Hello do you have bitcoin

Фейковый взлом с требованием выкупа

Возвращался я как-то с работы домой и пока ехал, решил проверить почту. В папке Входящие было пусто, однако в папке Спам забрело одно письмо. Я его открываю и вижу следующий текст:

So‌ I’m a‌ ha‌cke‌r who‌ bro‌ke‌ yo‌u‌r e‌ ma‌i‌l a‌s we‌ll a‌s de‌vi‌ce‌ a‌ co‌u‌ple‌ o‌f mo‌nths ba‌ck.

Yo‌u‌ e‌nte‌re‌d yo‌u‌r pwd o‌n o‌ne‌ o‌f the‌ we‌bsi‌te‌s yo‌u‌ vi‌si‌te‌d, a‌nd I i‌nte‌rce‌pte‌d i‌t.

Thi‌s i‌s yo‌u‌r se‌cu‌ri‌ty pa‌sswo‌rd o‌f my_email@email.com o‌n mo‌me‌nt o‌f co‌mpro‌mi‌se‌: rkdsjw2c3t

Ho‌we‌ve‌r yo‌u‌ ca‌n ca‌n cha‌nge‌ i‌t, o‌r e‌ve‌n a‌lre‌a‌dy cha‌nge‌d i‌t.

No‌ne‌the‌le‌ss thi‌s do‌e‌sn’t me‌a‌n mu‌ch, my ma‌li‌ci‌o‌u‌s so‌ftwa‌re‌ u‌pda‌te‌d i‌t e‌a‌ch a‌nd e‌ve‌ry ti‌me‌.

Do‌ no‌t re‌a‌lly try to‌ ma‌ke‌ co‌nta‌ct wi‌th me‌ o‌r e‌ve‌n fi‌nd me‌, i‌t i‌s i‌mpo‌ssi‌ble‌, si‌nce‌ I se‌nt thi‌s e‌ma‌i‌l fro‌m yo‌u‌r a‌cco‌u‌nt.

By me‌a‌ns o‌f yo‌u‌r o‌wn e‌-ma‌i‌l, I u‌plo‌a‌de‌d ha‌rmfu‌l co‌de‌ to‌ yo‌u‌r Ope‌ra‌ti‌o‌n Syste‌m.

I sa‌ve‌d yo‌u‌r e‌nti‌re‌ co‌nta‌cts wi‌th fri‌e‌nds, co‌-wo‌rke‌rs, lo‌ve‌d o‌ne‌s plu‌s a‌ fu‌ll hi‌sto‌ ;ry o‌f vi‌si‌ts to‌ the‌ Onli‌ne‌ re‌so‌u‌rce‌s.

As we‌ll I se‌t u‌p a‌ Tro‌ja‌n o‌n yo‌u‌r syste‌m.

Yo‌u‌ a‌re‌ no‌t my o‌nly pre‌y, I co‌mmo‌nly lo‌ck pcs a‌nd a‌sk fo‌r the‌ ra‌nso‌m.

No‌ne‌the‌le‌ss I wa‌s stru‌ck thro‌u‌gh the‌ i‌nte‌rne‌t si‌te‌s o‌f clo‌se‌ co‌nte‌nt ma‌te‌ri‌a‌l tha‌t yo‌u‌ fre‌qu‌e‌ntly vi‌si‌t.

I a‌m i‌n su‌rpri‌se‌ o‌f yo‌u‌r o‌wn fa‌nta‌si‌e‌s! I’ve‌ ne‌ve‌r no‌ti‌ce‌d a‌nythi‌ng a‌t a‌ll li‌ke‌ thi‌s!

Thu‌s, whe‌n yo‌u‌ ha‌d e‌njo‌yme‌nt o‌n pi‌qu‌a‌nt we‌b si‌te‌s (yo‌u‌ kno‌w wha‌t I me‌a‌n!) I ma‌de‌ scre‌e‌nsho‌t wi‌th u‌ti‌li‌zi‌ng my pro‌gra‌m fro‌m yo‌u‌r ca‌me‌ra‌ o‌f yo‌u‌rs de‌vi‌ce‌.

The‌re‌ a‌fte‌r, I co‌mbi‌ne‌d the‌m to‌ the‌ co‌nte‌nt o‌f the‌ cu‌rre‌ntly se‌e‌n si‌te‌.

No‌w the‌re‌ i‌s go‌i‌ng to‌ be‌ la‌u‌ghte‌r whe‌n I se‌nd the‌se‌ i‌ma‌ge‌s to‌ yo‌u‌r co‌nne‌cti‌o‌ns!

Ye‌t I kno‌w yo‌u‌ wo‌u‌ldn’t wa‌nt tha‌t.

Co‌nse‌qu‌e‌ntly, I e‌xpe‌ct pa‌yme‌nt fro‌m yo‌u‌ i‌nte‌nde‌d fo‌r my qu‌i‌e‌t.

I thi‌nk $900 i‌s a‌n su‌i‌ta‌ble‌ pri‌ce‌ wi‌th re‌ga‌rd to‌ i‌t!

Pa‌y wi‌th Bi‌tco‌i‌n.

My BTC wa‌lle‌t a‌ddre‌ss: 1DpMeAFiLPVBp5ohwAqJALFLQrVQcfK77f

If yo‌u‌ do‌ no‌t re‌a‌lly u‌nde‌rsta‌nd ho‌w to‌ do‌ thi‌s — type‌ i‌n to‌ Go‌o‌gle‌ ‘ho‌w to‌ tra‌nsfe‌r mo‌ne‌y to‌ the‌ bi‌tco‌i‌n wa‌lle‌t’. It i‌s no‌t di‌ffi‌cu‌lt.

Afte‌r re‌ce‌i‌vi‌ng the‌ gi‌ve‌n a‌mo‌u‌nt, a‌ll yo‌u‌r de‌ta‌i‌ls wi‌ll be‌ ri‌ght a‌wa‌y e‌li‌mi‌na‌te‌d a‌u‌to‌ma‌ti‌ca‌lly. My tro‌ja‌n wi‌ll a‌lso‌ e‌li‌mi‌na‌te‌ i‌tse‌lf fro‌m yo‌u‌r o‌s.

My Co‌mpu‌te‌r vi‌ru‌s ha‌ve‌ a‌u‌to‌ a‌le‌rt, so‌ I kno‌w whe‌n thi‌s pa‌rti‌cu‌la‌r e‌-ma‌i‌l i‌s re‌a‌d.

I gi‌ve‌ yo‌u‌ 2 da‌ys (Fo‌rty e‌i‌ght ho‌u‌rs) i‌n o‌rde‌r to‌ ma‌ke‌ the‌ pa‌yme‌nt.

If thi‌s do‌e‌s no‌t o‌ccu‌r — ju‌st a‌bo‌u‌t a‌ll yo‌u‌r co‌nta‌cts wi‌ll ce‌rta‌i‌nly ge‌t cra‌zy pi‌ctu‌re‌s fro‌m yo‌u‌r da‌rk se‌cre‌t li‌fe‌ a‌nd yo‌u‌r syste‌m wi‌ll be‌ blo‌cke‌d a‌s we‌ll a‌fte‌r 48 ho‌u‌rs.

Do‌ no‌t be‌ stu‌pi‌d!

Au‌tho‌ri‌ti‌e‌s o‌r fri‌e‌nds wo‌n’t he‌lp yo‌u‌ fo‌r su‌re‌ .

PS I ca‌n pre‌se‌nt yo‌u‌ wi‌th re‌co‌mme‌nda‌ti‌o‌n wi‌th re‌ga‌rd to‌ the‌ fu‌tu‌re‌. Do‌ no‌t ke‌y i‌n yo‌u‌r pa‌sswo‌rds o‌n ri‌sky we‌b-si‌te‌s.

I e‌xpe‌ct fo‌r yo‌u‌r di‌scre‌ti‌o‌n.

Email и пароль я конечно же изменил, остальное в тексте осталось неизменным.

В чем смысл письма? Сейчас все узнаете.

Первым делом я конечно же обратил внимание, что указана моя почта и указан мой реальный пароль, который я использовал лет 7-8 назад. Но, в этом пароле не хватало одного символа. Это меня немного смутило, тем более, этот простейший пароль был использован для малозначащих сервисов.

Второе, что меня смутило — это то, что «хакер», от которого пришло это письмо, заявляет что он взломал мою почту и в ней же оставил эту заметку. Согласитесь, бред же? Почему бред? Да потому, что отправить email без указания отправителя не сложнее, чем отправить анонимный бумажный конверт по почте России. Об этом, наверно, даже знают юные читатели детского юмористического журнала «Хакер».

Дальше в письме, в стиле статеек из журнала Хакер, идут запугивания, о том, что этот «хакер» взломал мой компьютер и установил на него троян, который постоянно обновляется и наверно, в скором времени накатит для него первый сервис-пак.

Дальше в письме, хакер грозится тем, что он сделал скриншоты, когда я посещал «пикантные сайты» и тем, что он разошлет эти скриншоты чисто поржать всем моим друзьям.

Ну в конечном итоге, он просит всего лишь 900 долларов за «молчание». Выкуп он просит в виде Биткоинов, а если вы не знаете что это такое — гугл вам в помощь. После того, как вы заплатите выкуп, хакерский троян самоуничтожится и хакер научит вас компьютерной грамотности, для того, чтобы вас больше не разводили на деньги.

О какой злобный хакер!

Прочитал я это письмо и пошел. нет, не куда подальше, а за хлебом. Походил я еще с час в магазине и вспомнил: хакер же просил не терять времени, а времени у меня 48 часов. Пришел я домой, покушал, посидел пару часов на ютубе и опять вспомнил про хакера. Да нет, не про журнал Хакер, а про их читателя, который настрочил это письмо. Ладно, подумал я, и решил понять, почему и при каких обстоятельствах засветился мой пароль семилетней давности, причем не весь, а только его десять символов (а у меня пароль был более десяти символов).

Первым делом я зашел на сайт Have I Been Pwned и ввел там свой адрес почты:

Ого, оказывается мой Email засветился в утекших базах данных на 4 дырявых сайтах. Листаю ниже:

Первые три сайта я отмел сразу, так как я ими не пользовался, а вот MySpace меня неприятно удивил. Оказывается, еще в далеком 2008 году была утечка данных, при которой утекли данные почти 360 миллионов пользователей. Среди этих данных были адреса электронной почты, имена пользователей и SHA1 хэшей первых 10 символов пароля. И лишь в 2016 году эти данные начали продавать на «Real Deal».

Так вот, откуда была утечка первых десяти символов моего пароля и загадка разгадалась сама собой.

Прошло свыше 48 часов, а этот хакер до сих пор сидит и ждет свои 900 долларов на биткоин-кошелек.

На что рассчитан этот метод развода? На то, что жертва, увидев это письмо в своем ящике, сразу же поддастся панике и заплатит требуемую сумму. И только спустя некоторое время, жертва заподозрит, что ее обманули.

Не поддавайтесь на уловки мошенников и лучше спокойно обдумайте все, спросите совета на форуме и не переводите никому требуемую сумму.

UPD1: Спустя некоторое время, в своем служебном почтовом ящике я обнаружил немного видоизмененное письмо:

I have very bad news for you.

03/08/2018 — on this day I hacked your OS and got full access to your account admin@admin.ru

On this day your account admin@admin.ru has password: 1234567890

So, you can change the password, yes.. But my malware intercepts it every time.

In the software of the router, through which you went online, was a vulnerability.

I just hacked this router and placed my malicious code on it.

When you went online, my trojan was installed on the OS of your device.

After that, I made a full dump of your disk (I have all your address book, history of viewing sites, all files, phone numbers and addresses of all your contacts).

A month ago, I wanted to lock your device and ask for a not big amount of btc to unlock.

But I looked at the sites that you regularly visit, and I was shocked by what I saw.

I’m talk you about sites for adults.

I want to say — you are a BIG pervert. Your fantasy is shifted far away from the normal course!

And I got an idea.

I made a screenshot of the adult sites where you have fun (do you understand what it is about, huh?).

After that, I made a screenshot of your joys (using the camera of your device) and glued them together.

Turned out amazing! You are so spectacular!

I’m know that you would not like to show these screenshots to your friends, relatives or colleagues.

I think $713 is a very, very small amount for my silence.

Besides, I have been spying on you for so long, having spent a lot of time!

Pay ONLY in Bitcoins!

My BTC wallet: 1FgfdebSqbXRciP2DXKJyqPSffX3Sx57RF

You do not know how to use bitcoins?

Enter a query in any search engine: «how to replenish btc wallet».

It’s extremely easy

For this payment I give you two days (48 hours).

As soon as this letter is opened, the timer will work.

After payment, my virus and dirty screenshots with your enjoys will be self-destruct automatically.

If I do not receive from you the specified amount, then your device will be locked, and all your contacts will receive a screenshots with your «enjoys».

I hope you understand your situation.

— Do not try to find and destroy my virus! (All your data, files and screenshots is already uploaded to a remote server)

— Do not try to contact me (you yourself will see that this is impossible, the sender address is automatically generated)

— Various security services will not help you; formatting a disk or destroying a device will not help, since your data is already on a remote server.

P.S. You are not my single victim. so, I guarantee you that I will not disturb you again after payment!

This is the word of honor hacker

I also ask you to regularly update your antiviruses in the future. This way you will no longer fall into a similar situation.

Do not hold evil! I just do my job.

Письмо довольно схожее с первым, но в этом случае, мой служебный почтовый ящик точно нигде не был засвечен и указанный пароль никогда не использовался.

В данном случае, недохакер просто наугад разослал письма в надежде на то, что кто-то клюнет на обман.

UPD2: Спустя месяц, пришло еще одно письмо, но уже с несуществующим обратным адресом:

I am well aware 1234567890 is your password. Lets get straight to purpose. You may not know me and you are probably thinking why you’re getting this email? No person has paid me to check about you.

actually, I actually placed a software on the xxx video clips (pornographic material) web site and do you know what, you visited this web site to have fun (you know what I mean). When you were viewing video clips, your browser initiated working as a RDP that has a key logger which gave me access to your display screen and also cam. Just after that, my software program gathered all your contacts from your Messenger, FB, as well as e-mailaccount. Next I created a video. First part shows the video you were watching (you have a nice taste rofl), and 2nd part shows the recording of your web camera, and its you.

You will have just two possibilities. Shall we go through each one of these options in particulars:

1st option is to disregard this email message. In such a case, I am going to send out your actual video to almost all of your personal contacts and also just consider regarding the disgrace you will definitely get. Do not forget in case you are in an affair, just how it is going to affect?

In the second place option is to compensate me $908. We will call it a donation. In this scenario, I most certainly will asap delete your videotape. You can keep on going everyday life like this never took place and you never will hear back again from me.

You will make the payment through Bitcoin (if you don’t know this, search «how to buy bitcoin» in Google).

BTC Address to send to: 1EXotvNDE9f7CJhFNG5A6t1z1K4Zd5mzBd

[case-SENSITIVE, copy & paste it]

If you are looking at going to the law enforcement, anyway, this message cannot be traced back to me. I have taken care of my moves. I am also not looking to ask you for very much, I simply want to be paid for.

You now have one day to make the payment. I’ve a specific pixel within this e mail, and right now I know that you have read through this email. If I do not get the BitCoins, I definitely will send out your video recording to all of your contacts including friends and family, co-workers, etc. However, if I receive the payment, I’ll destroy the recording immediately. If you need proof, reply with Yup & I definitely will send your video recording to your 13 contacts. This is a non:negotiable offer, that being said please don’t waste mine time and yours by replying to this e-mail.

Схема все та же: также указаны первые 10 символов пароля и требование выкупа. Скорее всего данное письмо не последнее и в скором времени придет еще парочка подобных писем с чуть измененным содержанием.

Источник

Newsround

5 Feb 2021 5 February 2021

When the richest person in the world gives his support to a virtual currency you know it’s big business.

Elon Musk has told users of an online social media app that he thinks the virtual currency, Bitcoin, is a «good thing.»

His comments resulted in the value of Bitcoin rising significantly.

So much so, that a singular Bitcoin went from being worth £3,600 in March last year to more than £27,000 now.

As talk of the currency has gone global, the Bank of Singapore has suggested that the 12-year-old currency could replace gold as its store of value.

However, in October, the head of the Bank of England, Andrew Bailey, warned about the unpredictability of Bitcoin, saying it makes him, «very nervous».

With all this talk you’re probably wondering — what is Bitcoin and how does it all work?

Here’s everything you need to know.

Bitcoin, often described as a cryptocurrency, a virtual currency or a digital currency — is a type of money that is completely virtual.

It’s like an online version of cash. You can use it to buy products and services, but not many shops accept Bitcoin yet and some countries have banned it altogether.

However, some companies are beginning to buy into its growing influence.

In October last year, for example, the online payment service, PayPal, announced that it would be allowing its customers to buy and sell Bitcoin.

The physical Bitcoins you see in photos are a novelty. They would be worthless without the private codes printed inside them.

Each Bitcoin is basically a computer file which is stored in a ‘digital wallet’ app on a smartphone or computer.

People can send Bitcoins (or part of one) to your digital wallet, and you can send Bitcoins to other people.

Every single transaction is recorded in a public list called the blockchain.

This makes it possible to trace the history of Bitcoins to stop people from spending coins they do not own, making copies or undo-ing transactions.

There are three main ways people get Bitcoins.

• You can buy Bitcoins using ‘real’ money.
• You can sell things and let people pay you with Bitcoins.
• Or they can be created using a computer.

In order for the Bitcoin system to work, people can make their computer process transactions for everybody.

The computers are made to work out incredibly difficult sums. Occasionally they are rewarded with a Bitcoin for the owner to keep.

People set up powerful computers just to try and get Bitcoins. This is called mining.

But the sums are becoming more and more difficult to stop too many Bitcoins being generated.

If you started mining now it could be years before you got a single Bitcoin.

You could end up spending more money on electricity for your computer than the Bitcoin would be worth.

There are lots of things other than money which we consider valuable like gold and diamonds. The Aztecs used cocoa beans as money!

Bitcoins are valuable because people are willing to exchange them for real goods and services, and even cash.

Some people like the fact that Bitcoin is not controlled by the government or banks.

People can also spend their Bitcoins fairly anonymously. Although all transactions are recorded, nobody would know which ‘account number’ was yours unless you told them.

In an online chat with social media users in January 2021, the world’s richest man, Elon Musk, said he was a big supporter of Bitcoin.

He even went as far as to change his Twitter bio to «#bitcoin».

He has repeatedly shown his support to online currencies in recent years and caused major movements in their values due to his own personal wealth and influence.

This particular endorsement led to the value of Bitcoin to rise significantly.

Every transaction is recorded publicly so it’s very difficult to copy Bitcoins, make fake ones or spend ones you don’t own.

It is possible to lose your Bitcoin wallet or delete your Bitcoins and lose them forever. There have also been thefts from websites that let you store your Bitcoins remotely.

The value of Bitcoins has gone up and down over the years since it was created in 2009 and some people don’t think it’s safe to turn your ‘real’ money into Bitcoins.

This concern was expressed by the head of The Bank of England, Andrew Bailey, in October 2020.

He said that he was «very nervous» about people using Bitcoin for payments pointing out that investors should realise its price is extremely volatile.

By this, he meant that the value could drop significantly at any moment and investors could lose a lot of money.

Источник