Wednesday, March 01, 2023

Ransomware Scams on the Cheap!

I've received a few of these emails, over time, to admin addresses of sites I run.

SUBJECT: Your Website Has Been Hacked

BODY:
Your Site Has Been Hacked

PLEASE FORWARD THiS EMAiL TO SOMEONE iN YOUR COMPANY WHO iS ALLOWED TO MAKE iMPORTANT DECiSiONS!

We have hacked your website rationalreview.com and extracted your databases.

How did this happen?

Our team has found a vulnerability within your site that we were able to exploit. After finding the vulnerability we were able to get your database credentials and extract your entire database and move the information to an offshore server.

What does this mean?

We will systematically go through a series of steps of totally damaging your reputation. First your database will be leaked or sold to the highest bidder which they will use with whatever their intentions are. Next if there are e-mails found they will be e-mailed that their information has been sold or leaked and your site rationalreview.com was at fault thusly damaging your reputation and having angry customers/associates with whatever angry customers/associates do. Lastly any links that you have indexed in the search engines will be de-indexed based off of blackhat techniques that we used in the past to de-index our targets.

How do i stop this?

We are willing to refrain from going through with these actions for a small fee. The amount:  $3500 (0.15 BTC)

[payment method demand details redacted -- KN@PPSTER]

What if i don’t pay?

if you decide not to pay, we will start the attack at the indicated date and uphold it until you do, there’s no counter measure to this, you will only end up wasting more money trying to find a solution. We will completely destroy your reputation amongst google and your customers.

This is not a hoax, do not reply to this email, don’t try to reason or negotiate, we will not read any replies. Once you have paid we will stop what we were doing and you will never hear from us again!

Pretty cool, huh? You don't actually have to create or purchase any ransomware, or hack any sites. You just have to find someone stupid enough to believe that you've hacked his or her site but haven't done anything to it yet that would constitute proof of said hacking.

Are there any such people? Presumably so, since I've received emails like this before and probably wouldn't be continuing to receive them if someone wasn't making money by spamming the threat.

The specified BTC payment address shows a zero balance and no activity, but I suppose there could be a script for the spam that creates new addresses on the fly for each individual email.

No comments: