Email received from supposed darknet hacker?

[Eddie Morra]

I also got the same exact email from a guy called zack47 who put down my email address and my password, although i have forgotten if i ever used that password before and have changed it about 3 weeks ago.

Unless they have a password which is currently being used then they are talking nonsense and there's a 99.9% chance they are just relying on online leaked dumps of credentials from service breaches.

Change all of your passwords, make sure your passwords are strong, do not re-use the same passwords and give away as least personal information as you can online. Problem solved. If you really suspect that your system is currently infected, then reset it.

People who have infected someone else with a backdoor will not go around confessing to this and exposing this fact unless they are extremely idiotic. Therefore, someone actually claiming to have infected your system with malicious software is in itself... a sign that they actually didn't and that they are getting the information some other way. Anyway, if they did actually have access to your system and thus all your credentials... they would be able to go on and sell those credentials to other hackers or access your online banking, instead of trying to threaten you on an e-mail, so the chances are slim at best.

 

[Freki123]

@JiSingh12 Try to use unique strong passwords for sites that store data you should care about (like real name, adress or financal stuff of any sort).
Like shops you bought stuff from since they got all legit data from you.
If you are flexible just create a new email adress and create aliases for that mail and start all new with a not burned email and terminate the old one.
Like real email: JiSingh12(at)hotmail.com alias: myonlineshopping(at)hotmail.com
So for all your stuff just give em the myonlineshopping(at)hotmail.com email. If it ever get compromised delete it and create myonlineshopping2(at)hotmail.com or whatever. Just never use the real email
Anyway have fun
To say something more at topic its just a tactic to scare people. Lots of people view "adult" stuff and if you tell 100 people you saw them watching that stuff even if only 2 cave in and give you money its still a win for the "hacker". Its just fearmongering most of the time. If you are not a celebrity chances are realy small that they spend real work to get to you.
Also on a sidenote if you have a camera and don't use it unplug it or cover it > No one can see

 

[ste86]

I got the exact same one, they must be doing the rounds, well I got two identical ones, from supposed 2 different darknet members.

its on a second account I very rarely use, never for anything important, just spotted it in my spam folder, I dont have a cam attached to my PC, the password is wrong but its one I have used for some site or somewhere, possibly EAforums or somewhere. They must have hacked somewhere like that.

I was just interested in what similar login place we have used that we have in common that they got this from. Its a password I havent used for years, I cant remember where I used it, but it was probably some game forum like EA or somewhere.

Hopefully nobody sends these people money. Its fake, Its blackmail, they should be sent to prison for it. Hopefully they do. More should be done about this.

 

[Eddie Morra]

Hopefully they do.

They probably won't be sent to prison for it because for that to happen, a real case has to be opened and sufficient evidence has to be found to prove that the people allegedly responsible were... really responsible. Before that can happen, the people behind it have to actually be identified.

Then you have the issue of where they are situated. If they are situated in an area like Africa or India, good luck taking action against them.

Normal law enforcement in areas like the UK or U.S won't be equipped to deal with such anyway. They will be limited when it comes to cyber-crime investigations and even more limited when it comes to actually taking action against perpetrators who are located overseas - not to mention law differences and that overseas perpetrators would need to be officially extradited/manually travel to the area they are wanted to be captured and convicted.

It's a really complicated process really... and it makes it difficult for real action to be taken against overseas scammers.

 

[ste86]

Yeah, I know that, I just think this should be policed better in 2018, blackmail is a serious offence, so no matter how hard it is, it should be policed rather than, its the internet, what can you do, probably more likely to get done for sending a racist tweet or something than his kind of thing

There will be people mugged by this, worried by it, I would hate to think people send these scum money

They should be able to track the money

 

[Eddie Morra]

I completely agree that something should be done about it, but there's not much that can really be done about it right now. The money can be tracked, but they can't just kidnap a civilian from a foreign country and bring them over for trial in the native country of the victim/s... it doesn't work like that.

Also, when you bring factors like crypto-currency into the equation and the usage of tumbling systems to get back clean crypto-currency from the dirty crypto-currency, then tracking the extorted money becomes even more difficult and near impossible to do effectively without amazing resources. Even normal money laundering in general will complicate things A LOT.

If someone situated under your country were to rob you online and an investigation was started and this led to real evidence being uncovered on who the perpetrator was, that they were situated under the same country and that there was real evidence indicating it was this person... then they'd be arrested and would get a proper trial where they would be allowed to defend against the allegations or plead guilty for a lesser-sentence than they would get if they were found guilty. There's no guarantee that they'd have to pay a dime back and would get any punishment at all if it couldn't be proven that they were actually guilty of the alleged crimes. That's how the "justice system" works.

The best thing you can do is learn about social engineering and safe online practices to help keep yourself safe to prevent you from becoming a victim in the first place, or at-least to prevent it from happening again. And by "victim", I am referring to having fallen for something like this and actually paying the ransom. It all starts with learning how to stay safe online through good practices.

 

[Jacqui_king]

I rcvd the same email today but within the email it detailed my password. Any advice?

 

[Bill K]

I rcvd the same email today but within the email it detailed my password. Any advice?

From all of the advice above I'd say to change your password (on all accounts using it) but ignore the email - don't respond or make any payment.

 

[Eddie Morra]

The last thing you want to do is respond to it. That at-least confirms to them that there's someone active on the other side who uses the e-mail account... which makes you even more of a target.

Responding also opens up a further opportunity for them to social engineer you. Drop all communication with them.

 

[Bidg90]

Yup, I've received two emails today - I don't have a webcam or my laptop but I do on my work desktop, which is where I am now! I have covered this up, just incase! surely they can no see me through it??. I've changed all my passwords also. The second email which was sent at 7am UK time this morning and from this username - flory84. I've checked both IP's - First one - 190.247.195.20 and the second from the email below - 179.5.100.131 I'm reassured now that this is just a scam, thank's for the info above.

Hello!

My nickname in darknet is boonie39.
I hacked this mailbox more than six months ago,
through it I infected your operating system with a virus (trojan) created by me and have been monitoring you for a long time.

So, your password from (my email) is (my current password)!

Even if you changed the password after that - it does not matter, my virus intercepted all the caching data on your computer
and automatically saved access for me.

I have access to all your accounts, social networks, email, browsing history.
Accordingly, I have the data of all your contacts, files from your computer, photos and videos.

I was most struck by the intimate content sites that you occasionally visit.
You have a very wild imagination, I tell you!

During your pastime and entertainment there, I took screenshot through the camera of your device, synchronizing with what you are watching.
Oh my god! You are so funny and excited!

I think that you do not want all your contacts to get these files, right?
If you are of the same opinion, then I think that $879 is quite a fair price to destroy the dirt I created.

Send the above amount on my BTC wallet (bitcoin): 1NXNt72qfMhPZDffUEqryCYpEUzyR6LmgH
As soon as the above amount is received, I guarantee that the data will be deleted, I do not need it.

Otherwise, these files and history of visiting sites will get all your contacts from your device.
Also, I'll send to everyone your contact access to your email and access logs, I have carefully saved it!

Since reading this letter you have 48 hours!
After your reading this message, I'll receive an automatic notification that you have seen the letter.

I hope I taught you a good lesson.
Do not be so nonchalant, please visit only to proven resources, and don't enter your passwords anywhere!
Good luck!

 

[anthonymaw]

Lately I've been getting a flood of these threatening email messages demanding bitcoin payments too. They are real but you should ignore them although save it somewhere for future reference. Your email address and other account information like phone number, address, etc. including your *old* passwords were stolen from earlier hacks on Yahoo and many other web sites. Your account information is now floating around for sale on the darknet where scammers buy them to send out these threatening emails. There is nothing you can do except change all your passwords regularly, don't use any of the stolen passwords (obviously!) and enable Multi Factor Authentication (MFA). If you think your computer is infected with a virus or trojan you can use some good free scanners like Malwarebytes to check your Windows or Mac. You can also monitor your email addresses appearing on hacker list databases at a web site Have I Been Pwned: Check if your email has been compromised in a data breach. My own email address which is 25 years old appears on at least 14 breached web sites and one paste site so it hardly surprises me that it's been stolen from many databases.

 

[ste86]

The email address I got the email on does not show as breached, that email is the only spam email it has ever recieved. Its a rarely used email, thats why I thought I may have figured out where they got this from. I still think it must be from the EA forums where I used this email address

 

[Local Host]

You guys will have a hard time finding out where the e-mail came from, unless the spammer is a complete amateur (with an operation of this scale, I doubt). Any IPs and Addresses you guys get will be general and/or temporary, the closest you have to find the origins is the Bitcoin ID.

 

[Adam112]

As much as I belive this is a hoax. It's the first email of its kind I've had. I have been going on adult websites. All legal content and the likes of sex toy shops. I'm a very private person when it come to things like that. I haven't even bought condoms from a shop I buy them online to avoid the embarrasment. Has anybody had repocussions from this email.

 

[Freki123]

@Adam112 If after reading the whole thread your choice is to to support some high likely fearmongering scammer it's your choice no one can stop you.

 

[ste86]

As much as I belive this is a hoax. It's the first email of its kind I've had. I have been going on adult websites. All legal content and the likes of sex toy shops. I'm a very private person when it come to things like that. I haven't even bought condoms from a shop I buy them online to avoid the embarrasment. Has anybody had repocussions from this email.

Its complete nonsense, ignore it. If they really did have something, which they dont, do you think sending them money and it would go away, you will get loads of these, they will send them every other day, similar ones, you would end up paying them off for as long as you would be stupid enough to do it for. They are just hoping enough people are stupid enough. Even 1 person does it, and its a win for them

 

[playwithfire]

I also received a second email with a different darknet username, asking for a very similar price for payment (only changed by 2 dollars) with the rest of the email being the same. Interestingly, despite listing a different darknet username it asked for payment to exactly the same BitCoin wallet ID. That suggests it's either one person who is trying to hide themselves very badly, or it's come from a hacker group who share access to the wallet rather than an individual.

It's now been more than 48 hours since the first email and nothing has happened.

 

[mellowtones242]

I also received a second email with a different darknet username, asking for a very similar price for payment (only changed by 2 dollars) with the rest of the email being the same. Interestingly, despite listing a different darknet username it asked for payment to exactly the same BitCoin wallet ID. That suggests it's either one person who is trying to hide themselves very badly, or it's come from a hacker group who share access to the wallet rather than an individual.

It's now been more than 48 hours since the first email and nothing has happened.

Nothing will happen.

 

[LDogg]

Agreed with the above. Never put yourself into a state of paranoia with anything like this. It's how the bad guys win when you think they have done something, but really haven't.

~LDogg

 

[stefansalvatore]

I received Email too a few days ago but it went straight to spam box.