Page 1 of 3 123 LastLast
Results 1 to 15 of 31

Thread: WARNING: Possible ransonware in forum

  1. #1
    Senior Contributor
    Join Date
    05 Sep 08
    Posts
    2,043

    WARNING: Possible ransonware in forum

    Yesterday I received an email trying to blackmail me, and it included my password. I use this password in only 2 sites, this being one of them, I am warning both sites that there might be something here that might have caused this. My coumputer is clean, and I received no other email with information from other places.

  2. #2
    Senior Contributor Oracle's Avatar
    Join Date
    12 Jul 13
    Location
    Singapore
    Posts
    5,371
    jlvfr,

    Can you post snapshots?

    All should use different passwords for different sites, else all go kaput in case of a hijack.

    I doubt it's a ransomware. Might be a backdoor that stole passwords. Might be from the other site that you visit too.

    And, thanks for letting us know.
    Last edited by Oracle; 26 Jul 18, at 11:42.
    Politicians are elected to serve...far too many don't see it that way - Albany Rifles!

    Loyalty to country always. Loyalty to government, when it deserves it - Mark Twain!

  3. #3
    Senior Contributor
    Join Date
    05 Sep 08
    Posts
    2,043
    Quote Originally Posted by Oracle View Post
    jlvfr,

    Can you post snapshots?

    All should use different passwords for different sites, else all go kaput in case of a hijack.

    I doubt it's a ransomware. Might be a backdoor that stole passwords. Might be from the other site that you visit too.

    And, thanks for letting us know.
    Can do better, here are the headers of the mail:

    Return-Path: <sender@commarysmith.com>
    Delivered-To: myemail@aa.cc
    Received: (qmail 13081 invoked from network); 26 Jul 2018 01:33:48 -0000
    Received: from unknown ([195.23.133.213])
    by mailfrt13.isp.novis.pt with compressed QMQP; 26 Jul 2018 01:33:48 -0000
    Delivered-To: CLUSTERHOST mailrly03.isp.novis.pt myemail@aa.cc
    Received: (qmail 4727 invoked from network); 26 Jul 2018 01:33:48 -0000
    Received: from unknown (HELO mail0.commarysmith.com) ([46.161.42.76]) (envelope-sender <sender@commarysmith.com>)
    by mailrly03.isp.novis.pt with SMTP; 26 Jul 2018 01:33:48 -0000
    Received-SPF: pass (mailrly03.isp.novis.pt: SPF record at commarysmith.com
    designates 46.161.42.76 as permitted sender)
    Date: Wed, 25 Jul 2018 18:33:44 -0700
    Subject: myemail@aa.cc:XXXXXXXXX
    Message-ID: <7f7gxz066j48dtdorq5shjrc.1728346655437@>
    From: Sophia <sender>
    To: myemail@aa.cc
    X-MSTD-Info: clean
    X-IPG-AntiSpam: hits=4.9, required=5.0 (d) - not spam
    MIME-Version: 1.0
    Content-Transfer-Encoding: 7bit
    Content-Type: text/plain; charset=UTF-8


    And this is the email text:


    It appears that, (XXXXXXXX), 's your password. May very well not know me and you are most likely wondering why you're getting this e mail, right?

    in fact, I setup a malware over the adult videos (adult) website and guess what happens, you visited this site to have fun (you know what I am talking about). Whilst you were watching videos, your internet browser started out operating as a RDP (Team Viewer) which provided accessibility of your screen and web cam. from then on, my software program obtained all your contacts out of your Messenger, Outlook, Facebook, along with emails.

    What did I actually do?

    I made a double-screen video. 1st part shows the recording you're watching (you have a good taste haha . . .), and 2nd part shows the recording of your web cam.

    exactly what should you do?

    Well, in my opinion, $1000 is a reasonable price for your little hidden secret. You'll make the payment by Bitcoin (if you do not know this, search "how to purchase bitcoin" search engines like google).

    Bitcoin Address: 15Pn9bfnoYuSW2f7AZoYkZ6TgKKb1dYYBB
    (It is case sensitive, so copy and paste it)

    Important:
    You've got 1 day in order to make the payment. (I've a unique pixel within this e-mail, and at this moment I know that you have read through this email message). If I do not get the BitCoins, I will certainly send your video recording to all of your contacts including family members, coworkers, and so forth. Having said that, if I get the payment, I'll destroy the recording immidiately. If you need evidence, reply with "Yes!" and i'll certainly mail out your videos to your 6 contacts. It is a non-negotiable offer, that being said don't waste my personal time and yours by answering this message.





    I replaced my email with "myemail@aa.cc" and XXXXXX is where my password was.

    Parts of it are boilerplate, others are plain wrong. I don't have a webcam, and the number of contacts is wrong. But the password was correct, hence my post.

  4. #4
    Senior Contributor Oracle's Avatar
    Join Date
    12 Jul 13
    Location
    Singapore
    Posts
    5,371
    Cover up your laptop's webcam with a tape, or any webcam at all. It's considered general practice nowadays.
    Last edited by Oracle; 26 Jul 18, at 13:36.
    Politicians are elected to serve...far too many don't see it that way - Albany Rifles!

    Loyalty to country always. Loyalty to government, when it deserves it - Mark Twain!

  5. #5
    Turbanator Senior Contributor Double Edge's Avatar
    Join Date
    11 Sep 10
    Location
    Bangalore
    Posts
    9,654
    Quote Originally Posted by jlvfr View Post
    Can do better, here are the headers of the mail:

    And this is the email text:


    It appears that, (XXXXXXXX), 's your password. May very well not know me and you are most likely wondering why you're getting this e mail, right?
    Could have got this by hacking the board or some other way. Taking the board out hasn't happened in a long while if memory serves.

    in fact, I setup a malware over the adult videos (adult) website and guess what happens, you visited this site to have fun (you know what I am talking about). Whilst you were watching videos, your internet browser started out operating as a RDP (Team Viewer) which provided accessibility of your screen and web cam. from then on, my software program obtained all your contacts out of your Messenger, Outlook, Facebook, along with emails.

    What did I actually do?

    I made a double-screen video. 1st part shows the recording you're watching (you have a good taste haha . . .), and 2nd part shows the recording of your web cam.

    exactly what should you do?

    Well, in my opinion, $1000 is a reasonable price for your little hidden secret. You'll make the payment by Bitcoin (if you do not know this, search "how to purchase bitcoin" search engines like google).

    Bitcoin Address: 15Pn9bfnoYuSW2f7AZoYkZ6TgKKb1dYYBB
    (It is case sensitive, so copy and paste it)

    Important:
    You've got 1 day in order to make the payment. (I've a unique pixel within this e-mail, and at this moment I know that you have read through this email message). If I do not get the BitCoins, I will certainly send your video recording to all of your contacts including family members, coworkers, and so forth. Having said that, if I get the payment, I'll destroy the recording immidiately. If you need evidence, reply with "Yes!" and i'll certainly mail out your videos to your 6 contacts. It is a non-negotiable offer, that being said don't waste my personal time and yours by answering this message.

    I replaced my email with "myemail@aa.cc" and XXXXXX is where my password was.

    Parts of it are boilerplate, others are plain wrong. I don't have a webcam, and the number of contacts is wrong. But the password was correct, hence my post.
    I suspect this bit is a ruse. He's betting you won't call his bluff

  6. #6
    Senior Contributor
    Join Date
    05 Sep 08
    Posts
    2,043
    Quote Originally Posted by Oracle View Post
    Cover up your laptop's webcam with a tape, or any webcam at all. It's considered general practice nowadays.
    I don't have one. :D

  7. #7
    Senior Contributor Oracle's Avatar
    Join Date
    12 Jul 13
    Location
    Singapore
    Posts
    5,371
    Quote Originally Posted by Double Edge View Post
    Could have got this by hacking the board or some other way. Taking the board out hasn't happened in a long while if memory serves.

    I suspect this bit is a ruse. He's betting you won't call his bluff
    *One gets a million email addresses (hacked or bought from darknet)*
    *One composes just one email*
    *Subject can be nude pics/porn sites etc etc*
    *One mails it to those million email addresses*
    *Even if 10K people fall for it, one earn in millions*
    *That's how scammers work, they take their chances*
    Politicians are elected to serve...far too many don't see it that way - Albany Rifles!

    Loyalty to country always. Loyalty to government, when it deserves it - Mark Twain!

  8. #8
    Senior Contributor Oracle's Avatar
    Join Date
    12 Jul 13
    Location
    Singapore
    Posts
    5,371
    Quote Originally Posted by jlvfr View Post
    I don't have one. :D
    You're missing on camdolls dancing naked. :D
    Politicians are elected to serve...far too many don't see it that way - Albany Rifles!

    Loyalty to country always. Loyalty to government, when it deserves it - Mark Twain!

  9. #9
    Senior Contributor
    Join Date
    12 Aug 08
    Location
    UK/Europe
    Posts
    5,350
    Looks like a phishing attack on your email to me. Reformat, change passwords and ignore. If you have no webcam it is clearly a bluff.
    Last edited by snapper; 26 Jul 18, at 16:14.

  10. #10
    Senior Contributor Oracle's Avatar
    Join Date
    12 Jul 13
    Location
    Singapore
    Posts
    5,371
    Quote Originally Posted by snapper View Post
    Looks like a phishing attack on your email to me. Reformat, change passwords and ignore. If you have no webcam it is clearly a bluff.
    Could be. Then his email is up for sale in the darknet. Reformat???
    Politicians are elected to serve...far too many don't see it that way - Albany Rifles!

    Loyalty to country always. Loyalty to government, when it deserves it - Mark Twain!

  11. #11
    Senior Contributor
    Join Date
    05 Sep 08
    Posts
    2,043
    Quote Originally Posted by Oracle View Post
    Could be. Then his email is up for sale in the darknet. Reformat???
    If my email is compromised, formating is useless, since that wouldn't change it.

  12. #12
    Global Moderator
    Comrade Commissar
    TopHatter's Avatar
    Join Date
    03 Sep 03
    Posts
    16,717
    Quote Originally Posted by Double Edge View Post
    I suspect this bit is a ruse. He's betting you won't call his bluff
    I agree, it's likely a ruse
    Last edited by TopHatter; 06 Aug 18, at 14:28.
    “You don’t even have to be convicted of a crime to lose your job in this constitutional republic if the Senate determines that your conduct as a public official is clearly out of bounds in your role… because impeachment is not about punishment. Impeachment is about cleansing the office. Impeachment is about restoring honor and integrity to the office.”
    ~ Lindsey Graham

    "The notion that you can withhold information and documents from Congress no matter whether you are the party in power or not in power is wrong. Respect for the rule of law must mean something, irrespective of the vicissitudes of political cycles."
    ~ Trey Gowdy

  13. #13
    Senior Contributor
    Join Date
    12 Aug 08
    Location
    UK/Europe
    Posts
    5,350
    Quote Originally Posted by jlvfr View Post
    If my email is compromised, formating is useless, since that wouldn't change it.
    If you have been phished your system is compromised - they have possibly planted a virus on it that allows them see your passwords. Reformatting should clear most of it. As I said change passwords also which should renew your security on your email.

  14. #14
    Senior Contributor
    Join Date
    05 Sep 08
    Posts
    2,043
    Quote Originally Posted by snapper View Post
    If you have been phished your system is compromised - they have possibly planted a virus on it that allows them see your passwords. Reformatting should clear most of it. As I said change passwords also which should renew your security on your email.
    If I had beehn phished via my PC, they'd have all my passwords, the correct number of contacts and would know that I don't have a webcam. Since that wasn't the case...

  15. #15
    Resident Curmudgeon Military Professional Gun Grape's Avatar
    Join Date
    12 Mar 05
    Location
    Panama City Fl
    Posts
    9,006
    I got the same E-mail 2 days ago.

    I don't have a webcam either.

    (edt) sent jlvfr a PM to compare other sites I have used this password to maybe narrow it down

    My e-mail was a little different and they asked for 2 Grand in bitcoins
    Last edited by Gun Grape; 26 Jul 18, at 23:25.
    Human Scum. Proud Never Trumper

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Share this thread with friends:

Share this thread with friends:

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •