[64140] in SIPB bug reports
Hackers have access to your device. Check details ASAP!
daemon@ATHENA.MIT.EDU (swansonnla@acoco.com)
Sat Apr 24 02:41:10 2021
From swansonnla@acoco.com Sat Apr 24 06:41:09 2021
Return-Path: <swansonnla@acoco.com>
Delivered-To: bug-sipb-mtg@CHARON.mit.edu
Received: (qmail 10224 invoked from network); 24 Apr 2021 06:41:09 -0000
Received: from outgoing-exchange-7.mit.edu (18.9.28.58)
by charon.mit.edu with SMTP; 24 Apr 2021 06:41:09 -0000
Received: from w92exedge3.exchange.mit.edu (W92EXEDGE3.EXCHANGE.MIT.EDU [18.7.73.15])
by outgoing-exchange-7.mit.edu (8.14.7/8.12.4) with ESMTP id 13O6f4I8015821
for <bug-sipb-mtg@bloom-picayune.mit.edu>; Sat, 24 Apr 2021 02:41:10 -0400
Received: from oc11expo10.exchange.mit.edu (18.9.4.15) by
w92exedge3.exchange.mit.edu (18.7.73.15) with Microsoft SMTP Server (TLS) id
15.0.1497.2; Sat, 24 Apr 2021 02:40:23 -0400
Received: from oc11exhyb6.exchange.mit.edu (18.9.1.111) by
oc11expo10.exchange.mit.edu (18.9.4.15) with Microsoft SMTP Server (TLS) id
15.0.1497.2; Sat, 24 Apr 2021 02:41:04 -0400
Received: from NAM10-MW2-obe.outbound.protection.outlook.com (104.47.55.105)
by oc11exhyb6.exchange.mit.edu (18.9.1.111) with Microsoft SMTP Server (TLS)
id 15.0.1497.2 via Frontend Transport; Sat, 24 Apr 2021 02:41:04 -0400
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
b=AfS+fDj/jo+XgPsezxWiCl6iFczgBj7yltpRC68o5Nv42fdwNMrP92/s7H2IHk5OvnoaX94nAO7oJfKS4yeSvRyWhAn8IjOydUbzWd/BDg+yKH5BaAHr057+iZzEGyAFbgsVPfzcwJDOH0lliuSmoIG7BRzxFgUWq90LqWAdrqzufxVSDS19BfusbeT5NZc7nLJyffULLKirvC5e+SwSReNHHyOe96BCDO8s4ItTbk0rQGU9zjcJ+y3kGegPBKkpCMZKXRVLG0YCWoslNyYAlASXI1cnpKMitfsM6yObmIor8lapkifBkm15y0rrZk5m7M2cTxkq+1QbYO36zy54dQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
s=arcselector9901;
h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
bh=MmGJrdSroDL9F2cizragnPgpVAhU6k1ar4JznGSaWLI=;
b=E7zIcakTeCVP6pWSZImaJNQSjc63jJCTK5gbAPsTulc5yvW4yHheeR7p3zHu7Ng23Yy3zJ2POx0njsmkDoczUbmUutiEDfuDWx3MdlyYoBnaiczvXzr+IPZZwP5juXDXzxhOOnLsTPFiHg40xCQdlEfO7CEC3ch37BnpidjbtUJjwBwbMouEWSdNrwK13ykK7+tnJkLS/gxVkjxmzvz7v0MIEShmbzcjtSCJZtnwVIEA1P2azx6q3uInikiWHmCwU3vuw2YIIGOKB0MNJzSB87Pq1IXNmn8OWLUsuspEZBNhNvNz0jm6z95jpRrR4NMDyD9jjFiuoKd6veb1W2TP+A==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none;
dkim=none; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=mitprod.onmicrosoft.com; s=selector2-mitprod-onmicrosoft-com;
h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
bh=MmGJrdSroDL9F2cizragnPgpVAhU6k1ar4JznGSaWLI=;
b=el7nkjokK70Me1Mq82iKC9atclVCu1zNjSn4ngd8eEJCsS92rh/xqYHAvJm/Kk4utHmutQkW4DF6qHnRUzuJPwPMELLyTy09iSnTGwU5YW8ournJRml7Cn2JanyR1Db4238DlTc15Rz4T5vvTlbPZPSLo+j9BbNfqbL6nHGZL3k=
Received: from BN9PR03CA0100.namprd03.prod.outlook.com (2603:10b6:408:fd::15)
by CO1PR01MB6759.prod.exchangelabs.com (2603:10b6:303:f5::9) with Microsoft
SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
15.20.4065.22; Sat, 24 Apr 2021 06:41:02 +0000
Received: from BN8NAM11FT055.eop-nam11.prod.protection.outlook.com
(2603:10b6:408:fd:cafe::86) by BN9PR03CA0100.outlook.office365.com
(2603:10b6:408:fd::15) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4065.20 via Frontend
Transport; Sat, 24 Apr 2021 06:41:01 +0000
Authentication-Results: spf=none (sender IP is 103.131.119.165)
smtp.mailfrom=acoco.com; exchange.mit.edu; dkim=none (message not signed)
header.d=none;exchange.mit.edu; dmarc=none action=none header.from=acoco.com;
Received-SPF: None (protection.outlook.com: acoco.com does not designate
permitted sender hosts)
Received: from [103.131.119.165] (103.131.119.165) by
BN8NAM11FT055.mail.protection.outlook.com (10.13.177.62) with Microsoft SMTP
Server id 15.20.4065.21 via Frontend Transport; Sat, 24 Apr 2021 06:41:00
+0000
Message-ID: <F24DCD584572D8D06FEF7A6750FAF24D@Q6261Y27W6>
From: <swansonnla@acoco.com>
To: <bug-clisp@exchange.mit.edu>
Subject: Hackers have access to your device. Check details ASAP!
Date: 24 Apr 2021 19:32:56 +0600
MIME-Version: 1.0
Content-Type: text/plain;
charset="ibm852"
Content-Transfer-Encoding: 8bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.5512
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.5512
X-EOPAttributedMessage: 0
X-EOPTenantAttributedMessage: 64afd9ba-0ecf-4acf-bc36-935f6235ba8b:0
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 34d27f6b-6cfa-4baa-f43b-08d906ebecc2
X-MS-TrafficTypeDiagnostic: CO1PR01MB6759:
X-LD-Processed: 64afd9ba-0ecf-4acf-bc36-935f6235ba8b,ExtAddr
X-MS-Exchange-Transport-Forked: True
X-MS-Exchange-AtpMessageProperties: SA
X-Microsoft-Antispam-PRVS: <CO1PR01MB67590032E7BE6E82B36B5CADCE449@CO1PR01MB6759.prod.exchangelabs.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:4303;
X-MS-Exchange-SenderADCheck: 2
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: jG0oLYuxiGzCKyv56T9gmUwq1E/b0vqmUhUSA5bDpyCuZORfa8aenOUq4cNdeWbOJ/xr+wRzTW/w/qZOMbdhKSzDor6mhUMGAt4paUVQ2fRU5ite0LEAkhRmEzPQ+v7Je9jFHLq62PjmaRyKGkHywWZAbeS4q4QFgyzp+iZiCvn0jNGkU0970H8slYreeG/OMyceBGsbGp4K2u25/GJtR2SNYNsbwjeG7WYDBBarhdC9kFLlDlOe0eejKo3dlzZxcni14LV0KaUPdfn861iAC7PuQ1V4O+VrztKMVMmcUkV5CmLRZtYM324S3W1Q03/uwpAXAw9YZZaaRjIz0WafkYeSCR4PSN1J5+l3zU4H6AlgqGA2d09UIhmasFS+OVZbMV2eVSeanO9PFD5vs7iB2b6ga6dLuwASj4l4C81DEEjpC/kthtPoGcFcX2YLm8LAvXBr0VDuhRSWUr1ko/F5mjKU0HSFf0zoy+CTHr3Qu+nKMqCLjewzjlqBUWM9zERSvhs4t9+/ijq7P07Syn3L7JMAJtxxPFwDU77Qx3ZtX1mTaX6jZboJ1aLTWMPHpAUNU4vKzeTumHwmuihcBSjIVbr15575CbOdEmznakk+1Ac4n1DwnoyMTYtFw+TGz6J+kdAEITBMBiXCh3VZOGohcWph8VBCCj9tCbqP6ziAoiXAm5LT2gH6S3hc7WExuN0j40FdCUIoJsqpJE1tjUg/SN3D+X+w+EIm5cw0Z5Fooyafwk0/LD7xJOTurcA42apfwCWPt98gVIrbHwZp/bSCB3XxXBrdYjG7oGZotJp8DSs=
X-Forefront-Antispam-Report: CIP:103.131.119.165;CTRY:ID;LANG:en;SCL:5;SRV:;IPV:NLI;SFV:SPM;H:[103.131.119.165];PTR:ErrorRetry;CAT:OSPM;SFS:(6049001)(4636009)(7916004)(346002)(136003)(39860400002)(396003)(376002)(2876002)(6862004)(33656002)(44706002)(83380400001)(70586007)(81166007)(6666004)(86362001)(26005)(9686003)(356005)(498600001)(120700009)(68406010)(45954011)(956004)(786003)(36736006)(8426002)(16576012)(19627235002)(36906005)(2906002)(33716001)(5660300002)(336012)(316002)(6706004)(6486002)(37786003)(8676002)(66574015)(49966023);DIR:OUT;SFP:1501;
X-Auto-Response-Suppress: DR, OOF, AutoReply
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 24 Apr 2021 06:41:00.0461
(UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 34d27f6b-6cfa-4baa-f43b-08d906ebecc2
X-MS-Exchange-CrossTenant-Id: 64afd9ba-0ecf-4acf-bc36-935f6235ba8b
X-MS-Exchange-CrossTenant-AuthSource: BN8NAM11FT055.eop-nam11.prod.protection.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: Internet
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CO1PR01MB6759
X-OriginatorOrg: mitprod.onmicrosoft.com
Hello there
Let me introduce myself first - I am a professional programmer, who specializes in hacking during my free time.
This time you were unlucky to become my next victim and I have just hacked the Operating System and your device.
I have been observing you for several months.
To put things in a simple way, I have infected your device with my virus while you were visiting your favorite adult website.
I will try to explain the situation in more details, if you are not really familiar with this kind of situations.
Trojan virus grants me with full access as well as control of your device.
Hence, I can see and access anything on your screen, switch on the camera and microphone and do other stuff, while you don't even know that.
In addition, I also accessed your whole contacts list at social networks and your device too.
You may be questioning yourself - why didn't your antivirus detect any malicious software until now?
- Well, my spyware uses a special driver, which has a signature that is updated on a frequent basis, hereby your antivirus simply cannot catch it.
I have created a videoclip exposing the way you are playing with yourself on the left screen section, while the right section shows the porn video that you were watching at that point of time.
Few clicks of my mouse would be sufficient to forward this video to all your contacts list and social media friends.
You will be surprised to discover that I can even upload it to online platforms for public access.
The good news is that you can still prevent this from happening:
All you need to do is transfer $1350 (USD) of bitcoin equivalent to my BTC wallet (if you don't know how to get it done,
do some search online - there are plenty of articles describing the step-by-step process).
My bitcoin wallet is (BTC Wallet): 1NToziZKcJfyxHpwkcxbafwghGasme4NUf
Once I receive your payment, I will delete your kinky video right away, and can promise that is the last time you hear from.
You have 48 hours (2 days exactly) to complete the payment.
The read notification will be automatically sent to me, once you open this email, so the timer will start automatically from that moment.
Don't bother trying to reply my email, because it won't change anything (the sender's email address has been generated automatically and taken from internet).
Don't try to complain or report me either, because all my personal information and my bitcoin address are encrypted as part of blockchain system.
I have done my homework.
If I discover that you have tried forwarding this email to anyone, I will right away share your kinky video to public.
Let's be reasonable and don't make any stupid mistakes anymore. I have provided a clear step-by-step guide for you.
All you need to do is simply follow the steps and get rid of this uncomfortable situation once and for all.
Best regards and good luck.
