The “I am a spyware software developer” scam has just emerged inside an email, suggesting that a person changed your password at some website (usually an email address provider). This is the typical scam trying to scare people that their e-mail account got breached and that its password is now in the hands of an experienced spyware software dev. People receiving the message are demanded to pay a ransom fee in Bitcoin (the sum varying around 840 US dollars). Do not pay the money in any case as that will not help you. See what you must do in case you are truly breached, but know that this is most likely a scam email.
|Name||"I am a spyware software developer" Scam|
|Type||Email Scam Message|
|Short Description||A scam that tries to scare you into paying a ransom fee for a supposed breach of your email account credentials.|
|Symptoms||You receive an email message that tries to trick you into thinking that your email account got compromised, plus that your password is leaked and exposed to hackers.|
|Distribution Method||Email Spam Messages, Suspicious Sites|
|Detection Tool|| See If Your System Has Been Affected by "I am a spyware software developer" Scam |
Malware Removal Tool
|User Experience||Join Our Forum to Discuss "I am a spyware software developer" Scam.|
“I am a spyware software developer” Scam – Distribution
The “I am a spyware software developer” scam is mainly distributed through e-mail messages that may even be filtered as spam by email providers by now. It could also be using targeted attacks to aim for a bigger payout by companies or rich people. Different distribution tactics may exist, too. For instance, there are mentions of the “I am a spyware software developer” scam over Facebook, and the scareware tactics and doxing may be successful there, just as well.
In case your computer was truly compromised, a payload file that downloads a Trojan horse or some kind of a RAT may have been trigerred by a malicious website or redirect.
Freeware which is found on the Web can be presented as helpful also be hiding the malicious script for the scam message to appear. Refrain from opening files right after you have downloaded them. You should first scan them with a security tool, while also checking their size and signatures for anything that seems out of the ordinary. You should read the tips for preventing ransomware located at the corresponding forum thread.
“I am a spyware software developer” Scam – Insight
The “I am a spyware software developer” scam is a hot topic all over the Internet, be it news websites or social networks such as Facebook. The message is sent over email and is a scareware tye that relies on social engineering. The extortionists want you to pay them for a supposed security breach that supposedly landed them your email account password.
The email message looks like the following:
The full scam message reads:
Account Issue. Changed password. (your password: user’s password)
Dear user of -!
I am a spyware software developer.
Your account has been hacked by me in the summer of 2018.
I understand that it is hard to believe, but here is my evidence:
– I sent you this email from your account.
– Password from account user’s email address: user’s real password (on moment of hack).
The hacking was carried out using a hardware vulnerability through which you went online (Cisco router, vulnerability CVE-2018-0296).
I went around the security system in the router, installed an exploit there.
When you went online, my exploit downloaded my malicious code (rootkit) to your device.
This is driver software, I constantly updated it, so your antivirus is silent all time.
Since then I have been following you (I can connect to your device via the VNC protocol).
That is, I can see absolutely everything that you do, view and download your files and any data to yourself.
I also have access to the camera on your device, and I periodically take photos and videos with you.
At the moment, I have harvested a solid dirt… on you…
I saved all your email and chats from your messangers. I also saved the entire history of the sites you visit.
I note that it is useless to change the passwords. My malware update passwords from your accounts every times.
I know what you like hard funs (adult sites).
Oh, yes .. I’m know your secret life, which you are hiding from everyone.
Oh my God, what are your like… I saw THIS … Oh, you dirty naughty person …
I took photos and videos of your most passionate funs with adult content, and synchronized them in real time with the image of your camera.
Believe it turned out very high quality!
So, to the business!
I’m sure you don’t want to show these files and visiting history to all your contacts.
Transfer $840 to my Bitcoin cryptocurrency wallet: 1Bt4psBJmjfVTcW6eYiJZ6HEbpFgKkBSX4, 19qL8vdRtk5xJcGNVk3WruuSyitVfSAy7f
Just copy and paste the wallet number when transferring.
If you do not know how to do this – ask Google.
My system automatically recognizes the translation.
As soon as the specified amount is received, all your data will be destroyed from my server, and the rootkit will be automatically removed from your system.
Do not worry, I really will delete everything, since I am working with many people who have fallen into your position.
You will only have to inform your provider about the vulnerabilities in the router so that other hackers will not use it.
Since opening this letter you have 48 hours.
If funds not will be received, after the specified time has elapsed, the disk of your device will be formatted,
and from my server will automatically send email and sms to all your contacts with compromising material.
I advise you to remain prudent and not engage in nonsense (all files on my server).
Other versions may be prevalent on the web with a text stating “I’m a programmer who cracked your email “.
There are a number of possibilities, but in most cases this is an absolute scam. You should ignore it. Do not reply to it. Do not pay the cybercriminals behind it. Change your email password, but first make sure your computer is clean from viruses. Also, check if you are changing it from the real URL address of your email provider and not a phishing page.
Another thing to notice is that inside the email, there is a mention of a real vulnerability namedCVE-2018-0296, a Severe Flaw in Cisco ASA
The list below consists of Bitcoin addresses which are given by the criminals for paying the ransom. The scam may have different names dubbed on these Bitcoin addresses as you can see below:
- 1Bt4psBJmjfVTcW6eYiJZ6HEbpFgKkBSX4 Bitcoin Email Scam
- 19qL8vdRtk5xJcGNVk3WruuSyitVfSAy7f Bitcoin Email Scam
You are demanded to pay “840 US dollars” to allegedly not spread your personal pictures and files to family and friends. However, you should NOT under any circumstances pay any ransom sum. No guarantee exists that your “data” is not going to be leaked even if you pay. This is known as doxing – an extortion involving the threat of releasing personal information, photos or videos which might be embarassing or otherwise unwanted by the person being extorted. Adding to all of this, giving money to cybercriminals will most likely motivate them to create more ransomware scams, “viruses” or commit different criminal activities. That may even result to the criminals wanting more money after payment.
Be sure that even if your password got leaked from an older password breach database. If you have any accounts still using that password, be certain to change them and make sure you use a different password for each account. If you can, enable two-factor authentication on the accounts. Stay safe and ever vigilant.
Remove “I am a spyware software developer” Scam
To remove the I am a spyware software developer scam you should simply delete the email message. However, if you are truly breached and you recognize any of the listed passwords, you should see the step-by-step removal instructions provided below. In case you can not get rid of files related to the scam or find out other malicious ones, you should search for and remove any leftover malware pieces with an advanced anti-malware tool. Software like that will keep your system secure in the future.