Ransomware Technique Uses Your real Passwords to Trick You

Discussion in '[H]ard|OCP Front Page News' started by Montu, Jul 13, 2018.

  1. Montu

    Montu [H]ard DCOTM x4

    Messages:
    7,461
    Joined:
    Apr 25, 2001
    Those crafty internet thieves have come up with another way to get your money and it's pretty clever. Scammers are sending email to people that tells them they know their password, displays said password, and then goes on to claim malware is on their computer. The email also claims they have accessed their webcam and know they were on a pr0n site watching video. After it lays all of this out it tells the recipient to send them some Bitcoin and they'll keep the secret or else tell everyone on their contact list (that was stolen also) they are a pr0n freak. However, the passwords in question appear to be from an old list that was stolen in the past. Regardless, even though the passwords are old you know some people never change their password. Those are the folks that will probably pay up. Don't be one of those people.

    To be clear there is very little possibility that anyone has video of you cranking it unless, of course, you video yourself cranking it. Further, this is almost always a scam. That said, the fact that the hackers are able to supply your real passwords – most probably gleaned from the multiple corporate break-ins that have happened over the past few years – is a clever change to the traditional cyber-blackmail methodology.
     
    dvsman likes this.
  2. TheRagnarok

    TheRagnarok n00bie

    Messages:
    3
    Joined:
    Apr 10, 2017
    I received one of these when I got home from work yesterday.....
    And I do not even have a webcam.
    The password they sent to me was an old password I had used from at least 6+ years ago.
    Here is the email.

    From:
    "Gipsy Schiestl" <woheathcliffnl@outlook.com>

    I know, *******, is your password. you don't know me and you are probably wondering why you are getting this mail, right?

    Let me tell you, I actually placed a malware on the adult vids (sex sites) and guess what, you visited this web site to experience fun (you know what I mean). While you were busy watching video clips, your web browser started out operating as a Rdp (Remote control desktop) with a keylogger which gave me accessibility to your display screen as well as webcam. Just after that, my software collected every one of your contacts from messenger, social networks, as well as email.

    What did I do?
    I've created a double-screen video. First part displays the video you were viewing (you've got a nice taste haha), and second part shows the recording of your web cam.

    What should you do?
    Well, honestly, $2900 is a reasonable price tag for our little secret. You will make the payment via Bitcoin (if you do not know this, search "how to buy bitcoin" in google).

    BTC ADDRESS: 1QBAEdrGm3FaFHZ3U1QNSYvvgYpbkM8usS
    (It's cASe sensitive, so copy and paste it carefully)

    Note:
    You have one day in order to make the payment. (I have a special pixel in this email, and now I know that you've read this e-mail). If I do not receive the Bitcoin, I will definitely send out your video to all of your contacts including close relatives, colleagues, and many others. however, if I do get paid, I will erase the video immediately. If you want to have proof, reply with "yes!" and I will certainly send your video recording to your 6 friends. It is a non-negotiable offer, so don't waste my time and yours by responding to this message.
     
  3. BobBobsonJr

    BobBobsonJr n00bie

    Messages:
    23
    Joined:
    Dec 15, 2017
    Assert dominance: Send your 'Private' videos to everyone on your contact list first.
     
    BloodyIron, c3k, Dayaks and 9 others like this.
  4. Wolf_Tech

    Wolf_Tech Limp Gawd

    Messages:
    202
    Joined:
    Sep 19, 2010
    LOL email view source see where it really came from.
     
  5. katanaD

    katanaD [H]ard|Gawd

    Messages:
    1,262
    Joined:
    Nov 15, 2016
    we are starting to see those from clients at work. Was funny to hear one woman.. go on how she doesnt view porn.. nor would film herself. Which normally i would believe, until she kept insisting.. hmmm
     
  6. necrosis

    necrosis Gawd

    Messages:
    745
    Joined:
    Oct 21, 2004
     
  7. heatlesssun

    heatlesssun Pick your own.....you deserve it.

    Messages:
    48,657
    Joined:
    Nov 5, 2005
    There are the religious types out there and such but seriously, why would most people care if someone watches porn? Kind of a natural thing for humans to be interested in sex.
     
    Sulphademus likes this.
  8. heatlesssun

    heatlesssun Pick your own.....you deserve it.

    Messages:
    48,657
    Joined:
    Nov 5, 2005
    These tactics operate more on fear than stupidity though fear can make you stupid.
     
  9. The Mad Atheist

    The Mad Atheist Limp Gawd

    Messages:
    210
    Joined:
    Mar 9, 2018
    Tell everyone I'm a porn freak, lol, as if they didn't know already.
    #ILuvPorn
    Now if they threaten to tell them I'm an anime freak, then I'll worry.
     
  10. nutzo

    nutzo [H]ardness Supreme

    Messages:
    6,805
    Joined:
    Feb 15, 2004
    I've seen several of these emails at the office, although they didn't include a password, and the English was much worse. :meh:

    At least I have most the office trained to forward any odd emails to me so I can let them know if it's a scam.

    The line about the webcam is funny, since most the email's I've seen where sent to people with desktops that don't have a webcam. :p
    (and most the users with laptops, put a sticker over their web cam, just in case)
     
    Last edited: Jul 13, 2018
    Armenius, heatlesssun and Sulphademus like this.
  11. Sulphademus

    Sulphademus Limp Gawd

    Messages:
    234
    Joined:
    Mar 18, 2010
    The lady doth protest too much?
     
    heatlesssun likes this.
  12. Armenius

    Armenius [H]ardForum Junkie

    Messages:
    13,960
    Joined:
    Jan 28, 2014
    I've gotten a few of these already going back to last year. Only thing is I've never used any of the passwords they show in the messages.

    Jokes on them, though. I don't even have a webcam and I've never owned one.

    Also have to love the quip about a "special pixel."
     
    HockeyJon and Azrak like this.
  13. Azrak

    Azrak Gawd

    Messages:
    627
    Joined:
    Oct 4, 2015
    I got your "special pixel" right here.
     
    HockeyJon and Armenius like this.
  14. TwiceOver

    TwiceOver 2[H]4U

    Messages:
    2,352
    Joined:
    Jan 14, 2003
    Yeah, I got this yesterday too along with a throwaway password I use. I went about changing important ones anyway. It was good to do a review of my passwords.
     
    Sulphademus likes this.
  15. Mugato

    Mugato Gawd

    Messages:
    928
    Joined:
    Feb 25, 2014
    I got one of these at a highly stressful point in my life and freaked out for about about 5 minutes straight. After I calmed down and thought about it, didn’t make any sense, so I ignored it and guess what, nothing happened. I did pass it along to everyone I knew though, so they wouldn’t get bamboozled. I really hate these guys!
     
  16. dvsman

    dvsman [H]ard|Gawd

    Messages:
    1,675
    Joined:
    Dec 2, 2009
    When they said porn, I was like okay. Now if they said we were going to tell everyone you played Dungeons and Dragons ... then I'd be worried.
     
    HockeyJon and Armenius like this.
  17. mynamehere

    mynamehere [H]ard|Gawd

    Messages:
    1,735
    Joined:
    Jun 30, 2007
    There's no shame in loving Anime!
    But they may threaten to tell them you're a hentai freak!
     
    GoldenTiger and The Mad Atheist like this.
  18. TMCM

    TMCM [H]ard|Gawd

    Messages:
    1,238
    Joined:
    Apr 15, 2003
    I got one of these emails yesterday. I'm interested in knowing what site got hacked. I hadn't used the pw in a few years but it was correct
     
  19. 1_rick

    1_rick Limp Gawd

    Messages:
    270
    Joined:
    Feb 7, 2017
    What? He's taking about a web bug/tracking pixel, like advertising uses. The dumb name is for non savvy people.
     
  20. Ebernanut

    Ebernanut Gawd

    Messages:
    838
    Joined:
    Dec 15, 2010
    I got one of these a few weeks ago except without the password thing, like some others in this thread I don't have a webcam which made the whole thing pretty funny.

    They were nice enough(lol) to give me 5 days instead of the 1 day in the one posted above and they also included more details on how to buy bitcoin, probably still not detailed enough for the types that would fall for it though.
     
  21. guuuuuurl

    guuuuuurl n00bie

    Messages:
    2
    Joined:
    May 20, 2017
    Please tell me you replied!
     
  22. Ur_Mom

    Ur_Mom I'm Not Serious

    Messages:
    24,722
    Joined:
    May 15, 2006
    I like seeing titties bounce when some gal is getting pounded. So what?! It's the American thing to do.

    Even if it was legit, I'd let them have their fun. I was watching porn. Who gives a shit? Hell, send me $1450 in Bitcoin and I'll tell them myself.
     
  23. xmadror

    xmadror Limp Gawd

    Messages:
    328
    Joined:
    Feb 13, 2012
    should have started his email with that !
     
  24. Brian_B

    Brian_B [H]ard|Gawd

    Messages:
    1,408
    Joined:
    Mar 23, 2012
    I'd probably pay to get the 4k version of that myself. I'm a rock star in front of the computer screen.
     
  25. Mugato

    Mugato Gawd

    Messages:
    928
    Joined:
    Feb 25, 2014
    You could try haveibeenpwned, might narrow down some of it for you.
     
    TMCM likes this.
  26. dvsman

    dvsman [H]ard|Gawd

    Messages:
    1,675
    Joined:
    Dec 2, 2009
    The funny thing is when I didn't reply to their original offer of $2900, the next day they email me with $1700 instead, lol!

    I think these wiseasses are buying up data from dehashed.com or something like that and just email blasting everyone hoping to get some noobs to pay up.
     
    Last edited: Jul 14, 2018
    heatlesssun likes this.
  27. robothunter

    robothunter Limp Gawd

    Messages:
    369
    Joined:
    Jan 19, 2008
    This is basically Black Mirror Season 3 Episode 3 "Shut Up and Dance". A least they are stealing ideas from a good show.
     
  28. maxz01

    maxz01 [H]Lite

    Messages:
    79
    Joined:
    Aug 26, 2017
    Funny thing is this doesn't work on me because I don't have a reputation to protect at all. I'm literally the guy who is seen juggling naked. The advantages of being a bohemian poor artist.
     
  29. Ur_Mom

    Ur_Mom I'm Not Serious

    Messages:
    24,722
    Joined:
    May 15, 2006
    Yes, you are. You want the 4K? Send $20 and I'll send you the 4K of you jerking it to the midget porn (you have very good taste!).
     
    Sulphademus and Brian_B like this.
  30. Zepher

    Zepher [H]ipster Replacement

    Messages:
    16,192
    Joined:
    Sep 29, 2001
    I got the exact same one yesterday.
     
  31. SPARTAN VI

    SPARTAN VI [H]ardness Supreme

    Messages:
    6,844
    Joined:
    Jun 12, 2004
    https://haveibeenpwned.com/
     
    TMCM likes this.
  32. M76

    M76 [H]ardness Supreme

    Messages:
    6,973
    Joined:
    Jun 12, 2012
    So it is not ransomware, but a simple ransom scam.
     
  33. next-Jin

    next-Jin [H]ardForum Junkie

    Messages:
    8,341
    Joined:
    Mar 29, 2006
    Are they randomly generating BTC addresses for each email?

    The one I got had 0 activity.
     
  34. NytCat

    NytCat n00bie

    Messages:
    1
    Joined:
    Jun 9, 2012
    I received the same email recently only difference being the name and email address used, the number of contacts if I were to reply "yes!" and the BTC address. The rest is the same message, character for character. I know that part of the password shown to me was legit and used at the Avast forum that was hacked in 2014. They got the right email for me and username and password but were too stupid to figure out where the username ended and the password began. This is the first time I've received a (semi) legitimate extortion type email; all others have been obvious failures. Seeing my own password caused me to pause for a brief moment until I realized what it was. Not concerned about the content of the message but I was thinking if they have one password what else do they have? Just shows the importance of using a different password for each site or a throw away where you don't care.
     
    heatlesssun likes this.
  35. dvsman

    dvsman [H]ard|Gawd

    Messages:
    1,675
    Joined:
    Dec 2, 2009
    Just to follow up / headsup, the same email account that got hit with the Bitcoin scam, was also hit with an "fake" Amazon phishing scam. There was an order notification that looked authentic but with a strange shipping address. They basically wanted you to click the link to go to a fake Amazon site and give them your AMazon log in credentials.

    Luckily, my junk email account isn't the same account I use for my Amazon orders so I knew it was scam right away. Plus at the top it addresses you as xyz@xyz.com instead of your real name - which apparently is info the scammers don't have or too lazy to do the research to get.