Bitcoin Blackmail by Snail Mail Preys on Those with Guilty Conscience
Security Bot last edited by
KrebsOnSecurity heard from a reader whose friend recently received a remarkably customized extortion letter via snail mail that threatened to tell the recipient:undefined:’:undefined:s wife about his supposed extramarital affairs unless he paid $3,600 in bitcoin. The friend said he had nothing to hide and suspects this is part of a random but well-crafted campaign to prey on men who may have a guilty conscience.
The letter addressed the recipient by his first name and hometown throughout, and claimed to have evidence of the supposed dalliances.
:undefined:“:undefined:You don:undefined:’:undefined:t know me personally and nobody hired me to look into you,:undefined:”:undefined: the letter begins. :undefined:“:undefined:Nor did I go out looking to burn you. It is just your bad luck that I stumbled across your misadventures while working on a job around Bellevue.:undefined:”:undefined:
The missive continues:
:undefined:“:undefined:I then put in more time than I probably should have looking into your life. Frankly, I am ready to forget all about you and let you get on with your life. And I am going to give you two options that will accomplish that very thing. These two options are to either ignore this letter, or simply pay me $3,600. Let:undefined:’:undefined:s examine those two options in more detail.:undefined:”:undefined:
The letter goes on to say that option 1 (ignoring the threat) means the author will send copies of his alleged evidence to the man:undefined:’:undefined:s wife and to her friends and family if he does not receive payment within 12 days of the letter:undefined:’:undefined:s post marked date.
:undefined:“:undefined:So [name omitted], even if you decide to come clean with your wife, it won:undefined:’:undefined:t protect her from the humiliation she will feel when her friends and family find out your sordid details from me,:undefined:”:undefined: the extortionist wrote.
Option 2, of course, involves sending $3,600 in Bitcoin to an address specified in the letter. That bitcoin address does not appear to have received any payments. Attached to the two-sided extortion note is a primer on different ways to quickly and easily obtain bitcoin.
:undefined:“:undefined:If I don:undefined:’:undefined:t receive the bitcoin by that date, I will go ahead and release the evidence to everyone,:undefined:”:undefined: the letter concludes. :undefined:“:undefined:If you go that route, then the least you could do is tell your wife so she can come up with an excuse to prepare her friends and family before they find out. The clock is ticking, [name omitted].:undefined:”:undefined:
Of course, sending extortion letters via postal mail ismail fraud, a crime which carries severe penalties (fines of up to $1 million and up to 30 years in jail). However, as the extortionist rightly notes in his letter, the likelihood that authorities would ever be able to catch him is probably low.
The last time I heard of or saw this type of targeted extortion by mail was in the wake of the2015 breach at online cheating site AshleyMadison.com. But those attempts made more sense to me since obviously many AshleyMadison users quite clearly did have an affair to hide.
In any case, I:undefined:’:undefined:d wager that this scheme :undefined:—:undefined: assuming that the extortionist is lying and has indeed sent these letters to targets without actual knowledge of extramarital affairs on the part of the recipients :undefined:—:undefined: has a decent chance of being received by someone who really does have a current or former fling that he is hiding from his spouse. Whether that person follows through and pays the extortion, though, is another matter.
I searched online for snippets of text from the extortion letter and found just one other mention of what appears to be the same letter: It was targeting people in Wellesley, Mass, according to a local news report from December 2017.
According tothat report, the local police had a couple of residents drop off letters or call to report receiving them, :undefined:“:undefined:but to our knowledge no residents have fallen prey to the scam. The envelopes have no return address and are postmarked out of state, but from different states. The people who have notified us suspected it was a scam and just wanted to let us know.:undefined:”:undefined:
In the Massachusetts incidents, the extortionist was asking for $8,500 in bitcoin. Assuming it is the same person responsible for sending this letter, perhaps the extortionist wasn:undefined:’:undefined:t getting many people to bite and thus lowered his :undefined:“:undefined:fee.:undefined:”:undefined:
I opted not to publish a scan of the letter here because it was double-sided and redacting names, etc. gets dicey thanks to photo and image manipulation tools.Here:undefined:’:undefined:s a transcription of it instead (PDF).
Make ISO from DVD
In this case I had an OS install disk which was required to be on a virtual node with no optical drive, so I needed to transfer an image to the server to create a VM
Find out which device the DVD is:lsblk
Output:NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT sda 8:0 0 465.8G 0 disk ├─sda1 8:1 0 1G 0 part /boot └─sda2 8:2 0 464.8G 0 part ├─centos-root 253:0 0 50G 0 lvm / ├─centos-swap 253:1 0 11.8G 0 lvm [SWAP] └─centos-home 253:2 0 403G 0 lvm /home sdb 8:16 1 14.5G 0 disk /mnt sr0 11:0 1 4.1G 0 rom /run/media/rick/CCSA_X64FRE_EN-US_DV5
Therefore /dev/sr0 is the location , or disk to be made into an ISO
I prefer simplicity, and sometimes deal with the fallout after the fact, however Ive repeated this countless times with success.dd if=/dev/sr0 of=win10.iso
Where if=Input file and of=output file
I chill out and do something else while the image is being copied/created, and the final output:8555456+0 records in 8555456+0 records out 4380393472 bytes (4.4 GB) copied, 331.937 s, 13.2 MB/s
Recreate postrgresql database template encode to ASCIIUPDATE pg_database SET datistemplate = FALSE WHERE datname = 'template1';
Now we can drop it:DROP DATABASE template1;
Create database from template0, with a new default encoding:CREATE DATABASE template1 WITH TEMPLATE = template0 ENCODING = 'UNICODE'; UPDATE pg_database SET datistemplate = TRUE WHERE datname = 'template1'; \c template1 VACUUM FREEZE;