RTG data leak?



lostinfrance

Midfield
I had a message a couple of weeks ago suggesting my password had been detected in a data leak and should be changed.
It was a password I've only ever used on here. The alert showed when I logged in on my iPhone but not my MacBook.
 

jlaws

Midfield
Have none of you received emails like this. No one fell for this as I just checked bitcoin balance. But I will have received this due to a data breach. Of course I changed my password. It is also a good idea to stick your password into haveibeenpwned to see if it's in their database. If is, change it!

A lady I knew received this email, was panicked by the fact it included the password that she used on everything! She wiped phone, tablet and laptop. I then told her I receive about one a week!

Your ραsswοrd is XYZ. Ι knοw α loτ more thηgs αbouτ yοu τhαn that.

How?

Ι plαced a malware οn τhe ροrn websιte and guess whαt, yοu νιsιted τhis web sιτe τo haνe fuη (yοu κnow whaτ I meαn). While you were wατchiηg τhe video, yοur web browser αcτed αs αn RDP (Remοte Deskτop) αnd α κeylogger, whιch proided me αccess το your dιsρlαy screen αnd webcαm. Rιght after τhaτ, my software gathered all your cοηταcts from yοur Messeηger, Fαcebοoκ accοuηt, and emaιl accοuητ.

What exacτly did Ι dο?

Ι mαde α splιt-screen vιdeo. The fιrst ραrτ recοrded the video yοu were vιewing (you'e got αη exceptiοηal ταsτe hαhα), αηd τhe next parτ recorded your webcam (Yeρ! t's you \ dοιηg nasτy thιngs!).

Whατ shοuld you dο?

Well, Ι believe, $2000 ιs a fαιr price fοr our little secret. You'll maκe τhe ραymeηt via βitcοιn τo the below address (ιf yοu don'τ κnow this, search "how τo buy Βιτcoin" ιn Gοοgle).

Βitcoiη Address:
bc1qkyjljcye0dgzu4k34kk34j2ld3ledv5tff8xdx
(Ιτ is cAsE seηsitιve, so coρy αηd pαste iτ)

Ιmportaητ:

You hαve 24 hours tο make the ρayment. (Ι hαve α uηιque pixel withιη this emαιl messαge, aηd rιghτ now I κηοw that you hανe read τhis emαil). If Ι dοη't get τhe pαymeητ, I will send your video τo all οf your coηtacts, iηcludιng relαtiνes, cowοrκers, αnd so forth. Noηetheless, if I do geτ ραid, Ι will erαse τhe vιdeο immediaτely. Ιf yοu wanτ evideηce, reply wιτh "Yes!" aηd Ι will send yοur vιdeo recοrding τo your fιve frieηds. This is a ηοη-ηegοτιable offer, so doη't waste my time and yοurs by replyiηg tο τhis email.

Dael Serpa
 

the boot

Winger
Have none of you received emails like this. No one fell for this as I just checked bitcoin balance. But I will have received this due to a data breach. Of course I changed my password. It is also a good idea to stick your password into haveibeenpwned to see if it's in their database. If is, change it!

A lady I knew received this email, was panicked by the fact it included the password that she used on everything! She wiped phone, tablet and laptop. I then told her I receive about one a week!

Your ραsswοrd is XYZ. Ι knοw α loτ more thηgs αbouτ yοu τhαn that.

How?

Ι plαced a malware οn τhe ροrn websιte and guess whαt, yοu νιsιted τhis web sιτe τo haνe fuη (yοu κnow whaτ I meαn). While you were wατchiηg τhe video, yοur web browser αcτed αs αn RDP (Remοte Deskτop) αnd α κeylogger, whιch proided me αccess το your dιsρlαy screen αnd webcαm. Rιght after τhaτ, my software gathered all your cοηταcts from yοur Messeηger, Fαcebοoκ accοuηt, and emaιl accοuητ.

What exacτly did Ι dο?

Ι mαde α splιt-screen vιdeo. The fιrst ραrτ recοrded the video yοu were vιewing (you'e got αη exceptiοηal ταsτe hαhα), αηd τhe next parτ recorded your webcam (Yeρ! t's you \ dοιηg nasτy thιngs!).

Whατ shοuld you dο?

Well, Ι believe, $2000 ιs a fαιr price fοr our little secret. You'll maκe τhe ραymeηt via βitcοιn τo the below address (ιf yοu don'τ κnow this, search "how τo buy Βιτcoin" ιn Gοοgle).

Βitcoiη Address:
bc1qkyjljcye0dgzu4k34kk34j2ld3ledv5tff8xdx
(Ιτ is cAsE seηsitιve, so coρy αηd pαste iτ)

Ιmportaητ:

You hαve 24 hours tο make the ρayment. (Ι hαve α uηιque pixel withιη this emαιl messαge, aηd rιghτ now I κηοw that you hανe read τhis emαil). If Ι dοη't get τhe pαymeητ, I will send your video τo all οf your coηtacts, iηcludιng relαtiνes, cowοrκers, αnd so forth. Noηetheless, if I do geτ ραid, Ι will erαse τhe vιdeο immediaτely. Ιf yοu wanτ evideηce, reply wιτh "Yes!" aηd Ι will send yοur vιdeo recοrding τo your fιve frieηds. This is a ηοη-ηegοτιable offer, so doη't waste my time and yοurs by replyiηg tο τhis email.

Dael Serpa
Sounds like you need to pay that mate.
 
Back in the 2000s I went through all the Newcastle named teams in my fox sports soccer leagues and tried the password 'shearer' or 'StJames'. I changed at least four line ups to entirely sunderland players, selling the likes of Rivaldo, Vieri, and owen for Kevin Kyle and Phill Bab.
 

jlaws

Midfield
Back in the 2000s I went through all the Newcastle named teams in my fox sports soccer leagues and tried the password 'shearer' or 'StJames'. I changed at least four line ups to entirely sunderland players, selling the likes of Rivaldo, Vieri, and owen for Kevin Kyle and Phill Bab.
Love it!
Sounds like you need to pay that mate.
Just looked in my email. I have had 12 near identical emails since December 2018. The first one really freaked me out as it was sent as if coming from my email address. I just checked the bitcoin wallet and they made $3200 from this scam,

Hello!

As you may have noticed, I sent you an email from your account.
This means that I have full access to your account: On moment of hack your account has password: XYZ

You say: this is the old password!
Or: I will change my password at any time!

Yes! You're right!
But the fact is that when you change the password, my trojan always saves a new one!

I've been watching you for a few months now.
The fact is that you were infected with malware through an adult site that you visited.

If you are not familiar with this, I will explain.
Trojan Virus gives me full access and control over a computer or other device.
This means that I can see everything on your screen, turn on the camera and microphone, but you do not know about it.

I also have access to all your contacts and all your correspondence.

Why your antivirus did not detect malware?
Answer: My malware uses the driver, I update its signatures every 4 hours so that your antivirus is silent.

I made a video showing how you satisfy yourself in the left half of the screen, and in the right half you see the video that you watched.
With one click of the mouse, I can send this video to all your emails and contacts on social networks. I can also post access to all your e-mail correspondence and messengers that you use.

If you want to prevent this, transfer the amount of $719 to my bitcoin address (if you do not know how to do this, write to Google: “Buy Bitcoin”).

My bitcoin address (BTC Wallet) is: 17zmnmqEUCesNz6UgXGbRk7fKnu8iq1q2J

After receiving the payment, I will delete the video and you will never hear me again.
I give you 48 hours to pay.
I have a notice reading this letter, and the timer will work when you see this letter.

Filing a complaint somewhere does not make sense because this email cannot be tracked like my bitcoin address.
I do not make any mistakes.

If I find that you have shared this message with someone else, the video will be immediately distributed.

Best wishes!
 
Last edited:

bobster999

Central Defender
Have none of you received emails like this. No one fell for this as I just checked bitcoin balance. But I will have received this due to a data breach. Of course I changed my password. It is also a good idea to stick your password into haveibeenpwned to see if it's in their database. If is, change it!

A lady I knew received this email, was panicked by the fact it included the password that she used on everything! She wiped phone, tablet and laptop. I then told her I receive about one a week!

Your ραsswοrd is XYZ. Ι knοw α loτ more thηgs αbouτ yοu τhαn that.

How?

Ι plαced a malware οn τhe ροrn websιte and guess whαt, yοu νιsιted τhis web sιτe τo haνe fuη (yοu κnow whaτ I meαn). While you were wατchiηg τhe video, yοur web browser αcτed αs αn RDP (Remοte Deskτop) αnd α κeylogger, whιch proided me αccess το your dιsρlαy screen αnd webcαm. Rιght after τhaτ, my software gathered all your cοηταcts from yοur Messeηger, Fαcebοoκ accοuηt, and emaιl accοuητ.

What exacτly did Ι dο?

Ι mαde α splιt-screen vιdeo. The fιrst ραrτ recοrded the video yοu were vιewing (you'e got αη exceptiοηal ταsτe hαhα), αηd τhe next parτ recorded your webcam (Yeρ! t's you \ dοιηg nasτy thιngs!).

Whατ shοuld you dο?

Well, Ι believe, $2000 ιs a fαιr price fοr our little secret. You'll maκe τhe ραymeηt via βitcοιn τo the below address (ιf yοu don'τ κnow this, search "how τo buy Βιτcoin" ιn Gοοgle).

Βitcoiη Address:
bc1qkyjljcye0dgzu4k34kk34j2ld3ledv5tff8xdx
(Ιτ is cAsE seηsitιve, so coρy αηd pαste iτ)

Ιmportaητ:

You hαve 24 hours tο make the ρayment. (Ι hαve α uηιque pixel withιη this emαιl messαge, aηd rιghτ now I κηοw that you hανe read τhis emαil). If Ι dοη't get τhe pαymeητ, I will send your video τo all οf your coηtacts, iηcludιng relαtiνes, cowοrκers, αnd so forth. Noηetheless, if I do geτ ραid, Ι will erαse τhe vιdeο immediaτely. Ιf yοu wanτ evideηce, reply wιτh "Yes!" aηd Ι will send yοur vιdeo recοrding τo your fιve frieηds. This is a ηοη-ηegοτιable offer, so doη't waste my time and yοurs by replyiηg tο τhis email.

Dael Serpa

yeah i got one but worded differently. it was an old password i used. they had the password and email because when peoples emails and passwords are breached they're released online. its just a case of sending out loads of emails to people hoping someone will fall for it. i ignored it. i did forward it to the anti fraud and cyber crime place though :lol:
 

jlaws

Midfield
yeah i got one but worded differently. it was an old password i used. they had the password and email because when peoples emails and passwords are breached they're released online. its just a case of sending out loads of emails to people hoping someone will fall for it. i ignored it. i did forward it to the anti fraud and cyber crime place though :lol:
Just checked only 1 (the first one) made any money.
 

Pants

Winger
Have none of you received emails like this. No one fell for this as I just checked bitcoin balance. But I will have received this due to a data breach. Of course I changed my password. It is also a good idea to stick your password into haveibeenpwned to see if it's in their database. If is, change it!

A lady I knew received this email, was panicked by the fact it included the password that she used on everything! She wiped phone, tablet and laptop. I then told her I receive about one a week!

Your ραsswοrd is XYZ. Ι knοw α loτ more thηgs αbouτ yοu τhαn that.

How?

Ι plαced a malware οn τhe ροrn websιte and guess whαt, yοu νιsιted τhis web sιτe τo haνe fuη (yοu κnow whaτ I meαn). While you were wατchiηg τhe video, yοur web browser αcτed αs αn RDP (Remοte Deskτop) αnd α κeylogger, whιch proided me αccess το your dιsρlαy screen αnd webcαm. Rιght after τhaτ, my software gathered all your cοηταcts from yοur Messeηger, Fαcebοoκ accοuηt, and emaιl accοuητ.

What exacτly did Ι dο?

Ι mαde α splιt-screen vιdeo. The fιrst ραrτ recοrded the video yοu were vιewing (you'e got αη exceptiοηal ταsτe hαhα), αηd τhe next parτ recorded your webcam (Yeρ! t's you \ dοιηg nasτy thιngs!).

Whατ shοuld you dο?

Well, Ι believe, $2000 ιs a fαιr price fοr our little secret. You'll maκe τhe ραymeηt via βitcοιn τo the below address (ιf yοu don'τ κnow this, search "how τo buy Βιτcoin" ιn Gοοgle).

Βitcoiη Address:
bc1qkyjljcye0dgzu4k34kk34j2ld3ledv5tff8xdx
(Ιτ is cAsE seηsitιve, so coρy αηd pαste iτ)

Ιmportaητ:

You hαve 24 hours tο make the ρayment. (Ι hαve α uηιque pixel withιη this emαιl messαge, aηd rιghτ now I κηοw that you hανe read τhis emαil). If Ι dοη't get τhe pαymeητ, I will send your video τo all οf your coηtacts, iηcludιng relαtiνes, cowοrκers, αnd so forth. Noηetheless, if I do geτ ραid, Ι will erαse τhe vιdeο immediaτely. Ιf yοu wanτ evideηce, reply wιτh "Yes!" aηd Ι will send yοur vιdeo recοrding τo your fιve frieηds. This is a ηοη-ηegοτιable offer, so doη't waste my time and yοurs by replyiηg tο τhis email.

Dael Serpa
These are usually spoofed to make it look like it's coming from your own email account to convince you that they have hacked you. I believe a lot of ISPs (VM for one) automatically filter out such spoofed mails, so a lot of people will be blissfully unaware that their details are compromised. I like to see everything. The only password I've seen on these is one I haven't used for about 10 - 20 years.
 

Roger

The Gaffer
Staff member
I had a message a couple of weeks ago suggesting my password had been detected in a data leak and should be changed.
It was a password I've only ever used on here. The alert showed when I logged in on my iPhone but not my MacBook.
I am confident it won't have been leaked from here as all of the passwords are stored encrypted and each password has a unique one way salt

This means that even I can't decrypt them (what we do when you enter your password is re-encrypt it and compare it with the encrypted version stored on file).
So even if someone could steal our entire database it would be extremely unlikely that they could somehow get the password from it.

We are also using end-to-end encryption (https) which ensures that the password is not sent across the internet in the clear.

As mentioned above, look at https://haveibeenpwned.com/ to see where your data might have been compromised.
 

lostinfrance

Midfield
I am confident it won't have been leaked from here as all of the passwords are stored encrypted and each password has a unique one way salt

This means that even I can't decrypt them (what we do when you enter your password is re-encrypt it and compare it with the encrypted version stored on file).
So even if someone could steal our entire database it would be extremely unlikely that they could somehow get the password from it.

We are also using end-to-end encryption (https) which ensures that the password is not sent across the internet in the clear.

As mentioned above, look at https://haveibeenpwned.com/ to see where your data might have been compromised.
Cheers,
I wasn't unduly concerned as this is the only place I'd ever used that particular password. iOS flagged it but macOS didn't.
I use a hotmail address for the vast majority of my online accounts, this is one of only a handful of sites i've needed to use my mac address.
The haveibeenpwned site indicates 'pwned on 1breached site and found no pastes' (whatever that means)
 

Top