Community Forum

Re: Home network router - Russian malware

Contributor

Re: Home network router - Russian malware

I received the following scam email this morning about my router being hacked -- it looks very realistic.  It said it was from my email address to my email address.  If you get one like this don't comply -- it's a scam.  BTW, I ran the headers through spamcop.net, and it was sent from a Russian email server


Hello!

I have very bad news for you.
09/08/2018 - on this day I hacked your OS and got full access to your account **my email address (deleted)**

So, you can change the password, yes... But my malware intercepts it every time.

How I made it:
In the software of the router, through which you went online, was a vulnerability.
I just hacked this router and placed my malicious code on it.
When you went online, my trojan was installed on the OS of your device.

After that, I made a full dump of your disk (I have all your address book, history of viewing sites, all files, phone numbers and addresses of all your contacts).

A month ago, I wanted to lock your device and ask for a not big amount of btc to unlock.
But I looked at the sites that you regularly visit, and I was shocked by what I saw!!!
I'm talk you about sites for adults.

I want to say - you are a BIG pervert. Your fantasy is shifted far away from the normal course!

And I got an idea....
I made a screenshot of the adult sites where you have fun (do you understand what it is about, huh?).
After that, I made a screenshot of your joys (using the camera of your device) and glued them together.
Turned out amazing! You are so spectacular!

I'm know that you would not like to show these screenshots to your friends, relatives or colleagues.
I think $783 is a very, very small amount for my silence.
Besides, I have been spying on you for so long, having spent a lot of time!

Pay ONLY in Bitcoins!
My BTC wallet: **wallet deleted**

You do not know how to use bitcoins?
Enter a query in any search engine: "how to replenish btc wallet".
It's extremely easy

For this payment I give you two days (48 hours).
As soon as this letter is opened, the timer will work.

After payment, my virus and dirty screenshots with your enjoys will be self-destruct automatically.
If I do not receive from you the specified amount, then your device will be locked, and all your contacts will receive a screenshots with your "enjoys".

I hope you understand your situation.
- Do not try to find and destroy my virus! (All your data, files and screenshots is already uploaded to a remote server)
- Do not try to contact me (this is not feasible, I sent you an email from your account)
- Various security services will not help you; formatting a disk or destroying a device will not help, since your data is already on a remote server.

P.S. You are not my single victim. so, I guarantee you that I will not disturb you again after payment!
 This is the word of honor hacker

I also ask you to regularly update your antiviruses in the future. This way you will no longer fall into a similar situation.

Do not hold evil! I just do my job.
Good luck.

Contributor

Re: Home network router - Russian malware

On another thread in these xfinity forums, I see that someone else reported receiving the same exact email in a Juno email account on December 3, and was very concerned about this.

Expert

Re: Home network router - Russian malware

This is a fairly new tactic by scammers.

 

If you check your email address at https://www.haveibeenpwned.com, you will probably see it's been compromised. A scammer sees this, then emailed you the above, threatening blackmail, in hopes of finding someone spooked enough to send them money. 

 

Don't fall for it.  Remember that if an unsolicited email tries to scare you into anything, you can bet it's not true. Best just delete it, or better yet report it as phishing or spam, then move on. 

 


I am not a Comcast Employee.
I am a Customer Expert volunteering my time to help other customers here in the Forums.
We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Mark the post as Best Answer!
Contributor

Re: Home network router - Russian malware

You are correct darkangel about my email address being compromised.  So I changed he password, and updated a lot of passwords for other accounts that were similar (but not exactly the same).  I also took this opportunity to update some of these accounts to two-factor authentication.  I also logged into my xfinity router (gateway) directly and updated its password.  And while I was at it, I took this opportunity to see exactly what devices had accessed my gateway by wifi.  I always thought that if you can remember your password, it's not a good password (sigh).

Contributor

Re: Home network router - Russian malware

I forgot to say, for other readers, I think "compromised" means that other secure sites, where my email address was stored, were compromised.