Second variation of a theme

Received this one this morning. This time I left the alleged password in the body of the e-mail as I’ve never used that password anywhere. Either they’re just making up stuff now, or they’re mail merge software is failing such that they are getting passwords mixed up.


This is important info for you!

Some months ago I hacked your computer and got full access to your account

On day of hack your account has password: coqui

So, you can change the pass, yes.. Or already changed… But my virus
intercepts it every time.

How I made it:
In the software of the router, through which you went online, was a vulnerability. I
used it…
If you interested you can read about it: CVE-2019-1670 – a vulnerability in the
web-based management interface of the Cisco routers.
I just hacked this router and placed my soft on it.
When you went online, my malware was installed on the OS of your device.

After that, I made a full backup of your computer (I have all your address book, history
of viewing sites, all files, phone numbers and addresses of all your contacts).

A month ago, I wanted to lock your system and ask for a not big amount of btc to
But I looked at the web-pages that you regularly visit, and I was shocked by what I saw!!!
I’m talk you about sites for adults.

I want to say – you are a BIG pervert. Your fantasy is shifted far away from the
normal course!

And I got an idea….
I made a screenshot of the adult web-site where you have fun (do you understand what it
is about, huh?).
After that, I made a screenshot of your joys (using the camera of your device) and
glued them together.
Turned out amazing! You are so spectacular!

I’m know that you would not like to show these screenshots to your friends,
relatives or colleagues.
I think $697 is a very, very small amount for your secret.
Besides, I have been spying on you for so long, having spent a lot of time!

Pay ONLY in bitcoins!
My BTC wallet: 1H74aWH65TCqAWqnUFXFibhTqqxUJgvym2

You do not know how to use bitcoins?
Enter a query in any search sites: “how to replenish btc wallet”.
It’s extremely easy

For this payment I give you two days (48 hours).
As soon as this mail is opened, the timer will work.

After payment, my virus and dirty screenshots with your enjoys will be self-destruct
If I do not receive from you the specified amount, then your device will be locked,
and all your contacts will receive a screenshots with your “enjoys”.

I hope you understand your situation.
– Do not try to find and destroy my soft! (All your data, files and screenshots is
already uploaded to a remote server)
– Do not try to contact me (you yourself will see that this is impossible, the
sender address is automatically generated)
– Various security services will not help you; formatting a disk or destroying a
device will not help, since your data is already on a remote server.

P.S. You are not my single victim. so, I guarantee you that I will not disturb you
again after payment!
This is the word of honor hacker
Do not hold evil! I just good do my job.
Good luck.

The vulnerability they cite is real. But if “Cisco Unified Intelligence Center” doesn’t sound familiar to you (I didn’t know it existed until looking up the vulnerability), then it doesn’t apply to you. Since I’m pretty sure you would know if you were actually using it.

Here’s a hint: it doesn’t run on any Cisco routers. Nor does it allow for what they claim. This is NIST’s description of the vulnerability:

A vulnerability in the web-based management interface of Cisco Unified Intelligence Center Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of an affected system. The vulnerability is due to insufficient input validation of a user-supplied value. An attacker could exploit this vulnerability by convincing a user to click a specific link. A successful exploit could allow the attacker to submit arbitrary requests to the affected system via a web browser with the privileges of the user.

But scammers play on what people don’t know, which is… most everyone who uses a computer or cell phone.

These scams work by getting a list of e-mail addresses and just mass-sending the same e-mail to those addresses, worded with the intent of scaring someone into payment. So far, though, whenever I’ve looked up the Bitcoin addresses I’ve seen, I don’t think anyone has actually paid. So that’s good. Meaning those who receive these e-mails are guessing correctly that these e-mails are nothing but a scam with zero risk to ignoring them.