‘Hacker who cracked your email’ scam tries to blackmail you for Bitcoin

I'm a hacker who cracked your email
One of the latest email phishing scams claims that a hacker has cracked your email and device a few months ago. It claims that you entered a password on one of the sites you visited and that they intercepted it. The email message then shows you your password at the moment of the alleged hack.

hacker cracked email scam

If you received an email message that says “I’m a hacker who cracked your email and device a few months ago” and appears to be sent to you from your own email address, ignore it. The message is fraudulent and no one actually hacked your email account and device.

The email message might be frightening because it will appear as if it was sent from your own account and your password (previous password or current password) will be mentioned numerous times. However, your email address was not accessed. It was spoofed by a third-party service such as anonymailer.

The purpose of the email is to trick you into paying a certain amount of Bitcoin to a BTC wallet (1YnYAxprVrTo1WzPPzMo86ste5Ssp4xsy or other) in order to erase data they claim to have collected about you.

The email says that you have 48 hours to make a payment and if you do not they will send all of your contacts “crazy shows from your dark secret life.” They also claim that your device will be blocked with some sort of ransomware.

Email message campaigns like this have been making circulation following recent breaches that occurred on websites like LinkedIn and Adobe. To see where your email information may have been leaked from check out https://haveibeenpwned.com/. You can input your email address to locate where your information was leaked.

hacker who cracked your email and device email

Here’s what is written in the email message:

Subject: I’m crack [your email address], password [your password] for [your email address] is compromised, or Mail delivery failed: returning message to sender
From [your email address]
To [your password]
Hello!

I’m a hacker who cracked your email and device a few months ago.
You entered a password on one of the sites you visited, and I intercepted it.
This is your password from [your email address] on moment of hack: [your password]

Of course you can will change it, or already changed it.
But it doesn’t matter, my malware updated it every time.

Do not try to contact me or find me, it is impossible, since I sent you an email from your account.

Through your email, I uploaded malicious code to your Operation System.
I saved all of your contacts with friends, colleagues, relatives and a complete history of visits to the Internet resources.
Also I installed a Trojan on your device and long tome spying for you.

You are not my only victim, I usually lock computers and ask for a ransom.
But I was struck by the sites of intimate content that you often visit.

I am in shock of your fantasies! I’ve never seen anything like this!

So, when you had fun on piquant sites (you know what I mean!)
I made screenshot with using my program from your camera of yours device.
After that, I combined them to the content of the currently viewed site.

There will be laughter when I send these photos to your contacts!
BUT I’m sure you don’t want it.

Therefore, I expect payment from you for my silence.
I think $897 is an acceptable price for it!

Pay with Bitcoin.
My BTC wallet: 1YnYAxprVrTo1WzPPzMo86ste5Ssp4xsy

If you do not know how to do this – enter into Google “how to transfer money to a bitcoin wallet”. It is not difficult.
After receiving the specified amount, all your data will be immediately destroyed automatically. My virus will also remove itself from your operating system.

My Trojan have auto alert, after this email is read, I will be know it!

I give you 2 days (48 hours) to make a payment.
If this does not happen – all your contacts will get crazy shots from your dark secret life!
And so that you do not obstruct, your device will be blocked (also after 48 hours)

Do not be silly!
Police or friends won’t help you for sure …

p.s. I can give you advice for the future. Do not enter your passwords on unsafe sites.

I hope for your prudence.
Farewell.

Here’s a second version of the email message:

Subject: account [your email address] is compromised
From [your email address]
To [your email address]
Date Today 11:15

Hello!

I’m a hacker who cracked your email and device a few months ago.
You entered a password on one of the sites you visited, and I intercepted it.

Of course you can will change it, or already changed it.
But it doesn’t matter, my malware updated it every time.

Do not try to contact me or find me, it is impossible, since I sent you an email from your account.

Through your email, I uploaded malicious code to your Operation System.
I saved all of your contacts with friends, colleagues, relatives and a complete history of visits to the Internet resources.
Also I installed a Trojan on your device and long tome spying for you.

You are not my only victim, I usually lock computers and ask for a ransom.
But I was struck by the sites of intimate content that you often visit.

I am in shock of your fantasies! I’ve never seen anything like this!

So, when you had fun on piquant sites (you know what I mean!)
I made screenshot with using my program from your camera of yours device.
After that, I combined them to the content of the currently viewed site.

There will be laughter when I send these photos to your contacts!
BUT I’m sure you don’t want it.

Therefore, I expect payment from you for my silence.
I think $883 is an acceptable price for it!

Pay with Bitcoin.
My BTC wallet: 1DVU5Q2HQ4srFNSSaWBrVNMtL4pvBkfP5w

If you do not know how to do this – enter into Google “how to transfer money to a bitcoin wallet”. It is not difficult.
After receiving the specified amount, all your data will be immediately destroyed automatically. My virus will also remove itself from your operating system.

My Trojan have auto alert, after this email is read, I will be know it!

I give you 2 days (48 hours) to make a payment.
If this does not happen – all your contacts will get crazy shots from your dark secret life!
And so that you do not obstruct, your device will be blocked (also after 48 hours)

Do not be silly!
Police or friends won’t help you for sure …

p.s. I can give you advice for the future. Do not enter your passwords on unsafe sites.

I hope for your prudence.
Farewell.

As you can see, the email can appear legitimate to many people. But, the same message has been sent around the internet to many people (word-for word) and there have been many campaigns like it in the past. Even if you have never visited a “piquant” website, you will still receive the same message. Even if your device does not have a camera, they will still claim to have recorded you through your camera.

Do not pay the BTC and do not reply to the scammers. The only thing you need to do is change the password to your email address and other accounts you have for safe measure.

The email message does not mean that your computer is infected with malware; However, if you would like to remove malware and other potentially malicious files from your computer we recommended to use Malwarebytes. Here are some instructions:

1. Download Malwarebytes Anti-Malware software to scan your computer and remove malicious files and potentially unwanted programs.

2. To install the program, click the file you just downloaded. It can usually be located in the Download folder.

install malwarebytes

3. A window that says “Welcome to the Malwarebytes Setup Wizard” will appear. Click Agree and Install to begin the installation. Once complete, click Finish.

scan now

4. Now the Malwarebytes is installed, open the program and click the Scan Now button – or go to the Scan tab and click the Start Scan button.

quarantine selected

3. When the scan is complete click the Quarantine Selected button.

4. If Malwarebytes says “All selected items have been removed successfully. A log file has been saved to the logs folder. Your computer needs to be restarted to complete the removal process. Would you like to restart now?” click the Yes button to restart your computer.

Sean Doyle

Sean Doyle is a tech author and engineer with over 20 years of experience in cybersecurity, privacy, malware, Google Analytics, online marketing, and other topics. Sean's content has been featured in numerous publications.

54 Responses

  1. lee says:

    I replied, I told them not to bother waiting and do their worst, does replying leave me open to any more attacks from these pricks?

  2. steve says:

    https://www.blockchain.com/btc/address/1DVU5Q2HQ4srFNSSaWBrVNMtL4pvBkfP5w

    WOW!! Seems they are making GOOD money in that wallet from one example here!! 1.7 BTC – almost £10,000 at todays price from 21 poor people!!
    SOMETHING needs to be done!

  3. metheperve says:

    seems the wallet on this sample letter above has had 8 people fall for it!!

    https://www.blockchain.com/btc/address/1YnYAxprVrTo1WzPPzMo86ste5Ssp4xsy

  4. metheperve says:

    I just had the same email making me panic at first then laugh as everyone knows what a pervert I am!!
    Nothing illegal but no one would be surprised so was gonna bite the bullet! In midst of trojan scan etc as it is scary and makes you think!!
    Glad things aren’t going to be posted to all my friends anyhow after seeing this and nice to know the scammer is not collecting much money from it. Use https://www.blockchain.com to search on the wallet address and you will be able to see any transactions coming or going for the history of the wallet!! GOTTA LOVE the blockchain eh!!?
    Any one with a wallet that has had BTC given to it?

  5. Anonymous says:

    You are an angel!

  6. Anonymous says:

    What if you can’t change your password?

    • Sean Doyle says:

      I would backup that email account and delete everything in it. Then I would stop using it… But do as you please. The reason for this is because your password was leaked so your account is vulnerable and a password that cannot be changed is not beneficial to the you.

  7. Jessica says:

    What if they actually have a password that you have used in the past? A password that no one could guess unless they actually intercepted it?

    • Sean Doyle says:

      Your password was not obtained by any means of hacking (or cracking) if you received this email message. Please be advised that this email message is simply a scam. The scammer uses information obtained after a breach occurred. Your information was leaked and acquired by the scammer. You can see which breach may have lead to your info being leaked on this website: https://haveibeenpwned.com/

      Please be aware that a scammer or hacker is not going to sign into thousands of email accounts at the same time in order to send them the same message. Targeted attacks are rare and unlikely in most scenarios. The purpose of the email scam is to scare people in order to get them to pay up, so don’t be scared and fall for it.

      Also, it’s been confirmed that a third-party email spoof service is being used to send email messages. Email messages like this have been sent out in the past. This is not uncommon at the moment. This is confirmed as a scam.

      Hope this helps.

  8. Anonymous says:

    I found in this thread https://botcrawl.com/your-secret-life-email-scam/ one comment saying anonymailer is what they use. I sent an email to myself from that site and it showed up in my Sent folder as well. I don’t know how or why, but it is.

  9. Anonymous says:

    What if this email is actually showing up in my Sent folder? How is that possible?

  10. Anonymous says:

    I noticed that the password they claimed to have stolen was all lowercase when in fact it had a few capitals. The only account that uses that password was super old that I don’t use their services anymore (optus). So it narrowed down where the “intercept” was. A lot of accounts that used it previously has been updated. It was a password I’ve used years and years ago. So I can tell this wasn’t a recent intercept. – Still concerning nonetheless.

  11. Anonymous says:

    has anybody already waited the 48 h through? the only fear that i have is that my device is gonna be blocked…porn is something everybody watches so i don’t like the idea but whatever…but i like my computer 🙂

  12. User_fromSpb says:

    Good day! Several people approached me with this problem. In addition to letters with a password from the mail, they also sent letters with passwords from logins to other services. I suppose that the computer still has a trojan that monitors keyboard input.

    • Sean Doyle says:

      That would have nothing to do with this email message because the information was acquired during a breach. You can search which breach your email info was leaked here: https://haveibeenpwned.com/

      • Anonymous says:

        but when I tried it I got nothing. I don’t believe their is a trojan because the password can be a personal password used with work email etc so not sure how that is obtained. Or only a portion of the password is shows. its weird none the less

        • Sean Doyle says:

          It was obtained during a breach. The breach may not have been listed or your information may not have been publicly leaked. There is not a trojan on your computer. This email message has been sent to a lot of people.

  13. gayle says:

    I received the exact hacker email mentioned. The hacker stated my correct password. When I tried to login to my email server I could not because the hacker changed the account manager password. But the hacker did not change my pop account password so that is why I continued to receive my emails uninterrupted. So theoretically the hacker could see all emails I sent and received. Of course I did not pay the ransom. The deadline is 48 hours and it’s been 24 hours. I will let you know if my computer blows up at deadline.

    • Sean Doyle says:

      Hello, this is just an extortion scam. The alleged hacker does not hack anyone’s account. Your password being changed has nothing to do with the email you received. Your computer will also be fine since this is only a scam designed to scare you into paying up.

    • Anonymous says:

      So…did your computer blow up? I’m interested to know.

  14. Anonymous says:

    I can tell it’s a scam when your bitcoin address is the same as mine that I got and that a whole bunch of people got the email

  15. Anonymous says:

    Thank you so much!

  16. Daniel says:

    Thank you very much for this post Sean. A fucking heart attack this morning was not the best breakfast.

  17. Anonymous says:

    Many thanks for this. I have to say it completely freaked me this morning! Mine must have been from the LinkedIn breach. The text in my email is word for word identical.

  18. Anonymous says:

    My account is from NEWSEAs
    Please note this site

  19. Anonymous says:

    Glad to know I am safe

  20. Anonymous says:

    Hi,

    but how can he send a mail with my mail address, passing my Spamfilter?
    IP address was from mazedonia.

    • Anonymous says:

      Edit:
      The password in the email to me was wrong.

    • Sean Doyle says:

      They use a third-party service. They are not actually using your own account to send you a message. They are sending this message to a lot of people. It would take a very long time to send a message to each person from their own accounts one at a time. If the password was incorrect it is likely that it was your previous password that they obtained during a breach somewhere or they simply messed up. They have been running this type of email campaign for a little while and sometimes the passwords are incorrect.

  21. Anonymous says:

    hi
    thanks for that
    but how do they actually know the password ?

  1. December 4, 2018

    […] ‘Hacker who cracked your email’ scam tries to blackmail you for Bitcoin […]

  2. December 8, 2018

    […] ‘Hacker who cracked your email’ scam tries to blackmail you for Bitcoin […]

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.