Encore une demande de rançon : 1Bo6BKUekTefV4kKPz2nhqsWCELuR6Ep1N

54 x served & 11 x viewed

Dans le source de l’email :

Return-Path: <luomingxiu@jygdy.com>
...
X-Spam-Flag: YES
X-Spam-Level: ***************
X-Spam-Status: Yes, score=15.9 required=5.0 tests=COUNTRY2,
	HEADER_FROM_DIFFERENT_DOMAINS,HTML_IMAGE_ONLY_04,HTML_MESSAGE,
	LOCALPART_IN_SUBJECT,MIME_HTML_MOSTLY,MPART_ALT_DIFF,
	RCVD_IN_BL_SPAMCOP_NET,RCVD_IN_PBL,RCVD_IN_RP_RNBL,RCVD_IN_SBL_CSS,
	RCVD_IN_SORBS_WEB,TO_NAME_SUBJ_NO_RDNS,TO_NO_BRKTS_HTML_IMG,
	TVD_SPACE_RATIO autolearn=no autolearn_force=no version=3.4.2
X-Spam-Relay-Country: CN AL
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on spamd16.phpnet.org
X-Spam-Report: 
	*  3.6 RCVD_IN_PBL RBL: Received via a relay in Spamhaus PBL
	*      [111.11.180.157 listed in zen.spamhaus.org]
	*  3.6 RCVD_IN_SBL_CSS RBL: Received via a relay in Spamhaus SBL-CSS
	*      [84.20.83.21 listed in zen.spamhaus.org]
	*  1.0 COUNTRY2 No description available.
	*  0.7 LOCALPART_IN_SUBJECT Local part of To: address appears in
	*      Subject
	*  1.5 RCVD_IN_SORBS_WEB RBL: SORBS: sender is an abusable web server
	*      [84.20.83.21 listed in dnsbl.sorbs.net]
	*  1.2 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in
	*      bl.spamcop.net
	*      [Blocked - see <https://www.spamcop.net/bl.shtml?84.20.83.21>]
	*  1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,
	*      https://senderscore.org/blacklistlookup/
	*      [111.11.180.157 listed in bl.score.senderscore.com]
	*  0.0 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level
	*      mail domains are different
	*  0.3 HTML_IMAGE_ONLY_04 BODY: HTML: images with 0-400 bytes of words
	*  0.0 MIME_HTML_MOSTLY BODY: Multipart message mostly text/html MIME
	*  0.7 MPART_ALT_DIFF BODY: HTML and text parts are different
	*  0.0 HTML_MESSAGE BODY: HTML included in message
	*  0.0 TVD_SPACE_RATIO No description available.
	*  0.0 TO_NAME_SUBJ_NO_RDNS Recipient username in subject + no rDNS
	*  2.0 TO_NO_BRKTS_HTML_IMG To: lacks brackets and HTML and one image
Received: from mail.jygdy.com (unknown [111.11.180.157])
...
Received: from [21.83.20.84.in-addr.arpa] ([84.20.83.21])
	(envelope-sender <luomingxiu@jygdy.com>)
...
X-WM-AuthFlag: YES
X-WM-AuthUser: luomingxiu@jygdy.com
...
X-Mailer: Sun Java(tm) System Messenger Express 6.1 HotFix 0.11 (builtJan 28
X-Complaints-To: abuse@mailer.jygdy.com
Abuse-Reports-To: <abuse@mailer.jygdy.com>
...
X-Sender: luomingxiu@jygdy.com

Et on retrouve dans Bitcoin Abuse : https://www.bitcoinabuse.com/reports/1Bo6BKUekTefV4kKPz2nhqsWCELuR6Ep1N .

Le serveur est en Chine …

Encore une demande de rançon : 15LZuFSVyDAoaNLtbh4ru7ZQWvZxEosCaf

123 x served & 67 x viewed

Dans la source de l’email : la personne n’est pas à son premier essai : https://www.bitcoinabuse.com/reports/17X5raT9zqDPBi4L8NrvwSQ77LuG9QjFCH .

X-SPAMOUT-IP: 203.239.130.5 (TRUST)
X-Original-SENDERIP: 203.239.130.5
X-SPAMOUT-COUNTRY: KR
X-SPAMOUT-FROM: <jt.joo@elim.net>
X-SPAMOUT-RELAY: IP

Il est déjà dans les abuses : https://www.bitcoinabuse.com/reports/15LZuFSVyDAoaNLtbh4ru7ZQWvZxEosCaf

Voici l’email :

Hi, this account is hacked! Renew the password immediately!
You might not know anything about me and you are probably surprised for what reason you are getting this particular message, proper?
I am ahacker who burstyour emailand all devicessome time ago.
Do not attempt to msg me or look for me, it is hopeless, because I sent you this message from YOUR account that I've hacked.
I have build in malware soft on the adult vids (porno) site and suppose that you have enjoyed this site to have fun (you understand what I want to say).
During you were watching video clips, your browser started out functioning as a RDP (Remote Control) with a keylogger that granted me permission to access your desktop and camera.
Then, my applicationgotall data.
You have put passcodes on the web-sites you visited, I intercepted them.
Of course, you can modify each of them, or have already changed them.
Even so it does not matter, my malware updates needed data every time.
What did I do?
I made a backup of your device. Of all files and each contact.
I created a dual-screen videofile. The 1st screen reveals the clip you had been watching (you've got an interesting preferences, ha-ha...), and the 2nd part shows the movie from your web camera.
What exactly must you do?
Great, I think, 1000 USD will be a inexpensive amount of money for this very little riddle. You'll make your deposit by bitcoins (in case you don't recognize this, search “how to buy bitcoin” in Google).
My bitcoin wallet address:
15LZuFSVyDAoaNLtbh4ru7ZQWvZxEosCaf
(It is cAsE sensitive, so just copy and paste it).
Warning:
You have only 2 days to make the payment. (I built in an unique pixel in this e-mail, and at the moment I understand that you have read through this email).
To monitorthe reading of a messageand the actionsin it, I usea Facebook pixel. Thanks to them. (Everything thatis appliedfor the authorities can helpus.)

If I do not get bitcoins, I shall undoubtedly offer your video to all your contacts, including family members, colleagues, etc?