It would seem that Canada Computers has had a data breach.
Upon checking my pre-filtered email on my server I’ve noticed 3 bitcoin extortion scams forging the from address of my main email account.
SPF (Sender Policy Framework) was of course soft failing those attempts at forging and immediately marking them as spam.
Upon actually reading them I see they are providing an actual password that is supposed to be for my account.
Given the fact that my passwords are unique I was curious and looked up where this supposed password is from.
Lo and behold my randomly generated 30 character password matched the one at Canada Computers.
Upon logging in to the account I see nothing suspicious. I simply changed my password and logged out.
I have informed Canada Computers of the breach; so we’ll see if they take it seriously or not.
The following is a redacted version of one of interesting attempts at extortion.
Hi, dear user of (domain redacted)
We have installed one RAT software into you device.
For this moment your email account is hacked (see on
, I messaged you from your account). Your password for (email address): (Canada Computers password)
I have downloaded all confidential information from your system and I got some more evidence. The most interesting moment that I have discovered are videos records where you masturbating.
I posted my virus on porn site, and then you installed it on your operation system. When you clicked the button Play on porn video, at that moment my trojan was downloaded to your device. After installation, your front camera shoots video every time you masturbate, in addition, the software is synchronized with the video you choose.
For the moment, the software has collected all your contact information from social networks and email addresses. If you need to erase all of your collected data, send me $800 in BTC (crypto currency). This is my Bitcoin wallet: 1PuYAe7BLxNE6F6zE2PeVthfXCeYH88PmQ You have 48 hours after reading this letter.
After your transaction I will erase all your data. Otherwise, I will send video with your pranks to all your colleagues and friends!!!
And henceforth be more careful! Please visit only secure sites! Bye!
People are sending money sadly.
The amounts donated so far to the following address as are follows:
|Bitcoin Address||Transactions||Bitcoin Amount (as of time of post)||USD Value|
Compromised machines are from all over including:
For a laugh I sent an abuse report over to the folks at bspeedy.com on October 8, 2018. No response of course.
I did receive a brush off email that stated this has been passed to their “IT department” on October 11, 2018. I’m not holding my breath as evidenced by this fellow individual:
Well over a month has passed with no response. I’m not surprised in the least.