catch the video from it, poisoned a number of adult sites, video clip to fit on a single tv screen, This letter has invisible monitoring program inside and i will be aware of when you are going to check, doing ur stuff and a clip u jerked to, the investigation will last, I uploaded our malicious program on your device, furthermore malware saved exactly the video you chose, its a record with your wanking, friends will see u taking proper care of yourself, Your system is controlled by the malicious program, If you were more careful while playing with yourself, that whacking off to adult web-sites is, adult website which was poisoned with my malware, nor i think that jerking off to porn sites is really a gross thing, so I dgf lmao, proof just reply to this email with, if you want me to destroy all this compromising evidence, will send your video to 5 contacts, amount in Usd that can cope with this scenario, You are welcome to contact your local authorities, If you want proof, reply with, i pride myself in being apart of an internet group, so i dgf, I take good care of my being anonymous, information related to the RAT virus, been able get in to all ur units, to all of your contacts including, search engines like goo, case sensitive, so copy,, and at this moment I, It is a non-nego, don't waste my perso, thi s mes, back while visiting, showe ring, what should you do ?, porno webpage, this embarrassing situation, navigated to the page, bare-assed, on well-known websites and publications, I got an order from someone to kill you and your family, immediately kill your family, is an explosive device, My mercenary is, explosive device detonates, triggered your webcam, piquant websites, my exploit downloaded, replenish btc wallet, i‌nstanta‌neo‌usly ‌erase, actua‌l r‌eco‌rded ma‌t‌eri‌al, n‌egl‌ect this ‌ema‌i‌l, my RAT trojan, video you jerked, I used keylogger, your disk dump, malware intercepts, installed a malware, remo‌v‌e yo‌ur vi‌deo‌ fo‌o‌ta‌ge, RAT onto your computer, greasy stimulating actions, excentric preferrables, porn web-page, to your Tax Department, network will be DDoS, friends, WannaCry, building a protection policy, in Tax Departament, Yours service going, we pass CloudFlare, hear fake-experts, backuped phone, -1663, of your joys, digits your phone, (porno), BIG pervert, both files and scale, naughty video clips, Soy un hacker, I installed spyware, n website with teen, malware on the porn website, very own recorded material""Marlware, international hacker group, No‌ p‌erso‌n has co‌mp‌ensat‌ed, very o‌wn vid‌eo‌ cli‌p, software on the adult, porno sitio, one of your pass word, specific pixel, sexual content web portal, a malware on the adult, a malware on the, double-screen, is a reasonable price tag for our little secret, you have a good taste lmao, I placed a malware on the adult vids, your browser began operating as a RDP, had been abusing yourself in front of computer display, you are one of those people that downloaded the malicious, I made a split-screen video, While you were watching the video, your web browser acted as, malware on the porn website and guess what, an unique pixel, you jerked off while watching an online video, When you pressed the play button the virus begins saving all the things thru, ja.scr, My malicious soft started your front cam, and also send the video link to all of yourfriends, I infected your gadget with a malware and now, AnywaysI downloaded all contacts, my program quickly got into your system, To a time where you jerk off watching","For the present moment I have at my disposal all, When you arouse sexually watching porno, In such a way all needed compromising material and contact, All information to yours SNSs user accounts, You watched sexual content portal and toss","Hello! WannaCry is back! All your, in front of the screen browsing adult stuff, As you flog the dummy watching, U are going to be offered 5 days after checking this notice, RAT 68006, the damnific malware, pastime and entertainment there, not my single victim, beat the dummy, buff the muffin, choke a chicken, front camera capturing video, with you frigging, with you chaturbating, with you masturbating, web digicam, U are going to have 5 dayss, i utilize just hacked wi, pressured this trojan to, glue a pair of videos, glue two videos, the RAT, if you want me to destroy this whole video, downloaded all contacts from your computer, your list of contacts or relatives will, I made a video that shows how you masturbate, hacked you through a virus in an ad on a porn website, my illiteracy, nоt mind on my illiterаcy, I рilfered all рrivy bаckground, videоtaре with yоur masturbаtion, my delеtеrious soft, cаmеra shооt the videоtaрe, you sеlf-аbusing, Differently I will send the video to all your colleagues and friends, your front-camera made the videotape with you self-abusing, RAT 98390 malware, the minute you went to one adult page, information to contact info I discovered on your devices and remember there is a lot of these, not including Double VPN As a result, I forced my malware to hook up to a mic, web camera and catch the video from it, poisoned a number of adult sites, video clip to fit on a single tv screen, This letter has invisible monitoring program inside and i will be aware of when you are going to check, doing ur stuff and a clip u jerked to, the investigation will last, I uploaded our malicious program on your device, furthermore malware saved exactly the video you chose, its a record with your wanking, friends will see u taking proper care of yourself, Your system is controlled by the malicious program, If you were more careful while playing with yourself, that whacking off to adult web-sites is, adult website which was poisoned with my malware, nor i think that jerking off to porn sites is really a gross thing, so I dgf lmao, proof just reply to this email with, if you want me to destroy all this compromising evidence, will send your video to 5 contacts, amount in Usd that can cope with this scenario, You are welcome to contact your local authorities, If you want proof, reply with, i pride myself in being apart of an internet group, so i dgf, I take good care of my being anonymous, information related to the RAT virus, been able get in to all ur units, to all of your contacts including, search engines like goo, case sensitive, so copy,, and at this moment I, It is a non-nego, don't waste my perso, thi s mes, back while visiting, showe ring, what should you do ?, porno webpage, this embarrassing situation, navigated to the page, bare-assed, on well-known websites and publications, I got an order from someone to kill you and your family, immediately kill your family, is an explosive device, My mercenary is, explosive device detonates, triggered your webcam, piquant websites, my exploit downloaded, replenish btc wallet, i‌nstanta‌neo‌usly ‌erase, actua‌l r‌eco‌rded ma‌t‌eri‌al, n‌egl‌ect this ‌ema‌i‌l, my RAT trojan, video you jerked, I used keylogger, your disk dump, malware intercepts, installed a malware, remo‌v‌e yo‌ur vi‌deo‌ fo‌o‌ta‌ge, RAT onto your computer, greasy stimulating actions, excentric preferrables, porn web-page, to your Tax Department, network will be DDoS, friends, WannaCry, building a protection policy, in Tax Departament, Yours service going, we pass CloudFlare, hear fake-experts, backuped phone, -1663, of your joys, digits your phone, (porno), BIG pervert, both files and scale, naughty video clips, Soy un hacker, I installed spyware, n website with teen, malware on the porn website, very own recorded material"
submitted by EugeneBYMCMB to Scams [link] [comments]

The Blackmail Email Scam (part 2)

THIS THREAD IS NOW ARCHIVED, THE LATEST THREAD CAN BE FOUND HERE: https://old.reddit.com/Scams/comments/g8jqnthe_blackmail_email_scam_part_5/

TEXT, PHONE CALL, AND PHYSICAL MAIL VARIANTS ARE COVERED IN THE LATEST THREAD.

PREVIOUS THREAD: https://www.reddit.com/Scams/comments/8gsjba/the_blackmail_email_scam/

IF YOU RECEIVE A BLACKMAIL EMAIL, PLEASE REDACT THE PERSONAL INFORMATION AND POST IT AS A COMMENT ON THIS THREAD SO THAT OTHERS WHO RECEIVE THE SAME EMAIL CAN FIND IT THROUGH GOOGLE

There have been many recent posts about the blackmail email scam, so I have written this post and will keep it stickied until the posts about the scam die down. If you are reading this because you have received one of these emails and you are worried, you can stop worrying. The blackmail email scam is a spam campaign that is sent out to thousands of addresses at a time. The threats are lies and you do not have anything to worry about. In many cases, the emails will contain information about you such as your name, part or all of your phone number, and your password. The emails may also look like they were sent from your own email address. The data is gathered from data breaches, and if the email looks like it came from your account that is due to email spoofing. You can use the service Have I Been Pwned? to see if you are in any publicly known data breaches. If you receive an email that contains a password that you currently use, you should immediately change that. Current recommended password guidelines say that you should use a different, complex password for every account. You can generate and save passwords using a password manager for convenience. You should also be using two factor authentication using an app like Google Authenticator instead of receiving codes through SMS.
Here are some news articles about this scam. Here is a story from Brian Krebs, and here is a story from the New York Times.
Below are a few examples, but if you receive an email that is similar but not the same as the examples you see, that does not matter and does not mean that the email is real. The spammers constantly switch up their templates in order to bypass spam filters, so it's normal to receive an email that hasn't yet been posted online.
Hey there
So I am the hacker who cracked your email address and device a few weeks back.
You typed in your pwd on one of the sites you visited, and I intercepted that.
Here is your password from (redacted) upon time of compromise: (redacted)
Obviously you can can change it, or even already changed it.
However it won't really matter, my malware modified it every time.
Do not really try to contact me personally or find me.
Via your email, I uploaded harmful code to your Operation System.
I saved your entire contacts together with buddies, fellow workers, loved ones along with a entire history of visits to the World wide web resources.
Also I set up a Virus on your system.
You aren't my only target, I generally lock computers and ask for a ransom.
But I was hit by the web pages of romantic material that you normally stop by.
I am in shock of your own fantasies! I have never ever noticed anything at all like this!
Consequently, when you had enjoyment on piquant web-sites (you know what I am talking about!) I made screenshot with utilizing my program from your camera of yours device.
There after, I put together them to the content of the currently viewed site.
There will certainly be giggling when I send these pics to your connections!
Nevertheless I am certain you do not need this.
Therefore, I expect to have payment from you for my silence.
I feel $859 is an satisfactory price for this!
Pay with Bitcoin.
My Bitcoin wallet is xxxxxxxxxxxxxxxxxxxxxxxxxxxxx
If you do not really understand how to do this - submit in to Google 'how to transfer money to the bitcoin wallet'. It is easy.
Immediately after getting the given amount, all your files will be right away destroyed automatically. My computer virus will also get rid of itself through your operating-system.
My Trojan viruses have auto alert, so I know when this specific e mail is read.
I give you 2 days (48 hours) to make a payment.
If this does not occur - just about all your associates will get outrageous pictures from your darkish secret life and your system will be blocked as well after two days.
Do not end up being foolish!
Police or buddies won't support you for sure ...
P.S I can provide you with recommendation for the future. Do not type in your security passwords on risky web pages.
I wish for your wisdom.
Bon voyage.
Your computer device was attacked by the malicious app . Whats the trouble? I placed my malicious agent on a erotica portal, you clicked on this data and promptly adjusted the malware to your computer . The hostile program made your selfie-camera shooting and I enjoy the videotape with you dash your doodle. In next 5 hours this hostile program copied all your contacts. Right now, I receive your all your contact information and video with you masturbating, and now if you wish me to destroy all the data affect payment 350 $USD in BTC digital currency. Other way I want forward that this record to all your contacts . I forward you my Bitcoin wallet - XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX You possess 27 hours after reading. In a case if I possess transaction I am going to undo that this record once for all. I beg pardon for my mistakes- I live in China . P.S. this postal address, I have thieved it
Good day,
If you had been more careful while caressing yourself, I wouldn't worry you. I don't think that playing with yourself is very bad, but when all your colleagues, relatives and friends get a video recording of it - it is definitely bad for you.
I placed malicious software on a website for adults (with porn) which was visited by you. When the target taps on a play button, your device starts recording the screen and all cameras on your device begin to work.
Moreover, my program allows a remote desktop connection with keylogger function from the device, so I could collect all contacts from your e-mail, messengers and other social networks. I'm writing on this e-mail cuz it's your working address, so you must check it.
I suppose that three hundred twenty usd is good enough for this little misstep. I made a split screen video (recorded from your screen (u have interesting tastes ) and camera ooooooh... its awful AF)
So it's your choice. If you want me to erase this compromising evidence, use my Bitcoin wallet address: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX You have one day after opening my message; I put a special tracking pixel in it, so when you will open it I will see. If you want me to show you the proofs, reply to this message and I will send my creation to five contacts that I got from your contacts.
P.S. You can try to complain to the police, but I don't think that they can help, the investigation will last for 5 month- I'm from Ukraine - so I dgf lmao
Hey there
So I am the hacker who cracked your email address and device a few weeks back.
You typed in your pwd on one of the sites you visited, and I intercepted that.
Here is your password from (redacted) upon time of compromise: (redacted)
Obviously you can can change it, or even already changed it.
However it won't really matter, my malware modified it every time.
Do not really try to contact me personally or find me.
Via your email, I uploaded harmful code to your Operation System.
I saved your entire contacts together with buddies, fellow workers, loved ones along with a entire history of visits to the World wide web resources.
Also I set up a Virus on your system.
You aren't my only target, I generally lock computers and ask for a ransom.
But I was hit by the web pages of romantic material that you normally stop by.
I am in shock of your own fantasies! I have never ever noticed anything at all like this!
Consequently, when you had enjoyment on piquant web-sites (you know what I am talking about!) I made screenshot with utilizing my program from your camera of yours device.
There after, I put together them to the content of the currently viewed site.
There will certainly be giggling when I send these pics to your connections!
Nevertheless I am certain you do not need this.
Therefore, I expect to have payment from you for my silence.
I feel $859 is an satisfactory price for this!
Pay with Bitcoin.
My Bitcoin wallet is xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
If you do not really understand how to do this - submit in to Google 'how to transfer money to the bitcoin wallet'. It is easy.
Immediately after getting the given amount, all your files will be right away destroyed automatically. My computer virus will also get rid of itself through your operating-system.
My Trojan viruses have auto alert, so I know when this specific e mail is read.
I give you 2 days (48 hours) to make a payment.
If this does not occur - just about all your associates will get outrageous pictures from your darkish secret life and your system will be blocked as well after two days.
Do not end up being foolish!
Police or buddies won't support you for sure ...
P.S I can provide you with recommendation for the future. Do not type in your security passwords on risky web pages.
I wish for your wisdom.
Bon voyage.
I Have YOUR code. I rule phone xxxx
I SENT this newsletter from YOUR ACCOUNT.
I look your device.
I am in daze of your sex act fantasies!
I made backup your contacts and files. I made screenshots from your digital camera of yours device.
I want 888 $ to my (Bitcoin
My )Bitcoin currency
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
If YOU don't transaction )Bitcoin. I share my quake of your golden age of porn fantasies with your contacts!
If you do not know how to do this - enter into Google/
=how to transfer money to a Bitcoin& wallet-
Time 30 hours.
This excellent post as Subway & Dairy Queen.
Hello!
I'm a programmer who cracked your email account and device about half year ago. You entered a password on one of the insecure site you visited, and I catched it.
Of course you can will change your password, or already made it. But it doesn't matter, my rat software update it every time.
Please don't try to contact me or find me, it is impossible, since I sent you an email from your email account.
Through your e-mail, I uploaded malicious code to your Operation System. I saved all of your contacts with friends, colleagues, relatives and a complete history of visits to the Internet resources. Also I installed a rat software on your device and long tome spying for you.
You are not my only victim, I usually lock devices and ask for a ransom. But I was struck by the sites of intimate content that you very often visit.
I am in shock of your reach fantasies! Wow! I've never seen anything like this! I did not even know that SUCH content could be so exciting!
So, when you had fun on intime sites (you know what I mean!) I made screenshot with using my program from your camera of yours device. After that, I jointed them to the content of the currently viewed site.
Will be funny when I send these photos to your contacts! And if your relatives see it? BUT I'm sure you don't want it. I definitely would not want to ...
I will not do this if you pay me a little amount. I think $877 is a nice price for it!
I accept only Bitcoins. My BTC wallet: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
If you have difficulty with this - Ask Google "how to make a payment on a bitcoin wallet". It's easy. After receiving the above amount, all your data will be immediately removed automatically. My virus will also will be destroy itself from your operating system.
My Trojan have auto alert, after this email is looked, I will be know it!
You have 2 days (48 hours) for make a payment. If this does not happen - all your contacts will get crazy shots with your dirty life! And so that you do not obstruct me, your device will be locked (also after 48 hours)
Do not take this frivolously! This is the last warning! Various security services or antiviruses won't help you for sure (I have already collected all your data).
Here are the recommendations of a professional: Antiviruses do not help against modern malicious code. Just do not enter your passwords on unsafe sites!
I hope you will be prudent. Bye.
Same as before but they increased the amount
I got an order from someone to kill you and your family
but I am far from your house
if you still love your family, I ask you to transfer 0.1 BTC to me.
If you report this email, I will immediately kill your family.
FORWARD THIS MAIL TO WHOEVER IS IMPORTANT IN YOUR COMPANY AND CAN MAKE DECISION!
We Hacked network. We Caught Communications. We Backuped DATA And DOCUMENTS. We send this mail to you in YOUR account.
After analyzing documents. We found Illegal activity - HIDING TAXES.
That we want?
I want two (2) Bitcoin To wallet Bitcoin. 1Dz7DbQmE7SNm3C5mb9syPcctgZECcCEbL
That we do if you don't pay bitcoin?
We send these Documents and Proofs to your Tax Department.
And in this time Your network will be DDoS. Read that in this link https://en.wikipedia.org/wiki/Denial-of-service\_attack
We are locking your operation system. Our friends, WannaCry, ready start and waiting command. Read that in this link https://en.wikipedia.org/wiki/WannaCry\_ransomware\_attack
This is our guarantee, that you don't clean evidence and building a protection policy.
If you don't pay by in 7 days, attack will start.
Attack including.
1.DDOS 2.Locking operation system 3.Sending all documents in Tax Departament
Yours service going down permanently and price to stop will increase to Four (4) BTC, Price will go up one (1) BTC for every day of the attack.
This is not a joke.
Our attacks are extremely powerful - sometimes over 1 Tbps per second. And we pass CloudFlare and others remote protections! So, no cheap protection will help.
Prevent this problem all with just Two (2) BTC Pay to our wallet Bitcoin. 1Dz7DbQmE7SNm3C5mb9syPcctgZECcCEbL
AND YOU WILL NEVER AGAIN HEAR FROM US!
If you read, hear fake-experts and assure yourself that this is not true. Remember that they are not responsible and your life don't important him. Their business is to speak and make money. Your business to do and make money and stay freedom.
All mistakes in text we do specily.
Bitcoin is anonymous, nobody will ever know you cooperated.
Time started after open this mail. To track the reading of a message and the actions in it, I use the facebook pixel. Read that in this link
And here are some common keywords used in the email so that this thread can be found by people Googling the email:
"Marlware, international hacker group, No‌ p‌erso‌n has co‌mp‌ensat‌ed, very o‌wn vid‌eo‌ cli‌p , software on the adult, porno sitio, one of your pass word, .br , specific pixel, sexual content web portal, a malware on the adult, a malware on the, double-screen, is a reasonable price tag for our little secret, you have a good taste lmao, I placed a malware on the adult vids, your browser began operating as a RDP, had been abusing yourself in front of computer display, you are one of those people that downloaded the malicious, I made a split-screen video, While you were watching the video, your web browser acted as, malware on the porn website and guess what, an unique pixel, you jerked off while watching an online video, When you pressed the play button the virus begins saving all the things thru, ja.scr, My malicious soft started your front cam, and also send the video link to all of yourfriends, I infected your gadget with a malware and now, AnywaysI downloaded all contacts, my program quickly got into your system, To a time where you jerk off watching", "For the present moment I have at my disposal all, When you arouse sexually watching porno, In such a way all needed compromising material and contact, All information to yours SNSs user accounts, You watched sexual content portal and toss", "Hello! WannaCry is back! All your, in front of the screen browsing adult stuff, As you flog the dummy watching, U are going to be offered 5 days after checking this notice, RAT 68006, the damnific malware, pastime and entertainment there, not my single victim, beat the dummy, buff the muffin, choke a chicken, front camera capturing video , with you frigging, with you chaturbating, with you masturbating, web digicam, U are going to have 5 dayss, i utilize just hacked wi, pressured this trojan to, glue a pair of videos, glue two videos, the RAT , if you want me to destroy this whole video, downloaded all contacts from your computer, your list of contacts or relatives will, I made a video that shows how you masturbate, hacked you through a virus in an ad on a porn website, my illiteracy, nоt mind on my illiterаcy, I рilfered all рrivy bаckground, videоtaре with yоur masturbаtion, my delеtеrious soft, cаmеra shооt the videоtaрe, you sеlf-аbusing, Differently I will send the video to all your colleagues and friends, your front-camera made the videotape with you self-abusing, RAT 98390 malware, the minute you went to one adult page, information to contact info I discovered on your devices and remember there is a lot of these, not including Double VPN As a result, I forced my malware to hook up to a mic, web camera and catch the video from it, poisoned a number of adult sites, video clip to fit on a single tv screen, This letter has invisible monitoring program inside and i will be aware of when you are going to check, doing ur stuff and a clip u jerked to, the investigation will last, I uploaded our malicious program on your device, furthermore malware saved exactly the video you chose, its a record with your wanking, friends will see u taking proper care of yourself, Your system is controlled by the malicious program, If you were more careful while playing with yourself, that whacking off to adult web-sites is, adult website which was poisoned with my malware, nor i think that jerking off to porn sites is really a gross thing, so I dgf lmao, proof just reply to this email with, if you want me to destroy all this compromising evidence, will send your video to 5 contacts, amount in Usd that can cope with this scenario, You are welcome to contact your local authorities, If you want proof, reply with, i pride myself in being apart of an internet group, so i dgf, I take good care of my being anonymous, information related to the RAT virus, been able get in to all ur units, to all of your contacts including, search engines like goo, case sensitive, so copy, , and at this moment I, It is a non-nego, don't waste my perso, thi s mes, back while visiting, showe ring, what should you do ?, porno webpage, this embarrassing situation, navigated to the page, bare-assed, on well-known websites and publications, I got an order from someone to kill you and your family, immediately kill your family, is an explosive device, My mercenary is, explosive device detonates, triggered your webcam, piquant websites, my exploit downloaded, replenish btc wallet, i‌nstanta‌neo‌usly ‌erase, actua‌l r‌eco‌rded ma‌t‌eri‌al, n‌egl‌ect this ‌ema‌i‌l, my RAT trojan, video you jerked, I used keylogger, your disk dump, malware intercepts, installed a malware, remo‌v‌e yo‌ur vi‌deo‌ fo‌o‌ta‌ge, RAT onto your computer, greasy stimulating actions, excentric preferrables, porn web-page, to your Tax Department, network will be DDoS, friends, WannaCry, building a protection policy, in Tax Departament, Yours service going, we pass CloudFlare, hear fake-experts
submitted by EugeneBYMCMB to Scams [link] [comments]

LEA regularly "unmixes" BTC

Krebs on Security posted the full Criminal Complaint in the WSM case. Inside, there are at least four instances where the US Government asserts it "unmixed" Bitcoin to find the ultimate true sender and receiver:
10 The United States Postal Inspection Service learned, through its analysis of Blockchain transactions and information gleaned from the proprietary software described above, that the funds from Wallet 2 were first transferred to Wallet 1, and then “mixed” by a commercial service; mixing services is described above at paragraph 4.m. Through thorough analysis, the United States Postal Inspection Service was able to “de-mix” the flow of transactions, to eventually ascertain that the money from Wallets 1 and 2 ultimately paid FROST’s account at the Product Services Company.

13 Similar to the above, the funds from Wallet 4 were also “mixed” by a commercial service, and through thorough analysis, the United States Postal Inspection Service was able to “de-mix” the flow of transactions, to eventually ascertain that funds from Wallet 4 paid FROST’s accounts at the Gaming Company.

14 Similar to the above, the funds from Wallet 5 were also “mixed” by a commercial service, and through thorough analysis, the United States Postal Inspection Service was able to “de-mix” the flow of transactions, to eventually ascertain that funds from Wallet 5 paid FROST’s account at the Gaming Company.

16 Similar to the above, the funds from Wallet 5 were also “mixed” by a commercial service, and through thorough analysis, the United States Postal Inspection Service was able to “de-mix” the flow of transactions, to eventually ascertain that funds from Wallet 5 paid FROST’s accounts at the Gaming Company.
submitted by d_goddard to CryptoCurrency [link] [comments]

A few stories about Brian Krebs: The independent cybercrime journalist who exposes criminals on the internet

First, a bit of introduction before we get into the living drama that is Brian Krebs.
Brian Krebs has been a journalist for decades, starting in the late 90s. He got his start at The Washington Post, but what he's most famous for are his exposes on criminal businesses and individuals who perpetuate cyber crime worldwide. In 2001, he got his interest in cybercrime piqued when a computer worm locked him out of his own computer. In 2005, he shifted from working as a staff writer at The Washington Post's tech newswire to writing for their security blog, "Security Wire". During his tenure there, he started by focusing on the victims of cybercrime, but later also started to focus on the perpetrators of it as well. His reporting helped lead to the shutdown of McColo, a hosting provider who provided service to some of the world's biggest spammers and hackers. Reports analyzing the shutdown of McColo estimated that global spam volume dropped by between 40 and 70 percent. Further analysis revealed it also played host to child pornography sites, and the Russian Business Network, a major Russian cybercrime ring.
In 2009, Krebs left to start his own site, KrebsOnSecurity. Since then, he's been credited with being the first to report on major events such as Stuxnet and when Target was breached, resulting in the leakage of 40 million cards. He also regularly investigates and reveals criminals' identities on his site. The latter has made him the bane of the world of cybercrime, as well as basically a meme, where criminals will include references like Made by Brian Krebs in their code, or name their shops full of stolen credit cards after him.
One of his first posts on his new site was a selection of his best work. While not particularly dramatic, they serve as an excellent example of dogged investigative work, and his series reveal the trail of takedowns his work has documented, or even contributed to.
And now, a selection of drama involving Krebs. Note, all posts are sarcastically-tinged retellings of the source material which I will link throughout. I also didn't use the real names in my retellings, but they are in the source material. This took way too long to write, and it still does massively condense the events described in the series. Krebs has been involved with feuds with other figures, but I'd argue these tales are the "main" bits of drama that are most suited for here.

Fly on the Wall

By 2013, Krebs was no stranger to cybercriminals taking the fight to the real world. He was swatted previously to the point where the police actually know to give him a ring and see if there'd actually been a murder, or if it was just those wacky hackers at it again. In addition, his identity was basically common knowledge to cybercriminals, who would open lines of credit in his name, or find ways to send him money using stolen credit cards.
However, one particular campaign against him caught his eye. A hacker known as "Fly" aka "Flycracker" aka "MUXACC1" posted on a Russian-language fraud forum he administered about a "Krebs fund". His plan was simple. Raise Bitcoin to buy Heroin off of a darknet marketplace, address it to Krebs, and alert his local police via a spoofed phone call. Now, because Krebs is an investigative journalist, he develops undercover presences on cybercrime forums, and it just so happened he'd built up a presence on this one already.
Guys, it became known recently that Brian Krebs is a heroin addict and he desperately needs the smack, so we have started the "Helping Brian Fund", and shortly we will create a bitcoin wallet called "Drugs for Krebs" which we will use to buy him the purest heroin on the Silk Road. My friends, his withdrawal is very bad, let’s join forces to help the guy! We will save Brian from the acute heroin withdrawal and the world will get slightly better!
Fly had first caught Krebs' attention by taunting him on Twitter, sending him Tweets including insults and abuse, and totally-legit looking links. Probably either laced with malware, or designed to get Krebs' IP. He also took to posting personal details such as Krebs' credit report, directions to his house, and pictures of his front door on LiveJournal, of all places.
So, after spotting the scheme, he alerted his local police that he'd probably have someone sending him some China White. Sure enough, the ne'er-do-wells managed to raise 2 BTC, which at the time was a cool $200 or so. They created an account on the premiere darknet site at the time, The Silk Road under the foolproof name "briankrebs7". They found one seller who had consistently high reviews, but the deal fell through for unknown reasons. My personal theory is the seller decided to Google where it was going, and realized sending a gram of dope into the waiting arms of local law enforcement probably wasn't the best use of his time. Still, the forum members persevered, and found another seller who was running a buy 10 get 2 free promotion. $165 of Bitcoin later, the drugs were on their way to a new home. The seller apparently informed Fly that the shipment should arrive by Tuesday, a fact which he gleefully shared with the forum.
While our intrepid hero had no doubt that the forum members were determined to help him grab the tail of the dragon, he's not one to assume without confirmation, and enlisted the help of a graduate student at UCSD who was researching Bitcoin and anonymity on The Silk Road, and confirmed the address shared by Fly was used to deposit 2 BTC into an account known to be used for money management on the site.
By Monday, an envelope from Chicago had arrived, containing a copy of Chicago confidential. Taped inside were tiny baggies filled with the purported heroin. Either dedicated to satisfied customers, or mathematically challenged, the seller had included thirteen baggies instead of the twelve advertised. A police officer arrived to take a report and whisked the baggies away.
Now, Fly was upset that Krebs wasn't in handcuffs for drug possession, and decided to follow up his stunt by sending Krebs a floral arrangement shaped like a cross, and an accompanying threatening message addressed to his wife, the dire tone slightly undercut by the fact that it was signed "Velvet Crabs". Krebs' curiosity was already piqued from the shenanigans with the heroin, but with the arrival of the flowers decided to dive deeper into the сука behind things.
He began digging into databases from carding sites that had been hacked, but got his first major breakthrough to his identity from a Russian computer forensics firm. Fly had maintained an account on a now-defunct hacking forum, whose database was breached under "Flycracker". It turns out, the email Flycracker had used was also hacked at some point, and a source told Krebs that the email was full of reports from a keylogger Fly had installed on his wife's computer. Now, because presumably his wife wasn't part of, or perhaps even privy to her husband's illicit dealings, her email account happened to be her full legal name, which Krebs was able to trace to her husband. Now, around this time, the site Fly maintained disappeared from the web, and administrators on another major fraud forum started purging his account. This is a step they typically take when they suspect a member has been apprehended by authorities. Nobody knew for sure, but they didn't want to take any chances.
More research by Krebs revealed that the criminals' intuition had been correct, and Fly was arrested in Italy, carrying documents under an assumed name. He was sitting in an Italian jail, awaiting potential extradition to the United States, as well as potentially facing charges in Italy. This was relayed to Krebs by a law enforcement official who simply said "The Fly has been swatted". (Presumably while slowly removing a pair of aviator sunglasses)
While Fly may have been put away, the story between Krebs and Fly wasn't quite over. He did end up being extradited to the US for prosecution, but while imprisoned in Italy, Fly actually started sending Krebs letters. Understandably distrustful after the whole "heroin" thing, his contacts in federal law enforcement tested the letter, and found it to be clean. Inside, there was a heartfelt and personal letter, apologizing for fucking with Krebs in so many ways. He also forgave Krebs for posting his identity online, leading him to muse that perhaps Fly was working through a twelve-step program. In December, he received another letter, this time a simple postcard with a cheerful message wishing him a Merry Christmas and a Happy New Year. Krebs concluded his post thusly:
Cybercrooks have done some pretty crazy stuff to me in response to my reporting about them. But I don’t normally get this kind of closure. I look forward to meeting with Fly in person one day soon now that he will be just a short train ride away. And he may be here for some time: If convicted on all charges, Fly faces up to 30 years in U.S. federal prison.
Fly ultimately was extradited. He plead guilty and was sentenced to 41 months in jail

vDOS and Mirai Break The Internet

Criminals are none too happy when they find their businesses and identities on the front page of KrebsOnSecurity. It usually means law enforcement isn't far behind. One such business was known as vDOS. A DDOS-for-hire (also known as a "booter" or a "stresser") site that found itself hacked, with all their customer records still in their databases leaked. Analysis of the records found that in a four-month time span, the service had been responsible for about 8.81 years worth of attack time, meaning on average at any given second, there were 26 simultaneous attacks running. Interestingly, the hack of vDOS came about from another DDOS-for-hire site, who as it turns out was simply reselling services provided by vDOS. They were far from the only one. vDOS appeared to provide firepower to a large number of different resellers.
In addition to the attack logs, support messages were also among the data stolen. This contained some complaints from various clients who complained they were unable to launch attacks against Israeli IPs. This is a common tactic by hackers to try and avoid unwanted attention from authorities in their country of residence. This was confirmed when two men from Israel were arrested for their involvement in owning and running vDOS. However, this was just the beginning for this bit of drama.
The two men arrested went by the handles "applej4ck" and "Raziel". They had recently published a paper on DDOS attack methods in an online Israeli security magazine. Interestingly, on the same day the men were arrested, questioned, and released on bail, vDOS went offline. Not because it had been taken down by Israeli authorities, not because they had shut it down themselves, but because a DDOS protection firm, BackConnect Security, had hijacked the IP addresses belonging to the company. To spare a lot of technical detail, it's called a BGP hijack, and it basically works by a company saying "Yeah, those are our addresses." It's kind of amazing how much of the internet is basically just secured by the digital equivalent of pinky swears. You can read some more technical detail on Wikipedia. Anyway, we'll get back to BackConnect.
Following the publication of the story uncovering the inner workings of vDOS, KrebsOnSecurity was hit with a record breaking DDOS attack, that peaked at 620/Gbps, nearly double the most powerful DDOS attack previously on record. To put that in perspective, that's enough bandwidth to download 5 simultaneous copies of Interstellar in 4K resolution every single second, and still have room to spare. The attack was so devastating, Akamai, one of the largest providers of DDOS protection in the world had to drop Krebs as a pro bono client. Luckily, Google was willing to step in and place his site under the protection of Google's Project Shield, a free service designed to protect the news sites and journalists from being knocked offline by DDOS attacks.
This attack was apparently in retaliation for the vDOS story, since some of the data sent in the attack included the string "freeapplej4ck". The attack was executed by a botnet of Internet of Things (or IoT) devices. These are those "smart" devices like camera systems, routers, DVRs. Basically things that connect to the cloud. An astounding amount of those are secured with default passwords that can be easily looked up from various sites or even the manufacturers' websites. This was the start of a discovery of a massive botnet that had been growing for years.
Now time for a couple quick side stories:
Dyn, a company who provides DNS to many major companies including Twitter, Reddit, and others came under attack, leaving many sites (including Twitter and Reddit) faltering in the wake of it. Potentially due to one of their engineers' collaboration with Krebs on another story. It turned out that the same botnet that attacked Krebs' site was at least part of the attack on Dyn
And back to BackConnect, that DDOS protection firm that hijacked the IP addresses from vDOS. Well it turns out BGP Hijacks are old hat for the company. They had done it at least 17 times before. Including at least once (purportedly with permission) for the address 1.3.3.7. Aka, "leet". It turns out one of the co-founders of BackConnect actually posted screenshots of him visiting sites that tell you your public IP address in a DDOS mitigation industry chat, showing it as 1.3.3.7. They also used a BGP Hijack against a hosting company and tried to frame a rival DDOS mitigation provider.
Finally, another provider, Datawagon was interestingly implicated in hosting DDOS-for-hire sites while offering DDOS protection. In a Skype conversation where the founder of Datawagon wanted to talk about that time he registered dominos.pizza and got sued for it, he brings up scanning the internet for vulnerable routers completely unprompted. Following the publication of the story about BackConnect, in which he was included in, he was incensed about his portrayal, and argued with Krebs over Skype before Krebs ultimately ended up blocking him. He was subsequently flooded with fake contact requests from bogus or hacked Skype accounts. Shortly thereafter, the record-breaking DDOS attack rained down upon his site.
Back to the main tale!
So, it turns out the botnet of IoT devices was puppeteered by a malware called Mirai. How did it get its name? Well, that's the name its creator gave it, after an anime called Mirai Nikki. How did this name come to light? The creator posted the source code online. (The name part, not the origin. The origin didn't come 'til later.) The post purported that they'd picked it up from somewhere in their travels as a DDOS industry professional. It turns out this is a semi-common tactic when miscreants fear that law enforcement might come looking for them, and having the only copy of the source code of a malware in existence is a pretty strong indicator that you have something to do with it. So, releasing the source to the world gives a veneer of plausible deniability should that eventuality come to pass. So who was this mysterious benefactor of malware source? They went by the name "Anna-senpai".
As research on the Mirai botnet grew, and more malware authors incorporated parts of Mirai's source code into their own attacks, attention on the botnet increased, and on the people behind it. The attention was presumably the reason why Hackforums, the forum where the source code was posted, later disallowed ostensible "Server Stress Tester" services from being sold on it. By December, "Operation Tarpit" had wrought 34 arrests and over a hundred "knock and talk" interviews questioning people about their involvement.
By January, things started to come crashing down. Krebs published an extensive exposé on Anna-senpai detailing all the evidence linking them to the creation of Mirai. The post was so big, he included a damn glossary. What sparked the largest botnet the internet had ever seen? Minecraft. Minecraft servers are big business. A popular one can earn tens of thousands of dollars per month from people buying powers, building space, or other things. It's also a fiercely competitive business, with hundreds of servers vying for players. It turns out that things may have started, as with another set of companies, two rival DDOS mitigation providers competing for customers. ProTraf was a provider of such mitigation technology, and a company whose owner later worked for ProTraf had on at least one occasion hijacked addresses belonging to another company, ProxyPipe. ProxyPipe had also been hit with DDOS attacks they suspected to be launched by ProTraf.
While looking into the President of ProTraf, Krebs realized he'd seen the relatively uncommon combination of programming languages and skills posted by the President somewhere else. They were shared by Anna-senpai on Hackforums. As Krebs dug deeper and deeper into Anna-senpai's online presence, he uncovered other usernames, including one he traced to some Minecraft forums where a photoshopped picture of a still from Pulp Fiction contained the faces of BackConnect, which was a rival to ProTraf's DDOS mitigation business, and another face. A hacker by the name of Vyp0r, who another employee of ProTraf claimed betrayed his trust and blackmailed him into posting the source of another piece of malware called Bashlite. There was also a third character photoshopped into the image. An anime character named "Yamada" from a movie called B Gata H Hei.
Interestingly, under the same username, Krebs found a "MyAnimeList" profile which, out of 9 titles it had marked as watched, were B Gata H Hei, as well as Mirai Nikki, the show from which Mirai derived its name. It continues on with other evidence, including DDOS attacks against Rutgers University, but in short, there was little doubt in the identity of "Anna-senpai", but the person behind the identity did contact Krebs to comment. He denied any involvement in Mirai or DDOS attacks.
"I don’t think there are enough facts to definitively point the finger at me," [Anna-senpai] said. "Besides this article, I was pretty much a nobody. No history of doing this kind of stuff, nothing that points to any kind of sociopathic behavior. Which is what the author is, a sociopath."
He did, however, correct Krebs on the name of B Gata H Kei.
Epilogue
Needless to say, the Mirai botnet crew was caught, but managed to avoid jailtime thanks to their cooperation with the government. That's not to say they went unpunished. Anna-senpai was sentenced to 6 months confinement, 2500 hours of community service, and they may have to pay up to $8.6 million in restitution for their attacks on Rutgers university.

Other Stories

I don't have the time or energy to write another effortpost, and as is I'm over 20,000 characters, so here's a few other tidbits of Krebs' clashes with miscreants.
submitted by HereComesMyDingDong to internetdrama [link] [comments]

Cybersecurity Briefs - YouTube YouTube 10 Fragen an einen Multi-Millionär  Galileo  ProSieben How hackers take over your accounts using social engineering (Marketplace) Smashing Security 59: An intro to Bitcoin and Blockchain

Hackers are stealing millions in Bitcoin — and living like big shots Theft, said Brian Krebs, owner of the cyber-news site KrebsOnSecurity, is “irreversible.” Seconds after breaking Cybercrime journalist Brian Krebs recently published an article on his popular cybersecurity blog KrebsOnSecurity in which he attempts to track down the hackers behind the recent major security breach of Twitter and the hijacking of multiple high profile user accounts, which were used to execute a Bitcoin scam that some estimate generated over $100,000. Krebs on Security In-depth security news and investigation. About the Author; I check my Bitcoin wallet every 35 min and after seeing the money I will order my recruited person to get away. Privnotes.com Is Phishing Bitcoin from Users of Private Messaging Service Privnote.com — Krebs on Security. June 14, 2020. Facebook. Twitter. using the bitcoin wallet address from bitcoin’s Wikipedia page as an example. The following message was composed at Privnotes.com from a computer with an Internet address in New York, with the According to noted cyber security researcher and journalist Brian Krebs, the impostor website was providing the same function but with one key difference: in messages containing bitcoin addresses

[index] [3902] [25911] [19040] [23989] [27148] [3802] [28374] [29471] [7346] [4339]

Cybersecurity Briefs - YouTube

2 minute video podcasts by Scott Schober on cybersecurity, wireless technology news, drone information, and much more. In a special "splinter" episode of the "Smashing Security" podcast we take a look at Bitcoin and Blockchain. What's all the fuss about cryptocurrencies? How can you protect your Bitcoin wallet ... 0:00 About Twitter Hack News 01:23 what twitter is saying? 01:35 how hackers hack these accounts? 03:02 About social engineering 07:36 About My Course ---- Buy our world most affordable course ... For tutoring please call 856.777.0840 I am a registered nurse who helps nursing students pass their NCLEX. I have been a nurse since 1997. I have worked in a... Chain-in 2018: Blockchain & Cryptocurrency Conference (www.chain-in.org) Abstract: In a time of incredible innovation in blockchain infrastructures and token...

Flag Counter