cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Go to solution

Hacked demanding bitcoin

I received an email this morning from a domain that is hosted at Go Daddy. The domain has been dormant for a while, and I rarely use the email account. It's a side business site that I use to drum up occasional freelance. Anyway, I received an email sent from this account this morning from someone saying (in broken English) that they've hacked my site and are demanding money or they will send out embarrassing screenshots captured with this supposed Trojan virus that they've installed on my computer unless I pay them almost $900 in bitcoin. The email displays a password that I haven't used in I don't know how long and that he used it to access my contacts. I have nothing to hide as far as my web surfing, so the threat of embarrassing me means nothing. He goes on to say that in 48 hours "your device will be blocked so you cannot obstruct". I checked my site contents via FTP and don't see anything unusual. Should I be concerned?

2 REPLIES 2
Highlighted
Super User II Super User II
Super User II
Solution

Re: Hacked demanding bitcoin

@sleepydad

 

This is a pretty common spam extortion attempt that most likely can be ignored.    So many databases have been exposed or hacked that included user information that they use that as bait.  Doesn't mean that what they say is true.

 

I received those as well noting passwords I haven't used in decades.  So someone got hold of old database user information that I happened to be in.

 

I would still run a malware scan on your site and also check your domain to see if it is blacklisted due to being hacked.  Then anything using the password that they reference should be changed immediately just to be safe.

 

HTH! 😉

Judith
"Many of life's failures are people who did not realize how close they were to success when they gave up." ~Thomas Edison

Re: Hacked demanding bitcoin

Thanks, @Muse. I typically trash these types of things, but have never gotten one like this. Looking at the header of the email, it was sent from

flpd591.prodigy.net

with the IP address 194.69.248.230 which traces to Spain (explaining the broken English in the email).

I did a quick visual of my site contents via FTP and nothing looked unusual, but I'll do as you suggest and run a malware scan.

Thanks again.