Hacked Passwords Being Used In Blackmail Attempt — Expect More Of This

from the isn't-the-internet-greate dept

Last week I received the following email with my name and a very, very, very old password that I haven’t used in probably at least a decade in the subject line (even though I’m not longer using it, I’m editing it out of this because… it’s still weird):

I am aware, ********, is your pass word. You don’t know me and you’re probably wondering why you’re getting this mail, right?

In fact, I actually installed a malware on the adult videos (adult porn) site and there’s more, you visited this site to experience fun (you know what I mean). While you were watching videos, your internet browser initiated working as a RDP (Remote Desktop) having a key logger which provided me with access to your screen and cam. Immediately after that, my software collected all of your contacts from your Messenger, FB, and email.

What exactly did I do?

I created a double-screen video. First part displays the video you were watching (you have a nice taste rofl), and 2nd part shows the recording of your web cam.

exactly what should you do?

Well, I believe, $2900 is a reasonable price for our little secret. You’ll make the payment via Bitcoin (if you don’t know this, search “how to buy bitcoin” in Google).

BTC Address: [REDACTED] (It is cAsE sensitive, so copy and paste it)

You have one day to make the payment. (I’ve a specific pixel in this e mail, and right now I know that you have read through this email). If I don’t receive the BitCoins, I will send your video recording to all of your contacts including members of your family, colleagues, and so forth. However, if I receive the payment, I will erase the video immidiately. If you really want evidence, reply with “Yes!” and I will send your video recording to your 9 friends. This is a non-negotiable offer, and thus do not waste my personal time and yours by responding to this message.

This was immediately obvious as a scam from a hacked database of passwords. Besides the fact that I haven’t used that particular password in ages (and even when I did, it was the password I used for “unimportant” sites), there are a whole bunch of other reasons why it was obvious that the email was fake and it would be literally impossible for the person to have whatever it was they claimed to have on me. I found it funny enough that I reached out to some other folks to see if this was getting around, and a few people told me they’d seen similar ones, noting that the final note about sending it to “9 friends” appeared to be an increase from the usual of “5” that they had seen before.

Indeed, Brian Krebs, who is always on top of these things, wrote a story about how a bunch of people got these emails last week. That one only asked for $1400, and also promised to send it to 5 friends. It has a few other slight differences to the one I received, but is pretty clearly sent by the same person/team of people with just a few modifications. Like the ones that Krebs reported on, mine appeared to come from an outlook.com email address. As Krebs notes, he expects that this particular scam is about to get a lot more popular, and will probably use a lot more recent set of passwords:

I suspect that as this scam gets refined even more, perpetrators will begin using more recent and relevant passwords ? and perhaps other personal data that can be found online ? to convince people that the hacking threat is real. That?s because there are a number of shady password lookup services online that index billions of usernames (i.e. email addresses) and passwords stolen in some of the biggest data breaches to date.

Alternatively, an industrious scammer could simply execute this scheme using a customer database from a freshly hacked Web site, emailing all users of that hacked site with a similar message and a current, working password. Tech support scammers also may begin latching onto this method as well.

And, at the very least, this scam appears to be working. It’s unclear just how many people are receiving these emails — and how many people are pointed to the same Bitcoin wallet address to pay — but the one that Krebs included in his post shows a single payment of approximately $2000. When I first got the email the Bitcoin wallet address in the email I received showed no transactions, but I just looked again and there are two transactions, both within a day of when I received the email (one for .23 Bitcoins or ~$1600 and another for 0.3 Bitcoins or ~$2,000).

Of course, this should be a warning for everyone on a variety of levels:

  1. Use a password manager already, and stop saying they’re too difficult to use. They are not.
  2. Use 2 factor authentication wherever possible
  3. Cover your webcam with a sticker or tape or something when not in use
  4. Don’t believe every stupid threat email you receive
  5. Don’t randomly pay money to every stupid emailer who pretends to threaten you

Anyway, it will be worth watching how this particular scam evolves, but as Krebs notes, it’s likely we’ll be seeing it a lot more often as it seems to hit all the key points for a popular internet scam these days.

Filed Under: , ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Hacked Passwords Being Used In Blackmail Attempt — Expect More Of This”

Subscribe: RSS Leave a comment
David says:

Site worth noting:

https://haveibeenpwned.com/ is a site where you can enter your Email address and have it checked against a number of password leaks. More details (like the actual passwords) only after signing in, basically making sure that the Email address actually is yours. But more details are rarely necessary. If it turns up positives, it’s a good idea changing the passwords on the affected sites if you didn’t do so since the breach occured.

I have no affiliation with that site, it did point out one of my accounts that warranted a password change, and I don’t see that it should be able to do bad things (apart from address harvesting/verification) if you don’t create an account. But if you think or know differently, correct me.

Anonymous Anonymous Coward (profile) says:

Re: Re:

You might, and I mean might might be a bit strong, be able to read, but your comprehension sucks. The email claimed to have gotten the password from an adult site. Mike says he used that password for unimportant sites. That means that Mike considers his porn sites to be unimportant, but even that is pure conjecture, and I think that he visited an adult site is unlikely, and it is even more unlikely that he supplied that site with a password, one that he used on other sites. Get real.

Or, much more likely, the spammer got the password from some compromised site that Mike considered unimportant and stopped visiting long ago (or has a new password for), which was in fact not porn. Then the fraudster made a claim that it was taken from an adult site to put fear into the recipient. It does not appear that Mike has fear, which is also supportive of his not visiting adult sites.

If I had gotten this email, I would just look up that password in my password manager (pwsafe is my choice and works for me in Windows, Linux, and Android and I also see they have IOS versions) and then go to that site and change the password. They would have no video of me, as the tape over my webcam is fairly permanent and that webcam is rarely used. Any video they have would be of the back of the tape, and it would be clear to me that they had not even reviewed what they were threatening me with.

Mark says:

Oh, you poor, lowly 99%ers… getting your cheap ass extortion threats via… egad… email.

I guess I’m a 1%er… I get my extortion letters (lovingly printed on pulped trees and sealed in a stamped 1st class envelope) hand delivered to my door by a Uniformed Government Courier. Two letters in the last few weeks.

blackturtle.us says:

Clearly not a threat to take seriously...

I received two of these threats. The wording was about 95% the same as the example in the article. Two days earlier I received a warning from a website where I have an account that their accounts database had been compromised. The details pertaining to a porn site and webcam didn’t match any activity I had been involved with and so the threat was obviously bogus. There were other indicators that it was a generic threat, but I’m sure someone somewhere is going to pay up!

Eddie G says:


This is hilarious!…I’m married and don’t even VISIT porn sites!….LoL! not to mention I am an I.T. Support Tech…and I PHYSICALLY remove / disable the web-cam from my laptops when I buy them!…So I would actually respond to this email? With the words:

“Do Your Worst”!….and wait to see what happens!…LoL! There’s nothing like being “in the know” and watching these maggots flail about with their idle threats!. Anyone who doesn’t cover their web-cam in this day & age?…is just ASKING for trouble. Its no wonder laptop makers are now including ways to “shutter” your webcam. but don’t stop there, either cover your microphones too, or else NEVER speak a password aloud! If they can activate your web-cam, who’s to say they can’t activate your speakers as well? LoL!

Listen people its not hard, when you buy ANY device whether its a laptop or a desktop or a smartphone? the FIRST thing you should do is protect yourself by any means necessary. Install a firewall / malware / antivirus and be sure to RUN IT,…CONSTANTLY! Even if it might take up some time when you run it? the alternative is to login and find out your bank account has been emptied because someone was able to glean information from your machine. I for one? run Linux on my laptops and have more safeguards in place than an average PC user, so I’m not truly worried, not to mention I don’t save passwords in ANY text document but have them stored in the ONE place that can NEVER be hacked! MY HEAD! When you throw in RKhunter, chRootkit, ClamAV, ufw, and the “ultimate” SELinux? (along with the fact that I’m running Kali Linux which is a hacker’s “toolkit” of programs!) I don’t fear this kind of thing. I guess these people are just desperate?…and hoping to find some elderly person who’s easily frightened?

David says:

Re: .

This is hilarious!…I’m married and don’t even VISIT porn sites!

Talk about a non sequitur… sounds like "I’m married and don’t even OWN cookbooks".

.LoL! not to mention I am an I.T. Support Tech…and I PHYSICALLY remove / disable the web-cam from my laptops when I buy them!…So I would actually respond to this email? With the words:

You lose. As an I.T. Support Tech you should know that answering to such mails will, if at all, serve only to verify that your address is reachable and responsive for purposes of spamming and scamming.

Ninja (profile) says:

I’d go further with those.

6- Don’t open e-mail attachments unless you are positively sure the person actually sent you.
7- Use adblockers and, if possible, script blockers since some malware has been served via advertisement networks.
8- Avoid unknown websites if possible, avoid the ones that are not the usual .com (or the country variant with the country initials), .org, .net. Avoid new ones like .xxx like the plague.

There must be more points but those came to mind right now.

John85851 (profile) says:

Another tip

I use a laptop as my main computer and it’s plugged into an external monitor while at home.
The lid is either completely closed or cracked slightly open so I can press the power key- in other words, angled down. So if a hacker did manage to turn on my laptop’s camera, they’d get a nice video of my floor… and maybe my feet as I walk by.

haha hehe hoho says:


so a game i played 6 years ago and stopped 6 years ago online got hacked and my email while it sin the dbase still has a completely wrong password ot any used…..

and i dont use a webcam , and as a actual hacker i got all my pron the good ol way via playboys website directly LOLOLOL…


oh and this fucker is in the usa and california….not saying anymore….

oh and who am i ? i’m the guy in that online game that beat the 2012 strategy game champion from new zealand MUAHHA

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...