Ransomware
Abuser: [email protected]
My server got infected by a ransomware and I found this bitcoin address and email from their message, which showed up when I logged into my server.
Bangladesh, 2019-12-08 08:44:51My server got infected by a ransomware and I found this bitcoin address and email from their message, which showed up when I logged into my server.
Bangladesh, 2019-12-08 08:44:51Catch him yesterday trying to cypher my files. Kicked him off my server without data loss; copied ransom and sent it to McAfee. Yes, block him if you can.
Spain, 2019-12-16 01:00:47Just a fake email saying he has a keylogger installed plus a video of me taken from a web cam and a "pornography" movie I was watching (don't actually watch porn, and no camera is on any pc). Demanding $545 USD. Email headers say it originated at seznam.cz, but the authenticated-user info is missing.
United States, 2020-01-10 17:28:01Run of the mill sextortion broadcast, yawn. Failed to deliver but bounced back due to spoofed source. Script-kiddy level. DefCon washout
United States, 2020-01-11 03:38:13update on my previous report. ScriptKiddy is using a MailNull account in order to spoof email addresses. Nothing creative here. X-Get-Message-Sender-Via: cp-wc90.per01.ds.network: sender_ident via received_protocol == local: mailnull/primary_hostname/system user X-Authenticated-Sender: cp-wc90.per01.ds.network: mailnull
United States, 2020-01-11 04:03:50Just a fake email saying he has a keylogger installed plus a video of me taken from a web cam and a "pornography" movie I was watching (don't actually watch porn, and no camera is on any pc).
Bulgaria, 2020-01-12 18:16:54“ What I've done? I made a double screen video. The first part shows the video you watched (you have good taste, yes ... but strange for me and other normal people), and the second part shows the recording of your webcam.”
Bulgaria, 2020-01-12 22:35:18Hi, stranger! I hacked your device, because I sent you this message from your account. If you have already changed your password, my malware will be intercepts it every time. You may not know me, and you are most likely wondering why you are receiving this email, right? In fact, I posted a malicious program on adults (pornography) of some websites, and you know that you visited these websites to enjoy (you know what I mean).
Bulgaria, 2020-01-13 08:36:21... In fact, I posted a malicious program on adults (pornography) of some websites, and you know that you visited these websites to enjoy While you were watching video clips, my trojan started working as a RDP (remote desktop) with a keylogger that gave me access to your screen as well as a webcam. Immediately after this, my program gathered all your contacts from messenger, social networks, and also by e-mail. What I've done? ... What should you do? Well, I think $557 (USD dollars) is a fair price for our little secret. You will make a bitcoin payment (if you don't know, look for "how to buy bitcoins" on Google). BTC Address: 18EcFkvFiBGpFGoH76cn6a7eAaJ4eh5yLi (This is CASE sensitive, please copy and paste it) ... And I will definitely send your video to your any 19 contacts. Bye!
United States, 2020-01-13 15:13:33Spoofed my account
Australia, 2020-01-13 23:42:38Hacked all my devices and trying to extort me for $545usd or he’ll pop up a video of porn ????
Australia, 2020-01-14 02:59:30Hi, stranger! I hacked your device, because I sent you this message from your account. If you have already changed your password, my malware will be intercepts it every time. Try to scam me so if youy can pleasy shut it down it will be great :)
Bulgaria, 2020-01-14 18:07:57What I've done? I made a double screen video. The first part shows the video you watched (you have good taste, yes ... but strange for me and other normal people), and the second part shows the recording of your webcam. What should you do? Well, I think $557 (USD dollars) is a fair price for our little secret. You will make a bitcoin payment (if you don't know, look for "how to buy bitcoins" on Google). BTC Address: 18EcFkvFiBGpFGoH76cn6a7eAaJ4eh5yLi
Bulgaria, 2020-01-14 19:06:40Person pretending to send you email from your own! Be smart and don’t believe this scam. If you click additional info at the email, you will see that the real sender email address is “ [email protected] , not your own! IP adress: 88.99.254.252 - located at Europe/Germany. DO NOT send any money, it’s a scam.
Bulgaria, 2020-01-17 13:54:06I hacked your device, because I sent you this message from your account.
United States, 2020-01-17 14:18:01