gBcEyFKi

· 6 years ago · Oct 19, 2019, 05:54 PM
1----------------------------------------
2Sender information
3----------------------------------------
4Subject:	"Security Alert. Your accounts was hacked by criminal group."
5Date:		19 Oct 2019 14:18:46 +0100
6
7SMTP Time:	Sat, 19 Oct 2019 04:51:47 -0700 (PDT)
8
9Name:		vez63-h01-176-145-39-191.dsl.sta.abo.bbox.fr
10IP:			176.145.39.191
11
12Ripe:		AS12844, 176.128.0.0/10, BOUYGUES Telecom
13
14			176.144.0.0 - 176.156.255.255
15			BOUYGTEL-ISP-WIRELINE
16			Pool for Broadband DSL customers
17			country:         FR
18----------------------------------------
19Porn extortion SPAM:
20----------------------------------------
21
22Delivered-To: <EMAIL_ADDRESS>@gmail.com
23Received: by 2002:a9f:318c:0:0:0:0:0 with SMTP id v12csp2094794uad;
24        Sat, 19 Oct 2019 04:51:47 -0700 (PDT)
25X-Google-Smtp-Source: APXvYqyDYFKYPF7LLFmcRJ5rNN0P5KoclJ1bcFqWVapIu/NOab/LDtSlV0K+Q1uLCAtOShIUGldX
26X-Received: by 2002:a05:6402:13d5:: with SMTP id a21mr15013241edx.242.1571485907871;
27        Sat, 19 Oct 2019 04:51:47 -0700 (PDT)
28ARC-Seal: i=1; a=rsa-sha256; t=1571485907; cv=none;
29        d=google.com; s=arc-20160816;
30        b=FQrn4eUi7EtGHDaZX/loeHYHxf5UDUaLUW/og/RurqFnTvtaBBHkETP3Ggi6WKCLZ7
31         Ym0anRghRid6TNYFVVc3onA25hOJB11cXF3bT5QxC+GqFqUY7hPvbfqLYTHjENIaLlw+
32         5+4R9MPIER8latNlEJdsWsC1jOEazdtSHKvXJ+hxBJI3kt+8tMjDpHRYy0O8YtyvdtYE
33         IY4FLcxjQZIbiysj8QIoFI5MVc4G4MloMV9zKTFzD6og6pPy6IxlC3Gecf+Ih0OkmRi3
34         G6bHOi2s88d5dHFs4wbHGbpBFSo8RJE0+er1qBW3uOLgH7E9Sy8Qs+mKVIEFbMjuffU3
35         OM1A==
36ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
37        h=content-language:thread-index:content-transfer-encoding
38         :mime-version:message-id:date:subject:to:from;
39        bh=l+V6/gSQ2Ji9y2GG5f2DEsW2hKBJ3z34ZES9tY0OQRc=;
40        b=LZTV3pVea0Masfmwa7nOVyBMHfeFj8JNWj/q3Udh3fxobE/mLJGhzpT0zZoB/VIA5X
41         VKkv3zPc1GbBjfvm+Nan33pGNijREzZYk2lAWh0EDdxla+xqYz+C+X++c6F4nSJwnvtL
42         h/IFhtVIsSj814gCNsZMitG4/k/SrXGYIhGrMFGBA6u6/pL3qPbQsomjEE5cfvKNnKc5
43         +Zc4Ksi4o2jbly1dwrGIrZHx5I4FzbVW4nroqVrzE8Ntia9as5H5qlGeR1AssuTLPb2N
44         T7eXXxZVAjLdNTu51pYQRr/e00wcOhpHKRfjeEaFDOqsQ3nJmatSedqADIK8Wz9wa0ki
45         4bAg==
46ARC-Authentication-Results: i=1; mx.google.com;
47       spf=softfail (google.com: domain of transitioning <EMAIL_ADDRESS>@gmail.com does not designate 176.145.39.191 as permitted sender) smtp.mailfrom=<EMAIL_ADDRESS>@gmail.com;
48       dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
49Return-Path: <<EMAIL_ADDRESS>@gmail.com>
50Received: from vez63-h01-176-145-39-191.dsl.sta.abo.bbox.fr (vez63-h01-176-145-39-191.dsl.sta.abo.bbox.fr. [176.145.39.191])
51        by mx.google.com with ESMTP id sa16si5163469ejb.356.2019.10.19.04.51.47
52        for <<EMAIL_ADDRESS>@gmail.com>;
53        Sat, 19 Oct 2019 04:51:47 -0700 (PDT)
54Received-SPF: softfail (google.com: domain of transitioning <EMAIL_ADDRESS>@gmail.com does not designate 176.145.39.191 as permitted sender) client-ip=176.145.39.191;
55Authentication-Results: mx.google.com;
56       spf=softfail (google.com: domain of transitioning <EMAIL_ADDRESS>@gmail.com does not designate 176.145.39.191 as permitted sender) smtp.mailfrom=<EMAIL_ADDRESS>@gmail.com;
57       dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
58From: <<EMAIL_ADDRESS>@gmail.com>
59To: <<EMAIL_ADDRESS>@gmail.com>
60Subject: Security Alert. Your accounts was hacked by criminal group.
61Date: 19 Oct 2019 14:18:46 +0100
62Message-ID: <001e01d58684$05c223d0$336e9aa8$@gmail.com>
63MIME-Version: 1.0
64Content-Type: text/plain;
65	charset="ibm852"
66Content-Transfer-Encoding: 8bit
67X-Mailer: Microsoft Outlook 15.0
68Thread-Index: Ac2x1c32k5yk8dy22x1c32k5yk8dy2==
69Content-Language: en-us
70
71Hi, dear user of gmail.com
72
73We have installed one RAT software into you device 
74For this moment your email account is hacked too.
75I know your password. I logged in to your account and wrote this letter to you from there.
76
77Changed your password? You're doing great!
78But my software recognizes every such action. I'm updating passwords!
79I'm always one step ahead....
80
81So... I have downloaded all confidential information from your system and I got some more evidence.
82The most interesting moment that I have discovered are videos records where you masturbating.
83
84I posted EternalBlue Exploit modification on porn site, and then you installed my malicious code (trojan) on your operation system.
85When you clicked the button Play on porn video, at that moment my trojan was downloaded to your device.
86After installation, your front camera shoots video every time you masturbate, in addition, the software is synchronized with the video you choose.
87
88For the moment, the software has harvrested all your contact information from social networks and email addresses.
89If you need to erase all of your collected data and videos, send me $702 in BTC (crypto currency).
90
91This is my Bitcoin wallet: 158r99HsERpiBqWg3w2FCPHbUfkXG8Zxsd
92You have 48 hours after reading this letter.
93
94After your transaction I will erase all your data.
95Otherwise, I will send a video with your sweepstakes to all your colleagues, friends and relatives!!!
96
97P.S. I ask you not to reply to this email, this is impossible (the sender's address is your own address).
98
99And henceforth be more careful!
100Please visit only secure sites!
101Bye,Bye...