Have I been hacked here? - Contractor UK Bulletin Board

Visitors can check out the Forum FAQ by clicking this link. You have to register before you can post: click the REGISTER link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. View our Forum Privacy Policy.
Want to receive the latest contracting news and advice straight to your inbox? Sign up to the ContractorUK newsletter here. Every sign up will also be entered into a draw to WIN £100 Amazon vouchers!

You are not logged in or you do not have permission to access this page. This could be due to one of several reasons:

You are not logged in. If you are already registered, fill in the form below to log in, or follow the "Sign Up" link to register a new account.
You may not have sufficient privileges to access this page. Are you trying to edit someone else's post, access administrative features or some other privileged system?
If you are trying to post, the administrator may have disabled your account, or it may be awaiting activation.

BR14 replied

20 October 2018, 18:44
Originally posted by mudskipper View Post

I got one today

"I was most struck by the intimate content sites that you occasionally visit.
You have a very wild imagination, I tell you!

During your pastime and entertainment there, I took screenshot through the camera of your device, synchronizing with what you are watching.
Oh my god! You are so funny and excited!"

That's not what my husband says.

was it from 'Natasha gagginfurashagovich'?
had a few of them
Leave a comment:
northernladuk replied

20 October 2018, 14:35
Originally posted by mudskipper View Post

I got one today

"I was most struck by the intimate content sites that you occasionally visit.
You have a very wild imagination, I tell you!

During your pastime and entertainment there, I took screenshot through the camera of your device, synchronizing with what you are watching.
Oh my god! You are so funny and excited!"

That's not what my husband says.

I believe that though
Leave a comment:
mudskipper replied

20 October 2018, 11:36
I got one today

"I was most struck by the intimate content sites that you occasionally visit.
You have a very wild imagination, I tell you!

During your pastime and entertainment there, I took screenshot through the camera of your device, synchronizing with what you are watching.
Oh my god! You are so funny and excited!"

That's not what my husband says.
Leave a comment:
northernladuk replied

19 October 2018, 13:21
Originally posted by administrator View Post

Cheers for the heads up NAT, only just seen your PM. I have had a couple of these come through recently:

The desire to watch porn died with my boyish good looks and the elasticity of my sack so I know it's a scam. Plus I never use that six digit unsecure password any more. The one site that I know of that was hacked that used that email and password combo was LinkedIn - are you sure you didn't have the same combo on there, Fred? Go to Have I Been Pwned: Check if your email has been compromised in a data breach and see what sites your email address was grabbed from, some of the email addresses I use online have been grabbed from a big collection of 711 million record cache found on a server in the Netherlands, if yours is in that dump then it could have been got from here.

As others have said, this site definitely doesn't have plain text passwords - but the encryption is easy to bust so if someone got the DB then your details could have been nabbed.

Hand on heart I have never seen a full on break in to the forum in the whole time that I have hosted it. I have had a couple of client sites (Wordpress) that only had the admin accounts on them zipped up and downloaded via WeShare or some other tulipe. Usually there are tell-tale signs when you are hackable, some will just pinch all the details but others will run spam through the server or use it to host DoS attacks etc, so when you are that vulnerable you tend to get hit more than once, I have never seen anything like this with the forum. Nothing ever written to the filesystem, no amended files etc. So while I am not saying that the DB hasn't been pinched at some time I am not aware of it ever having happened or I would have told you about it, to secure your passwords if nothing else. They do say the best hackers leave no trace though...

I have all the sites I run in Git repos and every so often I download the production sites over the top and run git status to see if any of the files have changed and to put user generated content in to the repo as a back up method. Like I said, nothing on the forum has led me to believe it has been compromised at any time.

Subject: MyName - ******

I am well aware ****** one of your password. Lets get straight to the purpose. Not one person has compensated me to investigate about you. You do not know me and you are probably thinking why you are getting this mail?

In fact, I installed a software on the X video clips (porn) web site and there's more, you visited this website to experience fun (you know what I mean). While you were viewing videos, your internet browser began working as a Remote Desktop with a key logger which provided me accessibility to your display screen as well as webcam. Immediately after that, my software program gathered every one of your contacts from your Messenger, Facebook, as well as e-mailaccount. Next I made a double video. 1st part displays the video you were viewing (you've got a nice taste : )), and 2nd part shows the recording of your web cam, yea it is u.

You have not one but two options. We will read up on each of these choices in details:

1st option is to neglect this email. In this situation, I most certainly will send your actual tape to each of your your contacts and also visualize concerning the shame you will definitely get. And definitely in case you are in an affair, just how it will certainly affect?

Latter choice will be to give me $6000. Let us refer to it as a donation. As a result, I most certainly will immediately erase your videotape. You will continue on with your daily life like this never happened and you would never hear back again from me.

You will make the payment via Bitcoin (if you do not know this, search for "how to buy bitcoin" in Google search engine).

BTC Address: 196V1q5ewBcDxTfeiTGdbQYBtNZWseM7g5
[case-SENSITIVE, copy and paste it]

In case you are looking at going to the police, okay, this email cannot be traced back to me. I have dealt with my moves. I am also not looking to charge you so much, I just want to be rewarded. I've a unique pixel within this email, and at this moment I know that you have read this email message. You now have one day to pay. If I do not get the BitCoins, I will certainly send out your video recording to all of your contacts including close relatives, coworkers, and so on. However, if I do get paid, I will erase the recording right away. It's a non-negotiable offer that being said please do not waste my personal time & yours by responding to this message. If you really want proof, reply with Yup! then I definitely will send your video recording to your 12 contacts.=

I've just found this exact one in my spam box from 6 days ago myself. My blood ran cold when I saw the title and first few lines of the mail but thankfully as I read it I realized it was exactly the same word for word as this one. Still very scary for a moment. Even if I hadn't there are too many untruths in the mail for it to be believable really.

Just spent a bit of time going through all my roboform logins (100+ of them!!) and I do have a couple of older throwaway accounts that I used the same PWD and haven't changed since. Sign up, check it and never go back type stuff. Shell account, Hendenmob and the like so not critical. It was my old Linkedin one as well but I changed it at the time of the hack.

Still, that's my task for the rest of the afternoon.
Leave a comment:
Fred Bloggs replied

15 August 2018, 11:36
Originally posted by Slawb View Post

Are you 100% sure that CUK is the ONLY place you use that password? There are various emails going around at the moment which are using
passwords linked to accounts with your email address that have been leaked. I've had a few myself quoting old passwords.

https://haveibeenpwned.com/

Pop your email, or any usernames, in here and it'll tell you whether your email/username is part of any breaches where passwords have been posted online.

Thanks, previously I used the password at CUK and LinkedIn. It is pretty clear the password came from the LinkedIn data breach mentioned in this thread. I long since changed my password and switched on two factor verification there. I didn't change my CUK password till recently.
Leave a comment:
Slawb replied

15 August 2018, 11:29
Are you 100% sure that CUK is the ONLY place you use that password? There are various emails going around at the moment which are using
passwords linked to accounts with your email address that have been leaked. I've had a few myself quoting old passwords.

https://haveibeenpwned.com/

Pop your email, or any usernames, in here and it'll tell you whether your email/username is part of any breaches where passwords have been posted online.
Leave a comment:
Fred Bloggs replied

13 August 2018, 10:03
Originally posted by rogerfederer View Post

A consolidated email and password release was made recently by a hacking group. It wasn't new material but was amalgamated information from the past few years.

LinkedIn was included in this. They were well and truly hacked years ago. This is why your password was likely to be an old LinkedIn one that you used some time ago. You can search this information on your own if you wish, as it's downloadable and also hosted on a website to allow searching of all the content.

Thanks. That's exactly what happened to me. I now have much stronger passwords in place and two factor on anything that supports it.
Leave a comment:
rogerfederer replied

13 August 2018, 10:01
A consolidated email and password release was made recently by a hacking group. It wasn't new material but was amalgamated information from the past few years.

LinkedIn was included in this. They were well and truly hacked years ago. This is why your password was likely to be an old LinkedIn one that you used some time ago. You can search this information on your own if you wish, as it's downloadable and also hosted on a website to allow searching of all the content.
Leave a comment:
Lance replied

24 July 2018, 14:54
Originally posted by RasputinDude View Post

Och man, you try to make a slight witticism...

I'm well aware that linux does not necessarily mean secure. And by PC, I meant Windows.

Sheesh

sorry. I thought you were being serious. Hard to tell sometimes.
Try like this.
Leave a comment:
RasputinDude replied

24 July 2018, 14:49
Och man, you try to make a slight witticism...

I'm well aware that linux does not necessarily mean secure. And by PC, I meant Windows.

Sheesh
Leave a comment:
Lance replied

24 July 2018, 14:07
Originally posted by RasputinDude View Post

Remote Desktop Connection on debian?

and???????

Not Windows != Secure

https://www.cvedetails.com/vulnerabi...23/Debian.html

oh. And since when is Debian not a PC?
Leave a comment:
RasputinDude replied

24 July 2018, 13:14
Originally posted by Lance View Post

What makes you so sure that you can't be hacked by limiting the type of end device you use?
That's a very false hope that, particularly as the example is password theft from a cloud service (that you use).

Remote Desktop Connection on debian?
Leave a comment:
xoggoth replied

24 July 2018, 09:17
Not sure I'd use any third party thing to store passwords. Store mine in a an Excel sheet. Apart from the standard safeguards to hide and protect sheets and coding it uses a self-edited encryption algorithm. And I don't call it passwords.xlsm!

PS You can read a standard Excel file by renaming to zip and looking at xml files in the folder. Don't use without encryption!

Last edited by xoggoth; 24 July 2018, 09:21.
Leave a comment:
Lance replied

24 July 2018, 08:52
Originally posted by RasputinDude View Post

I've had the same emails several times. I worked out that it came from a very very linkedin account. And I've never used a PC so I found the description of I had been hacked somewhat comical.

What makes you so sure that you can't be hacked by limiting the type of end device you use?
That's a very false hope that, particularly as the example is password theft from a cloud service (that you use).
Leave a comment:
RasputinDude replied

24 July 2018, 06:15
I've had the same emails several times. I worked out that it came from a very very linkedin account. And I've never used a PC so I found the description of I had been hacked somewhat comical.
Leave a comment: