I’ve been Hacked! Insulted, too. | Raucous Caucus | Tom Cushing | DanvilleSanRamon.com |

Local Blogs

Raucous Caucus

By Tom Cushing

E-mail Tom Cushing

About this blog: The Raucous Caucus shares the southpaw perspectives of this Boomer on the state of the nation, the world, and, sometimes, other stuff. I enjoy crafting it to keep current, and occasionally to rant on some issue I care about deeply...  (More)

View all posts from Tom Cushing

I’ve been Hacked! Insulted, too.

Uploaded: Mar 15, 2019

I awoke this morning to an ominous-looking email – it announced that I’ve been hacked. Uh-oh.

Now, I consider myself to be a reasonably competent, naturalized netizen of-a-certain-age. Tech will never be second-nature to me as it is with my native-netizen adult offspring, or my precocious grand nephew, who could navigate his mother’s iPad toward favorite animations before he could explain what he was doing - roughly by the time he could walk.

Thus, it got my attention. I know enough to recognize that a sentence with ‘hack’ and ‘you‘ in close proximity cannot be good news. The email read:

“I created special program to the adult videos (porno) site and suppose you have enjoyed this site for a good time (think you understand what I want to say).” Yes, I think I do understand – especially after my hacker helpfully modified ‘adult’ with ‘porno’ – so that means we’re not talking about my streaming of Masterpiece Theatre, right? Got it.

And then, after wowing me with jargon (about ‘RDPs’ and ‘keyloggers’ and ‘dual-screen video’ – what, no ‘fours-on-the-floor?’), came a dark implication. Apparently, my new friend wanted me to understand that not only could he display an offending website he claimed I’d visited, but also any, uh, appreciation that have been simultaneously expressed, webcam-ably.

“What exactly must you do?” my guy continued. “Well, I believe 1000 USD is a reasonable amount of money for this very little secret.” Not wanting to dwell on the range of ‘secrets’ to which ‘very little’ might refer, I read on: “You’ll make payment by bitcoins,” he ordered, and included both his purported wallet address and a helpful link to a primer on virtual currencies. Failure to pay within 48 hours would mean “transfer of your video files to each of your contacts, including relatives, co-workers etcetera.”

Wait – a thousand bucks? In bitcoin, no less, which I understand to be well past its sell-by date. I considered counter-offering with Confederate States currency, but a measly thousand bucks?? I’ve heard of these plots extorting $5,000, $10,000 or more. Where does this guy get-off, trying pry loose only that meager much money (unless he really has seen my bank balances)? Is That All my entire reputation is worth?

So, what to do. This situation is a bit like those ‘naked selfie extortion’ incidents. I’ve sometimes pondered that the solution to them would be for Everybody to post one of themselves, thus ruining the market, and the eyesight of multitudes. But I doubt that a pre-emptive strike in this case would be worth the time and considerable effort needed to produce it.

The clock is ticking – only about forty-two hours or so before my life might change. This situation does ‘focus the mind’, even if it’s just a hypothetical exercise.* Should I at least play along – maybe paying something, and plead poverty for the remainder – negotiate my ransom with this terrorist? Probably not.

First, is his threat credible? He’d included just enough information to spark concern in a reasonable mind – sort of like how one’s astrological forecast may sound generally plausible. But there was a distinct lack of detail – no specifics, no linkage, nothing.

Further, if he indeed had access to my PWs, why not just clean me out? Surely, he could have arranged to withdraw funds in ways difficult to trace – and unannounced, to give himself a head start. It just doesn’t seem to hang together.

But is it dubious enough to potentially stake a life’s reputation on its being a fake? I think so. First, following through on the threat would take some effort – and for what? Once he acts, he loses whatever leverage he had, in return for nothing. More likely, he might write back and maybe raise the ante to some more respectable sum (please?).

But really – would anybody care? I’ve often heard from litigator colleagues that their operating assumption is that everybody’s browser history contains adult stuff unrelated to Season 3 of ‘Victoria’ on PBS. Any such video here would also have to be pretty tame, lame and distasteful – probably generating more general and specific sympathy for the victim, than outrage, prurience or even humor. Enough of us have been hacked in various ways that these things don’t matter much anymore, and at least this identity theft hasn’t cost me anything.

But still, I wonder: WWJBD? **

* It’s hypothetical for several reasons, not the least of which is that I long ago taped a paper scrap over the business end of my webcam. I had read that bored and/or unscrupulous Admins sometimes gain access to them – just to poke around where they’re not supposed to lurk. That was creepy enough to spur me to find some scotch tape. And as to other reasons, well, they are really not your business, eh?

** What Would Jeff Bezos Do?
We can't do it without you.
Support local journalism.

Comments

 +   4 people like this
Posted by Bill, a resident of Pleasanton Heights,
on Mar 15, 2019 at 3:30 pm

I got the same email, but they included one of my lower level passwords that they did indeed hack. It's a password I used on car and RV forums, where I had no personal info other than my email address, so I was not too concerned.

Still, I used our antivirus software to find my vulnerable passwords and then I updated everything to "strong" level. Now the antivirus fills in the fields for me. Crazy. Computers are getting so good and so fast at cracking passwords that you really can't rely on anything that makes sense, even if its long.


 +  Like this comment
Posted by Michael Austin, a resident of Pleasanton Meadows,
on Mar 15, 2019 at 7:04 pm

I was hacked few years ago, same time as Embarcadero Media was hacked. The criminal that hacked Embarcadero Media was arrested and prosecuted. Thou, I never did learn if he went to jail or not, or if he was punished monetarily or what?

When I was hacked, I was receiving tens of thousands of repeat emails from Embarcadero Media publishers and editors. So, I believed my hack was related to the Embarcadero Media hack.

I wrote a letter to the sitting judge explained my problems with this hack, I asked her to throw the book at this criminal.

It was necessary that I delete my entire data base, which included addresses, received emails and sent emails, it was nearly 30K emails, took several hours over several days to complete the task.

The FBI called me, there was two FBI guys, they introduced themselves, asked me questions for thirty minutes, I will keep their questions and my answers confidential for now.

Since that hack, I purchased Avast security software, it is loaded to blow up anyone attempting to hack me.

I wish to pass on a tip. When you are signed into an email account or other program/software you work with, never, never, click on the X in the top right corner of the screen to exit, always, always, sign out. Clicking on the X to exit, may leave the door ajar for the criminals out there, signing out, slams the door shut.


 +   2 people like this
Posted by David Fergenson, a resident of Alamo,
on Mar 15, 2019 at 8:47 pm

I received a similar email and did more or less what you did--ignore the sender and tell everyone so that everyone else will know that it's not true.

But I went one step further and looked up the Bitcoin transactions. At least in my case, the wallet that the hacker wanted me to deposit into had, along with two others, been feeding into a fourth. The total in that Bitcoin wallet was about US$2Billion. So this is a state level of revenue being collected.

I also backtracked the email to South Korea. So the state could possibly be North Korea.

This is all circumstantial evidence but it roughly fits with what I read on Ars Technica etc. about international hacking and extortion so I reported it to the FBI. I am realistic about the possibility that anything bad will ever happen to the hacker because of that but it seemed like the thing to do.


 +  Like this comment
Posted by Tom Cushing, a resident of Alamo,
on Mar 16, 2019 at 12:10 pm

Thanks guys. I do not intend to open anything, as I lack any way to sequester it - lest some hidden pestilence be inflicted on my hard drive. But I will report it to the FBI.


 +   4 people like this
Posted by Doug, a resident of Birdland,
on Mar 16, 2019 at 2:55 pm

The lack of specifics is a dead giveaway that they don't have anything on you. This porno blackmail scam is an old one. I read some local Internet forum in which an older woman in her 70's was laughing about how some scammer sent her an email threatening to expose her porno related viewing interests. Needless to say, the scammer completely mistargeted his intended victim.


 +   1 person likes this
Posted by Cholo, a resident of Livermore,
on Mar 17, 2019 at 11:26 am

Everybody has been hacked...best to ignore most if not all of the treats, etc.

It's nothing more than show business. Shucks...it might even be a neighbor getting even for something?

I like to pretend that the CIA is hot on my trail, trying to extort $$$$$$$$$$, NOT TO WORRY!

REPORT THE HACKER ATTEMPT TO A LOCAL TV STATION, LIKEK 7 ON YOUR SIDE.


 +   1 person likes this
Posted by Cholo, a resident of Livermore,
on Mar 17, 2019 at 11:29 am

Tom...it could be that nasty Kelly A. Conway trying to annoy you?



Follow this blogger.
Sign up to be notified of new posts by this blogger.

Email:

SUBMIT

Post a comment

Posting an item on Town Square is simple and requires no registration. Just complete this form and hit "submit" and your topic will appear online. Please be respectful and truthful in your postings so Town Square will continue to be a thoughtful gathering place for sharing community information and opinion. All postings are subject to our TERMS OF USE, and may be deleted if deemed inappropriate by our staff.

We prefer that you use your real name, but you may use any "member" name you wish.

Name: *

Select your neighborhood or school community: *

Comment: *

Verification code: *
Enter the verification code exactly as shown, using capital and lowercase letters, in the multi-colored box.

*Required Fields


Don't be the last to know

Get the latest headlines sent straight to your inbox every day.

The College Admissions Scam
By Elizabeth LaScala | 11 comments | 1,559 views

Couples: Write a Personal Ad . . . to Your Partner . . .
By Chandrama Anderson | 1 comment | 1,315 views

I’ve been Hacked! Insulted, too.
By Tom Cushing | 7 comments | 870 views

The Immersive Experience: Monet at the de Young, February 16 to May 27
By John A. Barry and Bill Carmel | 1 comment | 75 views