Is This Real?

JK Knives

Moderator
Knifemaker / Craftsman / Service Provider
Joined
Mar 6, 2001
Messages
27,625
Received this email, is it for real?

Dear user of sbcglobal.net!

I am a spyware software developer.
Your account has been hacked by me in the summer of 2018.

I understand that it is hard to believe, but here is my evidence:
- I sent you this email from your account.
- Password from account [email protected]: h91sekrppvowox47kdy2a4bj (on moment of hack).

The hacking was carried out using a hardware vulnerability through which you went online (Cisco router, vulnerability CVE-2018-0296).

I went around the security system in the router, installed an exploit there.
When you went online, my exploit downloaded my malicious code (rootkit) to your device.
This is driver software, I constantly updated it, so your antivirus is silent all time.

Since then I have been following you (I can connect to your device via the VNC protocol).
That is, I can see absolutely everything that you do, view and download your files and any data to yourself.
I also have access to the camera on your device, and I periodically take photos and videos with you.

At the moment, I have harvested a solid dirt... on you...
I saved all your email and chats from your messangers. I also saved the entire history of the sites you visit.

I note that it is useless to change the passwords. My malware update passwords from your accounts every times.

So, to the business!
I'm sure you don't want to show these files and visiting history to all your contacts.

Transfer $814 to my Bitcoin cryptocurrency wallet: 1ARbihuSkEAojNHgxsgFVKjTJDHXuimB8
Just copy and paste the wallet number when transferring.
If you do not know how to do this - ask Google.

My system automatically recognizes the translation.
As soon as the specified amount is received, all your data will be destroyed from my server, and the rootkit will be automatically removed from your system.
Do not worry, I really will delete everything, since I am 'working' with many people who have fallen into your position.
You will only have to inform your provider about the vulnerabilities in the router so that other hackers will not use it.

Since opening this letter you have 48 hours.
If funds not will be received, after the specified time has elapsed, the disk of your device will be formatted,
and from my server will automatically send email and sms to all your contacts with compromising material.

I advise you to remain prudent and not engage in nonsense (all files on my server).

Good luck!
 
Joined
Feb 13, 2017
Messages
2,584
Last edited:

JK Knives

Moderator
Knifemaker / Craftsman / Service Provider
Joined
Mar 6, 2001
Messages
27,625
I have no idea what password they used, I didn’t see it mentioned.
 
Joined
Feb 13, 2017
Messages
2,584
I have no idea what password they used, I didn’t see it mentioned.

“I understand that it is hard to believe, but here is my evidence:
- I sent you this email from your account.
- Password from account [email protected]: h91sekrppvowox47kdy2a4bj (on moment of hack).”

I thought maybe that bottom part was your password. Either way I really wouldn’t pay it any mind, except I’d go through and change your password from that site they said you were a member of, if that’s even true. Better safe than sorry.

They’re really getting tricky, huh?
 

madcap_magician

Gold Member
Joined
Feb 27, 2005
Messages
4,908
I have no idea what password they used, I didn’t see it mentioned.

They didn't include any information that isn't publicly available with a little digging, and I really doubt you ever used "h91sekrppvowox47kdy2a4bj" as a password.
 

JK Knives

Moderator
Knifemaker / Craftsman / Service Provider
Joined
Mar 6, 2001
Messages
27,625
No, I never used that for a password.
Thanks guys.
 

morvlorv

Gold Member
Joined
Apr 3, 2014
Messages
587
We had somethung similar to this at my work about 5 or 6 years ago.
It was legit and the hacker did in fact have control of all out systems and websites.
We had to pay, but we stalled while paying and found the hackers way in.
We paid him and he gave us control of our systems again.
He said he wouldnt do it again, but tried again later in the day, but we patched the way in.
Its sounds a but different than this one, but these hackers know their stuff.

If you have no dirt, no need to worry.

This sounds more scam like than what we faced, and more malicious.
Our guy just turned on and off our website and was in our systems.
He said give me money and you can have your site back.
Your guy is playing off fear
 

JJ_Colt45

Gold Member
Joined
Sep 11, 2014
Messages
4,600
There are this type of hacks ...this is why protection software now offers ransomware coverages in some of their products.

Whether this is real or not I couldn't say but it might be worth checking out your pc by a professional and making sure it's clean ... and adding a protection software against that type of hack.

Hopefully and most likely it is a scam as I think most of these type hacks would go after big money targets ... but anything is possible these days.

And your routers can very much be the weakest link in your system left unprotected.
 
Last edited:

grunt soldier

Gold Member
Joined
Dec 4, 2009
Messages
4,497
A lot of times they actually have an old password you use to have. They buy them and this scam becomes much more successful unfortunately. It's a scam. I get at least one run a day on this. Usually from people who paid.
 

MolokaiRider

Gold Member
Joined
Sep 13, 2017
Messages
4,355
Spooky and irritating stuff isn’t it? I’ve had to deal with hacks a few times. Even had one lock my PC completely and would only show a screen that stated it was from the NSA (looked legit) and that my computer had been linked to illegal sites and content.

It destroyed my computer and in the end I had to buy a new one.

Now I just pony up and purchase BitDefender and McKafee protection software. It’s expensive but good insurance.
 

glennbad

Knife Moddin' Fool
Knifemaker / Craftsman / Service Provider
Joined
Jan 13, 2003
Messages
5,935
We had a crypto-locker virus at my work a few years back. One of our employees opened an email saying "you have tracking for your package". Once it infected his computer, then it goes after any network drives that the computer has access to and encrypts all the common files...PDF, Excel, Word. We didn't pay, and since we had a day or 2 old backup, we only lost a little bit of data. I guess if you don't have a backup, you have no choice but to pay if you want your files back.

But as others have said John, yours is a scam. Unfortunately, that type will reel in unsuspecting victims. My mom got hooked by someone last year. They almost had full control of all her stuff. She happened to call me as it was going on, and I told her to shut down her computer and call and put a hold on her BoA card, that they now had the number to. That was a close one, and the scammers are very good at what they do. Their tactics look very convincing.
 

RayseM

Gold Member
Joined
Feb 18, 2010
Messages
6,332
I'd be inclined to spend the $800.00 towards a new computer but then I think you would also need a new server and router for data coming into your house. I would get a chuckle out of someone threatening me with exposing my "dirt".
Ooooh that would hurt ;) - NOT - but I don't know how casual I would be about keeping on with my computer set up as if nothing happened.

I don't know enough about anything but these lines bear some study IMHO - "- Password from account [email protected]: h91sekrppvowox47kdy2a4bj (on moment of hack).

The hacking was carried out using a hardware vulnerability through which you went online (Cisco router, vulnerability CVE-2018-0296)."

Unless you write all your passwords down OFF YOUR COMPUTER and know for a fact that such a password was never used (have you ever accepted a pswd suggestion from your browser?) and what kind of router are you connected to - a CISCO?

Likely means nothing, but I'd be asking. Good luck with all this.
I hope the others are all correct that this is a total scam.


Ray
 

JK Knives

Moderator
Knifemaker / Craftsman / Service Provider
Joined
Mar 6, 2001
Messages
27,625
Never used the password and never had one suggested for me.
What exactly is a Cisco router?
 

mqqn

Platinum Member
Joined
Nov 12, 2009
Messages
12,790
It's like a Toyota Car - just a router made by Linksys/Cisco.

That is total scam. It is not a hacker, it is a scammer who got your information off of a dark web site, probably revealed in a data breach at Facebook or some other one of many places that had data breaches. The actual hackers then post that information on the DW and away the scammers go.

Use different passwords for each site, use a password vault (I use Keepass), and get a free CreditKarma account and check to see where your information has been breached.

Best

mqqn
 
Joined
Dec 7, 2016
Messages
11,262
Received this email, is it for real?

Dear user of sbcglobal.net!

I am a spyware software developer.
Your account has been hacked by me in the summer of 2018.

I understand that it is hard to believe, but here is my evidence:
- I sent you this email from your account.
- Password from account [email protected]: h91sekrppvowox47kdy2a4bj (on moment of hack).

The hacking was carried out using a hardware vulnerability through which you went online (Cisco router, vulnerability CVE-2018-0296).

I went around the security system in the router, installed an exploit there.
When you went online, my exploit downloaded my malicious code (rootkit) to your device.
This is driver software, I constantly updated it, so your antivirus is silent all time.

Since then I have been following you (I can connect to your device via the VNC protocol).
That is, I can see absolutely everything that you do, view and download your files and any data to yourself.
I also have access to the camera on your device, and I periodically take photos and videos with you.

At the moment, I have harvested a solid dirt... on you...
I saved all your email and chats from your messangers. I also saved the entire history of the sites you visit.

I note that it is useless to change the passwords. My malware update passwords from your accounts every times.

So, to the business!
I'm sure you don't want to show these files and visiting history to all your contacts.

Transfer $814 to my Bitcoin cryptocurrency wallet: 1ARbihuSkEAojNHgxsgFVKjTJDHXuimB8
Just copy and paste the wallet number when transferring.
If you do not know how to do this - ask Google.

My system automatically recognizes the translation.
As soon as the specified amount is received, all your data will be destroyed from my server, and the rootkit will be automatically removed from your system.
Do not worry, I really will delete everything, since I am 'working' with many people who have fallen into your position.
You will only have to inform your provider about the vulnerabilities in the router so that other hackers will not use it.

Since opening this letter you have 48 hours.
If funds not will be received, after the specified time has elapsed, the disk of your device will be formatted,
and from my server will automatically send email and sms to all your contacts with compromising material.

I advise you to remain prudent and not engage in nonsense (all files on my server).

Good luck!

Tell him to send some photos of you or no loot. (Not that you will send him any)

If he has photos of you time to call the cops. Might want to call them anyway.

Even if it is real who’s to say he won’t just do this again.

I have seen worse ransomware where they target companies and lock all their computers until the ransom is paid.
 

greatscoot

Some other kind of crazy.
Gold Member
Joined
Jul 21, 2012
Messages
9,265
Never used the password and never had one suggested for me.
What exactly is a Cisco router?
The cisco router is probably your wireless modem. I have had several different clients get this email in the last couple of weeks. Just some scammer preying on people who don't know better and will just send them the money.
 
Top