Ransomware
Abuser: unknown
My modest consulting fee is 1650 US Dollars to be transferred in Bitcoin. Exchange rate at the time of the transfer.
United States, 2021-10-28 13:35:47
Abuse to Bitcoin address
1DpA1wTZqGqP9pEcjfZ9bsGEHzbjcsTKq1
United States, 2021-10-28 13:35:47
Blackmail scam
Abuser: Fake ransom email
Authentication-Results: spf=fail (sender IP is 182.173.227.100) smtp.mailfrom=[redacted].com; dkim=none (message not signed) header.d=none;dmarc=fail action=oreject header.from=[redacted].com; Received-SPF: Fail (protection.outlook.com: domain of [redacted].com does not designate 182.173.227.100 as permitted sender) receiver=protection.outlook.com; client-ip=182.173.227.100; helo=182-173-227-100.guam.net; Received: from 182-173-227-100.guam.net (182.173.227.100) by DM6NAM10FT054.mail.protection.outlook.com (10.13.153.167) with Microsoft SMTP Server id 15.20.4649.14 via Frontend Transport; Thu, 28 Oct 2021 08:22:21 +0000 I am sorry to inform you but your device was hacked. That's what happened. I have used a Zero Click vulnerability with a special code to hack your device through a website. A complicated software that requires precise skills that I posess... My modest consulting fee is 1650 US Dollars to be transferred in Bitcoin. Exchange rate at the time of the transfer.
Japan, 2021-10-28 14:19:31
Blackmail scam
Abuser: Unknown
Standard scam - it's rubbish - don't pay. To be clear, my software controlled your camera and microphone as well. It was just about right timing to get you privacy violated. I have made a few pornhub worthy videos with you as a lead actor. Can't be true as my desktop has no webcam or microphone. My modest consulting fee is 1650 US Dollars to be transferred in Bitcoin. Exchange rate at the time of the transfer. You need to send that amount to this wallet: 1DpA1wTZqGqP9pEcjfZ9bsGEHzbjcsTKq1
United States, 2021-10-28 14:29:27
Ransomware
Abuser: Don’t know
Came from a spoofed email
United States, 2021-10-28 18:56:30
Ransomware
Abuser: atl4mhib25.registeredsite.com
This IP address was origin of ransomware email that looks as though it came from one of my domains and email addresses on that domain. 102.64.252.201 BTW The guy doesn't actually have the Zero-Click Apple iOS NSO virus, he/she/it is just bullshitting people. Partial raw email header, couldn't fit body in 2,000 chars apparently, header is complete with 'xxxxx-cafe.com' being my domain masked: Return-Path: <[email protected]> Delivered-To: [email protected] Received: (qmail 194194 invoked by uid 0); 28 Oct 2021 20:15:38 -0000 Received: from unknown (HELO atl4mhib25.registeredsite.com) (209.17.115.160) by 0 with ESMTPS (DHE-RSA-AES256-GCM-SHA384 encrypted); 28 Oct 2021 20:15:38 -0000 Received: from [102.64.252.201] ([102.64.252.201]) by atl4mhib25.registeredsite.com (8.14.4/8.14.4) with ESMTP id 19SKFUeq008950 for <[email protected]>; Thu, 28 Oct 2021 16:15:34 -0400 Message-ID: <[email protected]> Date: Thu, 28 Oct 2021 19:15:24 -0100 From: <mobile@ xxxxx-cafe.com> User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.9) Gecko/20100915 Thunderbird/3.1.4 MIME-Version: 1.0 To: <mobile@ xxxxx-cafe.com> Subject: =?UTF-8?B?RG8gWW91IERvIEFueSBvZiBUaGVzZSBFbWJhcnJhc3NpbmcgVGhpbmdzPw==?= Content-Type: multipart/alternative; boundary="------------050205040507090101080307" X-SpamScore: 6.502 X-MailHub-Apparently-To: mobile@ xxxxx-cafe.com This is a multi-part message in MIME format. --------------050205040507090101080307 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: quoted-printable I am sorry to inform you but your device was hacked.....
United States, 2021-10-29 00:02:40
Blackmail scam
Abuser: 1DpA1wTZqGqP9pEcjfZ9bsGEHzbjcsTKq1
Received:from [93.140.80.243] ([93.140.80.243]) Subject:Do You Do Any of These Embarrassing Things?
France, 2021-10-29 06:52:46
Blackmail scam
Abuser: his ip: 37.186.119.113
I am sorry to inform you but your device was hacked. That's what happened. I have used a Zero Click vulnerability with a special code to hack your device through a website. A complicated software that requires precise skills that I posess. This exploit works in a chain with a specially crafted unique code and such type of an attack goes undetected. You only had to visit a website to be infected, and unfortunately for you it's that simple for me. You were not targeted, but just became one of the many unlucky people who got hacked through that webpage. All of this happened in August. So I’ve had enough time to collect the information. I think you already know what is going to happen next. For a couple of month my software was quietly collecting information about your habits, websites you visit, websearches, texts you send. There is more to it, but I have listed just a few reasons for you to understand how serious this is. To be clear, my software controlled your camera and microphone as well. It was just about right timing to get you privacy violated. I have made a few pornhub worthy videos with you as a lead actor. etc., etc.
Belgium, 2021-10-29 09:35:18
Sextortion
Abuser: email received from server at ip addres 183.182.114.181
Standard sextortion email claiming to have media files of embarrassing content that will be made public unless paid some bitcoin.
United States, 2021-10-29 16:01:03
Sextortion
Abuser: don't know
e-mail trying to blackmail for supposed sex videos
United States, 2021-10-29 17:23:20
Blackmail scam
Abuser: Spoofed
Usual nonsense
United Kingdom, 2021-10-29 17:50:11
Blackmail scam
Abuser: EMAIL
Email blackmail attempt
New Zealand, 2021-10-30 01:03:19
Blackmail scam
Abuser: Dick head
Fk ur mother
Singapore, 2021-10-30 21:19:16
Blackmail scam
Abuser: 114.125.137.13
Unknown sender spoofed my own address as the sender and receiver. Specifics sent to FBI infraguard.
United States, 2021-10-31 06:14:01
Ransomware
Abuser: mail fds
hack jhs in mail not correcy
Turkey, 2021-10-31 12:55:46
Blackmail scam
Abuser: via email Zero Click vulnerability
I am sorry to inform you but your device was hacked. That's what happened. I have used a Zero Click vulnerability with a special code to hack your device through a website.
Canada, 2021-10-31 17:18:26