" I hacked you "

ketalar

Received this morning from myself:
My hacked password is not exact but resembles.
I am changing it with a more complicated one,
and will also change my sync crypted passwd.
Is it enough ?
Others have received this message

*Dear [email protected],

I regret to inform you that there has been a security breach involving the devices you use for internet browsing.

Several months ago, unauthorized access was gained to these devices, allowing me to monitor your internet activity. Recently, I managed to hack your email accounts, including your password: Ketchican1723b>.

Furthermore, a Trojan virus has been installed on all devices you use to access email. This was made possible due to your clicking on links from emails in your mailbox, which facilitated my penetration into your systems. Through this malicious software, I gained access to various features of your devices, such as the microphone, video camera, and keyboard. Additionally, I extracted and stored your personal information, data, photos, and web browsing history on my servers. Moreover, I gained access to your messengers, social networks, email, chat history, and contact list.

To remain undetected, my virus continuously updates its signatures, making it invisible to antivirus software.

During my investigation, I discovered that you frequently visit adult websites and view explicit content. I managed to record your intimate moments and create a montage showcasing them. If you doubt the authenticity of my claims, I can easily share these videos with your friends, colleagues, and relatives, or even make them publicly accessible.

I am convinced that it is in your best interest to prevent the disclosure of this information, given the potential consequences. Therefore, I propose the following solution: transfer $500 USD to my Bitcoin wallet (details provided below), based on the exchange rate at the time of the transaction. After the transfer is completed, all compromising information will be immediately deleted. After this, I will deactivate and remove the malicious software from your devices.

You can be assured that I will uphold my end of the agreement.

Bitcoin wallet: bc1qlk0crtppsqxekgvzfmnpwy4fzw9lnfc97rhyg3

You have 48 hours. As soon as you open this email, I will receive a notification, and from that moment on, the countdown begins.*

ketalar

more info if it helps:
From: [email protected]
Subject: Alarm! I hacked you and stole your information and photos.
Date: Thu, 30 Jun 2033 14:13:23 +0000
To: [email protected]
Received: from domain.com (unknown [1.1.1.1])
by imf08.b.hostedemail.com (Postfix) with ESMTP
for [email protected]; Thu, 30 Jun 2033 14:13:23 +0000 (UTC)
Content-Type: multipart/related; boundary="ybqj78qdad85yh8hcqm5arr6w8epxt7j"
X-Priority: 1 (Highest)
X-MSMail-Priority: High
Importance: High
X-Request-Priority: High
X-Message-Flag: Flag for follow up
X-Follow-Up-Flag: true
MIME-Version: 1.0

kurai

It's just a spam )))
I have received similar emails several times, ignored them and nothing happened.

Spammer have no access to your data and device.

Ayespy

@ketalar the email is a scam. There is not a word of Truth in it.

DoctorG

These dumb bad boyz try to scam me even on a spam trap address like [email protected]

DoctorG

@ketalar Please read https://help.vivaldi.com/services/webmail/report-spammers-phishing-scams/ and report such sending server to Vivaldi.

Catweazle

@kurai said in " I hacked you ":

It's just a spam )))
I have received similar emails several times, ignored them and nothing happened.

Spammer have no access to your data and device.

Same for me, delete and peace. Bad only if you response on this crap, never ever do it.

ketalar

@Catweazle
But how did "he" find (a part of) my password ?

Catweazle

@ketalar, he don't, it is very possible that he used some mirror codes in the email, which show the passwords locally. There is also something like this in some forums, a code like {username} where everyone sees their own nickname in a message (or his IP or other data).

That is, everyone he send this email will see their own password in it.
But he can receive your data when you reply to this email, which you should never ever do. In any case, changing this password anyway does not hurt, if only for peace of mind.

sgunhouse

@Catweazle As I've said before, if someone had hacked your device why would they need to email you? They supposedly have direct access to your computer, just pop up a message on the screen.

Also, trojans and viruses are different things.

Catweazle

@sgunhouse, agree, it's a simple scammer which can be deleted. The code I mencioned in this mail isn't a trojan or virus, it,s also used often in circular messages to show automaticly name and userdata of every receptor. it's a simple "mirror" script. But naturally scared when a user see his password in a mail, which is the intention of the scammer, that the user fall in the trap, responding to this mail or even pay him.

ketalar

@Catweazle said in " I hacked you ":

it is very possible that he used some mirror codes in the email, which show the passwords locally.

You mean that my (incomplete) password is added in the message at the moment I receive it ??
Again, how is it possible ?
That should not happen.

BTW, as I have been simultaneously hacked in my other addresses (different provider), I consider that Vivaldi mail client looks unsecure.
Of course, I changed passwords, added dual authentification, ...and changed the sync code.
Regards,

Catweazle

@ketalar, yes, it's just this, this part of your password in the mail never leave your PC. In the past in some forums we used it for pranks, moderators in their signature "I'm watching you {username} with your {IP}" and similar things.

LonM

@ketalar They have not hacked your Vivaldi account or PC. What likely happened is a different hacker hacked some service you use. They steal everyone's passwords on this other service and sell these password-email lists on the web. Then the hackers that contacted you put this info in an email, pretending that they have hacked your current account when really all they have done it download a password that was stolen a long time ago. I still get emails from hackers pretending they know my password which I last used decades ago.

This is why it is important to use a different password for each service (not similar, really different and unique). That way if one service gets hacked, it won't affect any others.

Catweazle

@LonM, also possible, but it's really the worst case. I also received mails like this and I use different passwords, because of this I believe more in this old good known mirror code. @DoctorG for sure also know this script, which has served for a lot of jokes to newbees in the past.

far4

@Catweazle said in " I hacked you ":

In the past in some forums we used it for pranks, moderators in their signature "I'm watching you {username} with your {IP}" and similar things.

The problem is that showing username (e.g. on a forum) and ip is not a privacy violation. But inserting a password in this way.... ??! How should the password be stored so that the script can access it?

DoctorG

@ketalar The passwords can not be hacked from Vivaldi mail server, all these are encrypted.
The local mail passwords can not be read as they are encrypted by OS password encryption.
The only way t o get users passwords is to have a trojan malware on your PC which reads password while you are typing it.

far4

@ketalar
If your password looked something like "Ketchican1723b", it could have been picked up through social engineering or bruteforce. A normal password should be long and random.

And if you didn't have 2fa enabled until now and didn't use application passwords for email clients (separate password for each, on each device) - then here is a possible reason for the hack. Add to this the mandatory antivirus and properly configured firewall on all devices, including android. If you download programs from software collection sites, you should always check them on VirusTotal before installing. On windows, never run as Administrator in a persistent mode. Never store passwords in a browser password manager, any, on any platform - only in encrypted form in a password manager like keepassdx.

1Z0FPMeRD5I

@ketalar so you do visit XXX sites quite frequently, or?
if the description of your behavior do not match what you really are doing, then you know it's just a fake.

DoctorG

@ketalar said in " I hacked you ":

including your password: Ketchican1723b>

There are wordlists in Internet where blackhat (=malicious) hackers can create passwords themselves by combination of words and numbers.
And they are sending to millions of users scam mails blackmailing bitcoins.