Me hackearon - Investigando un intento de Extorción



Recientemente revisando el SPAM encontré un correo interesante.  :¬¬ No me juzguen el SPAM a veces tiene cosas interesantes.

Básicamente el correo indicaba que Yo había sido hackeado, obviamente un intento de estafa, decía tener datos privados de navegación y fotos desde la webcam del sistema, adicionalmente un supuesto virus/troyano/bomba lógica que automáticamente estallaría en 2 dias apartir del momento en el que abri el correo. Indicaba que queria recibir 848 Dolares en Bitcoin y dejaba una dirección.

Código:
<Bloqueado por Google>

Lo que me sorprendió al investigar un poco mas es que la cuenta, si a recibido depósitos de Bitcoin en días recientes.


No se como hay gente que si cae en estas estafas

Actualmente la cuenta tiene un total de

Código:
0.36282302 BTC

Pero a recibido mas, ya que a hecho retiros parciales, movimientos totales por:

Código:
1.67353487 BTC

Otra cuenta de Bitcoin usando el mismo esquema, posiblemente la misma persona


Sin movimientos a la fecha

Obviamente yo no he sido hackeado.

Dejo aquí los detalles del correo original:

Código:
Received: from [115.21.112.165] ([115.21.112.165])
        by mx.google.com with ESMTP id i12-v6si5818563plt.9.2018.11.08.17.58.30
Subject: Security Alert. You account has been hacked.
Date: 9 Nov 2018 18:33:23 +0800
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 15.0
Content-Language: en-us



Hello!

I'm a programmer who cracked your email account and device about half year ago.
You entered a password on one of the insecure site you visited, and I catched it.

Of course you can will change your password, or already made it.
But it doesn't matter, my rat software update it every time.

Please don't try to contact me or find me, it is impossible, since I sent you an email from your email account.

Through your e-mail, I uploaded malicious code to your Operation System.
I saved all of your contacts with friends, colleagues, relatives and a complete history of visits to the Internet resources.
Also I installed a rat software on your device and long tome spying for you.

You are not my only victim, I usually lock devices and ask for a ransom.
But I was struck by the sites of intimate content that you very often visit.

I am in shock of your reach fantasies! Wow! I've never seen anything like this!
I did not even know that SUCH content could be so exciting!

So, when you had fun on intime sites (you know what I mean!)
I made screenshot with using my program from your camera of yours device.
After that, I jointed them to the content of the currently viewed site.

Will be funny when I send these photos to your contacts! And if your relatives see it?
BUT I'm sure you don't want it. I definitely would not want to ...

I will not do this if you pay me a little amount.
I think $848 is a nice price for it!

I accept only Bitcoins.
My BTC wallet: <Bloqueado por Google>

If you have difficulty with this - Ask Google "how to make a payment on a bitcoin wallet". It's easy.
After receiving the above amount, all your data will be immediately removed automatically.
My virus will also will be destroy itself from your operating system.

My Trojan have auto alert, after this email is looked, I will be know it!

You have 2 days (48 hours) for make a payment.
If this does not happen - all your contacts will get crazy shots with your dirty life!
And so that you do not obstruct me, your device will be locked (also after 48 hours)

Do not take this frivolously! This is the last warning!
Various security services or antiviruses won't help you for sure (I have already collected all your data).

Here are the recommendations of a professional:
Antiviruses do not help against modern malicious code. Just do not enter your passwords on unsafe sites!

I hope you will be prudent.
Bye.


Se ha bloqueado el codigo de la cartera Bitcoin por motivo que google lo considera como SPAM 

<Bloqueado por Google>

Aun asi se puede segir investigando en el link de:

https://foro.elhacker.net/seguridad/investigando_un_intento_de_extorcion-t489642.0.html

Comentarios

Entradas populares de este blog

Clave WPA2 por Defecto de equipos TotalPlay (Huawei HG8245H)

Activar y Validar Windows 7 - Loader 2.2.2

Cable modem Ubee - WPA2 y WPS por defecto