Criminals of cyberspace aim site owners, sending them messages asking them ransom between $ 1.500 and $ 3.000, in Bitcoin. The blackmailers claim to have them databases of sites, which they threaten to expose if they do not receive the ransom. This could cause major problems for site owners, while at the same time ruining their reputation.
Fraudsters claim to have exploited one vulnerability in the software of the sites, which allowed them to acquire them credentials of victims. With these credentials they stole the databases. However, they the allegations are false.
The blackmailers threaten that if they do not take the ransom, will expose or sell the "stolen" databases of the sites. Also, will inform all customers and their partners victims for infringement, to ruin their reputation.
Finally, to scare the targets even more, the blackmailers say they will remove sites from search engines using “blackhat” SEO techniques.
The deadline for paying the ransom is 5 days.
What makes this scam special is not the blackmail technique it uses, but the well written notebook for ransom (It has no particular grammatical errors, as is usually the case).
Below is an excerpt from the message they received victims:
“We have hacked your website [website URL] and extracted your databases.
How did this happen?
Our team has found a vulnerability within your site that we were able to exploit. After finding the vulnerability we were able to get your database credentials and extract your entire database and move the information to an offshore server.
We will systematically go through a series of steps of totally damaging your reputation. First your database will be leaked or sold to the highest bidder which they will use with whatever their intentions are. Next if there are e-mails found they will be e-mailed that their information has been sold or leaked and your site [website URL] was at fault thusly damaging your reputation and having angry customers / associates with whatever angry customers / associates do. Lastly any links that you have indexed in the search engines will be de-indexed based off of blackhat techniques that we used in the past to de-index our targets.
How do I stop this?
We are willing to refrain from destroying your site's reputation for a small fee. The current fee is [ransom amount] USD in bitcoins (BTC).
If you decide not to pay, we will start the attack at the indicated date and uphold it until you do, there's no counter measure to this, you will only end up wasting more money trying to find a solution. We will completely destroy your reputation amongst google and your customers ”.
Don't pay the ransom, it's just a scam
So far, his researchers WebARX, who discovered the fraud, have found many wallets Bitcoin used to collect ransom. Also, many site owners have reported the incident to his help page Blogger, in its support forum WordPress and S.
Fortunately, almost none of the administrators and site owners fell into their trap hackers. Only two payments appear to have been made since mid-April, when the first reports of this scam appeared.
However, the swindlers are still quite active and are still trying to deceive the victims. This is evident from their reports users on the platform BitcoinAbuse.
The most important thing when receiving such an email is to check if it contains any proof that website you have indeed been violated.
Also, look for the Bitcoin address, which is built into e-mail, in the Bitcoin Abuse Database. There you can see if this address has been used or is being used by fraudsters and blackmailers. Someone else user may have already mentioned it. So you should always consult her platform.