Wednesday 14 November 2018

The new face of Blackmail

Got this badge now ..



The new face of Blackmail is an Email crafted to look like it came from your own account threatening to release video recorded from your own webcam whilst you were visiting a p*rn site.

This is no more real than promises of riches from a Nigerian prince but does seem to be a new trend. I had a few to/from different email addresses with similar text using different bitcoin accounts.

Bitcoin and variants used as a hard to trace
global money transfer system.
The email says "I have seen and recorded your naughty web activity from the inside of your machine and captured all your data. Pay a few hundred £ $ € into a Bitcoin wallet or all will be revealed." The use of Bitcoin wallets provides a hard to trace money laundering service. Bitcoin wallet addresses look like a string of characters such as  12ziVv4aQkZTA1gj86Y9uYQByG4CcdVcTA  This address has currently had 157 reports of abuse on the Bitcoin abuse database

The examples below include one sent from client-ip=169.159.131.77; helo=static-public-169.159.131.bronbergwisp.co.za but other have come from Russian .ru and Vietnam .vn domains.

These are a clear and present danger to cyber folks as a review of the transaction associated with this bitcoin show inbound transactions of the amount asked for See Here

A good follow the money investigation is written here.
If you get one of these just ignore it after filing a report on BitcoinAbuse.com

* Update March 2019 *

In an interesting twist we can see the Internet immune system is fighting back against this sort of spam. The foundation of many spam detection systems is using easily recognisable strings in order to filter spam messages. A bitcoin address is uniquely well suited to being filtered. The bitcoin address cannot be obscured using uppercase & lowercase or foreign letters because those are significant changes to the address meaning the bitcoin address would not work. An old spammers trick is to email an image of the message as a picture rather than including actual text that could be analysed and filtered. That tactic fails dismally as the instructions in the email say cut and paste the bitcoin address. Having an image of the bitcoin address rather than the actual text makes cutting and pasting impossible. In the last few messages that arrived I have seen this image tactic being used.  After receiving more than ten of these sorts of messages lose their terrifying impact.

=================

*Additionally*


We can also see very similar messages pimping for these bitcoin

1FihzQa76MNyGtkGDYaswgWWWCyPAKZ8ar , 
1MBmZsY5NdBc4swF6rJ8jyLatigooBUUKs ,
16ohM4oFgd4iy3SQWTptMrF6RvryYXAX9F ,

and this cluster of coins

1NkQMBosJTeN1zs1T4X3QM5BLFX24YPKys ,
12YXRfYeszfDSTzc5zH7wBbHPWpJkeSD3p ,

one has to assume that there is more than one person pushing out these scam blackmail messages.

=============


I greet you!

I have bad news for you.
27/08/2018 - on this day I hacked your operating system and got full access to your account x@x.x
On that day your account (x@x.x) password was: 55816

It is useless to change the password, my malware intercepts it every time.

How it was:
In the software of the router to which you were connected that day, there was a vulnerability.
I first hacked this router and placed my malicious code on it.
When you entered in the Internet, my trojan was installed on the operating system of your device.

After that, I made a full dump of your disk (I have all your address book, history of viewing sites, all files, phone numbers and addresses of all your contacts).

A month ago, I wanted to lock your device and ask for a small amount of money to unlock.
But I looked at the sites that you regularly visit, and came to the big delight of your favorite resources.
I'm talking about sites for adults.

I want to say - you are a big pervert. You have unbridled fantasy!

After that, an idea came to my mind.
I made a screenshot of the intimate website where you have fun (you know what it is about, right?).
After that, I took off your joys (using the camera of your device). It turned out beautifully, do not hesitate.

I am strongly belive that you would not like to show these pictures to your relatives, friends or colleagues.
I think $918 is a very small amount for my silence.
Besides, I spent a lot of time on you!

I accept money only in Bitcoins.
My BTC wallet: 12ziVv4aQkZTA1gj86Y9uYQByG4CcdVcTA

You do not know how to replenish a Bitcoin wallet?
In any search engine write "how to send money to btc wallet".
It's easier than send money to a credit card!

For payment you have a little more than two days (exactly 50 hours).
Do not worry, the timer will start at the moment when you open this letter. Yes, yes .. it has already started!

After payment, my virus and dirty photos with you self-destruct automatically.
Narrative, if I do not receive the specified amount from you, then your device will be blocked, and all your contacts will receive a photos with your "joys".

I want you to be prudent.
- Do not try to find and destroy my virus! (All your data is already uploaded to a remote server)
- Do not try to contact me (this is not feasible, I sent you an email from your account)
- Various security services will not help you; formatting a disk or destroying a device will not help either, since your data is already on a remote server.

P.S. I guarantee you that I will not disturb you again after payment, as you are not my single victim.
 This is a hacker code of honor.

From now on, I advise you to use good antiviruses and update them regularly (several times a day)!

Don't be mad at me, everyone has their own work.
Farewell.

===================
hello, my sacrifice.
THIS IS MY LAST WARNING!
I write you since I attached a malware on the web site with porn which you have visited. My malware grabbed all your personal information and turned on your camera which captured the process of your solitary sex. Just after that the soft saved your contact list. I will erase the compromising video and data if you pay me 800 EURO in bitcoin.
This is wallet address for payment :
I give you 30 hours after you view my message for making the payment. As soon as you view the message I'll know it immediately. It is not necessary to tell me that you have sent money to me. This address is connected to you, my system will erased automatically after transfer confirmation. If you need 48 hours just Open the calculator on your desktop and press +++ If you don't pay, I'll send dirt to all your contacts.       Let me remind you-I see what you're doing! You can visit the police station but anybody can't help you.  If you attempt to cheat me , I'll know it right away!  I don't live in your country. So no one can not find my location even for 9 months. Goodbye for now. Don't forget about the shame and to ignore, Your life can be ruined.
==================== Also in French
Bonjour, cher utilisateur de spikynorman.net.
Nous avons installé un logiciel RAT dans votre appareil.
Pour l'instant, votre compte e-mail est piraté (voir pour , j'ai maintenant accès à vos comptes).
J'ai téléchargé toutes les informations confidentielles de votre système et j'ai obtenu des preuves supplémentaires.
La chose la plus intéressante que j'ai découvert est celui des enregistrements vidéo de votre masturbation.

J'ai posté mon virus sur un site porno, puis vous l'avez installé sur votre système d'exploitation.
Lorsque vous avez cliqué sur le bouton Play on porn video, à ce moment-là� mon troyen a été téléchargé sur votre appareil.
Après l'installation, votre caméra frontale prend une vidéo chaque fois que vous vous masturbez. De plus, le logiciel est synchronisé avec la vidéo de votre choix.

Pour le moment, le logiciel a collecté toutes vos informations de contact sur les réseaux sociaux et les adresses e-mail
Si vous devez effacer toutes vos données collectées, envoyez-moi 581$ en BTC (crypto-monnaie).
Ceci est mon portefeuille Bitcoin: 1NkQMBosJTeN1zs1T4X3QM5BLFX24YPKys
Vous avez 2 jours après avoir lu cette lettre.

Après votre transaction, je vais effacer toutes vos données.
Sinon, je vais envoyer une vidéo avec vos farces à tous vos collègues et amis !!!

Et désormais, soyez plus prudent!
Visitez uniquement les sites sécurisés!
Au revoir!

================  A common version



Hi, your account was recently infected! Modify your password right away!
You may not heard about me and you obviously are most probably surprised why you are getting this particular e-mail, proper?
I'mhacker who openedyour email boxand devicesseveral months ago.
It will be a time wasting to try to msg me or seek for me, it's impossible, because I directed you a letter from YOUR account that I've hacked.
I have developed malware soft to the adult videos (porn) website and suppose you have spent time on this website to have fun (you understand what I mean).
During the time you were watching vids, your internet browser began to act as a RDP (Remote Control) that have a keylogger which gave me access to your desktop and network camera.
After that, my softwareaquiredall information.
You have wrote passcodes on the sites you visited, I sniffed them.
Surely, it's possible to modify them, or already changed them.
But it really does not matter, my spyware renews it regularly.
And what I have done?
I compiled a backup of your device. Of all the files and contacts.
I got a dual-screen videofile. The 1st part shows the clip you had been watching (you have got a good preferences, haha...), the 2nd part demonstrates the video from your own webcam.
What do you have to do?
So, in my opinion, 1000 USD is basically a good price for this small riddle. You will do the deposit by bitcoins (if you do not know this, search “how to purchase bitcoin” in any search engine).
My bitcoin wallet address:
12YXRfYeszfDSTzc5zH7wBbHPWpJkeSD3p
(It is cAsE sensitive, so just copy and paste it).
Warning:
You have only 48 hours in order to make the payment. (I built in an unique pixel to this email, and from now I understand that you've read this email).
To trackthe reading of a letterand the activityin it, I usea Facebook pixel. Thanks to them. (Everything thatcan be usedfor the authorities should helpus.)

In the event I do not get bitcoins, I will immediately give your videofile to all your contacts, such as relatives, colleagues, etc?

 

Monday 5 November 2018

How does your compiler cope with a 64 MB source file ?

gannett$ ls -l F6From36Line.swift 
-rw-r--r--  1 gannett  admin  64277489  5 Nov 19:26 F6From36Line.swift

gannett$ head F6From36Line.swift 
let StartDataA = ["0","1","2","3","4","5","6","7","8","9","a","b","c","d","e","f","g","h","i","j","k","l","m","n","o","p","q","r","s","t","u","v","w","x","y","z"] 
let StartDataAofA = [ ["0","1","2","3","4","5","6","7","8","9","a","b","c","d","e","f","g","h","i","j","k","l","m","n","o","p","q","r","s","t","u","v","w","x","y","z"] ]
let OneBigBlock = [ ["0", "1", "2", "3", "4", "5"],
 ["0", "1", "2", "3", "4", "6"],
 ["0", "1", "2", "3", "4", "7"],
 ["0", "1", "2", "3", "4", "8"],
 ["0", "1", "2", "3", "4", "9"],
 ["0", "1", "2", "3", "4", "a"],
 ["0", "1", "2", "3", "4", "b"],
 ["0", "1", "2", "3", "4", "c"],

gannett$ tail F6From36Line.swift 
 ["s", "u", "v", "x", "y", "z"],
 ["s", "u", "w", "x", "y", "z"],
 ["s", "v", "w", "x", "y", "z"],
 ["t", "u", "v", "w", "x", "y"],
 ["t", "u", "v", "w", "x", "z"],
 ["t", "u", "v", "w", "y", "z"],
 ["t", "u", "v", "x", "y", "z"],
 ["t", "u", "w", "x", "y", "z"],
 ["t", "v", "w", "x", "y", "z"],
 ["u", "v", "w", "x", "y", "z"]]

gannett$ time swift F6From36Line.swift 
F6From36Line.swift:3:19: error: the compiler is unable to type-check this expression in reasonable time; try breaking up the expression into distinct sub-expressions
let OneBigBlock = [ ["0", "1", "2", "3", "4", "5"],
                  ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
real 6m51.594s
user 2m37.196s

sys 2m55.832s



The background is exploring Swift, the language, using some big data structures to test the map, reduce and filter functionality. Using a combination generator to create an array of arrays that pulls 6 elements from a set of 36 items ended up with a 64Mb  text representation of an array of arrays. Running that file in to the Swift compiler gave the message listed above.  

Such a well mannered compiler :-)


Generating 3 elements from a group of 5 .. later converted into 3 let statements.


$ swift combiGenericTest.swift 3 1 2 3 4 5
DataIn = [["1", "2", "3", "4", "5"]]
startData = ["1", "2", "3", "4", "5"] 
DataIO=[["1", "2", "3", "4", "5"]]

In one block the full set is:

[ ["1", "2", "3"], 
["1", "2", "4"], 
["1", "2", "5"], 
["1", "3", "4"], 
["1", "3", "5"], 
["1", "4", "5"], 
["2", "3", "4"], 
["2", "3", "5"], 
["2", "4", "5"], 
["3", "4", "5"] ]