Personal computing discussed

Moderators: Captain Ned, emkubed

 
just brew it!
Gold subscriber
Administrator
Topic Author
Posts: 51941
Joined: Tue Aug 20, 2002 10:51 pm
Location: Somewhere, having a beer

Stupid Bitcoin extortion scams

Sat Nov 03, 2018 1:46 pm

Anyone else been getting these? Scammer claims to have hacked your computer, and as "proof" offers an old password (which was likely obtained from any one of a number of past security breaches of sites with weak password encryption). Claims to have installed a RAT on your PC, and obtained compromising info and your contact list; they will "out" you if you don't pay several hundred $ in Bitcoin.

I guess they're counting on people who rarely change their password, use the same password across multiple sites/accounts, and have incriminating info on their PC and/or in their browsing history to get tricked into believing something's really going on, and pay up.

:roll:

If you spew that crap out to millions of people, maybe a few here and there will actually believe it and pay up...?

I've received maybe a half dozen or so of these in the past couple of weeks. They've been making it through Google's spam filter, though I suppose that will end as the filter gets "trained" to recognize them as spam/scam e-mails.
Nostalgia isn't what it used to be.
 
meerkt
Gerbil Elite
Posts: 992
Joined: Sun Aug 25, 2013 2:55 am

Re: Stupid Bitcoin extortion scams

Sat Nov 03, 2018 2:20 pm

Is the password correct?

They may send it to millions, a few might bite, but I do wonder how many of these would be actual crypto users.
 
just brew it!
Gold subscriber
Administrator
Topic Author
Posts: 51941
Joined: Tue Aug 20, 2002 10:51 pm
Location: Somewhere, having a beer

Re: Stupid Bitcoin extortion scams

Sat Nov 03, 2018 2:25 pm

It's a password I used on a few non-critical (otherwise I wouldn't have re-used it) sites several years ago. I'm sure they're counting on some people re-using the same password everywhere to convince their victims that their PC has actually been hacked.

At least one of the scam e-mails even copy-pasted the old password wrong (cut off the first letter). :lol:
Nostalgia isn't what it used to be.
 
qmacpoint
Gold subscriber
Gerbil First Class
Posts: 100
Joined: Wed Mar 14, 2018 12:56 pm

Re: Stupid Bitcoin extortion scams

Sat Nov 03, 2018 2:33 pm

just brew it! wrote:
It's a password I used on a few non-critical (otherwise I wouldn't have re-used it) sites several years ago. I'm sure they're counting on some people re-using the same password everywhere to convince their victims that their PC has actually been hacked.

At least one of the scam e-mails even copy-pasted the old password wrong (cut off the first letter). :lol:

I've been getting these emails too even through Google, there may be some randomness to the titles that allows them to go through anti-spam filters.

Some background info for other people: This is from numerous sites that get hacked and the credential information gets compiled into massive user/password lists. Nothing to worry about really (unless you actively use that password... shame on you people if you do this), just some scammers scraping these lists and sending phishing emails to people. You can check what sites have been compromised for sure if you look up your email in https://haveibeenpwned.com/
 
Waco
Gold subscriber
Minister of Gerbil Affairs
Posts: 2583
Joined: Tue Jan 20, 2009 4:14 pm
Location: Los Alamos, NM

Re: Stupid Bitcoin extortion scams

Sat Nov 03, 2018 7:20 pm

I get them all the time, even at my .gov work email address. It's usually fairly entertaining to screw with them though.
Desktop: Z170A Gaming Pro Carbon | 6700K @ 4.4 | 16 GB | GTX Titan Xm | XSPC RX360 | Heatkiller R3 | Samsung 4K 40" | 2048 + 240 + LSI 9207-8i (128x8) SSD
NAS: 1950X | Designare EX | 32 GB ECC | 7x8 TB RAIDZ2 | 8x2 TB RAID10 | FreeNAS | ZFS | LSI SAS
 
NovusBogus
Silver subscriber
Graphmaster Gerbil
Posts: 1314
Joined: Sun Jan 06, 2013 12:37 am

Re: Stupid Bitcoin extortion scams

Sat Nov 03, 2018 10:13 pm

I haven't run into this one yet. But the vast majority of my poorly secured accounts also use a crappy free email address that I never check, so I likely won't notice if they do try to come after me.
 
Krogoth
Gold subscriber
Gerbil Elder
Posts: 5539
Joined: Tue Apr 15, 2003 3:20 pm
Location: somewhere on Core Prime
Contact:

Re: Stupid Bitcoin extortion scams

Wed Nov 07, 2018 10:41 am

This is the next wave of ransomware. The scammers are trying to play into "whales" who got "rich" on the last crypto-currency craze.
Gigabyte Z390 AORUS-PRO Coffee Lake R 9700K, 2x8GiB of G.Skill DDR4-3600, Sapphire RX Vega 64, Corsair CX-750M V2 and Fractal Define R4 (W)
Ivy Bridge 3570K, 2x4GiB of G.Skill RIPSAW DDR3-1600, Gigabyte Z77X-UD3H, Corsair CX-750M V2, and PC-7B
 
The Egg
Minister of Gerbil Affairs
Posts: 2425
Joined: Sun Apr 06, 2008 4:46 pm

Re: Stupid Bitcoin extortion scams

Wed Nov 07, 2018 1:08 pm

An ex-coworker's address has been getting a multitude of "I hacked your webcam and recorded you having fun at an adult website" extortion attempts lately. Most of them say "I know your password is ____", but it's always just randomized nonsense that incorporates the username. I've seen prices range from $400 - $6,000 so far :roll:
 
Dposcorp
Silver subscriber
Minister of Gerbil Affairs
Posts: 2725
Joined: Thu Dec 27, 2001 7:00 pm
Location: Detroit, Michigan

Re: Stupid Bitcoin extortion scams

Wed Nov 07, 2018 4:06 pm

just brew it! wrote:
It's a password I used on a few non-critical (otherwise I wouldn't have re-used it) sites several years ago.


Seem with me.......an old password from years ago. I dont even respond.
 
bthylafh
Maximum Gerbil
Posts: 4110
Joined: Mon Dec 29, 2003 11:55 pm
Location: Southwest Missouri, USA

Re: Stupid Bitcoin extortion scams

Wed Nov 07, 2018 4:27 pm

A couple of my users started getting these a few months ago.
Hakkaa päälle!
i7-8700K|Asus Z-370 Pro|32GB DDR4|Asus Radeon RX-580|Samsung 960 EVO 1TB|1988 Model M||Logitech MX 518 & F310|Samsung C24FG70|Dell 2209WA|ATH-M50x
 
SecretSquirrel
Minister of Gerbil Affairs
Posts: 2481
Joined: Tue Jan 01, 2002 7:00 pm
Location: North DFW suburb...
Contact:

Re: Stupid Bitcoin extortion scams

Thu Nov 08, 2018 1:33 am

I haven't gotten one yet, but I did get an email from the IT dept letting everyone know that there was a large number of these messages coming in and to be aware if one made it through all the spam traps.

--SS
 
RuiFig
Silver subscriber
Gerbil
Posts: 31
Joined: Tue May 19, 2015 4:46 am
Location: Edinburgh, Scotland
Contact:

Re: Stupid Bitcoin extortion scams

Thu Nov 08, 2018 7:07 am

I got one of those a few days ago too.
In my case it was the password of a website I haven't used in years (RentACoder / Freelancer / whatever).
The password was correct and not used in any other websites, so the only explanation is they got hacked.
I did some quick googling for breaches on that website, and nothing. I wouldn't be surprised they never bothered telling their users they got hacked.

Anyway, I change the password, ignored the email, and moved on.
Code Monkey at Cloudgine Ltd. Personal blog on coding: http://www.crazygaze.com
 
Aphasia
Grand Gerbil Poohbah
Posts: 3688
Joined: Tue Jan 01, 2002 7:00 pm
Location: Solna/Sweden
Contact:

Re: Stupid Bitcoin extortion scams

Thu Nov 08, 2018 9:17 pm

Some of the passwords dumps they use are know, I have a thing where I used a couple of chars so I could identify which site something came from...
One of the dumps is the adobe dump, another is Fred Miranda, but if you go look at Troy Hunt's site Haveibeenowned you can assume all the big freely available dumps are used.

The latest batch have even started omitting the passwords entirely just basically doing a lazy ass copycat scam of a scam version if the whole thing...
 
just brew it!
Gold subscriber
Administrator
Topic Author
Posts: 51941
Joined: Tue Aug 20, 2002 10:51 pm
Location: Somewhere, having a beer

Re: Stupid Bitcoin extortion scams

Fri Nov 09, 2018 6:47 am

Yeah, I'm pretty sure mine came from the Adobe dump. That was one of the sites I used that password on.
Nostalgia isn't what it used to be.
 
danny e.
Maximum Gerbil
Posts: 4431
Joined: Thu Apr 25, 2002 3:09 pm
Location: Indonesia/Nebraska/Wisconsin

Re: Stupid Bitcoin extortion scams

Mon Nov 19, 2018 1:18 pm

i feel left out.
You don't have to feel safe to feel unafraid.
 
The Egg
Minister of Gerbil Affairs
Posts: 2425
Joined: Sun Apr 06, 2008 4:46 pm

Re: Stupid Bitcoin extortion scams

Mon Nov 19, 2018 4:00 pm

Got one this morning to the same work address demanding 9,000 :lol:
 
biffzinker
Gerbil Jedi
Posts: 1991
Joined: Tue Mar 21, 2006 3:53 pm
Location: AK, USA

Re: Stupid Bitcoin extortion scams

Mon Nov 19, 2018 5:50 pm

I've been getting text messages wanting me to claim x amount of bitcoin in exchange for certain details. Had one yesterday show up while I was at work.
It would take you 2,363 continuous hours or 98 days,11 hours, and 35 minutes of gameplay to complete your Steam library.
In this time you could travel to Venus one time.
 
Captain Ned
Gold subscriber
Global Moderator
Posts: 27408
Joined: Wed Jan 16, 2002 7:00 pm
Location: Vermont, USA

Re: Stupid Bitcoin extortion scams

Mon Nov 19, 2018 6:27 pm

biffzinker wrote:
I've been getting text messages wanting me to claim x amount of bitcoin in exchange for certain details. Had one yesterday show up while I was at work.

I've long wondered (day job) when the age-old 419 scam would move to dangling Bitcoins in front of people. I need wonder no longer. Betcha the weblink/email comes complete with some ransomware as well, just to keep the Bitcoin books balanced.
Humans sleep soundly in their beds because rough cats stand ready in the night to visit violence on those who would do us harm.
 
derFunkenstein
Gold subscriber
Gerbil God
Posts: 24754
Joined: Fri Feb 21, 2003 9:13 pm
Location: Comin' to you directly from the Mothership

Re: Stupid Bitcoin extortion scams

Fri Nov 30, 2018 11:31 am

I got one of these today. I'm almost certain it was tied to the Adobe breach. The password included in the email is so old that if I'm still using it on a website, that account deserves to be hacked. LOL
I do not understand what I do. For what I want to do I do not do, but what I hate I do.
 
drfish
Gold subscriber
Gerbil Elder
Posts: 5261
Joined: Wed Jan 22, 2003 7:53 pm
Location: Zeeland, MI

Re: Stupid Bitcoin extortion scams

Fri Nov 30, 2018 11:58 am

A couple of my users have gotten these, snuck through Office 365. Both of them had legit old passwords. One of my users in particular was legit freaked out by it, but I was so decisively dismissive that I think they felt better quickly. I just told them to make sure they aren't using that password anywhere anymore.
TR BBQ XV is over.
 
Waco
Gold subscriber
Minister of Gerbil Affairs
Posts: 2583
Joined: Tue Jan 20, 2009 4:14 pm
Location: Los Alamos, NM

Re: Stupid Bitcoin extortion scams

Fri Nov 30, 2018 12:52 pm

I just got a few of them in the past few days - none had a password I recognized. Weird.
Desktop: Z170A Gaming Pro Carbon | 6700K @ 4.4 | 16 GB | GTX Titan Xm | XSPC RX360 | Heatkiller R3 | Samsung 4K 40" | 2048 + 240 + LSI 9207-8i (128x8) SSD
NAS: 1950X | Designare EX | 32 GB ECC | 7x8 TB RAIDZ2 | 8x2 TB RAID10 | FreeNAS | ZFS | LSI SAS
 
just brew it!
Gold subscriber
Administrator
Topic Author
Posts: 51941
Joined: Tue Aug 20, 2002 10:51 pm
Location: Somewhere, having a beer

Re: Stupid Bitcoin extortion scams

Fri Nov 30, 2018 8:15 pm

Yeah, the first few I got had a password which I'm pretty sure leaked in the Adobe breach. Since then the passwords have been random (and not something I've ever used). They're still coming, but Google is doing a better job of sending them to the Spam folder without manual intervention.
Nostalgia isn't what it used to be.

Who is online

Users browsing this forum: No registered users and 1 guest