SPAM : Security Alert. … was compromised. Password must be changed

169 x served & 151 x viewed

Quand il n’y a pas de limite au SPAM …. il suffit de voir https://www.bitcoinabuse.com/reports/182PJESsEWbuJ8PEgfM58p64jbok3i1gNU , pour comprendre que c’est du SPAM.

A noter qu’il y a toujours des imbéciles pour payer ( début le 30/11/2018 ) : https://www.blockchain.com/btc/address/182PJESsEWbuJ8PEgfM58p64jbok3i1gNU 

Le message :

Hello!

I have very bad news for you.
09/08/2018 - on this day I hacked your OS and got full access to your account ....

So, you can change the password, yes... But my malware intercepts it every time.

How I made it:
In the software of the router, through which you went online, was a vulnerability.
I just hacked this router and placed my malicious code on it.
When you went online, my trojan was installed on the OS of your device.

After that, I made a full dump of your disk (I have all your address book, history of viewing sites, all files, phone numbers and addresses of all your contacts).

A month ago, I wanted to lock your device and ask for a not big amount of btc to unlock.
But I looked at the sites that you regularly visit, and I was shocked by what I saw!!!
I'm talk you about sites for adults.

I want to say - you are a BIG pervert. Your fantasy is shifted far away from the normal course!

And I got an idea....
I made a screenshot of the adult sites where you have fun (do you understand what it is about, huh?).
After that, I made a screenshot of your joys (using the camera of your device) and glued them together.
Turned out amazing! You are so spectacular!

I'm know that you would not like to show these screenshots to your friends, relatives or colleagues.
I think $768 is a very, very small amount for my silence.
Besides, I have been spying on you for so long, having spent a lot of time!

Pay ONLY in Bitcoins!
My BTC wallet: 182PJESsEWbuJ8PEgfM58p64jbok3i1gNU

You do not know how to use bitcoins?
Enter a query in any search engine: "how to replenish btc wallet".
It's extremely easy

For this payment I give you two days (48 hours).
As soon as this letter is opened, the timer will work.

After payment, my virus and dirty screenshots with your enjoys will be self-destruct automatically.
If I do not receive from you the specified amount, then your device will be locked, and all your contacts will receive a screenshots with your "enjoys".

I hope you understand your situation.
- Do not try to find and destroy my virus! (All your data, files and screenshots is already uploaded to a remote server)
- Do not try to contact me (this is not feasible, I sent you an email from your account)
- Various security services will not help you; formatting a disk or destroying a device will not help, since your data is already on a remote server.

P.S. You are not my single victim. so, I guarantee you that I will not disturb you again after payment!
This is the word of honor hacker

I also ask you to regularly update your antiviruses in the future. This way you will no longer fall into a similar situation.

Do not hold evil! I just do my job.
Good luck.

SPAM de akhwa.com via mailin.fr

67 x served & 11 x viewed

SPAM mon amour …

Subject: Yakhwa vous offre la boisson !
...
Date: Sun, 09 Sep 2018 23:00:55 +0200
Feedback-ID: paid_client_185.41.28.11:2079484:2079484_26:Sendinblue
From: L'equipe@mxin.phpnet.org,
	Yakhwa@mxin.phpnet.org:) <christophe.adami@yakhwa.com>
List-Id: MjA3OTQ4NC0xOS00 
...
MIME-Version: 1.0
Message-Id: <201809092300.whv1fxu37j@ak.d.mailin.fr>
Precedence: bulk
Reply-To: christophe.adami@yakhwa.com
X-Mailer: Sendinblue
X-Mailin-Campaign: 26
X-Mailin-Client: 2079484

Les autres domaines dans le SPAM :

  • sendibm1.com

A suivre.

SPAM de n2.mses3.net via n2.mses3.net

90 x served & 20 x viewed

Encore du SPAM :

Return-Path: <m@n2.mses3.net>
...
Received: from 10.0.0.126 by mx (envelope-from <m@n2.mses3.net>, uid 65534) with qmail-scanner-2.05st 
 ( 
 Clear:RC:1(10.0.0.126):. 
 Processed in 0.005214 secs); 03 Aug 2018 17:21:02 -0000
...
X-Spam-Level: **
X-Spam-Status: No, score=2.3 required=5.0 tests=COUNTRY1,HTML_MESSAGE,
	SPF_HELO_PASS,SPF_PASS,T_KHOP_FOREIGN_CLICK,URI_HEX autolearn=disabled
	version=3.4.0
X-Spam-Relay-Country: EU
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on spamd12
...
Received: from n2.mses3.net (n2.mses3.net [185.158.7.249])
...
x-from:  Marie <m@n2.mses3.net>
X-Mailer:  MailStronger
X-Complaints-To: abuse@welead.ch
X-Feedback-ID: 5532:13623:Transac:Mailstronger
...
Message-Id: <1533316850-7b0f07dcb699bf995fe3c5af3fdbd481@n2.mses3.net>

Les noms de domaines :

  • mses3.net
  • welead.ch
  • BIT.LY/GELAMINCISSANT
  • l.n2.mses3.net : Pixel.

SPAM de kuvust.com via kuvust.com

78 x served & 20 x viewed

Du spam comme un grand !

...
Received: from site.kuvust.com (site.kuvust.com [103.17.0.230])
...
Subject: =?UTF-8?B?RmFpdGVzIGzigJlhY3F1aXNpdGlvbiBk4oCZdW4gaVBob25lWCwgY2UgamV1IGVzdCBwb3VyIHZvdXM=?=
Message-ID: <cf1611a620729db3e473958285cce05e@kuvust.com>
Date: Thu, 05 Jul 2018 05:52:08 +0000
From: "Karine Lemarchand" <karine@kuvust.com>
Reply-To: karine@kuvust.com
MIME-Version: 1.0
X-Mailer-LID: 25
List-Unsubscribe: <http://kuvust.com/89CEcwZXbHtYv8/unsubscribe.php?M=409272&C=acd44b8612fd360acc2e92942a725591&L=25&N=26>
X-Mailer-RecptId: 409272
X-Mailer-SID: 26
X-Mailer-Sent-By: 1

Uniquement le site kuvust.com sur ce SPAM … même le Pixel : http://kuvust.com/89CEcwZXbHtYv8/open.php?M=409272&L=25&N=26&F=H&image=.jpg .

A noter que sur le WhoIs de l’IP, on peut lire :

remarks:        send spam and abuse report to contact@socplind.com

SPAM de labonnequipe.fr via mailjet.com

En passant

122 x served & 33 x viewed

Merci mailjet.com pour le SPAM … superbe !

...
Message-Id: <76e3fe0b.AM8AAA5iPg8AAWoACLoAAGiE-xoAASJ-7OoAG3SkAAf_uwBbOeOI@mailjet.com>
MIME-Version: 1.0
From: =?UTF-8?q?Mes_Ev=C3=A9nements_Sportifs_sur?= "LaBonnEquipe.fr"
	<support@labonnequipe.fr>
...
Subject: =?UTF-8?Q?Mon_Ev=C3=A9nement_Sportif_sur_?=
 =?UTF-8?Q?LaBonnEquipe=2Efr?=
Date: Mon, 2 Jul 2018 08:34:16 +0000
List-Id: 
List-Unsubscribe: <mailto:unsub-76e3fe0b.h5u9.spilvujvmsgj@bnc3.mailjet.com>
Precedence: bulk
X-CSA-Complaints: whitelist-complaints@eco.de
X-MJ-Mid:
	AM8AAA5iPg8AAWoACLoAAGiE-xoAASJ-7OoAG3SkAAf_uwBbOeOIMLcRdE2oRLun8mAFJsgxTwAHnH0
X-MJ-SMTPGUID: 30b71174-4da8-44bb-a7f2-600526c8314f
X-REPORT-ABUSE-TO: Message sent by Mailjet please report to
	abuse@mailjet.com with a copy of the message
...

Le cancer de l’email : Mailjet.com !

Les noms de domaines dans ce SPAM :

  • labonnequipe.fr
  • groupe-adecco.fr
  • mj.am
  • mjt.lu : Le Pixel pour les stats.