Here we go again: More please to pay for nothing from blog The Technology blog and podcast

Here we go again: More please to pay for nothing

I’m now going to add these to the musings category. This is quite interesting.

The following was sent through jaredrimer.net’s comment form. Mind you, the IP that apparently sent this is based in Germany, and the domain from the email address is an Indian company who probably has no idea that their domain was used in an apparent attack that wants to extract $3k in bitcoin.

Its too bad that I don’t have the money now isn’t it? My financial advisor would love me if I paid these guys.

Also, notice that they give you a web address which I will not link for obvious reasons. Visit the page at your own risk.

---

Below is the result of your feedback form. It was submitted by () on Saturday, May 20, 2023 at 00:27:43

Name: Aaron
phone: 0367 7824961
contact_method: both E-mail and phone
additional_bug_info: We have hacked your website jaredrimer.net and extracted your databases. This was due to the security holes you had in your your site/server which have gained us remote control of everything that was on the server.

Our team is mostly interested in customer, administrative, and employee information which we have extracted through your databases once we got remote control over the server. It still needs to be sorted out but it will be well-organized once finished. First, we will be going through the emails/sms information and contacting the recipient how you held in disregard about their information being exposed to a hacking group when you could have stopped it. This would be detrimental to your personal image with these relationships with these people. Lastly, now that we have information not only will we be monetizing off it with our methods but made public or sold to other people that will do whatever they wish with the information also after we are done.

Now you can put a stop to this by paying a $3000 fee (0.11 BTC) in bitcoin. You can find our address by visiting https://www.blockchain.com/explorer/addresses/btc/39PHuTwgY5THshy9VJoUXWebDA5jCprPmP where you can copy and paste the address or scan the QR code. We will be notified of payment which we will then delete the information we have obtained, patch the hole in the site/server which we got in and remove you from any future targeting in the future. You have 72 hours in doing so after viewing this message or the series of steps will commence. You can obtain bitcoin through such services such as paxful.com or do a search on bing.com
comment_or_question: We have hacked your website jaredrimer.net and extracted your databases. This was due to the security holes you had in your your site/server which have gained us remote control of everything that was on the server.

Our team is mostly interested in customer, administrative, and employee information which we have extracted through your databases once we got remote control over the server. It still needs to be sorted out but it will be well-organized once finished. First, we will be going through the emails/sms information and contacting the recipient how you held in disregard about their information being exposed to a hacking group when you could have stopped it. This would be detrimental to your personal image with these relationships with these people. Lastly, now that we have information not only will we be monetizing off it with our methods but made public or sold to other people that will do whatever they wish with the information also after we are done.

Now you can put a stop to this by paying a $3000 fee (0.11 BTC) in bitcoin. You can find our address by visiting https://www.blockchain.com/explorer/addresses/btc/39PHuTwgY5THshy9VJoUXWebDA5jCprPmP where you can copy and paste the address or scan the QR code. We will be notified of payment which we will then delete the information we have obtained, patch the hole in the site/server which we got in and remove you from any future targeting in the future. You have 72 hours in doing so after viewing this message or the series of steps will commence. You can obtain bitcoin through such services such as paxful.com or do a search on bing.com

HTTP_USER_AGENT: Mozilla/5.0 (Macintosh; Intel Mac OS X 12_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Vivaldi/5.3.2679.68
REMOTE_ADDR: 45.88.97.43

---

According to our friends at Abuse IP DB this IP was first reported in August of 2022. The last report was 12 minutes prior to my report which means its still being used. Its an IP based in Germany, and you can look that up itself.

I’m letting you guys see this because you may get an email just like this and a straight email at best. This is not the first time we’ve gotten strange emails like this, EMHS has several blog posts like the one I’m writing that show these.

I’m not afraid to share, and I know that my customer information is safe because it isn’t stored on my server.

Whatever they leak, if they supposedly leak, isn’t jaredrimer.net data that is tied to customers, but to registrations to the blog which may be spam, and it only has name and email if that.

As for other data, I have no control of it, although MENVI’s lists aren’t customers, and it only has name and email so that’s going to be OK. Let’s see.

They didn’t even tell me what hole they got in to so if I can fix it, that would be better. I bet its a scare tactic to get me to pay money to folk. It doesn’t work., I’ve seen this, and I bet the email address doesn’t exist for one and the phone number seems strange to me too.

Want to try again, guys?

---

Informazioni sull'articolo

Here we go again: More please to pay for nothing was released on May 20, 2023 at 11:30 am by tech in musings.
Last modified: May 20, 2023.

---

Comments (0)

No comments yet.

You must be logged in to post a comment.

go to sections menu

---