Other

Bitcoin Ransom Scam Targeting Website Owners


Updated: October 9, 2020 by Oliver Sild

A new wave of bitcoin ransom scam has been reported which targets website owners by claiming their sites to be hacked and asking 1500 – 3000 USD worth of bitcoins.

Scammers push a narrative that the database of the website has been extracted and if the owner of the site does not cooperate, they will either leak or sell the database to the highest bidder.

Bitcoin Ransom Scam
Screenshot from the email.

Additionally, they threaten to use black-hat SEO techniques to ruin the website rankings to destroy the reputation of the victim in the eyes of Google and its customers.

They provide no proof of their claims and refuse to reply to any emails to make this not negotiable.

What are the biggest challenges for freelancers and digital agencies in 2020? Read the Website Security Survey Report 2020 to find out.

“We have hacked your website and extracted your database.”

This claim is definitely worrisome for those who actually have a website. On the other hand, we have many examples of people receiving the exact email, even without owning any domain or a website.

Ask yourself, is there any proof of these claims? Does that email contain any information that could indicate that the website is compromised and that the database breached? What kind of information is there in the database? Does it even have a database?

Critical questions as such often give you a quick reality check if this is something you should worry about.

Don’t pay the ransom

Paying ransom even when your hard-drive is fully encrypted due to ransomware is a bad idea. As long as people pay the ransom, such as scams and ransomware malware just continues to evolve.

Unfortunately, looking at the different bitcoin wallets linked to these attacks there have been at least 5 people who have fallen to the scam and paid the ransom.

One of the wallets linked to the attack has received close to $2000 worth of payments in bitcoins. Another wallet used in this scam which has not yet received payments, but has already been reported for abuse for 81 times.

It’s a scam

Be very skeptical about all ransom emails and about this bitcoin ransom scam. Similar scams have been used to trick people into believing they have been recorded behind the computer.

Sometimes even their passwords are shown and the passwords are shown as proof (in which cases they just use already existing database leaks to scam people who have been affected).

If you’re still afraid and not sure what to do. Write to the most IT knowledgable person you know to double-check.

Here’s the full bitcoin ransom scam email:

PLEASE FORWARD THIS EMAIL TO SOMEONE IN YOUR COMPANY WHO IS ALLOWED TO MAKE IMPORTANT DECISIONS!

We have hacked your website and extracted your databases.

How did this happen?

Our team has found a vulnerability within your site that we were able to exploit. After finding the vulnerability we were able to get your database credentials and extract your entire database and move the information to an offshore server.

What does this mean?

We will systematically go through a series of steps of totally damaging your reputation. First your database will be leaked or sold to the highest bidder which they will use with whatever their intentions are. Next if there are e-mails found they will be e-mailed that their information has been sold or leaked and your site was at fault thusly damaging your reputation and having angry customers/associates with whatever angry customers/associates do. Lastly any links that you have indexed in the search engines will be de-indexed based off of blackhat techniques that we used in the past to de-index our targets.

How do I stop this?

We are willing to refrain from destroying your site’s reputation for a small fee. The current fee is $2000 USD in bitcoins (BTC).

Send the bitcoin to the following Bitcoin address (Copy and paste as it is case sensitive):

1Bs6CYDuHy1UGLr5ccz2UxRNcPGpeAa7tz

Once you have paid we will automatically get informed that it was your payment. Please note that you have to make payment within 5 days after receiving this notice or the database leak, e-mails dispatched, and de-index of your site WILL start!

How do I get Bitcoins?

You can easily buy bitcoins via several websites or even offline from a Bitcoin-ATM. We suggest you https://cex.io/ for buying bitcoins.

What if I don’t pay?

If you decide not to pay, we will start the attack at the indicated date and uphold it until you do, there’s no counter measure to this, you will only end up wasting more money trying to find a solution. We will completely destroy your reputation amongst google and your customers.

This is not a hoax, do not reply to this email, don’t try to reason or negotiate, we will not read any replies. Once you have paid we will stop what we were doing and you will never hear from us again!

Please note that Bitcoin is anonymous and no one will find out that you have complied.

Stay sharp and stay safe!

Start protecting your websites from hackers today

Try it free
Google Blacklist
Other

Start your free 7-day trial now

Protect your websites from malicious traffic - set-up in under 3 minutes.

Try it now

WebARX is compatible with the following platforms:

PHP
WordPress
Magento
Drupal
Joomla