Hacker's threat: Pay $ 854 in Bitcoin or your "secret life" is public

Cyber ​​experts say there is no fixed number on how many phishing attacks occur in Canada or the United States in that year, although a conservative estimate suggests that hundreds of thousands will receive individuals and businesses.

There are two types of phishing: so-called "Spray and pray" and the target type called "phishing spears." In the latter, the hacker will turn as a company president or CFO and send emails to account managers in the same company and transfer them to the company, for example, as part of a "special project".

"A person could say we are making a deal, and it will be announced next week," explains Brian Bourne, co-founder of Black Arts Illuminated, an organization that brings IT security experts to Canada to share their findings and discuss strategies to defeat hackers. "An accountant who is down three levels would think he's the boss of my boss, so I should do better."

In fact, it is very easy to create an email as if it were from a known and trusted source. This is because several safeguards have been introduced when a simple Mail Transfer Protocol (SMTP), which is now being used by all regular email senders, was created in the 1970s – and now it would do a coordinated global effort.

Here is the anatomy of the recent splash and prayer attack and how anonymous emailers most likely got the slogans of their goals. After receiving some of these emails I was interested.

In today's world, there are estimated 5 billion e-mail accounts, each with a password chosen by the account holder. From time to time, widely used malicious applications were attacked and emails and passwords suddenly became vulnerable. One of the biggest known cases of infringement was the LinkedIn 2012 network. The e-mail criminality of 167 million people has been stolen, and now it trades with a dark Web site that is only accessible through special software on the World Wide Web. In addition to the attacked LinkedIn accounts, stolen credentials from many others, including MySpace, hit by a hack that was exposed to 360 million user accounts in 2013, and Ashley Madison, who suffered a 30 million email and password violation

(These email addresses and passwords will remain on the dark site to check if your information is at I Have Been Pwned, a free service maintained by the Australian Troy Hunt site security expert.)

In their response to the public, LinkedIn and other sites then strengthened security protocols and introduced a mandatory recovery of endangered accounts. The problem is that, according to security experts, many people reuse the same password for other sites.

Enter our hacker who had his old password.

When I got a hacker email, I remembered a specific password that boasted that he had "cracked" what I once used to join LinkedIn many years ago. Others who received the same email have similar comments. Security experts warn that you should take care of using one password in one place, often changing it and not finding it – for example, do not use your dog's name.

"Hi!" was the opening line on a hacker's email that appeared in her mailbox on Monday evening in October. He seemed to be a friendly person.

"I am a hacker who has cracked your email and device a few months ago.You used a password on one of the websites you visited and I captured it, of course you change it or it has already changed it It does not matter that malware updated every time. "

The address the hacker sent his e-mail seemed to be my own email address. Besides, it was not, it just looked. This is called "spoofing".

My hacker was only interested in a modest $ 857 payment. Provide helpful instructions on how to use Google to learn how to make a payment on the Bitcoin wallet you have provided.

"I give you 48 hours before you make a payment, and if that does not happen, all your contacts will come from a dark secret life," the hacker wrote.

The hacker made a number of claims, all fake, as it turned out. One of them was that they uploaded "malicious code to your operating system" – untrue, says our Toronto Star security technician.

Cyber ​​security experts say that even if people pay for this purchase, these hackers do not really have access to your account, camera on your phone, or browsing history (even though tapping links in email can upload malware to your device).

Most of all, my hacker bought a piece of LinkedIn data from a dark site – maybe under $ 2,000, experts say, and then phishing.

Best computer consultants will use unique passwords, never use them and change them often. Data is still there, hundreds of millions of emails and passwords are traded on a dark site.

"Every time someone clicks on a website, whether it is a Vehicle Forum or LinkedIn or Uber or Ashley Madison, or is breaking into the day, these credentials will be posted on a dark site and scraped by dishonest individuals," he said Bourne. "At this point, it's more a public domain, your username and the password you used."

As for how many people bite on a phishing attack and pay, there is no reliable data because the people who paid are generally not supposed to. Several arrests are sometimes made. RCMP this year set charges against Jordan Evan Bloom, 27, from Thornhill, who says he runs a database of 3 billion e-mail credentials and sells it on a dark site. The police claimed she had made $ 247,000 for the sale of passwords. The case remains in court.

And the proof that Canada is a bilingual country came last weekend: the same email from a hacker – but in French.

Text of the first hacker email:


I'm a hacker who's cracked your email and device a few months ago.

You've entered a password on one of the pages you've visited and captured it.

This is your password at the time of hacking: (removed)

Of course you can change or have already changed it.

But it does not matter, my malware has updated it every time.

Do not try to contact me or find me, it's impossible because I sent you an email from your account.

I've uploaded malicious code to your operating system via your email.

I have saved all your contacts with friends, colleagues, relatives and a history of visits to Internet resources.

I've also installed a Trojan on my device and spied for a long time.

You are not my only victim, I usually block computers and ask for ransom.

But I was hit by the places of confidential content you often visit.

I am in shock at your imagination! I've never seen anything like this!

So, when you were having fun in spicy places (you know what I mean!)

I made a screenshot using my program from my device's camera.

Then I combined them with the content of the currently viewed site.

Sending these photos to your contacts will be laughing!

I'm sure you do not want to.

That's why I expect you to pay for your silence.

I think $ 857 is an affordable price!

Pay with Bitcoin.

My wallet BTC: (removed)

If you do not know how to do it – join Google "how to convert money into a bitcoin wallet". It is not complicated.

Once this amount is received, all data will be automatically destroyed immediately. My virus will also be removed from your operating system.

My Trojan has a car alert, after reading this email, I will know it!

I give you two days (48 hours) to make a payment.

If that does not happen – all of your contacts get crazy in the dark secret life!

And to prevent it, your device will be blocked (even after 48 hours)

Do not be stupid!

Police or friends will certainly not help you …

p.s. I can advise you on the future. Do not enter passwords in dangerous places.

Hope for your caution.


Kevin Donovan is the main investigative reporter of Toronto Star. It will be available at 416-312-3503 or [email protected] Watch him @ kkevindonovanu

Kevin Donovan is the main investigative reporter of Toronto Star. It will be available at 416-312-3503 or [email protected] Watch him @ kkevindonovanu

Source link