Bitcoin Ransomware Attacks

This is a list of bitcoin ransomware attacks which I will be updating periodically as more become public.

Last Updated 11-June-2016

Date BTC Amount Paid (USD) Target City Country Virus Name Source
6/29/2016 500 Sports Team USA vocativ.com
6/7/2016 20,000 University Calgary, OT CA cbc.ca
4/25/2016 NA Utility Lansing, MI USA theregister.co.uk
4/1/2016 750 Fire Department Snoqualmie, WA USA CryptoLocker “Locky” eastofseattle.news
3/1/2016 Pending (4 BTC) Hospital Henderson, KY USA CryptoLocker “Locky” livebitcoinnews.com
3/1/2016 Pending Hospital Baltimore, MD USA Samsam aka MSIL or Samas baltimoresun.com
2/1/2016 17000 Hospital Los Angeles, CA USA CryptoLocker “Locky” wired.com
2/1/2016 450 Police Station Melrose, MA USA   ibtimes.co.uk
12/10/2015 500 Retail Store Calgary, OT CA cbc.ca
10/1/2015 572 Sheriff Office Dickson County, TN USA   bostonglobe.com
4/1/2015 500 Police Station Tewksbury, MA USA KEYHolder bostonglobe.com
1/1/2015 500 Police Station Midlothian, IL USA   bostonglobe.com
11/1/2013 750 Police Station Swansea, MA USA CryptoLocker “Locky” bostonglobe.com

From pymnts.com

In 2015, the FBI received roughly 2,453 complaints related to ransomware malware attacks, which amounted to $24.1 million in losses for victims

Related from The Merkle 11-June-2016
Cisco Ransomware Tool Can Now Decrypt All Versions of TeslaCrypt

5 thoughts on “Bitcoin Ransomware Attacks”

  1. 1HhiCDLnchT1z3zmFNDFQEmhBeFoHVYzMB

    ———- Forwarded Message ———-
    From: Alecia Nunes
    To: “marc9794@netzero.net”
    Subject: marc9794 – abc123
    Date: Mon, 18 Feb 2019 21:27:41 +0000

    I do know abc123 is your pass words. Lets get directly to purpose. None has compensated me to investigate about you. 
    You may not know me and you are probably thinking why you are getting this email? 
     in fact, i setup a software on the 18+ vids (porn) web site and there’s more, you visited this site to experience fun 
    (you know what i mean). While you were watching video clips, your internet browser began functioning as a Remote Desktop 
    with a key logger which gave me access to your screen as well as web cam. after that, my software program gathered every 
    one of your contacts from your Messenger, FB, as well as e-mailaccount. and then i made a double video. First part displays 
    the video  you were viewing (you have a nice taste lmao), and next part shows the view of your cam, and its you.  
     You actually have two different solutions. Why dont we check out each of these choices in aspects: 
     First alternative is to dismiss this message. in that case, i am going to send out your actual videotape to each one of 
    your contacts and you can easily imagine about the disgrace you can get. Do not forget if you are in a relationship, just 
    how it is going to affect? in the second place option is to pay me $966. i will think of it as a donation. as a result, 
    i most certainly will asap delete your video footage. You could continue on with your daily life like this never took 
    place and you will never hear back again from me. 

    You’ll make the payment by Bitcoin (if you don’t know this, 
    search for ‘how to buy bitcoin’ in Google  search engine).  

    BTC address: 
    1HhiCDLnchT1z3zmFNDFQEmhBeFoHVYzMB

    1. Subject: I hack you

      Hi! As you may have noticed, I sent you an email from your account. This means that I have full access to your devices and accounts. I’ve been watching you for a few months now. The fact is that you were infected with malware through an adult site that you visited. If you are not familiar with this, I will explain. Trojan Virus gives me full access and control over a computer or other device. This means that I can see everything on your screen, turn on the camera and microphone, but you do not know about it. I also have access to all your contacts and all your correspondence. Why your antivirus did not detect malware? Answer: My malware uses the driver, I update its signatures every 4 hours so that your antivirus is silent. I made a video showing how you satisfy yourself in the left half of the screen, and in the right half you see the video that you watched. With one click of the mouse, I can send this video to all your emails and contacts. If you want to prevent this, transfer the amount of $931 to my bitcoin address (if you do not know how to do this, write to Google: “Buy Bitcoin”). My bitcoin address (BTC Wallet) is: 12yCNJHAwda8Kgxv9DswpS9k16XnstSqcJ After receiving the payment, I will delete the video and you will never hear me again. I give you 48 hours to pay. I have a notice reading this letter, and the timer will work when you see this letter. Filing a complaint somewhere does not make sense because this email cannot be tracked like my bitcoin address. I do not make any mistakes. If I find that you have shared this message with someone else, the video will be immediately distributed.

  2. I RECEIVED THE EXTORTION SCAM EMAIL BELOW FROM MY OWN—NOW APPARENTLY SPOOFED EMAIL ADDRESS.

    Hello!

    I’m a programmer who cracked your email account and device about half year ago.
    You entered a password on one of the insecure site you visited, and I catched it.

    Of course you can will change your password, or already made it.
    But it doesn’t matter, my rat software update it every time.

    Please don’t try to contact me or find me, it is impossible, since I sent you an email from your email account.

    Through your e-mail, I uploaded malicious code to your Operation System.
    I saved all of your contacts with friends, colleagues, relatives and a complete history of visits to the Internet resources.
    Also I installed a rat software on your device and long tome spying for you.

    You are not my only victim, I usually lock devices and ask for a ransom.
    But I was struck by the sites of intimate content that you very often visit.

    I am in shock of your reach fantasies! Wow! I’ve never seen anything like this!
    I did not even know that SUCH content could be so exciting!

    So, when you had fun on intime sites (you know what I mean!)
    I made screenshot with using my program from your camera of yours device.
    After that, I jointed them to the content of the currently viewed site.

    Will be funny when I send these photos to your contacts! And if your relatives see it?
    BUT I’m sure you don’t want it. I definitely would not want to …

    I will not do this if you pay me a little amount.
    I think $796 is a nice price for it!

    I accept only Bitcoins.
    My BTC wallet: 1EVe67RXBA28s14cnnsVv1WkxhtoXMjCTy

    If you have difficulty with this – Ask Google “how to make a payment on a bitcoin wallet”. It’s easy.
    After receiving the above amount, all your data will be immediately removed automatically.
    My virus will also will be destroy itself from your operating system.

    My Trojan have auto alert, after this email is looked, I will be know it!

    You have 2 days (48 hours) for make a payment.
    If this does not happen – all your contacts will get crazy shots with your dirty life!
    And so that you do not obstruct me, your device will be locked (also after 48 hours)

    Do not take this frivolously! This is the last warning!
    Various security services or antiviruses won’t help you for sure (I have already collected all your data).

    Here are the recommendations of a professional:
    Antiviruses do not help against modern malicious code. Just do not enter your passwords on unsafe sites!

    I hope you will be prudent.
    Bye.

  3. Email faking to be sent from my email address – actually sent from registropropiedad@municipiodeguano.gob.ec

    —————————————————————————
    Your account was recently hacked! It will be good idea to change the pswd this time!
    You may not know me me and you are certainly wanting to know for what reason you’re receiving this particular electronic message, right?
    I’m ahacker who openedyour emailand devices and gadgetsa few months ago.
    Never try to msg me or seek for me, it is hopeless, because I sent you a letter using YOUR hacked account.
    I installed virus to the adult videos (porn) site and guess that you watched this website to enjoy it (think you understand what I really mean).
    During that time you have been paying attention to films, your internet browser began functioning like a RDP (Remote Control) having a keylogger which provided me access to your monitor and webcam.
    Next step, my programgotall information.
    You have typed passcodes on the online resources you visited, and I caught all of them.
    Of course, you can change them, or possibly already modified them.
    However it doesn’t matter, my app updates information every time.
    And what did I do?
    I got a reserve copy of your device. Of all files and personal contacts.
    I have managed to create dual-screen record. The 1st section shows the video you had been watching
    (you have the perfect preference, ha-ha…), the second screen presents the video from your own
    webcam.
    What exactly must you do?
    Clearly, I think, 1000USD will be a fair amount of money for our small riddle. You’ll make the deposit
    by bitcoins (if you don’t understand this, try to find “how to purchase bitcoin” in any search engine).
    My bitcoin wallet address:

    196rmNRAWQTFs4uftwcT35UeoZZgY7V4WN

    (It is cAsE sensitive, so just copy and paste it).
    Important:
    You have 2 days to make the payment. (I have an unique pixel in this email, and at this point I know
    that you have read through this email).
    To trackthe reading of a messageand the activityin it, I installeda Facebook pixel. Thanks to them.
    (That whichcan be usedfor the authorities may helpus.)
    If I fail to get bitcoins, I will immediately transfer your videofile to all your contacts, including family
    members, co-workers, and many more?

  4. In my case, email faking to be sent from my email address – actually was sent from: bemaefipu@suaauuy.com, probably fake or hacked account.

    I received this two days ago.
    The thing is, I have never used “jagohito” as a password at any site(-s) or software and my laptop’s camera is fully blocked since the time I bought it, i.e. half a year ago.

    Full quote of blackmail email is presented below:
    ————————————————————————
    “I am well aware jagohito is one of your pass words. Lets get right to the point. No person has compensated me to investigate about you. You may not know me and you are most likely thinking why you’re getting this email?

    in fact, i actually installed a software on the X video clips (sexually graphic) website and you know what, you visited this website to experience fun (you know what i mean). While you were viewing video clips, your internet browser started operating as a Remote Desktop having a key logger which provided me accessibility to your screen and web camera. immediately after that, my software obtained all your contacts from your Messenger, FB, as well as emailaccount. and then i created a video. First part displays the video you were viewing (you’ve got a fine taste ; )), and second part shows the recording of your web cam, & its u.

    You have got only 2 choices. Lets explore these types of solutions in aspects:

    First alternative is to ignore this email. Consequently, i will send out your video clip to each one of your personal contacts and also imagine regarding the embarrassment you can get. in addition if you happen to be in an important relationship, exactly how it will eventually affect?

    Number 2 alternative is to pay me $977. Lets think of it as a donation. Then, i most certainly will instantly erase your videotape. You can keep on going your life like this never took place and you will never hear back again from me.

    You will make the payment through Bi‌tco‌in (if you don’t know this, search for ‘how to buy b‌itcoi‌n’ in Google).

    B‌T‌C‌ ad‌dre‌ss to send to: 19zt48sAZgtyEUdZ5tpRJGxLHMA5iAyrCG

    [case-sensitive copy and paste it]

    if you may be making plans for going to the cops, very well, this email message can not be traced back to me. I have taken care of my steps. i am also not trying to charge you much, i simply want to be paid for. email message%}, and norCG if i don’t receive the ‌bi‌tco‌in‌, i will certainly send your video to all of your contacts including close relatives, coworkers, etc. However, if i receive the payment, i will erase the video immediately. If you need proof, reply Yea & i will send your video recording to your 7 friends. This is a nonnegotiable offer thus do not waste my personal time and yours by replying to this e-mail.”

Leave a Reply to EK Cancel reply

Your email address will not be published. Required fields are marked *

Leave the field below empty!

This site uses Akismet to reduce spam. Learn how your comment data is processed.