BitcoinAIS.com (Bitcoin Abuse Information Service) tracks bitcoin addresses used by spammers, blackmailers, randomware, malware and fraudsters. If you received an e-mail or SMS with the request of paying a bitcoin sum to get the threat resolved, you can help us tracking the bitcoin address and helping others to prevent falling for these blackmailers and fraudsters.
Recent reports of Bitcoin addresses
- E-mail Report for BTC address 1Jgzv6Z7HSiGN2QwCfuC2Zwy6ijCT8GoJe at Oct 29, 2020 Received this email:
Hey, some time ago your computer was infected with my private malware, RAT (Remote Administration Tool).
I know at the time of infection your passwords was:
My malware gave me full access to all your accounts, contacts and it also was possible to spy on you over your webcam.
Sometimes when I was bored I was spying on you, then once you started to SATISFYING YOURSELF!
At first I didn't knew how to react as I was shocked, then I decided to record you, I checked on google and found the software: Bandicam and it did the job.
After that I removed my malware to not leave any traces and this email was sent from some hacked account.
I can send the video of you to all your friends, contacts and publish it on social networks and the whole web.
You can stop me and only I can help you out in this situation.
Pay exactly 940$ in Bitcoin (BTC).
It's easy to buy Bitcoin (BTC), for example here: www.paxful.com , www.buybitcoinworldwide.com , www.kraken.com , or google another exchanger.
My Bitcoin (BTC) wallet is: 1yFM1N6n8TugL95ggWs6C8uyvNp3YRj7T
Yes that's how the wallet looks like, copy and paste it, it's (cAsE-sEnSEtiVE).
I give you 3 days time to pay.
As I got access to this email account, I will know if this email has already been read, so the time is running.
After receiving the payment, I will remove the video and you can life your live in peace like before.
Learn from the mistake and update your browser before browsing the web next time!
- E-mail Report for BTC address 1yFM1N6n8TugL95ggWs6C8uyvNp3YRj7T at Oct 29, 2020 Attempted blackmail
- E-mail Report for BTC address 1c4ymiaduaxmjfnvwvv724vhpxqt8twkmj at Oct 29, 2020 Blackmail scam, claims to have a video of me masturbating. Email probably spoofed.
- E-mail Report for BTC address 1yFM1N6n8TugL95ggWs6C8uyvNp3YRj7T at Oct 29, 2020 Attempted Blackmail
- Ransomware Report for BTC address 3BeMtxkRDn68utrZfd1xbemRMuDVj6GMgC at Oct 29, 2020 theats to post a video of me jerking of. his name on discord is Spoookd
#9268 - E-mail Report for BTC address 1Jgzv6Z7HSiGN2QwCfuC2Zwy6ijCT8GoJe at Oct 29, 2020 Received: from host50-22.brs.com.br (177.11.52.214) by
DB5EUR01FT041.mail.protection.outlook.com (10.152.5.191) with Microsoft
SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384)
id 15.20.2052.18 via Frontend Transport; Sat, 6 Jul 2019 04:41:22 +0000
Received: from vas4.vdc3.vn ([203.162.31.123]
helo=papaianocorretoradeseguros.com.br) by host50-22.brs.com.br with esmtpa
(Exim 4.84) (envelope-from <[email protected]>) id
1hjd07-0006ie-DT for [email protected]; Sat, 06 Jul 2019 02:12:43 -0300
Date: Sat, 6 Jul 2019 04:40:17 +0000
From: =?utf-8?Q?Rodrigo=0D_=0DBonfiglio=0D?=
<[email protected]>
Reply-To: =?utf-8?Q?Rodrigo=0D_=0DBonfiglio=0D?= <[email protected]>
Organization: wtenzdmnv
Message-ID: <[email protected]>
To: <[email protected]>
Subject: Re: (1) asmdas #54813388 You should definitely read this letter just before something bad will occur
On 06/07/2019
Hello asmdas
This email won\'t take a lot of your time, therefore right to the condition. I acquired a footage of you commiting spermicide when at a pornweb site you\'\'re visited, due to an excellent ass software program I have been able to place on a couple of internet sites with that kind of material.
........
So it\'s up to you at this point. Now i\'m not going to proceed through every detail and crap, just simply don\'t have precious time for that and you possibly know that net is loaded with mail similar to this, therefore it is also your final choice to trust in this or not, there may be just a proven way to uncover.
Here is the btc address: >> 1Jgzv6Z7HSiGN2QwCfuC2Zwy6ijCT8GoJe << - E-mail Report for BTC address 1EUPsmYWNBh5pUbwW8dE7F4XKVtNzjg6hj at Oct 29, 2020 Try to threat posting a non existant sex video if not payed. At least this one gave 50 h and not 48 h.
Received: from [45.238.46.250] (45.238.46.87) by
VE1EUR01FT023.mail.protection.outlook.com (10.152.2.218) with Microsoft
SMTP Server id 15.20.2199.13 via Frontend Transport; Sun, 25 Aug 2019
18:42:34 +0000
Message-ID: <34FA6AFE1BA46E8F41D145A01FD534FA@GP6837QW897>
Subject: Du är infekterad med ett farligt virus. Återställ data.
Date: 25 Aug 2019 11:09:33 -0400
Hej, jag är en hacker och programmerare, jag har tillgång till ditt konto [email protected].....
Endast du kan hindra mig från att göra detta och bara jag kan hjälpa dig, det finns inga spår kvar,
när jag tog bort skadlig programvara efter att mitt jobb var klart och detta e-postmeddelande har skickats från någon hackad server ...
Det enda sättet att stoppa mig är att betala exakt 512€ i bitcoin (BTC).
Det är ett mycket bra erbjudande, jämfört med allt det HORRIBLE skit som kommer att hända om du inte betalar!
......
ta emot och skicka till min.
Min bitcoin plånbok är: 1EUPsmYWNBh5pUbwW8dE7F4XKVtNzjg6hj
Kopiera och klistra in det, det är (cAsE-sEnSEtiVE)
Du har 50 timmars tid. - E-mail Report for BTC address 18n8sx7exs9cvraenmjfgs5mjipe13ojjp at Oct 29, 2020 Try to blackmail with posting non existing sex videos to all my contacts.
Received: from [102.78.152.15] (102.78.152.15) by
VE1EUR01FT064.mail.protection.outlook.com (10.152.3.34) with Microsoft SMTP
Server id 15.20.2305.15 via Frontend Transport; Wed, 2 Oct 2019 11:13:09
+0000
Subject: my-email-address äventyras. Lösenordet måste ändras.
Date: 2 Oct 2019 11:42:09 +0000
Content-Type: multipart/alternative;
boundary="----=_NextPart_000_003F_01D5791A.033B0B6F"
X-Mailer: Microsoft Outlook 14.0
Thread-Index: Acnwth1v3dmwdwyanwth1v3dmwdwya==
Content-Language: en
Hej!
Jag är en programmerare som knäckte ditt e-postkonto och enhet för ungefär ett halvt år sedan.
Du har skrivit ett lösenord på en av de otrygga sajterna du besökte, och jag fångade den.....
Jag kommer inte göra det om du betalar lite belopp.
Jag tror att $810 är ett bra pris för det!
Jag accepterar bara Bitcoins.
Min BTC-plånbok: 18N8Sx7EXS9CvRaenmJFgs5MJipe13oJJp - E-mail Report for BTC address 3bqpkmmvp5bfgeu6jyibv8gbkru1eqzv4y at Oct 29, 2020 Threatens to post non existant sex videos if not payed fast enough.
Received: from JoyoPlastic.securehostdns.com (159.69.42.167) by
VE1EUR01FT010.mail.protection.outlook.com (10.152.2.83) with Microsoft SMTP
Server id 15.20.2451.23 via Frontend Transport; Fri, 15 Nov 2019 01:43:52
+0000
Received: from [127.0.0.1] (UnknownHost [123.20.174.96]) by
JoyoPlastic.securehostdns.com with SMTP; Fri, 15 Nov 2019 07:13:43 +0530
Date: Fri, 15 Nov 2019 04:43:48 +0300
Subject: Security Alert. Your account was compromised. Password must be changed.
Hello!
I am a hacker who has access to your operating system.
I also have full access to your account.
I've been watching you for a few months now.
The fact is that you were infected with malware through an adult site that you visited.
If you are not familiar with this, I will explain......
I can also post access to all your e-mail correspondence and messengers that you use.
If you want to prevent this,
transfer the amount of $500 to my bitcoin address (if you do not know how to do this, write to Google: "Buy Bitcoin").
My bitcoin address (BTC Wallet) is: 3BqPKMMVP5BFgeu6JyibV8gBkrU1eQzV4Y - E-mail Report for BTC address 1HF6fn9S17EDpkSUcEqqh8yyVphXQsrQZg at Oct 29, 2020 Threats to post a sex video to all my contacts, because of hacked infratstructure. Which isn't so. Use wrong currency and some formulations are bad, other than that, really good lanugage, not computer translated.
Received: from [41.87.81.42] (41.87.81.42) by
VE1EUR01FT064.mail.protection.outlook.com (10.152.3.34) with Microsoft SMTP
Server id 15.20.2451.23 via Frontend Transport; Wed, 20 Nov 2019 11:22:31
+0000
Message-ID: <C5361F1503EC3C09FAD3D9CF20F0C536@1PICCYH>
Subject: AV-varning
Date: 20 Nov 2019 12:02:04 +0000
Hej
Jag är en hacker som har tillgång till ditt operativsystem.
Jag har också full tillgång till ditt konto.
Jag har tittat på dig i flera månader nu.......
Om du vill förhindra detta, överför beloppet 692€ till min bitcoin-adress (om du inte vet hur, google "Köp Bitcoin").
Bitcoinadress: 1HF6fn9S17EDpkSUcEqqh8yyVphXQsrQZg - E-mail Report for BTC address 17fghwqgmyny6awbvmrlhadp4ompeaakgw at Oct 29, 2020 Fake threat to show sex videos to all my email contacts.
Amature, uses wrong currency and mix some words from wrong scandinavian language.
Received: from nb34-235.static.cytanet.com.cy (81.4.134.235) by
VE1EUR01FT024.mail.protection.outlook.com (10.152.2.213) with Microsoft
SMTP Server id 15.20.2878.15 via Frontend Transport; Fri, 3 Apr 2020
13:23:20 +0000
Message-ID: <77CA04825BB94CDD60AE28F113E677CA@S1SX8801QY>
Subject: ::Brådskande meddelanden: SVAR NU
Date: 3 Apr 2020 17:58:21 +0200
Jag är en hacker som har tillgång till ditt operativsystem.
Jag har också full tillgång till ditt konto.
Jag har sett dig i några månader nu.
Faktum är att du smittades av skadlig programvara via en vuxenwebbplats som du besökte.
......
Allt vi behöver är en Bitcoin-betalning på £7,960.00 GBP, vilket jag tror är ett rimligt pris med tanke på omständigheterna.
Bitcoin-adress för betalning är: 17FGHWqGMYNy6awBVmrLHADp4ompeAaKgW
OBS: HUSK ATT GODKÄNNA BITCOINADRESSEN MED OSS FÖR ATT GÖRA BETALNING FÖR ATT UNDVIKA ATT GÖRA BETALNING två gånger. - E-mail Report for BTC address 1koubbywbpnaj32yng6vydbi4k7mpxajh4 at Oct 29, 2020 Fake threat to show sex videos, by hacking my router.
Received: from nb34-235.static.cytanet.com.cy (81.4.134.235) by
VE1EUR01FT024.mail.protection.outlook.com (10.152.2.213) with Microsoft
SMTP Server id 15.20.2878.15 via Frontend Transport; Fri, 3 Apr 2020
13:23:20 +0000
Message-ID: <77CA04825BB94CDD60AE28F113E677CA@S1SX8801QY>
Subject: Kontrollera din informations integritet (enligt vår säkerhetstjänst har ditt konto hackats).
Date: 3 Apr 2020 17:58:21 +0200
Hej
Jag är en hacker som har tillgång till ditt operativsystem.
Jag har också full tillgång till ditt konto.
....
Om du vill förhindra detta, överför beloppet 970€ till min bitcoin-adress (om du inte vet hur, google "Köp Bitcoin").
Bitcoinadress: 1KoubBYwBpnaJ32yNG6Vydbi4k7MPxAJh4 - E-mail Report for BTC address 1kxkelgwwmfeaqeaqr8ss2mrffdhddgmkl at Oct 29, 2020 Fake video randsom.
Received: by collinsdictionary.com (Postfix, from userid 33)
id 3EEB5447E0; Thu, 1 Oct 2020 02:40:23 +0000 (UTC)
Date: Thu, 1 Oct 2020 02:40:23 +0000
Subject: Jag har några dåliga nyheter för dig.
Jag hälsar dig!
Jag har dåliga nyheter för dig.
12/10/2019 - Den dagen hackade jag in i ditt operativsystem och fick full tillgång till ditt konto.
Inget behov av att ändra lösenordet, min skadliga program fångar upp det varje gång.
....
Jag är övertygad om att du inte vill visa dessa foton för dina släktingar, vänner eller kollegor.
Jag tror att 4222 SEK är en mycket liten summa för min tystnad.
Dessutom tillbringade jag mycket tid på dig!
Jag accepterar bara pengar i Bitcoins.
Min BTC-plånbok: 1KxKELgWwMFEaQeaQr8sS2MRFfDHDdgmkL
- E-mail Report for BTC address 18i73hccqvs5h4zqpxpakjmys4yzgmhvf6 at Oct 29, 2020 This is the threat posted demanding me to pay 9000 sek (0.0708 BTC) because she claim that she has hacked my devices.
Subject: Sista varning.
To: Recipients <[email protected]>
From: [email protected]
Date: Wed, 28 Oct 2020 13:51:37 +0100
Message-ID:
<5e07f1b2-d649-4e8c-9890-7a100a6e2036@HE1EUR01FT028.eop-EUR01.prod.protection.outlook.com>
Return-Path: [email protected]
Hej!
Tyvärr har jag några dåliga nyheter för dig.
För flera månader sedan fick jag tillgång till den enhet du använder för att surfa på internet.
Sedan dess har jag övervakat din internetaktivitet.
Hur gjorde jag det här?
Din router var sårbar.
Jag kunde injicera lite kod i firmware och varje enhet som var ansluten i nätverket, inklusive telefoner, komprometterades.
Sedan ställde jag in alla tillgängliga enheter att spela in med kameran endast när du tittar på vuxeninnehåll.
Jag har också dina kontaktlistor, telefonnummer, e-postmeddelanden, sociala mediekontakter, och här är affären.
Om du inte betalar mig (9000 SEK) i Bit-Coin, skickar jag din onani-video och sökhistorik till alla dina kontakter.
belopp: 0,0708 BTC (ungefär)
Min Bitcoin-plånbok: 18i73HCcQVS5h4zQPXPaKjmYS4YZgmhvF6
Snabbtips! du kan köpa Bit-Coin från Paxful.
Använd Google för att hitta den.
Om du undrar varför dina antivirusprogram inte utlöser beror det på att min kod inte är inställd på att stjäla lösenord, PIN-kodare och andra känsliga detaljer.
Den enda funktionen är att spela i med kamerorna (i tyst läge) och ta tag i kontakterna.
Jag vet att du har den mängd pengar som begärs.
Så oroa dig inte för dina lösenord och bankkonton.
Men för din mentala fred, fortsätt, ändra dem.
du har 72 timmar (3 dagar) på dig att skicka betalningen.
När mynt skickas in, Jag tar bort videon ... du vet vad som kommer att förstöras, och du kommer aldrig att höra från mig.
Nästa gång du täcker dina kameror kan någon titta på det! - E-mail Report for BTC address 1FwKDCh31LFUpbywThVLb7GTqT2M2a44K2 at Oct 29, 2020 Lets get directly to the point.
Not one person has paid me to check about you.
You do not know me and you're probably thinking why you are getting this email?
in fact, i actually placed a malware on the adult vids (adult porn) website and you know what, you visited this site to experience fun (you know what i mean).
When you were viewing videos, your browser started out operating as a RDP having a key logger which provided me with accessibility to your display and web cam.
immediately after that, my malware obtained every one of your contacts from your Messenger, FB, as well as email account.
after that i created a double-screen video. 1st part shows the video you were viewing (you have a nice taste omg), and 2nd part displays the recording of your cam, and its you.
Best solution would be to pay me $1020.
We are going to refer to it as a donation. in this situation, i most certainly will without delay remove your video.
My -BTC -address: 1FwKDCh31LFUpbywThVLb7GTqT2M2a44K2
- E-mail Report for BTC address 1yFM1N6n8TugL95ggWs6C8uyvNp3YRj7T at Oct 29, 2020 Blackmailing
- Other Report for BTC address 1prlnvrejttxisrkpr5dgglbwhmrwhep3a at Oct 28, 2020 1PrLnVrejTTXisrkPR5dggLBWhMRwHEP3A
- E-mail Report for BTC address 1njlkv3p1lv8rtpgrwvvr4gjtklawg7pjq at Oct 28, 2020 PLEASE FORWARD THIS EMAIL TO SOMEONE IN YOUR COMPANY WHO IS ALLOWED TO MAKE IMPORTANT DECISIONS!
==========================================
We are the Venomous Bear and we have chosen your company as target for our next DDoS attack.
Please perform a google search for "Venomous Bear" to have a look at some of our previous work.
Your network will be subject to a DDoS attack starting at 2020 November 2nd (Monday).
THIS IS NOT A JOKE, and to prove it right now we will start a small attack on www.itsolved.org that will last for 30 minutes.
It will not be heavy attack, at this moment.
What does this mean?
This means that your website and other connected services will be unavailable for everyone. Please also note that this will severely damage your reputation amongst your users / customers.
How to stop this?
We are willing to refrain from attacking your servers for a small fee.
The current fee is $1050(USD) in bitcoins (BTC).
The fee will increase by 1000 USD for each day after 2020 November 2nd that has passed without payment.
Please send Bitcoin to the following Bitcoin address (cAsE-SeNsitIve):
1NJLkV3P1LV8rTPgrWVvr4gJTKLAwG7PJQ
You can easily buy bitcoins via several websites or even offline from a Bitcoin-ATM. We suggest you coinmama.com or buy.coingate.com for buying bitcoins.
Once you have paid we will automatically get informed that it was your payment. Please note that you have to make payment before the deadline (2020 November 2nd ) or the attack WILL start!
What if you don't pay?
If you decide not to pay, we will start the attack on the indicated date and uphold it until you do, there's no counter measure to this, you will only end up wasting more money trying to find a solution (Cloudflare, Sucuri, Imperva and similar services are useless, because we will hit your network directly).
We will completely destroy your reputation and make sure your services will remain offline until you pay.
We will also download your database and do as much damage as possible.
Do not reply to this email, don't try to reason or negotiate, we will not read any replies.
Once you have paid we won't start the attack and you will never hear from us again.
Please note that Bitcoin is anonymous and no one will find out that you have complied.
-- Venomous Bear team
- E-mail Report for BTC address 1jfqen56qeqt5ebqtq3gzw4tdjvq3axsw4 at Oct 28, 2020 PLEASE FORWARD THIS EMAIL TO SOMEONE IN YOUR COMPANY WHO IS ALLOWED TO MAKE IMPORTANT DECISIONS!
==========================================
We are the Venomous Bear and we have chosen your company as target for our next DDoS attack.
Please perform a google search for "Venomous Bear" to have a look at some of our previous work.
Your network will be subject to a DDoS attack starting at 2020 November 2nd (Monday).
THIS IS NOT A JOKE, and to prove it right now we will start a small attack on <<WEBSITE-URL>> that will last for 30 minutes.
It will not be heavy attack, at this moment.
What does this mean?
This means that your website and other connected services will be unavailable for everyone. Please also note that this will severely damage your reputation amongst your users / customers.
How to stop this?
We are willing to refrain from attacking your servers for a small fee.
The current fee is $1100(USD) in bitcoins (BTC).
The fee will increase by 1000 USD for each day after 2020 November 2nd that has passed without payment.
Please send Bitcoin to the following Bitcoin address (cAsE-SeNsitIve):
1Jfqen56Qeqt5EbQtQ3GZW4TdJvq3axsW4
You can easily buy bitcoins via several websites or even offline from a Bitcoin-ATM. We suggest you coinmama.com or buy.coingate.com for buying bitcoins.
Once you have paid we will automatically get informed that it was your payment. Please note that you have to make payment before the deadline (2020 November 2nd ) or the attack WILL start!
What if you don't pay?
If you decide not to pay, we will start the attack on the indicated date and uphold it until you do, there's no counter measure to this, you will only end up wasting more money trying to find a solution (Cloudflare, Sucuri, Imperva and similar services are useless, because we will hit your network directly).
We will completely destroy your reputation and make sure your services will remain offline until you pay.
We will also download your database and do as much damage as possible.
Do not reply to this email, don't try to reason or negotiate, we will not read any replies.
Once you have paid we won't start the attack and you will never hear from us again.
Please note that Bitcoin is anonymous and no one will find out that you have complied.
-- Venomous Bear team - E-mail Report for BTC address 12Hj8WDdQKMFoLZBytCdfdCTjBdF16MgAb at Oct 28, 2020 This is a scammer's wallet. Received the same email as Bobby Bryant.