Wiem co wieczorem robisz przed swoim komputerem, zapłać mi tysiaka to nikomu nie powiem

Od kilku tygodni dostajemy od Was mniej lub bardziej pełne rozpaczy prośby o pomoc. Wszystkie zaczynają się od tego, że ktoś włamał się Wam na komputer, pozyskał kompromitujące Was dane i Was szantażuje. Brzmi poważnie. Rozumiemy stres i Wasze roztrzęsienie. Dlatego tym bardziej cieszy nas, że większość z tych szantaży nie jest prawdziwa. To tak naprawdę bardzo bezczelne próby oszustwa. I to nie takie znowu oryginalne, bo o tym problemie pisaliśmy po raz pierwszy pół roku temu. Ale wygląda na to, że zjawisko znów się nasiliło — dlatego ostrzegamy: nie dajcie się nabrać i zobaczcie na czym polega to oszustwo.

Mówią, że oglądałem porno… a kto dziś Panie nie ogląda!?
Oddajmy głos jednemu z naszych Czytelników:

(…) otrzymałem podobnego maila po oglądaniu strony porno (niechcący kliknąłem w niej w jakąś reklamę, ale zaraz cofnąłem) jak pisaliście o tym w październiku i teraz jestem szantażowany. Bardzo mnie to przestraszyło, tym bardziej, że mail przyszedł na firmową pocztę, a ja jestem prezesem i nie wiem co począć, jeśli szantażysta swojego dzieła dokona. Nie ściągnąłem żadnej aplikacji ani plików, czy faktycznie może posiadać dostęp do wszystkich adresów w poczcie? Faktem jest, że mail przyszedł zaraz po oglądaniu strony, więc to mnie tym bardziej przeraża. Treść maila też wyglądała tym razem trochę inaczej niż na waszej stronie, szczególnie jeśli chodzi o nagłówek, bo jest tam też godzina rzekomego uruchomienia kamery. Poradźcie, co powinienem zrobić? Poniżej wklejam treść maila z nagłówkiem, proszę o dyskrecję:

I tu pojawia się teść e-maila zacytowana przez Czytelnika:

Ticket Dеtаils: UQU-XX8-55XXX
Email: mój adres firmowy
Camera ready,Notification: XX-01-2018 08:XX:XX:
Status: Waiting for Reply 04xuTaAy1A7f73wXXX_Priority: Normal
=-=–=-=-=–=-=-=-=-=-=-=-=–=-=-=–=-=-=-=-=-=–=-=-=–=-=-=-=-=-=-=-=–=-=-=-=-=-

What’s up,
If u were more alert while playing with yourself, I wouldn’t write dis message. I don’t think that playing with yourself is extremely terrible, but when all colleagues, relatives and friends receive video of it- it is obviously for you.
I placed virus on a porn site which you have visited. When the object press on a play button, device begins recording the screen and all cameras on your device starts working.
Moreover, my virus makes a remote desktop supplied with keylogger function from ur device , so I was able to collect all contacts from ur e-mail, messengers and other social networks. I’m writing on dis e-mail because It’s your working address, so u should check it.
I think that 330 usd is pretty enough for this little misstep. I made a split screen video(records from screen (interesting category ) and camera ooooooh… its funny AF)
So its your choice, if u want me to delete this сompromising evidence use my bitсоin wallet address: 1B88kaVFAWzwLxLjYjBXWq2MQ83s1pB1Nw
You have one day after opening my message, I put the special tracking pixel in it, so when you will open it I will see.If ya want me to share proofs with ya, reply on this message and I will send my creation to five contacts that I’ve got from ur device.
P.S.. U are able to complain to cops, but I don’t think that they can help, the investigation will last for several months- I’m from Estonia – so I dgf lmao

Innymi słowy, przestępcy bazują na “oczywistej oczywistości”, pierwszym oficjalnym i niepodważalnym prawie internetu: Jeśli ktoś korzysta z internetu, to prędzej czy później wejdzie na stronę zawierającą treści erotyczne, bo po pierwsze, a po drugie czasem — jak w przypadku naszego Czytelnika — może po prostu wyskoczyć niechciana reklama jako tzw. pop-under.

No więc skoro wiemy, że każdy internauta przynajmniej raz wszedł na stronę pornograficzną i że prawie każdy komputer oraz każdy smartfon wyposażony jest w kamerkę, to dlaczego nie ściemnić, że w trakcie tej (przypadkowej lub nie) porno-wizyty kamera była przejęta i nagrywała ofiarę? A że część osób podczas oglądania stron pornograficznych mocno to “przeżywa”, to podłoże do szantażu mamy gotowe.

Innymi słowy, przepis na sukces w internecie jest prosty: wyślij maila do kogo się da i zapewne znajdziesz wielu, którym uwiecznienie w trakcie oglądania stron pornograficznych może nie być na, nomen omen, rękę. Jeśli to prezes, to pewnie zapłaci…

Wiele wariantów tego scamu

Zanim bliżej przyjrzymy się temu, kto stoi za tym oszustwem, przytoczmy inne warianty tego samego scamu nadesłane przez innych Czytelników:

I kolejny:

Hello.
Do not consider on my illiteracy, I am from Iran.We installed the malware onto your system.Since that moment I pilfered all privy info from your device. Moreover I have a little bit more compromising evidence.The most important evidence which I have- its a video with your wanking.I set virus on a porn site and then you installed it. When you picked the video and clicked on a play, my software at once adjusted on your Operating System.
After setup, your front-camera made the video with you wanking,  furthermore I captured exactly the porn video you selected. In next week my virus collected all your social media and email contacts.
If you want to destroy  the videotape- send me 309 usd in Bitcoins.
Its my Bitcoin address – 1Bu97BAEFMxjsPXXaTYw75xkSU52Rt4Tn1
You have 30 h. from this moment. When I receive transfer I will eliminate the videotape in perpetuity. Otherwise I will send the record to all your contacts.

I kolejny:

Hello.
I do not presume to judge you, but as a result of some occasions, we have point of contact from now. I do not think that caress oneself is very amiss, but when all your acquaintances see it- its obviously bad.
So, what am I implying? You surfed the internet with роrn, which I’ve seized with the deleterious soft. Then you chose video, virus started working and your device became acting as dedicated desktop since that moment. Naturally, all cams and screen started recording instantly and then my soft collected all contacts from your device.
I message you on this e-mail address, because I’ve collected it from your device, and I make no doubt you for sure check this work e-mail.
The most interesting point that I edited video, on one side it shows your screen record, on another side your cams record. Its very amusingly. But it was sophisticated ,so I proud of it.
As a conclusion- if you want me to delete all this compromising evidence, here is my BTC wallet address- 1QDYcLgrbhFVXMe8YvvS6StVgHDE6s6FeS (it must be without «spaces» or «=»,check it). If you do not know how to use it, you can ask google or youtube for help- its very easy. It seems to me, that 330 usd will finish our problem and will destroy our touchpoint . You have thirty hours after opening this letter(I put tracking pixel in it, ill know when you read it). If you wont pay me, ill share the compromising with all contacts I’ve collected from you.
Finally, you can ask police for help, but, obviously, they will not find me for 1 day, so you will be shamed at all. Sorry for misprints, I am foreign.

I jeszcze jeden:

Good day.

I sincerely expect that I will not damage your heart. Shit happens, life didn’t give me selection. I have nothing against people with special tastes, moreover only God can judge u. So:
First of all, I adjusted the special virus on a web site with porn content (I think you understood me).
Secondly, when u clicked on a video, soft immediately started working, all cams switched on and screen started recording, then my soft collected all contacts from emails, messengers etc. Im really supercilious for this soft, it makes devices work as rdp with keylogger , exciting. This email address Ive collected from your device, I emailed u here because I think you will 100% going to check your corporative email.
All in all, I created a split screen video, with your involvement and porn movie from your screen, its kinda strange. Consequently, I can share this video with all your friends, colleagues, relatives etc. I guess it’s a huge shame for u.
But we can resolve this problem. 305 Usd- in my opinion, very common cost for mistake like this.
I accept only bitcoin, here is my btc wallet’s address- 16Q65ck9Uikr2z1N4wTPG5H7ZgkmLSzDeY You have 40 hours after reading my letter to complete transaction. I will see when u read this letter, I adjusted special tracking pixel in it. This time is sufficiently only to finalize all verifications and transaction, so you have to think rapidly. If I wont get my «wage», I will share this video with all contact Ive received from ur device.
You can ask cops for a support, but they wont detect me for even 150 hours, Im from China, so think twice. If Ill receive btc- all compromising evidence will be erased forever and I will never message you again.
U can reply, but this Will not make sense, I sent you this notification using my soft for anonymous messages, I don’t check the email after using it, because I contemplate about my safety too. Have a nice day, I hope u will make a good solution for you.

I ten:

Hi my friend.
I m a member of the team of hackers from Iran. I contact with you by your working email cause we think that you always visit it.
The other day our group uploaded a malicious program in porn site and when you clicked on a play button your appliance began shooting your screen and turning on camera to capture you self-abusing.So I guess you preceive what evidence Ive earned.
Besides, this program force your device work as dedicated server with plenty of functions like keylogger,parser etc. Finally, my software compiled all data,especially all your contacts from messengers,e-mails,social media.
If you wanna make me silent you should make a transaction of 550 dollars using bitcoins (cryptocurrensy). I know that you have this money.
Use this Bitcoin address to pay – 1ArG4XZkmKeMye1zVTk79brwCe7tUZqYdA
You should use it as usual credit card number. If you send bitcoins We will delete everything about you.
There are a lot of information about how to buy bitcoins, just read it. I can offer you this exchanger: coinbase .com. If you have a problem with this, try to find comfortable BTC ATM at coinatmradar.
You have exactly 1 day from the time you read our letter to finish a transaction.Dont try to play with us I use bot network, also we do not live in your country.If you want us to show proofs I will send everything to five your contacts then we will share their links. So you will ask them if they have received something or not.For some questions just reply.
Dont be fullish.

I ten:

Good day
Your OS is managed by our malware. What happened? I installed the virus on a porn web site, you clicked on the video and instantly downloaded this malicious soft to your system. The damnific program made your web camera working so I got the videotape with you wanking. In next 6 minutes this virus captured all your contacts. Eventually, I got all your contacts and tape with you self-abusing, so if u wish me to destroy all the data – send me 425 usd in BTC(cryptocurrency). Differently I will send the video to all your friends.
Its my Bitcoin number – 13dqJJzLxEdKdn3TXTWTBMUqzTyixtorh9
You have 30 h. to go after reading. When I receive transfer I will destroy the private data evermore.
I am sorry for my grammar- I am from Vietnam. this e-mail, it was stolen by me.

I na koniec, coś z innej (ale podobnej) beczki. Szantaż bez nagich zdjęć w tle — ot straszenie DDoS-em.

Hello,
You are going under DDoS attack unless you pay 3 Bitcoin.
Pay to 1JjbFaURDhkqNgmDhPHtFE3E315ezDAhTJ
Please note that it will not be easy to mitigate our attack, because our current UDP flood power is 400-500 Gbps.
Don’t worry, it will not be hard (we will try not to crash it at this moment) and will stop in 10 minutes. It’s just to prove that we are serious.We are aware that you probably don’t have 3 BTC at the moment, so we are giving you 24 hours to get it and pay us.
Find the best exchanger for you on howtobuybitcoins.info or localbitcoins.com You can pay directly through exchanger to our BTC address, you don’t even need to have BTC wallet. Current price of 1 BTC is about 415 USD, so we are cheap, at the moment. But if you ignore us, price will increase.
IMPORTANT: You don’t even have to reply. Just pay 3 BTC to 1JjbFaURDhkqNgmDhPHtFE3E315ezDAhTJ
– we will know it’s you and you will never hear from us again. We say it because for big companies it’s usually the problem as they don’t want that there is proof that they cooperated.
If you need to contact us, feel free to use some free email service.
But if you ignore us, and don’t pay within 24 hours, long term attack will start, price to stop will go to 10 BTC and will keep increasing for every hour of attack.
Many of our “clients” believe that if they pay us once, we will be back.
That’s not how we work – we never attack the same target after we are paid.
If you are thinking about reporting this to authorities, feel free to try. But it won’t help. We are not amateurs.
REMEMBER THIS: It’s a one-time payment. Pay and you will not hear from us ever again!
We do bad things, but we keep our word.
Thank you.

Ile zarobili szantażyści?

Jak widzicie, to co łączy wszystkie “szantaże”, a tak naprawdę oszustwa, żądają zapłaty w Bitcoinach. Jak myślicie ile osób płaci? Przeanalizowaliśmy stan wymienianych w powyższych wiadomości adresach portfeli bitcoina i na niektórych z nich faktycznie są środki. Od 700 do ponad tysiąca złotych. A trzeba tu nadmienić, że zapewne nie dysponujemy wszystkimi wariantami e-maili i wszystkimi adresami wykorzystywanymi przez oszustów.

źródło: niebezpiecznik.pl

 

Dodaj komentarz

Twój adres email nie zostanie opublikowany. Pola, których wypełnienie jest wymagane, są oznaczone symbolem *