"Honor Hacker" blackmail for 793$ in Bitcoin [SOLVED]

[rockedge]

no worries ...totally fake and is fishing....one of my honey traps received like 30 of these all showing either the same email sent as received or a series of gmail addresses. the password shown on all of them is the same and was a user name and never used as a password.

all my cameras are placed in a forest and not a single machine has a built in camera.

And notice the wording.......what router --- what server was modified and what does the email address shown in the email have do do with my router? My email provider and server is someplace in Googleland.

if one knows how all this works you can see what is written is difficult at best to achieve

[musher0]

Thanks, rockedge.

@all:
Yesterday evening I received another e-mail from myself, that I didn't
write. Couldn't have, the charset is ibm852!!! Of course I didn't
understand a word.

I opened it and looked at the message source. Tried traceroute on the
origin: apparently I was in Eastern Europe when I wrote to myself! So I
was here and perhaps in Bratislava at the same time. This is beginning to
be funny!

Anyway, installed Lynis (https://cisofy.com/downloads/lynis)
and chkrootkit (http://www.chkrootkit.org), and ran them.
They are not anti-virus tools in the traditional sense, but using them can
be quite reassuring.

Also followed the instructions from this ubuntu thread:
https://askubuntu.com/questions/587872/ ... klm-trojan

Everything looks ok on this xenialPup-706.

I hope the above info can be helpful to someone.

BFN.

[greengeek]

How big is your disk?

i think this is a bit rude to ask another man. Just leave it to the imagination. Don't be a pervert

[Burn_IT]

And has it really been bitten several million times??

[Flash]

I use pass phrases. They're easier to remember, or at least type without making a mistake, and nearly as hard to guess as a collection of randomly generated characters. The only problem is, some websites won't accept spaces as characters.

[perdido]

I use pass phrases. They're easier to remember, or at least type without making a mistake, and nearly as hard to guess as a
collection of randomly generated characters. The only problem is, some websites won't accept spaces as characters.

If you type your pass phrase into gtk checksum utility there are a variety of different characters, you can choose a short checksum or a long
checksum as your password.

Using the imagination makes the possibilities endless and easy to remember.

.

[Flash]

Thanks! I hadn't thought of that.

[musher0]

I received an Italian version.
Raw source attached as a zip file, if anyone wants to do forensics on it.

BFN.

[mikeb]

I think this spammer is mean as he or she does not give an address to send our loving thoughts to,

mike

[foxpup]

I just checked the 2 IP's and the bitcoin wallet.
The IP's are in Fort Lauderdale, Florida and somewhere near Moscow, Russia. It probably leads to nothing.
The wallet is just 2 days old and has received more than 1 bitcoin in total from about 15 victims, which is a substantial amount of money and victims.

[foxpup]

For the bitcoin wallet in the first mail it adds up to more than 4 bitcoins in a week from 30 victims!

[musher0]

Thanks, guys.

This hacker sure has a high standard of living...

[6502coder]

It just keeps getting worse...

https://www.zdnet.com/article/bomb-thre ... on-victims/

[December 13th's] massive spam campaign that sent bomb threats to hundreds of thousands of users across the US and Canada, and caused evacuations of buildings across several cities, was carried out by the same group of spammers responsible for the recent wave of sextortion scams, two cyber-security firms said on Friday.

[emphasis mine]

[musher0]

Thanks for the additional info, 6502coder.

[foxpup]

It just keeps getting worse...

Well, it is almost Christmass, isn't it.