I just got an email claiming to have hacked my Comcast router, allowing access to my computer where a trojan was installed...and everything was supposedly compromised. Part of the email: "
Hello! I have very bad news for you. 09/08/2018 - on this day I hacked your OS and got full access to your account ********@juno.com So, you can change the password, yes... But my malware intercepts it every time. How I made it: In the software of the router, through which you went online, was a vulnerability. I just hacked this router and placed my malicious code on it. When you went online, my trojan was installed on the OS of your device. After that, I made a full dump of your disk (I have all your address book, history of viewing sites, all files, phone numbers and addresses of all your contacts).
My first impression is that it's a complete fraud. Looking at the email header shows it to come from my address, and going to my address. But also there's evidence it originated in Brazil.
So, is there some way that Comcast can come in and remotely examine the modem or reload supposedly compromised software? The rest of this email demands ransom in bitcoins or else bad things will happen. I still doubt its authenticity, but hopefully Comcast can verify the router hasn't been compromised.
Solved! Go to Solution.
Follow the steps below so our abuse team can start an investigation:
That sounds like one of the emai extortion scams making the round,
They most likely got your juno.com email address (and password) from one of the many data breaches over the past gew years.
To find out if your email address has been pwned, go here: https://haveibeenpwned.com
To be safe, change your password for that email account, and any other email account that uses that same password. For safety, each email account should have a unique password.
landers3 -- The best way to have this looked at would be to send it to our security team as pointed out from USAF_E-8_RET.
I received one of those emails two days ago. I reported it through spamcop dot net, which determined the email was sent through a Russian email server. Some thoughts on this -- from another thread, it appears that the gateways that Xfinity users have now are pretty secure. If they can lock my files, they would have locked my files before sending me the email. On my main PC, I do Acronis backups imaging, but to be on the safe side, I've been disconnecting the external hard drive, when I'm not doing a backup. I keep Norton up to date, and makes sure it is scanning. If the hacker is correct in what he is saying, I guess everyone in my address book will "find out what a pervert I am". Because of the seriousness of the email, I took a copy to the local police station to warn others, and basically, they said they don't care.