Today, our team discovered new spam emails that were sent from a group of unknowns calling themselves ‘WannaCry hacker group‘. This email states that they hacked the mail servers of the recipient of the email between 06/24/2019 and 09/11/2019. Then so called WannaCry hackers were able to infect the computer and install a program on it. This program is a trojan that can steal passwords. Moreover, this trojan allows them to access all messages and emails.
Further, as in other similar email messages, scammers say that they have collected compromising information about the user, which they will send to all the contacts in the recipient’s email account if they do not receive the ransom.
The emails received by the victims may vary slightly in content, but they are basically the same. An example of such a message is given below:
Hello!
I am a representative of the WannaCry hacker group.
In the period from 24/06/2019 to 11/09/2019 we got access to your account [edited] by hacking one of the [edited] mail servers.Your pass for above account on moment of hack was: [edited]
You already changed the password?
Sumptuously! But my program fixes this every time. And every time I know your new password!Using access to your account, it turned out to be easy to infect the OS of your device.
At the moment, all your contacts are known to us. We also have access to your messengers and to your correspondence.
All this information is already stored with us.We are also aware of your intimate adventures on the Internet.
We know that you adore adult sites and we know about your sexual addictions.
You have a very interesting and special taste (you understand what I mean).While browsing these sites, your device’s camera automatically turns on.
Video-record you and what you watch is being save.
After that, the video clip is automatically saved on our server.At the moment, several analogy video records have been collected.
From the moment you read this letter, after 60 hours, all your contacts on this email box and in your instant messengers will receive these clips and files with your correspondence.If you do not want this, transfer 550$ to our Bitcoin cryptocurrency wallet: 18JbdkskQSNFP9DrcCp9txLMFJCyPwEPXg
I guarantee that we will then destroy all your secrets!As soon as the money is in our account – your data will be immediately destroyed!
If no money arrives, files with video and correspondence will be sent to all your contacts.You decide… Pay or live in hell out of shame…
We believe that this whole story will teach you how to use gadgets properly!
Everyone loves adult sites, you’re just out of luck.
For the future – just cover a sticker your device’s camera when you visit adult sites!Take care of yourself!
Is this threat real?
We want to repeat, this email message is a bitcoin email scam that is created solely to scare the recipient of the email. By this, scammers want to force the victim to pay the ransom without hesitation. Exactly a month ago, we already wrote about a similar fraud, the only difference in which is that it was sent on from so called ‘ChaosCC hacker group‘.
Scammers call themselves ‘WannaCry hacker group’ to scare the email recipient even more, as many people remember one of the largest virus attacks caused by virus WannaCry. It simultaneously infected hundreds of thousands of computers around the world.
Stolen Password
Stolen password in the email – is a standard tactic used by scammers. This password, along with the email address, scammers received from databases that can be found on the Internet.
Threat Summary
Type | Sextortion, Phishing, Bitcoin Email Scam, Fraud, Scam |
Name | I am a representative of the WannaCry hacker group |
Sender | WannaCry hacker group |
Ransom amount | $550 |
Distribution method | spam email campaigns |
Removal | To remove I am a representative of the WannaCry hacker group virus our computer security experts recommend use the removal guide |
What to do when you receive the “WannaCry hacker group” email scam
If you, your work colleagues or your friends received this email, do the following:
- Do not panic, delete the email message and forget scammers empty threats.
- We recommend you do not pay a ransom, because your payment will only increase attacks against you.
- If there’s a link in the scam email, do not click it, otherwise you could unwittingly install malware or ransomware on your computer.
- Report the email spam to the FTC at https://www.ftc.gov/
- Scan your computer for malware.
- Install an anti-phishing software.
How to scan your PC for malware
To be sure that there is no malware on the computer, we advise you to perform a full virus scan using malware removal tools. The utilities presented below will allow you to check the system, find and remove malware. These programs can detect and remove spyware, adware, trojans and many other types of malware.
- Download Zemana Anti-Malware on your Windows Desktop from the link below.
Zemana AntiMalware
164114 downloads
Author: Zemana Ltd
Category: Security tools
Update: July 16, 2019
- Once you have downloaded the setup file, make sure to double click on the Zemana.AntiMalware.Setup. This would start the Zemana Free install on your system.
- Select installation language and click ‘OK’ button.
- On the next screen ‘Setup Wizard’ simply click the ‘Next’ button and follow the prompts.
- Finally, once the installation is finished, Zemana Anti Malware (ZAM) will start automatically. Else, if does not then double-click on the Zemana Anti-Malware (ZAM) icon on your desktop.
- Now that you have successfully install Zemana, let’s see How to use Zemana to remove Www.ru virus from your computer.
- After you have started the Zemana Anti Malware, you’ll see a window as displayed below, just click ‘Scan’ button . Zemana utility will begin scanning the whole PC to find out malware.
- Now pay attention to the screen while Zemana scans your PC.
- Once Zemana Anti Malware (ZAM) has finished scanning your PC system, the results are displayed in the scan report. When you are ready, click ‘Next’ button.
- Zemana may require a reboot PC in order to complete malware removal process.
- If you want to permanently delete malicious software from your PC system, then click ‘Quarantine’ icon, select all malicious software, adware software, potentially unwanted applications and other items and press Delete.
- Restart your PC to complete the virus removal process.
How to protect yourself from phishing web-sites
In addition to checking for malware, we also recommend that you install another program named AdGuard that will allow you to block phishing, fraudulent sites, annoying and malicious ads.
- Click the link below to download AdGuard. Save it on your MS Windows desktop.
Adguard download
26660 downloads
Version: 6.4
Author: © Adguard
Category: Security tools
Update: November 15, 2018
- After downloading it, start the downloaded file. You will see the “Setup Wizard” program window. Follow the prompts.
- When the install is finished, click “Skip” to close the installation program and use the default settings, or press “Get Started” to see an quick tutorial which will assist you get to know AdGuard better.
- In most cases, the default settings are enough and you do not need to change anything. Each time, when you launch your PC, AdGuard will run automatically and stop unwanted advertisements, block phishing, as well as other harmful or misleading web pages. For an overview of all the features of the program, or to change its settings you can simply double-click on the icon named AdGuard, which can be found on your desktop.
Finish words
If you have been the target of the “WannaCry hacker group” Email Scam or similar Bitcoin Email Scam, then please drop us a line. And stay safe!