[Edit 05 février 2019: maintenant cette tentative d’escroquerie est devenue d’une banalité affligeante.
Mais ça rapporte:voyez plutôt ici, on parle de dizaines de millions USD]
Publié le 10 août 2018
Reçu aujourd’hui pour la première fois, un type d’arnaque que certains proches avaient déjà reçue. Les truands ne manquent pas d’imagination.
It seems that, +XX XXXX02XX, is your phone. You may not know me and you are probably wondering why you are getting this e mail, right?
actually, I setup a malware on the adult vids (porno) web-site and guess what, you visited this site to have fun (you know what I mean). While you were watching videos, your internet browser started out functioning as a RDP (Remote Desktop) having a keylogger which gave me accessibility to your screen and web cam. after that, my software program obtained all of your contacts from your Messenger, FB, as well as email.
What did I do?
I backuped phone. All photo, video and contacts.
I created a double-screen video. 1st part shows the video you were watching (you’ve got a good taste haha . . .), and 2nd part shows the recording of your web cam.
exactly what should you do?
Well, in my opinion, $1000 is a fair price for our little secret. You’ll make the payment by Bitcoin (if you do not know this, search “how to buy bitcoin” in Google).
BTC Address:
1GYNGZLEUGkkQjHo19dHDnGE87WsAiGLLB
(It is cAsE sensitive, so copy and paste it)
Important:
You have 48 hour in order to make the payment. (I’ve a unique pixel in this e mail, and at this moment I know that you have read through this email message). If I do not get the BitCoins, I will certainly send out your video recording to all of your contacts including relatives, coworkers, and so on. Having said that, if I receive the payment, I’ll destroy the video immidiately. If you need evidence, reply with “Yes!” and I will certainly send out your video recording to your 6 contacts. It is a non-negotiable offer, that being said don’t waste my personal time and yours by responding to this message.
Ben tiens, RDP sur mon téléphone pour activer la caméra.
Je suis surpris qu’à ce jour, Google n’ait qu’un seul résultat (en italien) en cherchant sur l’adresse Bitcoin.
Apparemment leur petit business est juteux: https://www.bleepingcomputer.com/news/security/adult-site-blackmail-spammers-made-over-50k-in-one-week/
Edit 16/08/2018: je devais être un des premiers à faire part de cette nouvelle vague. Précédemment les truands ont utilisé des listes de passwords piratés et leur business a fonctionné. S’ils s’en prennent aux annuaires téléphoniques maintenant, le public cible sera énormément plus vaste.
Brian Krebs en parle aussi: https://krebsonsecurity.com/2018/07/sextortion-scam-uses-recipients-hacked-passwords/
Cette adresse Bitcoin a déjà reçu quelques paiements: https://www.blockchain.com/btc/address/1GYNGZLEUGkkQjHo19dHDnGE87WsAiGLLB