| Current Path : /proc/thread-self/root/home/ift/mails/36/ |
Linux ift1.ift-informatik.de 5.4.0-216-generic #236-Ubuntu SMP Fri Apr 11 19:53:21 UTC 2025 x86_64 |
| Current File : //proc/thread-self/root/home/ift/mails/36/1539421168.zrspam.364245_2018_10_13 |
From christian.gabriel@ift-informatik.de Sat Oct 13 10:59:28 2018
Return-Path: <christian.gabriel@ift-informatik.de>
X-Original-To: cgabriel@ift-informatik.de
Delivered-To: cgabriel@ift-informatik.de
Received: by ift-informatik.de (Postfix, from userid 5555)
id 1EA533D200055; Sat, 13 Oct 2018 10:59:28 +0200 (CEST)
Received: from localhost by h2486555.stratoserver.net
with SpamAssassin (version 3.4.0);
Sat, 13 Oct 2018 10:59:28 +0200
From: <christian.gabriel@ift-informatik.de>
To: <christian.gabriel@ift-informatik.de>
Subject: *****SPAM***** christian.gabriel@ift-informatik.de was hacked
Date: 13 Oct 2018 01:36:10 -0400
Message-Id: <004101d462b9$013c6d29$10017087$@ift-informatik.de>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
h2486555.stratoserver.net
X-Spam-Flag: YES
X-Spam-Level: **************
X-Spam-Status: Yes, score=14.0 required=5.0 tests=BAYES_00,DATE_IN_PAST_03_06,
DOS_OUTLOOK_TO_MX,FROM_IN_TO_AND_SUBJ,PYZOR_CHECK,RCVD_IN_BL_SPAMCOP_NET,
RCVD_IN_MSPIKE_BL,RCVD_IN_MSPIKE_L5,RCVD_IN_RP_RNBL,RCVD_IN_XBL,RDNS_NONE,
TO_IN_SUBJ,URIBL_BLOCKED autolearn=no autolearn_force=no version=3.4.0
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="----------=_5BC1B3F0.EE53E5A8"
This is a multi-part message in MIME format.
------------=_5BC1B3F0.EE53E5A8
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
Spam detection software, running on the system "h2486555.stratoserver.net",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
@@CONTACT_ADDRESS@@ for details.
Content preview: Hello christian.gabriel@ My nickname in darknet is odin19.
I'll begin by saying that I hacked this mailbox (please look on 'from' in
your header) more than six months ago, through it I infected your operating
system with a virus (trojan) created by me and have been monitoring you for
a long time. [...]
Content analysis details: (14.0 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
0.4 RCVD_IN_XBL RBL: Received via a relay in Spamhaus XBL
[177.67.85.190 listed in zen.spamhaus.org]
1.3 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in bl.spamcop.net
[Blocked - see <http://www.spamcop.net/bl.shtml?177.67.85.190>]
2.4 RCVD_IN_MSPIKE_L5 RBL: Very bad reputation (-5)
[177.67.85.190 listed in bl.mailspike.net]
1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,
https://senderscore.org/blacklistlookup/
[177.67.85.190 listed in bl.score.senderscore.com]
1.6 DATE_IN_PAST_03_06 Date: is 3 to 6 hours before Received: date
-1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1%
[score: 0.0000]
1.4 PYZOR_CHECK Listed in Pyzor (http://pyzor.sf.net/)
0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked.
See
http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block
for more information.
[URIs: ift-informatik.de]
0.8 RDNS_NONE Delivered to internal network by a host with no rDNS
0.0 RCVD_IN_MSPIKE_BL Mailspike blacklisted
1.0 FROM_IN_TO_AND_SUBJ From address is in To and Subject
2.9 TO_IN_SUBJ To address is in Subject
2.8 DOS_OUTLOOK_TO_MX Delivered direct to MX with Outlook headers
------------=_5BC1B3F0.EE53E5A8
Content-Type: message/rfc822; x-spam-type=original
Content-Description: original message before SpamAssassin
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
Received: from BHE104114.ENL.cemigtelecom.com (unknown [177.67.85.190])
by ift-informatik.de (Postfix) with ESMTP id 0CAC33D200005
for <christian.gabriel@ift-informatik.de>; Sat, 13 Oct 2018 10:59:26 +0200 (CEST)
From: <christian.gabriel@ift-informatik.de>
To: <christian.gabriel@ift-informatik.de>
Subject: christian.gabriel@ift-informatik.de was hacked
Date: 13 Oct 2018 01:36:10 -0400
Message-ID: <004101d462b9$013c6d29$10017087$@ift-informatik.de>
MIME-Version: 1.0
Content-Type: text/plain;
charset="cp-850"
Content-Transfer-Encoding: 8bit
X-Mailer: Microsoft Office Outlook 12.0
Thread-Index: Acoopur4j99p2m49oopur4j99p2m49==
Content-Language: en
x-cr-hashedpuzzle: 2D4= pur4 j99p 2m49 oopu r4j9 9p2m 49oo pur4 j99p 2m49 oopu r4j9 9p2m 49oo pur4;1;j99p2m49oopur4j99p2m49oopur4j99p2m49oopur4j99p2m;Sosha1_v1;7;\{79E164F0-65FC-75F1-69EC-78ED74FD79E1\};ZQB3AGUAZgpur4j99p2m49oopur4j99p2m49oopur4j99p2m;13 Oct 2018 01:36:10 -0400;49oopur4j99p2m49
x-cr-puzzleid: \{79E164F0-65FC-75F1-69EC-78ED74FD79E1\}
Hello christian.gabriel@
My nickname in darknet is odin19.
I'll begin by saying that I hacked this mailbox (please look on 'from' in your header) more than six months ago,
through it I infected your operating system with a virus (trojan) created by me and have been monitoring you for a long time.
Even if you changed the password after that - it does not matter, my virus intercepted all the caching data on your computer
and automatically saved access for me.
I have access to all your accounts, social networks, email, browsing history.
Accordingly, I have the data of all your contacts, files from your computer, photos and videos.
I was most struck by the intimate content sites that you occasionally visit.
You have a very wild imagination, I tell you!
During your pastime and entertainment there, I took screenshot through the camera of your device, synchronizing with what you are watching.
Oh my god! You are so funny and excited!
I think that you do not want all your contacts to get these files, right?
If you are of the same opinion, then I think that $500 is quite a fair price to destroy the dirt I created.
Send the above amount on my bitcoin wallet: 1MN7A7QqQaAVoxV4zdjdrnEHXmjhzcQ4Bq
As soon as the above amount is received, I guarantee that the data will be deleted, I do not need it.
Otherwise, these files and history of visiting sites will get all your contacts from your device.
Also, I'll send to everyone your contact access to your email and access logs, I have carefully saved it!
Since reading this letter you have 48 hours!
After your reading this message, I'll receive an automatic notification that you have seen the letter.
I hope I taught you a good lesson.
Do not be so nonchalant, please visit only to proven resources, and don't enter your passwords anywhere!
Good luck!
------------=_5BC1B3F0.EE53E5A8--