Ransomware Technique Uses Your real Passwords to Trick You

DooKey

[H]F Junkie
Joined
Apr 25, 2001
Messages
13,500
Those crafty internet thieves have come up with another way to get your money and it's pretty clever. Scammers are sending email to people that tells them they know their password, displays said password, and then goes on to claim malware is on their computer. The email also claims they have accessed their webcam and know they were on a pr0n site watching video. After it lays all of this out it tells the recipient to send them some Bitcoin and they'll keep the secret or else tell everyone on their contact list (that was stolen also) they are a pr0n freak. However, the passwords in question appear to be from an old list that was stolen in the past. Regardless, even though the passwords are old you know some people never change their password. Those are the folks that will probably pay up. Don't be one of those people.

To be clear there is very little possibility that anyone has video of you cranking it unless, of course, you video yourself cranking it. Further, this is almost always a scam. That said, the fact that the hackers are able to supply your real passwords – most probably gleaned from the multiple corporate break-ins that have happened over the past few years – is a clever change to the traditional cyber-blackmail methodology.
 
I received one of these when I got home from work yesterday.....
And I do not even have a webcam.
The password they sent to me was an old password I had used from at least 6+ years ago.
Here is the email.

From:
"Gipsy Schiestl" <[email protected]>

I know, *******, is your password. you don't know me and you are probably wondering why you are getting this mail, right?

Let me tell you, I actually placed a malware on the adult vids (sex sites) and guess what, you visited this web site to experience fun (you know what I mean). While you were busy watching video clips, your web browser started out operating as a Rdp (Remote control desktop) with a keylogger which gave me accessibility to your display screen as well as webcam. Just after that, my software collected every one of your contacts from messenger, social networks, as well as email.

What did I do?
I've created a double-screen video. First part displays the video you were viewing (you've got a nice taste haha), and second part shows the recording of your web cam.

What should you do?
Well, honestly, $2900 is a reasonable price tag for our little secret. You will make the payment via Bitcoin (if you do not know this, search "how to buy bitcoin" in google).

BTC ADDRESS: 1QBAEdrGm3FaFHZ3U1QNSYvvgYpbkM8usS
(It's cASe sensitive, so copy and paste it carefully)

Note:
You have one day in order to make the payment. (I have a special pixel in this email, and now I know that you've read this e-mail). If I do not receive the Bitcoin, I will definitely send out your video to all of your contacts including close relatives, colleagues, and many others. however, if I do get paid, I will erase the video immediately. If you want to have proof, reply with "yes!" and I will certainly send your video recording to your 6 friends. It is a non-negotiable offer, so don't waste my time and yours by responding to this message.
 
we are starting to see those from clients at work. Was funny to hear one woman.. go on how she doesnt view porn.. nor would film herself. Which normally i would believe, until she kept insisting.. hmmm
 
we are starting to see those from clients at work. Was funny to hear one woman.. go on how she doesnt view porn.. nor would film herself. Which normally i would believe, until she kept insisting.. hmmm

There are the religious types out there and such but seriously, why would most people care if someone watches porn? Kind of a natural thing for humans to be interested in sex.
 
I've seen several of these emails at the office, although they didn't include a password, and the English was much worse. :meh:

At least I have most the office trained to forward any odd emails to me so I can let them know if it's a scam.

The line about the webcam is funny, since most the email's I've seen where sent to people with desktops that don't have a webcam. :p
(and most the users with laptops, put a sticker over their web cam, just in case)
 
Last edited:
I've gotten a few of these already going back to last year. Only thing is I've never used any of the passwords they show in the messages.

Jokes on them, though. I don't even have a webcam and I've never owned one.

Also have to love the quip about a "special pixel."
 
Yeah, I got this yesterday too along with a throwaway password I use. I went about changing important ones anyway. It was good to do a review of my passwords.
 
I got one of these at a highly stressful point in my life and freaked out for about about 5 minutes straight. After I calmed down and thought about it, didn’t make any sense, so I ignored it and guess what, nothing happened. I did pass it along to everyone I knew though, so they wouldn’t get bamboozled. I really hate these guys!
 
When they said porn, I was like okay. Now if they said we were going to tell everyone you played Dungeons and Dragons ... then I'd be worried.
 
I got one of these emails yesterday. I'm interested in knowing what site got hacked. I hadn't used the pw in a few years but it was correct
 
I got one of these a few weeks ago except without the password thing, like some others in this thread I don't have a webcam which made the whole thing pretty funny.

They were nice enough(lol) to give me 5 days instead of the 1 day in the one posted above and they also included more details on how to buy bitcoin, probably still not detailed enough for the types that would fall for it though.
 
If you want to have proof, reply with "yes!" and I will certainly send your video recording to your 6 friends. It is a non-negotiable offer, so don't waste my time and yours by responding to this message.

Please tell me you replied!
 
I like seeing titties bounce when some gal is getting pounded. So what?! It's the American thing to do.

Even if it was legit, I'd let them have their fun. I was watching porn. Who gives a shit? Hell, send me $1450 in Bitcoin and I'll tell them myself.
 
I'd probably pay to get the 4k version of that myself. I'm a rock star in front of the computer screen.
 
I got one of these emails yesterday. I'm interested in knowing what site got hacked. I hadn't used the pw in a few years but it was correct

You could try haveibeenpwned, might narrow down some of it for you.
 
  • Like
Reactions: TMCM
like this
The funny thing is when I didn't reply to their original offer of $2900, the next day they email me with $1700 instead, lol!

I think these wiseasses are buying up data from dehashed.com or something like that and just email blasting everyone hoping to get some noobs to pay up.
 
Last edited:
This is basically Black Mirror Season 3 Episode 3 "Shut Up and Dance". A least they are stealing ideas from a good show.
 
Funny thing is this doesn't work on me because I don't have a reputation to protect at all. I'm literally the guy who is seen juggling naked. The advantages of being a bohemian poor artist.
 
I received one of these when I got home from work yesterday.....
And I do not even have a webcam.
The password they sent to me was an old password I had used from at least 6+ years ago.
Here is the email.

From:
"Gipsy Schiestl" <[email protected]>

I know, *******, is your password. you don't know me and you are probably wondering why you are getting this mail, right?

Let me tell you, I actually placed a malware on the adult vids (sex sites) and guess what, you visited this web site to experience fun (you know what I mean). While you were busy watching video clips, your web browser started out operating as a Rdp (Remote control desktop) with a keylogger which gave me accessibility to your display screen as well as webcam. Just after that, my software collected every one of your contacts from messenger, social networks, as well as email.

What did I do?
I've created a double-screen video. First part displays the video you were viewing (you've got a nice taste haha), and second part shows the recording of your web cam.

What should you do?
Well, honestly, $2900 is a reasonable price tag for our little secret. You will make the payment via Bitcoin (if you do not know this, search "how to buy bitcoin" in google).

BTC ADDRESS: 1QBAEdrGm3FaFHZ3U1QNSYvvgYpbkM8usS
(It's cASe sensitive, so copy and paste it carefully)

Note:
You have one day in order to make the payment. (I have a special pixel in this email, and now I know that you've read this e-mail). If I do not receive the Bitcoin, I will definitely send out your video to all of your contacts including close relatives, colleagues, and many others. however, if I do get paid, I will erase the video immediately. If you want to have proof, reply with "yes!" and I will certainly send your video recording to your 6 friends. It is a non-negotiable offer, so don't waste my time and yours by responding to this message.

I got the exact same one yesterday.
 
So it is not ransomware, but a simple ransom scam.
 
Are they randomly generating BTC addresses for each email?

The one I got had 0 activity.
 
I received one of these when I got home from work yesterday.....
And I do not even have a webcam.
The password they sent to me was an old password I had used from at least 6+ years ago.
Here is the email.

From:
"Gipsy Schiestl" <[email protected]>

I know, *******, is your password. you don't know me and you are probably wondering why you are getting this mail, right?

Let me tell you, I actually placed a malware on the adult vids (sex sites) and guess what, you visited this web site to experience fun (you know what I mean). While you were busy watching video clips, your web browser started out operating as a Rdp (Remote control desktop) with a keylogger which gave me accessibility to your display screen as well as webcam. Just after that, my software collected every one of your contacts from messenger, social networks, as well as email.

What did I do?
I've created a double-screen video. First part displays the video you were viewing (you've got a nice taste haha), and second part shows the recording of your web cam.

What should you do?
Well, honestly, $2900 is a reasonable price tag for our little secret. You will make the payment via Bitcoin (if you do not know this, search "how to buy bitcoin" in google).

BTC ADDRESS: 1QBAEdrGm3FaFHZ3U1QNSYvvgYpbkM8usS
(It's cASe sensitive, so copy and paste it carefully)

Note:
You have one day in order to make the payment. (I have a special pixel in this email, and now I know that you've read this e-mail). If I do not receive the Bitcoin, I will definitely send out your video to all of your contacts including close relatives, colleagues, and many others. however, if I do get paid, I will erase the video immediately. If you want to have proof, reply with "yes!" and I will certainly send your video recording to your 6 friends. It is a non-negotiable offer, so don't waste my time and yours by responding to this message.

I received the same email recently only difference being the name and email address used, the number of contacts if I were to reply "yes!" and the BTC address. The rest is the same message, character for character. I know that part of the password shown to me was legit and used at the Avast forum that was hacked in 2014. They got the right email for me and username and password but were too stupid to figure out where the username ended and the password began. This is the first time I've received a (semi) legitimate extortion type email; all others have been obvious failures. Seeing my own password caused me to pause for a brief moment until I realized what it was. Not concerned about the content of the message but I was thinking if they have one password what else do they have? Just shows the importance of using a different password for each site or a throw away where you don't care.
 
Just to follow up / headsup, the same email account that got hit with the Bitcoin scam, was also hit with an "fake" Amazon phishing scam. There was an order notification that looked authentic but with a strange shipping address. They basically wanted you to click the link to go to a fake Amazon site and give them your AMazon log in credentials.

Luckily, my junk email account isn't the same account I use for my Amazon orders so I knew it was scam right away. Plus at the top it addresses you as [email protected] instead of your real name - which apparently is info the scammers don't have or too lazy to do the research to get.
 
Back
Top