Forum

Search posts

 

Kelhoon -

Anyone else get an email saying their juggler.net account password had been cracked ?

They threatened all kinds of things if they weren't paid, said they'd hacked my camera etc.

I doubt they did as juggler.net was just for email forwarding, but I do forget what sites I put that address in to now. Guess I won't be getting email from them anymore then.

Kelhoon - - Parent

seems here was one site, changed it now

Kelhoon - - Parent

BTW I don't think it's a complete hoax as the email they sent contained a password that looked like it might be right. I think the server has been compromised.

So if you have physical access to the juggle.net server (assuming it's a physical machine), please go and disconnect it it from the internet and fix it.

Orinoco - - Parent

I just checked my spam folder & found a similar email. I don't think this is a juggler.net problem. Sign up to the juggler.net service was via email & didn't require a password.

The email I received does not mention juggler.net, only my twjc.co.uk email account. The password included in my email was one I used to use on the IJDb which I think is the source of this email. If you changed your passwords when the IJDb hack was announced you will be fine.

From the phrasing of the vague technobabble I think it is extremely unlikely that the perpetrator knows what they are talking about. It is just verbiage designed to scare people who may not know any better. Needless to say, don't go sending any bitcoin to this person.

Posting the text of the email here so that anyone affected searching for the email can find this thread.

Hello!

My nickname in darknet is ari19.
I hacked this mailbox more than six months ago,
through it I infected your operating system with a virus (trojan) created by me and have been monitoring you for a long time.

So, your password from orin@twjc.co.uk is enigma1

Even if you changed the password after that - it does not matter, my virus intercepted all the caching data on your computer
and automatically saved access for me.

I have access to all your accounts, social networks, email, browsing history.
Accordingly, I have the data of all your contacts, files from your computer, photos and videos.

I was most struck by the intimate content sites that you occasionally visit.
You have a very wild imagination, I tell you!2

During your pastime and entertainment there, I took screenshot through the camera of your device3, synchronizing with what you are watching.
Oh my god! You are so funny and excited!

I think that you do not want all your contacts to get these files, right?
If you are of the same opinion, then I think that $808 is quite a fair price to destroy the dirt I created.

Send the above amount on my BTC wallet (bitcoin): 1NXNt72qfMhPZDffUEqryCYpEUzyR6LmgH
As soon as the above amount is received, I guarantee that the data will be deleted, I do not need it.

Otherwise, these files and history of visiting sites will get all your contacts from your device.
Also, I'll send to everyone your contact access to your email and access logs, I have carefully saved it!

Since reading this letter you have 48 hours!4
After your reading this message, I'll receive an automatic notification that you have seen the letter.

I hope I taught you a good lesson.
Do not be so nonchalant, please visit only to proven resources, and don't enter your passwords anywhere!
Good luck!


1 It's true! This is the password I used to use at the IJDb!
2 My imagination is actually very mundane.
3 I don't own any connected devices with a camera
4 This email was sent 6 days ago

Orinoco - - Parent

The bitcoin wallet address has a long history of this:

https://www.bitcoinabuse.com/reports/1NXNt72qfMhPZDffUEqryCYpEUzyR6LmgH

Looks like they buy up leaked email+password databases send out blanket emails & watch the bitcoin roll in:

https://bitref.com/1NXNt72qfMhPZDffUEqryCYpEUzyR6LmgH

The Void - - Parent

I got a similar email. Wording was slightly different in places, but roughly the same. Mine also had a password that I used to use, but I couldn't remember where. Good to know that it was IJDb, and not somewhere still relevant. Having read the email carefully, I could see that all they had was one of my email addresses and an old password. If they really had access to my devices, they'd've pulled a file from there and sent it to me as proof. So I ignored it.
Don't Panic.

Little Paul - - Parent

I didn’t get one, I feel all left out :(

Presumably because the email address I used for the IJDb isn’t routable any more...

Cedric Lackpot - - Parent

Ah, you poor thing, would you like me to send you one of mine? I've had loads.

Hilariously, they frequently say that they've captured video of me pleasuring myself all over my laptop. But that's obviously risible - I would've had to be standing much further back from the camera to fit it all in, natch.

Kelhoon - - Parent

Thanks Orinoco (and others)

The IJDb hack explains the email and the plausible password well.

The text of my message was similar to yours, I dismissed the threats therein, but what I was worried about was them using that email to reset a password somewhere and potentially gain more info that enabled them to attack elsewhere.

I had forgotten exactly how I signed up for juggler.net, so I'm glad you reminded me there was no login. That does bring a question to mind though ... if someone emails to change their forwarding address, are there any checks to make sure they're validly requesting that ? hopefully an email to the original address notifying the change (and the option to reverse it) as well.

So, as long as juggler.net is pointing to where I expect and I never use that password (or a variant of it) anywhere, then all is well.

charlieh - - Parent

There's no password for juggler.net redirection, although the service itself is password protected for admin control.

Emails to change the forwarding address aren't checked formally, but you're right we should probably send a verification mail....bear in mind there's only a few hundred people using the service and it's all maintained by volunteers (Silvia de Beer gets a special mention here).

Oh, and a quick shout out to all the lovely people who have sponsored the annual server costs (around a hundred quid) for many years - you probably aren't aware of this but juggler.net has generally been supported by those BJCs that have been well managed and thus have made a profit, however small. Thanks everyone!

Kelhoon - - Parent

Thanks Charlie,

3 cheers for Silvia and BJCs

I suppose I should send myself an email to check it hasn't been redirected without my knowledge, a quick search shows I haven't received anything from that address for quite a while.

May I suggest a regular (6 monthly maybe) email to check if people still want the service ?

Little Paul - - Parent

Nothing about juggler.net is automated, and the overheads of manually sending an email to all the addresses (and handling the responses) would be significant!

Kelhoon - - Parent

ah, manual, yeh, don't bother then, no-one wants to do all that manually

but if you need a hand automating, sing out

Colin E. - - Parent

Oh dear :-(

It's a bit depressing that the data obtained from the IJDb hack (that happened ~7 years ago) is still being bought and sold for these sorts of 'attack'. Sorry!

I must admit, that experience has made me much more cautious on the internet and as a developer. If I built another community site in future, I'd certainly consider using OAuth, rather than storing user data myself.

Colin E.

Scott Seltzer - - Parent

I got similar emails to various accounts of mine, and they're certainly not accounts used at IJDb. I think it was MySpace, but I'm not certain.

 

Subscribe to this forum via RSS
1 article per branch
1 article per post

Green Eggs reports