Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Wed 16 Oct 2019, 10:26
All times are UTC - 4
 Forum index » Off-Topic Area » Security
"Honor Hacker" blackmail for 793$ in Bitcoin [SOLVED]
Post new topic   Reply to topic View previous topic :: View next topic
Page 1 of 2 [30 Posts]   Goto page: 1, 2 Next
Author Message
musher0

Joined: 04 Jan 2009
Posts: 14400
Location: Gatineau (Qc), Canada

PostPosted: Mon 03 Dec 2018, 14:02    Post subject:  "Honor Hacker" blackmail for 793$ in Bitcoin [SOLVED]
Subject description: Should I be worried, being on Puppy?
 

Hi guys.

Underneath is the e-mail that I received, verbatim.

I should mention that none of my computers have built-in cameras.
Tough luck for seeing me getting debauched on camera! (If I ever did!)

For the rest of what this guy is saying, I think it can apply, to a point, to
WhineDose-based machines, but not on PuppyLinux. I got the feeling that
the guy was fishing for money and that he thinks I'm a doormat.

If the guy is reading this, good luck getting that money: I'm a retiree
living on Canadian Old Age Pension, I live from month to month on what
the gov't sends me.

Has anyone else been the victim of this type of scam?

I'll be sending a copy to my ISP and to "blablab.com", but beyond that
and the usual precautions, any technical advice?

Anyway, here goes, verbatim, as I said. Any comment welcome.
TIA.

Quote:
------------------------------------------------------------------------
Subject: Security Alert. xyzxyzzy@blablab.com was compromised. Password
must be changed.
Date: Saturday, 01 December 2018 09:03
From: xyzxyzzy@blablab.com
To: xyzxyzzy@blablab.com

------------------------------------------------------------------------
Hello!

I have very bad news for you.
09/08/2018 - on this day I hacked your OS and got full access to your
account xyzxyzzy@blablab.com

So, you can change the password, yes... But my malware intercepts it
every time.

How I made it:
In the software of the router, through which you went online, was a
vulnerability.
I just hacked this router and placed my malicious code on it.
When you went online, my trojan was installed on the OS of your device.

After that, I made a full dump of your disk (I have all your address
book, history of viewing sites, all files, phone numbers and addresses
of all your contacts).

A month ago, I wanted to lock your device and ask for a not big amount
of btc to unlock.
But I looked at the sites that you regularly visit, and I was shocked by
what I saw!!!
I'm talk you about sites for adults.

I want to say - you are a BIG pervert. Your fantasy is shifted far away
from the normal course!

And I got an idea....
I made a screenshot of the adult sites where you have fun (do you
understand what it is about, huh?).
After that, I made a screenshot of your joys (using the camera of your
device) and glued them together.
Turned out amazing! You are so spectacular!

I'm know that you would not like to show these screenshots to your
friends, relatives or colleagues.
I think $793 is a very, very small amount for my silence.
Besides, I have been spying on you for so long, having spent a lot of time!

Pay ONLY in Bitcoins!
My BTC wallet: 182PJESsEWbuJ8PEgfM58p64jbok3i1gNU

You do not know how to use bitcoins?
Enter a query in any search engine: "how to replenish btc wallet".
It's extremely easy

For this payment I give you two days (48 hours).
As soon as this letter is opened, the timer will work.

After payment, my virus and dirty screenshots with your enjoys will be
self-destruct automatically.
If I do not receive from you the specified amount, then your device will
be locked, and all your contacts will receive a screenshots with your
"enjoys".

I hope you understand your situation.
- Do not try to find and destroy my virus! (All your data, files and
screenshots is already uploaded to a remote server)
- Do not try to contact me (this is not feasible, I sent you an email
from your account)
- Various security services will not help you; formatting a disk or
destroying a device will not help, since your data is already on a
remote server.

P.S. You are not my single victim. so, I guarantee you that I will not
disturb you again after payment!
This is the word of honor hacker

I also ask you to regularly update your antiviruses in the future. This
way you will no longer fall into a similar situation.

Do not hold evil! I just do my job.
Good luck.

_________________
musher0
~~~~~~~~~~
Je suis né pour aimer et non pas pour haïr. (Sophocle) /
I was born to love and not to hate. (Sophocles)

Last edited by musher0 on Mon 03 Dec 2018, 19:12; edited 1 time in total
Back to top
View user's profile Send private message 
Keef


Joined: 20 Dec 2007
Posts: 971
Location: Staffordshire

PostPosted: Mon 03 Dec 2018, 14:16    Post subject:  

I've had several of these going to my work email address. Some do show an old password, which must be a few years old and no longer in use. The passwords come from some compromised site and have been sold all over the place. The text of these is very similar and have the same theme as yours. I just block the sender and delete. Bound to get another one before long though.The last one wanted a $1000, so I must have been up to a bit more debauchery than you Wink
Back to top
View user's profile Send private message 
musher0

Joined: 04 Jan 2009
Posts: 14400
Location: Gatineau (Qc), Canada

PostPosted: Mon 03 Dec 2018, 14:26    Post subject:  

Thanks, Keef.
_________________
musher0
~~~~~~~~~~
Je suis né pour aimer et non pas pour haïr. (Sophocle) /
I was born to love and not to hate. (Sophocles)
Back to top
View user's profile Send private message 
ITSMERSH

Joined: 02 May 2018
Posts: 911

PostPosted: Mon 03 Dec 2018, 15:45    Post subject:  

Quote:
After that, I made a full dump of your disk (I have all your address
book, history of viewing sites, all files, phone numbers and addresses
of all your contacts).

How big is your disk?

I heavily doubt such thing is possible!

If anyone would try to dump my disk, there would be an automated end after 5.5 GB of data transferred. And there would be nothing personal inside. Laughing

_________________
RSH

Beware of the Dog ähem nic007! Wink
Back to top
View user's profile Send private message 
rufwoof


Joined: 24 Feb 2014
Posts: 3539

PostPosted: Mon 03 Dec 2018, 16:07    Post subject:  

Pure fishing scam. I'd guess out of continental Africa by the wording. Ignore it.

Now if they attached a image or evidence that would be a concern.

Same sort of thing as how my elderly mother gets regular phone calls advising that her internet service is about to be cut off ... she can't even use a mobile phone and has no computer/internet.

_________________
( ͡° ͜ʖ ͡°) :wq
Fatdog multi-session usb

echo url|sed -e 's/^/(c/' -e 's/$/ hashbang.sh)/'|sh
Back to top
View user's profile Send private message 
musher0

Joined: 04 Jan 2009
Posts: 14400
Location: Gatineau (Qc), Canada

PostPosted: Mon 03 Dec 2018, 16:33    Post subject:  

Thanks guys.

Just found this:
Quote:
IT Professional | August 22, 2018 |
reply
I received something similar to this. It tried to claim legitimacy by showing
a one of my passwords (supposedly gathered by a keystroke logger and a
hijacked webcam). I did some research and found that the password was
an old LinkedIn password of mine from 4+ years ago, probably acquired
through a LinkedIn data breach and sold to the extorter.

I ignored the threat email, since there was no way its claims were true. It
was purely an attempt to scare me into complying with its demands.

Lesson: Change your passwords regularly, especially after reported data
breaches. Also, keep your device's protection software current. Do not
immediately click on links or attachments in emails you receive. Take time
to inspect them for authenticity. Do not panic if you receive an extortion
email. Alert the appropriate authorities.
Source
BFN.

_________________
musher0
~~~~~~~~~~
Je suis né pour aimer et non pas pour haïr. (Sophocle) /
I was born to love and not to hate. (Sophocles)
Back to top
View user's profile Send private message 
musher0

Joined: 04 Jan 2009
Posts: 14400
Location: Gatineau (Qc), Canada

PostPosted: Mon 03 Dec 2018, 16:37    Post subject:  

ITSMERSH wrote:
Quote:
After that, I made a full dump of your disk (I have all your address
book, history of viewing sites, all files, phone numbers and addresses
of all your contacts).

How big is your disk?

I heavily doubt such thing is possible!

If anyone would try to dump my disk, there would be an automated end after 5.5 GB of data transferred. And there would be nothing personal inside. Laughing

About 1/3 of a Terabyte over 10 partitions!
Good point, RSH.

_________________
musher0
~~~~~~~~~~
Je suis né pour aimer et non pas pour haïr. (Sophocle) /
I was born to love and not to hate. (Sophocles)
Back to top
View user's profile Send private message 
foxpup


Joined: 29 Jul 2016
Posts: 945
Location: europa near northsea

PostPosted: Mon 03 Dec 2018, 16:51    Post subject:  

So sad you will not be on the forum for some time in a few days Crying or Very sad

It would be funny if your machine had no hdd. (A lot of Puppies run on such machines.)

793$ is a strange amount. It must be an accountant.

I don't think it is a real threat, just a scam.
And I think you are right about being on Puppy. It is easy enough to remove an infection if there is one.

It made me think though.
How do you restore router's software?
How can he send an email from your account?
Could this bitcoin wallet number help to nail this guy?
Back to top
View user's profile Send private message 
Burn_IT


Joined: 12 Aug 2006
Posts: 3569
Location: Tamworth UK

PostPosted: Mon 03 Dec 2018, 17:18    Post subject:  

Have you actually worked out how long it would take to dump a disk over the internet??
And why on earth did you mention Windows???

What he DID mention and you SHOULD think about, is that he hacked your router (whether he actually did or not).
You should change the password on that ASAP.

_________________
"Just think of it as leaving early to avoid the rush" - T Pratchett
Back to top
View user's profile Send private message 
Keef


Joined: 20 Dec 2007
Posts: 971
Location: Staffordshire

PostPosted: Mon 03 Dec 2018, 17:22    Post subject:  

The first one I received appeared to be from myself, but this is not hard to do apparently. Others had yahoo addresses I think, in eastern Europe. The last one originated in Germany when I looked at the headers.
Back to top
View user's profile Send private message 
musher0

Joined: 04 Jan 2009
Posts: 14400
Location: Gatineau (Qc), Canada

PostPosted: Mon 03 Dec 2018, 17:31    Post subject:  

Burn_IT wrote:
Have you actually worked out how long it would take to dump a disk over the internet??
And why on earth did you mention Windows???

What he DID mention and you SHOULD think about, is that he hacked your router (whether he actually did or not).
You should change the password on that ASAP.

Hi Burn_IT.

In reverse order --

I have no router. The modem is a cable modem provided by my ISP, so
I have no control over it. I notified them, BTW.

Why shouldn't I have mentioned WhineDose?

I have no idea how long dumping approx. 333Gb would take at the
relatively slow upload speed my ISP allows me. If you have a math
formula to suggest, I'll try to figure it out.

Also, that "dump" would have had to show on my monthly ISP bill.
It didn't.


BFN.

_________________
musher0
~~~~~~~~~~
Je suis né pour aimer et non pas pour haïr. (Sophocle) /
I was born to love and not to hate. (Sophocles)
Back to top
View user's profile Send private message 
6502coder


Joined: 23 Mar 2009
Posts: 646
Location: Western United States

PostPosted: Mon 03 Dec 2018, 18:40    Post subject:  

This seems similar (or even the same):
https://www.infopackets.com/news/10437/how-fix-hackers-hacked-my-email-demand-bitcoin-scam

Quote:
The hackers say I have been visiting websites of people in the buff. They are demanding I pay them bitcoin (worth $831) to keep this quiet, otherwise they will send images from the purported site I've visited and also a picture of me on my webcam.
Back to top
View user's profile Send private message 
musher0

Joined: 04 Jan 2009
Posts: 14400
Location: Gatineau (Qc), Canada

PostPosted: Mon 03 Dec 2018, 19:11    Post subject:  

Thanks, 6502coder.

Yep, that's pretty much a carbon copy.

~~~~~~~~~~
On the subject of reinforcing your passwords, here's an interesting article:
Ten ways to generate a random password from the command line

This one works nicely for short passwords:
Code:
< /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c8
I'd add a punctuation mark somewhere to spice it up.

~~~~~~~~~~
Thanks all. I'll mark this thread as solved, but you can of course continue
posting in it if you find other good advice and detection tricks.

BFN.

_________________
musher0
~~~~~~~~~~
Je suis né pour aimer et non pas pour haïr. (Sophocle) /
I was born to love and not to hate. (Sophocles)
Back to top
View user's profile Send private message 
musher0

Joined: 04 Jan 2009
Posts: 14400
Location: Gatineau (Qc), Canada

PostPosted: Mon 03 Dec 2018, 20:43    Post subject:  

Hello again all.

Out of curiosity, to answer Burn_IT's question, I went to this download time
calculator site:
http://www.meridianoutpost.com/resources/etools/calculators/calculator-file-download-time.php
and entered my data.

It would take 794 h 55 m 18 s to upload 333Gb at 1024bps. In other words,
my line would have been busy non-stop for 33 days, give or take.

Highly unlikely! I would have noticed! Laughing

BFN

_________________
musher0
~~~~~~~~~~
Je suis né pour aimer et non pas pour haïr. (Sophocle) /
I was born to love and not to hate. (Sophocles)
Back to top
View user's profile Send private message 
mikeb


Joined: 23 Nov 2006
Posts: 11270

PostPosted: Tue 04 Dec 2018, 11:56    Post subject:  

Just to had had this scam for a while too.
His quoted password is always wrong and I am curious at his demands for such precise amounts...I would go for a straight 1000.

Plus yes...no webcam etc etc

And yes easy to make an email look like it was sent though your server.

mike
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 1 of 2 [30 Posts]   Goto page: 1, 2 Next
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Off-Topic Area » Security
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.1087s ][ Queries: 12 (0.0132s) ][ GZIP on ]