Did you receive the “I am a spyware software developer. Your account has been hacked by me” e-mail from somebody claiming to be a spyware software developer? He claims to have “photos and videos of your most passionate funs with adult content” and goes on to ask for ransom (in Bitcoin cryptocurrency) in order to stop the compromising material being sent to all your contacts. We have good news for you. No worries, you can ignore this message!
Myantispyware.com continue to receive reports of fraudulent messages. Here below is example of the latest variation of the “I am a spyware software developer. Your account has been hacked” scam.
“I am a spyware software developer. Your account has been hacked by me in the summer of 2018.” – email spam
This is the original text of the first fraudulent message with the ransom note:
Dear user of ***! I am a spyware software developer. Your account has been hacked by me in the summer of 2018. I understand that it is hard to believe, but here is my evidence (I sent you this email from your account). The hacking was carried out using a hardware vulnerability through which you went online (Cisco router, vulnerability CVE-2018-0296). I went around the security system in the router, installed an exploit there. When you went online, my exploit downloaded my malicious code (rootkit) to your device. This is driver software, I constantly updated it, so your antivirus is silent all time. Since then I have been following you (I can connect to your device via the VNC protocol). That is, I can see absolutely everything that you do, view and download your files and any data to yourself. I also have access to the camera on your device, and I periodically take photos and videos with you. At the moment, I have harvested a solid dirt... on you... I saved all your email and chats from your messangers. I also saved the entire history of the sites you visit. I note that it is useless to change the passwords. My malware update passwords from your accounts every times. I know what you like hard funs (adult sites). Oh, yes .. I'm know your secret life, which you are hiding from everyone. Oh my God, what are your like... I saw THIS ... Oh, you dirty naughty person ... :) I took photos and videos of your most passionate funs with adult content, and synchronized them in real time with the image of your camera. Believe it turned out very high quality! So, to the business! I'm sure you don't want to show these files and visiting history to all your contacts. Transfer $835 to my Bitcoin cryptocurrency wallet: 19qL8vdRtk5xJcGNVk3WruuSyitVfSAy7f Just copy and paste the wallet number when transferring. If you do not know how to do this - ask Google. My system automatically recognizes the translation. As soon as the specified amount is received, all your data will be destroyed from my server, and the rootkit will be automatically removed from your system. Do not worry, I really will delete everything, since I am 'working' with many people who have fallen into your position. You will only have to inform your provider about the vulnerabilities in the router so that other hackers will not use it. Since opening this letter you have 48 hours. If funds not will be received, after the specified time has elapsed, the disk of your device will be formatted, and from my server will automatically send email and sms to all your contacts with compromising material. I advise you to remain prudent and not engage in nonsense (all files on my server). Good luck!
There are variations in the wording of the email subject and email body, but all of these messages are basically the same. The fraudulence message will say that “spyware software developer” has placed a malicious code (rootkit) on your device and has evidence of you “secret life” while visiting adult sites. Hacker also states that he has stolen your contacts. He promises to destroy stolen data and remove the rootkit, if you send him $835 (Bitcoin cryptocurrency wallet: 19qL8vdRtk5xJcGNVk3WruuSyitVfSAy7f).
What to do when you receive “I am a spyware software developer. Your account has been hacked” spam
We advice to someone who gets this fraudulence message:
- Do not respond to this email spam
- Do not panic
- Do not pay a ransom
- Mark the email as SPAM (junk mail) using your email software
- If you’re worried, scan your computer for viruses and malware
- Install an anti-phishing software
How to scan your computer for malware and protect your PC from phishing scams
- Remove suspicious applications using MS Windows Control Panel
- Scan your computer for viruses and malware
- Use AdBlocker to stay safe online
Remove suspicious applications using MS Windows Control Panel
It is of primary importance to first identify and remove all potentially unwanted applications, adware apps and browser hijackers through ‘Add/Remove Programs’ (MS Windows XP) or ‘Uninstall a program’ (Windows 10, 8, 7) section of your Microsoft Windows Control Panel.
Windows 8, 8.1, 10
First, press Windows button
, then click Search 
. Type ‘Control panel’and press Enter as shown on the image below.
When the ‘Control Panel’ opens, click the ‘Uninstall a program’ link under Programs category as shown below.
You will see the ‘Uninstall a program’ panel as on the image below.
Very carefully look around the entire list of apps installed on your machine. If you have many software installed, you can help simplify the search of harmful software by sort the list by date of installation. Once you’ve found a dubious, unwanted or unused program, right click to it, after that press ‘Uninstall’.
Windows XP, Vista, 7
First, click ‘Start’ button and select ‘Control Panel’ at right panel as displayed in the figure below.
When the Windows ‘Control Panel’ opens, you need to press ‘Uninstall a program’ under ‘Programs’ as shown below.
You will see a list of apps installed on your PC system. We recommend to sort the list by date of installation to quickly find the apps that were installed last. If you are in doubt, you can always check the application by doing a search for her name in Google, Yahoo or Bing. After the program which you need to delete is found, simply click on its name, and then click ‘Uninstall’ as shown in the figure below.
Scan your computer for viruses and malware
We suggest using the MalwareBytes to scan your computer for viruses and malware. This free tool is an advanced malware removal program developed by (c) Malwarebytes lab. This program uses the world’s most popular antimalware technology. It’s able to help you remove viruses, PUPs, malicious software, ad supported software, toolbars, ransomware and other security threats from your personal computer for free.
MalwareBytes Anti Malware can be downloaded from the following link. Save it on your MS Windows desktop.
297070 downloads
Author: Malwarebytes
Category: Security tools
Update: April 15, 2020
Once the download is complete, close all apps and windows on your computer. Open a directory in which you saved it. Double-click on the icon that’s called mb3-setup as shown in the figure below.
When the installation starts, you’ll see the “Setup wizard” which will help you install Malwarebytes on your system.
Once setup is finished, you’ll see window as displayed in the figure below.
Now press the “Scan Now” button to perform a system scan for viruses and malware. A system scan may take anywhere from 5 to 30 minutes, depending on your machine. While the MalwareBytes is checking, you may see number of objects it has identified either as being malware.
When finished, MalwareBytes Anti-Malware (MBAM) will display a scan report. In order to delete all threats, simply press “Quarantine Selected” button.
The Malwarebytes will now remove security threats and add items to the Quarantine. When that process is done, you may be prompted to restart your computer.
The following video explains steps on how to remove hijacker infection, adware and other malicious software with MalwareBytes.
Run AdBlocker to stay safe online
If you browse the Internet, you cannot avoid malicious advertising. But you can protect your internet browser against it. Download and use an ad blocker program. AdGuard is an ad blocker that can filter out a huge count of of the malvertising, stoping dynamic scripts from loading malicious content.
Installing the AdGuard is simple. First you will need to download AdGuard from the following link. Save it on your Microsoft Windows desktop.
22433 downloads
Version: 6.4
Author: © Adguard
Category: Security tools
Update: November 15, 2018
After downloading it, start the downloaded file. You will see the “Setup Wizard” screen as shown on the image below.
Follow the prompts. Once the setup is finished, you will see a window as displayed on the image below.
You can press “Skip” to close the install application and use the default settings, or press “Get Started” button to see an quick tutorial which will allow you get to know AdGuard better.
In most cases, the default settings are enough and you do not need to change anything. Each time, when you start your machine, AdGuard will start automatically and block unwanted advertisements, as well as other malicious or misleading web-pages. For an overview of all the features of the program, or to change its settings you can simply double-click on the AdGuard icon, which is located on your desktop.
(3 votes, average: 5.00 out of 5)
Loading...
Similar threat, I have received at least 50 of these over the last week.
I have received the same email but it also lists a very old password I used for that email account (changed at least 4 years ago). Just wondering how they would have got this information as it’s definitely not one you could easily guess (just random letters and numbers).
I had the same as Katie. An old password. However I only used this account for 5 things.
Paypal (use regularly)
Facebook acount (that I do not use)
IG (not used so closed account last month)
Plus500 ( not used)
ADSS Securities ( not used)
The anomoly was ADSS Securities. I had a flurry of emails 6 months ago to get me to deposit funds into the account before new rules were imposed. I did not and when legislation changed they gave up. I asked questions after and they couldn’t be bothered to answer. Then I had an email from them out the blue saying ‘Password Expiration Reminder. Day later I had this Spam email. Coincidence? I had another email recently from them and another spam message a few days apart.
I like this part though 😉
“Since opening this letter you have 48 hours.
If funds not will be received, after the specified time has elapsed, the disk of your device will be formatted,
and from my server will automatically send email and sms to all your contacts with compromising material.
I advise you to remain prudent and not engage in nonsense (all files on my server).
Good luck!”
It’s been since October and my drive is fine lol. 2 months!!
Good luck yourselves with the camera on my device btw. I don’t have one!
haveibeenpwned.com/
turns out it was lastfm. Can’t remember the last time I use that.
The site above is great. found another account that I did not know had been leaked. I will now change the password on it.
As with the others, they hacked an old password of mine from 6 years ago that i used on a few torrent sites.
But what’s strange is that they are now sending these messages from my very own email account, as to prove the point they’ve hacked me.
And even stranger, when i change the password, it still doesn’t prevent them from using my email address to auto send these spam.
How is that possible ?
Scammers use email spoofing—sending emails that appear legitimate but are anything but (en.wikipedia.org/wiki/Email_spoofing).