How Invisible Waves Have Changed the World
2019-08-15 [Petri]
In recent months there's been a massive flood of messages with varying subject lines and slightly different contents, all sharing a common theme:
A claim is made that the recipient's computer has been hacked and malware inserted on it.
The computer has thereafter been used to covertly record video on the computer, simultaneously recording what is shown on the screen.
And finally, a claim is made that this combination shows the user engaged in embarrassing private activities, the recording of which would be distributed to your friends and relatives in due course.
But it can all go away with a “small” bitcoin payment between 400 and 800 USD, depending on the huge daily fluctuations of the value of bitcoin.
Quite a steep payment for something that in no way provides proof of the “threat” actually going away: by sending this kind of extortion message the counterpart has already proved him or herself as being of a highly questionable character, so why would you believe that just a single payment will be enough?
Due to the numerous catch-all domains that I manage, I have received this extortion in its various forms now several thousand times, might actually be over 10,000 already. I have received it at least in English, Spanish, French and Italian.
A handful of these messages have had a real user name and a reference to a password as the receiving address. Those have been throwaway usernames for some mailing list that I used in the past, so their framework looks a bit more legit, and hence are clearly using hacked email lists for improved targeting.
(Discussion about throwaway usernames in the context of catchall domains and the spamming industry in general can be found in this blog entry.)
If someone like me, who is a single owner of just a handful of domains, gets thousands of these messages, the total amount of sent emails must be astronomical.
Despite all this, and with 100% probability, there naturally is no such video, but based on the continuing stream of these messages (about twenty new ones during last night), this scheme must be generating some serious cash - it would not have been running for months without some tangible financial results.
For those of you who might even envision themselves having been in such a questionable situation that the emails claimed to have recorded, the lack of any proof should be the first indicator that you can sleep in peace: if such a recording actually existed, there would be no reason not to add a titillating sample.
At one point, I got some variations of these messages that had stills from random porn films attached to them. Thank you very much, but where's the picture of ME enjoying this stuff?
There is also very scant real information supporting the “computer takeover” claim, which should be easy to do in a real case. Even a copy of an existing file from your Documents folder would help to give some credence to their story.
Finally, in my case, being somewhat of a privacy paranoid, the accompanying picture of my laptop probably is enough to prove why I only have academic interest in this latest fab of Internet-based extortion: even though I use Linux for all of my on-line activities, which by itself is very safe against the claimed “computer takeovers”, I've also taped over my camera for years now, only opening it when I actually use it.
Only the paranoid survive, and a roll of masking tape is cheap ;)
Permalink: https://bhoew.com/blog/en/92
Show latest Earlier entriesYou can purchase A Brief History of Everything Wireless: How Invisible Waves Have Changed the World from Springer or from Amazon US, CA, UK, BR, DE, ES, FR, IT, AU, IN, JP. For a more complete list of verified on-line bookstores by country, please click here.
Earlier entries:
You can purchase A Brief History of Everything Wireless: How Invisible Waves Have Changed the World from Springer or from Amazon US, CA, UK, BR, DE, ES, FR, IT, AU, IN, JP. For a more complete list of verified on-line bookstores by country, please click here.
PRIVACY STATEMENT AND CONTACT INFORMATION: we don't collect anything about your visits to this website: we think that your online history belongs to you alone. However, our blog comment section is managed by Disqus. Please read their privacy statement via this link. To contact the author directly, please costruct an email address from his first name and the name of this website. All product names, logos and brands are property of their respective owners and are used on this website for identification purposes only. © 2018 Petri Launiainen.