We have had some reports of people seeing a new email scam starting with: I infected you with my private malware, RAT. It is a new variation on Bitcoin Email Scam. What is Bitcoin Email Scam? It is an email message from someone claiming to have compromising information and demanding ransom via Bitcoin to keep this from becoming public.
The wording varies to some extent, but the email looks something like this:
Hi! I know that: *** – is your password! I infected you with my private malware, RAT, (Remote Administration Tool) some time ago. The malware gave me full access and control over your computer, meaning, I got access to all your accounts and I can see everything on your screen, even turn on your camera or microphone and you won’t even notice about it. I made a video showing both you (through your webcam) and the video you were watching (on the screen) while statisfying yourself! I can send this video to all your contacts (email, social network)! I can publish absolutly everything I found on your computer! You can prevent me from doing this! To stop me, transfer exactly 900$ with the current bitcoin (BTC) price to my bitcoin address. If you don’t know how to get bitcoin, Google – “How to buy Bitcoin”. The wallet you can create here: www.login.blockchain.com/en/#/signup/ My bitcoin adress is: 1Q9QmbRyHu89jWKwVXgkvTMNDuEags5kdq After receiving the payment, I will delete the video, and we will forget everything. I give you 4 days to get the bitcoins. Since I already have access to your computer, I know when you read this email. Don’t share this email with anyone, this should stay our little secret!
Is this threat real?
Good news: thankfully, it’s fake. This email message is nothing more than a new Bitcoin Email Scam. Scammers got your password and associated email address from data breach dumps and are using it to shake you down. If the password emailed to you is one that you still use, then stop using it and change it right now!
Threat Summary
Name | I infected you with my private malware (RAT) |
Type | Bitcoin Email Scam, Phishing, Scam, Fraud |
Ransom amount | $900 |
BTC Wallet | 1Q9QmbRyHu89jWKwVXgkvTMNDuEags5kdq |
Distribution method | spam email campaigns |
Removal | To remove I infected you with my private malware (RAT), our computer security experts recommend use the removal guide |
What to do when you receive “I infected you with my private malware (RAT)” Bitcoin Email Scam
If you — or someone you know — gets an email like this, below are some easy steps which you need to follow:
- First and foremost, ignore the content of this email.
- Do not pay the cyber criminals!
- If the password emailed to you is your current password, then you should change it everywhere it’s in use.
- Use two-factor authentication wherever possible.
- We recommend creating a new password when you set up a new account.
- Report it immediately to your local police, and the FBI.
- It is a good idea to run a malware scan on all your devices to be sure that there is no malicious software installed.
- Install an anti-phishing software.
How to scan your computer for malware
Worried your computer is infected with malicious software? Below are several malware removal tools you need to remove malware. Most quality programs listed below offer a free scan and malware removal so you can detect and uninstall unwanted software without having to pay.
Zemana Anti Malware (ZAM) is extremely fast and ultra light weight malware removal tool. It will assist you delete trojans, worms, adware software, PUPs and other malware. This program gives real-time protection that never slow down your system. Zemana Anti-Malware (ZAM) is developed for experienced and beginner computer users. The interface of this utility is very easy to use, simple and minimalist.
Zemana can be downloaded from the following link. Save it to your Desktop.
164105 downloads
Author: Zemana Ltd
Category: Security tools
Update: July 16, 2019
After downloading is complete, start it and follow the prompts. Once installed, the Zemana AntiMalware (ZAM) will try to update itself and when this procedure is finished, press the “Scan” button . Zemana Anti-Malware tool will start scanning the whole PC system to find out malicious software.
This process can take quite a while, so please be patient. While the Zemana AntiMalware (ZAM) utility is scanning, you may see number of objects it has identified as being infected by malware. Review the report and then press “Next” button.
Once finished, you may be prompted to restart your computer.
How to protect yourself from phishing web-sites
It is also critical to protect your web browsers from phishing and harmful web sites by using an ad-blocker application such as AdGuard. Security experts says that it’ll greatly reduce the risk of malware, and potentially save lots of money. Additionally, the AdGuard may also protect your privacy by blocking almost all trackers.
Installing the AdGuard is simple. First you will need to download AdGuard from the link below.
26655 downloads
Version: 6.4
Author: © Adguard
Category: Security tools
Update: November 15, 2018
After downloading it, double-click the downloaded file to start it. The “Setup Wizard” window will show up on the computer screen as shown in the following example.
Follow the prompts. AdGuard will then be installed and an icon will be placed on your desktop. A window will show up asking you to confirm that you want to see a quick tutorial like below.
Click “Skip” button to close the window and use the default settings, or click “Get Started” to see an quick guide that will help you get to know AdGuard better.
Each time, when you start your PC system, AdGuard will run automatically and stop unwanted advertisements, block phishing, as well as other harmful or misleading websites. For an overview of all the features of the program, or to change its settings you can simply double-click on the AdGuard icon, that is located on your desktop.
Finish words
If you have been the target of the “I infected you with my private malware (RAT)” Email Scam or similar Bitcoin Email Scam, then please drop me a line. And stay safe!
This is the email I got:
Hi!
I know that: – is your password!
I infected you with my private malware, RAT, (Remote Administration Tool) some time ago.
The malware gave me full access and control over your computer, I got access to all your accounts (see password above), it even was possible to turn your webcam on and spy on you.
I MADE A VIDEO showing you (through your webcam) STATISFYING YOURSELF and I collected all your private data.
After that I removed my malware to not leave any traces.
I can send this video to all your contacts (email, social network) and publish all your private data everywhere!
Only you can prevent me from doing this!
Transfer exactly 1600$ with the current bitcoin (BTC) price to my bitcoin address.
If you don’t know where to buy bitcoin, go to one of the most used exchanger: paxful.com ( there are over 300 ways to do it ).
Or Google: “How to buy Bitcoin”.
The wallet to send and receive bitcoin with the current rate you can create here: login.blockchain.com/en/#/signup/
Or you can simply send direct to my wallet from paxful.com.
My bitcoin adress is: 19iHbuwE21MpfjDcLY5qb7teH8RrKoPKGd
Copy and paste my adress, it’s (cAsE-sensetive)
I give you 3 days to get the bitcoins and pay.
After receiving the payment, I will delete everything and we will forget everything, you never will hear from me again and you can life your live in peace like before.
BUT, if you simply ignore this email, I promise, I will turn your life into HELL, you know this all isn’t a joke and you will never forget the stupid decision you made!
Since I already have access to your computer, I know when you read this email.
To make sure you don’t miss this email, I sent it multiple times.
Don’t share this email with anyone, as it only will make everything worse, they can’t help you with this, it should stay our little secret!
MailClientID: 4165695592
Jerry, I received the same message.
Jerry and Ana
I just received that sane message ??
I got the same. Then a follow-up email saying they noticed I don’t have any friends and maybe I should go out more …..
…… seriously though I did get the email. Bit annoying as I have to remember from all the sites in the past I might have used that particular password 🙁 It won’t be an important one I guess but still annoying.
Got this email, guy wanted $1600 but he actually had my password in the subject line, scary shit
I’ve Received simmer message looking for $$$$$$$ but the Password was an old one ???
I received the same message, some time later I received the same message as the email had started from my own email. I asked for Outlook to make updates and I had to wait 1 month for it and when I went to look for the messages they were gone. The password they had spoken was an old one, but I still feel apprehensive.
Got a different one.
No password.
Turn on my cameras? LOL !!! They are ALL covered. Yes, even the front facing cell phone camera. I honestly don’t know why they don’t make the phones with a little pressure/slide lock for privacy.
All messengers that I use? OMG !! You mean the 2 people I talk to? Yeah, I’m not social…
I am intrigued by computer and internet forensics / Penetration Testing and preserving the chain of digital evidence, though… Computer Assisted INvestigative Environment… etc. etc. etc. B)
I got three different emails with the same theme and close to the same wording. They actually had one password I use to log into Discus but nothing else. I use other passwords for other sites and a logging on the computer, I changed the Discus one but I was still worried even thought I knew I had done nothing wrong. My first instinct was that it was probably a scam but then I started thinking what if, what if? That was a mistake. Thanks for posting this item. A big load off my mind.
Paul W
Here’s the one I received:
Hi!
As you may have noticed, I sent you an email from your account. This means that I have full access to your account.
I’ve been watching you for a few months now.
The fact is that you were infected with Njrat through an adult site that you visited.
If you are not familiar with this, I will explain.
Njrat gives me full access and control over a computer or other device.
This means that I can see everything on your screen, turn on the camera and microphone, but you do not know about it.
I also have access to all your contacts and all your correspondence.
I made a video showing how you satisfy yourself in the left half of the screen, and in the right half you see the video that you watched.
With one click of the mouse, I can send this video to all your emails and contacts on social networks.
I can also post access to all your e-mail correspondence and messengers that you use.
If you want to prevent this,
transfer the amount of 950 USD to my bitcoin address (if you do not know how to do this, write to Google: “Buy Bitcoin”).
My bitcoin address (BTC Wallet) is: 1NiQdfAEY3dpF8YCqfndVcPpfGQhHCD8To
After receiving the payment, I will delete the video and you will never hear me again. I give you 48 hours to pay.
I have a notice reading this letter, and the timer will work when you see this letter.
Filing a complaint somewhere does not make sense because this email cannot be tracked like my bitcoin address. I do not make any mistakes.
If I find that you have shared this message with someone else, the video will be immediately distributed.
Best regards!
I got hit with the same thing lmao. The thing is they did send It from my email so I am a bit worried but I can just change my stuff and see if the problem goes away. I love it when they say “I have you on video pleasuring yourself” when I don’t even have a webcam. For anyone wondering the email said it was.
Hello there!
Unfortunately, there are some bad news for you.
Some time ago your device was infected with my private trojan, R.A.T (Remote Administration Tool), if you want to find out more about it simply use Google.
My trojan allowed me to access your files, accounts, and your camera.
Check the sender of this email, I have sent it from your email account.
To make sure you read this email, you will receive it multiple times.
You truly enjoy checking out porn websites and watching dirty videos, while having a lot of kinky fun.
I RECORDED YOU (through your camera) SATISFYING YOURSELF!
After that I removed my malware to not leave any traces.
If you still doubt my serious intentions, it only takes couple mouse clicks to share the video of you with your friends, relatives, all email contacts, on social networks, the darknet and to publish all your files.
All you need is $1800 USD in Bitcoin (BTC) transfer to my account.
After the transaction is successful, I will proceed to delete everything.
Be sure, I keep my promises.
You can easily buy Bitcoin (BTC) here:
hxxps://cex.io/buy-bitcoins
hxxps://nexo.com/buy-crypto/bitcoin-btc
hxxps://bitpay.com/buy-bitcoin/?crypto=BTC
hxxps://paybis.com/
hxxps://invity.io/buy-crypto
Or simply google other exchanger.
After that send the Bitcoin (BTC) directly to my wallet, or install the free software: Atomicwallet, or: Exodus wallet, then receive and send to mine.
My Bitcoin (BTC) address is: 1JvFwMdSUWdkDiWWiNggzZEf8kY4JXRGbf
Yes, that’s how the address looks like, copy and paste my address, it’s (cAsE-sEnSEtiVE).
You are given not more than 3 days after you have opened this email.
As I got access to this email account, I will know if this email has already been read.
Everything will be carried out based on fairness.
An advice from me, regularly change all your passwords to your accounts and update your device with newest security patches.