Hacked Passwords Being Used In Blackmail Attempt — Expect More Of This
from the isn't-the-internet-greate dept
Last week I received the following email with my name and a very, very, very old password that I haven’t used in probably at least a decade in the subject line (even though I’m not longer using it, I’m editing it out of this because… it’s still weird):
I am aware, ********, is your pass word. You don’t know me and you’re probably wondering why you’re getting this mail, right?
In fact, I actually installed a malware on the adult videos (adult porn) site and there’s more, you visited this site to experience fun (you know what I mean). While you were watching videos, your internet browser initiated working as a RDP (Remote Desktop) having a key logger which provided me with access to your screen and cam. Immediately after that, my software collected all of your contacts from your Messenger, FB, and email.
What exactly did I do?
I created a double-screen video. First part displays the video you were watching (you have a nice taste rofl), and 2nd part shows the recording of your web cam.
exactly what should you do?
Well, I believe, $2900 is a reasonable price for our little secret. You’ll make the payment via Bitcoin (if you don’t know this, search “how to buy bitcoin” in Google).
BTC Address: [REDACTED] (It is cAsE sensitive, so copy and paste it)
Note:
You have one day to make the payment. (I’ve a specific pixel in this e mail, and right now I know that you have read through this email). If I don’t receive the BitCoins, I will send your video recording to all of your contacts including members of your family, colleagues, and so forth. However, if I receive the payment, I will erase the video immidiately. If you really want evidence, reply with “Yes!” and I will send your video recording to your 9 friends. This is a non-negotiable offer, and thus do not waste my personal time and yours by responding to this message.
This was immediately obvious as a scam from a hacked database of passwords. Besides the fact that I haven’t used that particular password in ages (and even when I did, it was the password I used for “unimportant” sites), there are a whole bunch of other reasons why it was obvious that the email was fake and it would be literally impossible for the person to have whatever it was they claimed to have on me. I found it funny enough that I reached out to some other folks to see if this was getting around, and a few people told me they’d seen similar ones, noting that the final note about sending it to “9 friends” appeared to be an increase from the usual of “5” that they had seen before.
Indeed, Brian Krebs, who is always on top of these things, wrote a story about how a bunch of people got these emails last week. That one only asked for $1400, and also promised to send it to 5 friends. It has a few other slight differences to the one I received, but is pretty clearly sent by the same person/team of people with just a few modifications. Like the ones that Krebs reported on, mine appeared to come from an outlook.com email address. As Krebs notes, he expects that this particular scam is about to get a lot more popular, and will probably use a lot more recent set of passwords:
I suspect that as this scam gets refined even more, perpetrators will begin using more recent and relevant passwords ? and perhaps other personal data that can be found online ? to convince people that the hacking threat is real. That?s because there are a number of shady password lookup services online that index billions of usernames (i.e. email addresses) and passwords stolen in some of the biggest data breaches to date.
Alternatively, an industrious scammer could simply execute this scheme using a customer database from a freshly hacked Web site, emailing all users of that hacked site with a similar message and a current, working password. Tech support scammers also may begin latching onto this method as well.
And, at the very least, this scam appears to be working. It’s unclear just how many people are receiving these emails — and how many people are pointed to the same Bitcoin wallet address to pay — but the one that Krebs included in his post shows a single payment of approximately $2000. When I first got the email the Bitcoin wallet address in the email I received showed no transactions, but I just looked again and there are two transactions, both within a day of when I received the email (one for .23 Bitcoins or ~$1600 and another for 0.3 Bitcoins or ~$2,000).
Of course, this should be a warning for everyone on a variety of levels:
- Use a password manager already, and stop saying they’re too difficult to use. They are not.
- Use 2 factor authentication wherever possible
- Cover your webcam with a sticker or tape or something when not in use
- Don’t believe every stupid threat email you receive
- Don’t randomly pay money to every stupid emailer who pretends to threaten you
Anyway, it will be worth watching how this particular scam evolves, but as Krebs notes, it’s likely we’ll be seeing it a lot more often as it seems to hit all the key points for a popular internet scam these days.
Filed Under: blackmail, hacked passwords, shakedown
Comments on “Hacked Passwords Being Used In Blackmail Attempt — Expect More Of This”
Our company's users rec'd 45 of these emails
Every email was unique, using different phrasing. Also, each email our users rec’d had a different bitcoin address. I was impressed.
Site worth noting:
https://haveibeenpwned.com/ is a site where you can enter your Email address and have it checked against a number of password leaks. More details (like the actual passwords) only after signing in, basically making sure that the Email address actually is yours. But more details are rarely necessary. If it turns up positives, it’s a good idea changing the passwords on the affected sites if you didn’t do so since the breach occured.
I have no affiliation with that site, it did point out one of my accounts that warranted a password change, and I don’t see that it should be able to do bad things (apart from address harvesting/verification) if you don’t create an account. But if you think or know differently, correct me.
I keep trying to get my video out of these fuckers but they never send it 🙁 I reckon i could monetize it as i have a nice c**k.
Re: Re:
ears perk up
Oh??? Let me be the judge of that, I’m a professional.
So you use "important" site passwords for adult video sites? Interesting…
Re: Re:
You might, and I mean might might be a bit strong, be able to read, but your comprehension sucks. The email claimed to have gotten the password from an adult site. Mike says he used that password for unimportant sites. That means that Mike considers his porn sites to be unimportant, but even that is pure conjecture, and I think that he visited an adult site is unlikely, and it is even more unlikely that he supplied that site with a password, one that he used on other sites. Get real.
Or, much more likely, the spammer got the password from some compromised site that Mike considered unimportant and stopped visiting long ago (or has a new password for), which was in fact not porn. Then the fraudster made a claim that it was taken from an adult site to put fear into the recipient. It does not appear that Mike has fear, which is also supportive of his not visiting adult sites.
If I had gotten this email, I would just look up that password in my password manager (pwsafe is my choice and works for me in Windows, Linux, and Android and I also see they have IOS versions) and then go to that site and change the password. They would have no video of me, as the tape over my webcam is fairly permanent and that webcam is rarely used. Any video they have would be of the back of the tape, and it would be clear to me that they had not even reviewed what they were threatening me with.
Re: Re: Re:
I think he needed to add a /joke mark or something, at least this is how I read 😉
Re: Re:
I think the real surprise is if Mike used his real email address at a porn site.
Real people register smurf email accounts that they only ever log into to check for those activation emails to activate accounts on pornography sites.
I got almost the exact same email, but mine wanted $1900 and threatened to send the video to 11 friends. That would be a nice trick considering I’ve never had a camera connected to my computer. 🙂
Re: Re:
My version: I got almost the exact same email, but mine wanted $1900 and threatened to send the video to 11 friends. That would be a nice trick considering I’ve never had 11 friends. 🙁
Re: Re:
They threatened to sent it to 9 of my friends. Since I don’t have 9 friends, I was skeptical, but I figured if they sent it to 9 people, at least one of them would become my friend because I am pretty awesome on camera.
Re: Re: Re:
Is this reddit now? Lol
Oh, you poor, lowly 99%ers… getting your cheap ass extortion threats via… egad… email.
I guess I’m a 1%er… I get my extortion letters (lovingly printed on pulped trees and sealed in a stamped 1st class envelope) hand delivered to my door by a Uniformed Government Courier. Two letters in the last few weeks.
Re: Re:
Hmm. Love notes from the IRS…eh?
Mike, looks like blue boy found you!
I’m a little sad they didn’t try to be more specific. I’m really curious what scammers think Mike would be into.
I’d assume Victorian era role play.
Re: Re:
If Victorian, I’d guess steampunk, lol, with the scandal being him only partially in role!
Re: Re: Re:
Is that a dent in your armor or are you just happy to see me?
Re: Re:
We all know if you had a split screen of Mike and his browser, it would just be him with about 900 tabs open for tech and political news.
Re: Re: Re:
According to some people here Mike would be fapping to hundreds of tabs about Google.
Also, if I produced any disturbing image in your head, you are welcome.
shoes self out
Re: Re: Re:
We all know if you had a split screen of Mike and his browser, it would just be him with about 900 tabs open for tech and political news.
While potentially a sad statement on my life… this is incredibly accurate.
Clearly not a threat to take seriously...
I received two of these threats. The wording was about 95% the same as the example in the article. Two days earlier I received a warning from a website where I have an account that their accounts database had been compromised. The details pertaining to a porn site and webcam didn’t match any activity I had been involved with and so the threat was obviously bogus. There were other indicators that it was a generic threat, but I’m sure someone somewhere is going to pay up!
“(I’ve a specific pixel in this e mail, and right now I know that you have read through this email)”
No, you don’t cause my email client doesn’t load anything from the Internet unless I tell it to. Also, f*ck you 😉
ha ha ha ha ha
ha ha ha ha ha what a pathetic bunch of loosers!
I will double-secret-dog-dare them to send this supposed “video” to all of my friends!!!
That should shut them up quite quickly.
what a bunch of looses!
.
This is hilarious!…I’m married and don’t even VISIT porn sites!….LoL! not to mention I am an I.T. Support Tech…and I PHYSICALLY remove / disable the web-cam from my laptops when I buy them!…So I would actually respond to this email? With the words:
“Do Your Worst”!….and wait to see what happens!…LoL! There’s nothing like being “in the know” and watching these maggots flail about with their idle threats!. Anyone who doesn’t cover their web-cam in this day & age?…is just ASKING for trouble. Its no wonder laptop makers are now including ways to “shutter” your webcam. but don’t stop there, either cover your microphones too, or else NEVER speak a password aloud! If they can activate your web-cam, who’s to say they can’t activate your speakers as well? LoL!
Listen people its not hard, when you buy ANY device whether its a laptop or a desktop or a smartphone? the FIRST thing you should do is protect yourself by any means necessary. Install a firewall / malware / antivirus and be sure to RUN IT,…CONSTANTLY! Even if it might take up some time when you run it? the alternative is to login and find out your bank account has been emptied because someone was able to glean information from your machine. I for one? run Linux on my laptops and have more safeguards in place than an average PC user, so I’m not truly worried, not to mention I don’t save passwords in ANY text document but have them stored in the ONE place that can NEVER be hacked! MY HEAD! When you throw in RKhunter, chRootkit, ClamAV, ufw, and the “ultimate” SELinux? (along with the fact that I’m running Kali Linux which is a hacker’s “toolkit” of programs!) I don’t fear this kind of thing. I guess these people are just desperate?…and hoping to find some elderly person who’s easily frightened?
Re: .
Talk about a non sequitur… sounds like "I’m married and don’t even OWN cookbooks".
You lose. As an I.T. Support Tech you should know that answering to such mails will, if at all, serve only to verify that your address is reachable and responsive for purposes of spamming and scamming.
I read a different article about this and they said that $25K USD had been sent to the bitcoin address.
Good work if you can get it.
Re: Re:
Someone commented, elsewhere, that the scammers may have primed their bitcoin accounts to look like others had already paid. So it is not necessarily the case that they have gained anything even if there have been payments.
Same Scam from "Black Mirror"
Season 3, episode 3 contains essentially this exact scam, plus a bunch of other dystopian tech stuff (of course).
I’d go further with those.
6- Don’t open e-mail attachments unless you are positively sure the person actually sent you.
7- Use adblockers and, if possible, script blockers since some malware has been served via advertisement networks.
8- Avoid unknown websites if possible, avoid the ones that are not the usual .com (or the country variant with the country initials), .org, .net. Avoid new ones like .xxx like the plague.
There must be more points but those came to mind right now.
Another tip
I use a laptop as my main computer and it’s plugged into an external monitor while at home.
The lid is either completely closed or cracked slightly open so I can press the power key- in other words, angled down. So if a hacker did manage to turn on my laptop’s camera, they’d get a nice video of my floor… and maybe my feet as I walk by.
Re: Another tip
Angled down is fine.
haha
so a game i played 6 years ago and stopped 6 years ago online got hacked and my email while it sin the dbase still has a completely wrong password ot any used…..
and i dont use a webcam , and as a actual hacker i got all my pron the good ol way via playboys website directly LOLOLOL…
ALLLL OF IT….
oh and this fucker is in the usa and california….not saying anymore….
oh and who am i ? i’m the guy in that online game that beat the 2012 strategy game champion from new zealand MUAHHA
admittedly i just think i would start laughing if i received that kind of email… my reason being is my webcam is only ever pointed at the wall (using it in lieu of a desk mic).
Hah! I got this email and didn’t even realize that the string of characters in the subject was a password. I dug through my trash and noticed that it’s not one I ever used and looks like the type of default password generated for an initial account setup. I wonder what site they got it from.
Just got this exact mail today, also for a password that’s been defunct for longer than I really remember. They’ve upped the ante to 13 friends, though. Obviously fake – I don’t even have 13 friends!
This was really helpful and many thanks for posting it
This was really helpful and many thanks for posting it