We have installed one RAT software into you device EMAIL SCAM

Computer security professionals discovered a new variant of Bitcoin email scam starting with: We have installed one RAT software into you device. This email scam tries to extort money by claiming that your device and email account are hacked. Like before, this bitcoin blackmail scam spreads via spam emails. The spam is sent out to thousands of emails at a time. Below is an example of the new Bitcoin Scam with the ransom note:

We have installed one RAT software into you device EMAIL SCAM

Text presented in this email message:

Hi, dear user of ***

We have installed one RAT software into you device
For this moment your email account is hacked too.
I know your password for this account [***]: ***

Changed your password? You’re doing great!
But my software recognizes every such action. I’m updating passwords!
I’m always one step ahead….

So… I have downloaded all confidential information from your system and I got some more evidence.
The most interesting moment that I have discovered are videos records where you masturbating.

I posted EternalBlue Exploit modification on porn site, and then you installed my malicious code (trojan) on your operation system.
When you clicked the button Play on porn video, at that moment my trojan was downloaded to your device.
After installation, your front camera shoots video every time you masturbate, in addition, the software is synchronized with the video you choose.

For the moment, the software has harvrested all your contact information from social networks and email addresses.
If you need to erase all of your collected data, send me $600 in BTC (crypto currency).
This is my Bitcoin wallet: 11NT1KhH3aXsRw4LS6PFFrT5fRkdZFmne
You have 48 hours after reading this letter.

After your transaction I will erase all your data.
Otherwise, I will send video with your pranks to all your colleagues and friends!!!

P.S. I’m asking you – not to answer this letter because the sender’s address is fake, just to keep me incognito.

And henceforth be more careful!
Please visit only secure sites!
Bye,Bye…

New scam variant:

We hаve instаlled one RаT softwаre into you device
For this moment your emаil аccount is hаcked too.
I know your pаssword. I logged in to your аccount аnd wrote this letter to you from there.

Chаnged your pаssword? You’re doing greаt!
But my softwаre recognizes every such аction. I’m updаting pаsswords!
I’m аlwаys one step аheаd….

So… I hаve downloаded аll confidentiаl informаtion from your system аnd I got some more evidence.
The most interesting moment thаt I hаve discovered аre videos records where you mаsturbаting.

I posted Spelevo Exploit modificаtion on porn site, аnd then you instаlled my mаlicious code (trojаn) on your operаtion system.
When you clicked the button Plаy on porn video, аt thаt moment my trojаn wаs downloаded to your device.
аfter instаllаtion, your front cаmerа shoots video every time you mаsturbаte, in аddition, the softwаre is synchronized with the video you choose.

For the moment, the softwаre hаs hаrvrested аll your contаct informаtion from sociаl networks аnd emаil аddresses.
If you need to erаse аll of your collected dаtа аnd videos, send me $650 in BTC (crypto currency).

This is my Bitcoin wаllet: 16dUrec9DMpvxa4cZzVmB5pb7KEbczMBxy You hаve 48 hours аfter reаding this letter.

аfter your trаnsаction I will erаse аll your dаtа.
Otherwise, I will send а video with your sweepstаkes to аll your colleаgues, friends аnd relаtives!!!

P.S. I аsk you not to reply to this emаil, this is impossible (the sender’s аddress is your own аddress).

And henceforth be more careful!
Please visit only secure sites!
Bye,Bye…

Is this threat real?

Good news: thankfully, it’s fake. This email message is nothing more than a new Bitcoin Email Scam. Scammers got your password and associated email address from data breach dumps and are using it to shake you down.

Stolen Password

For this moment your email account is hacked too. I know your password for this account

It has your stolen password and uses that information to make itself appear real. The extortionist actually found it in data breach dumps. If the password emailed to you is one that you still use, then stop using it and change it right now!

Threat Summary

What to do when you receive “We have installed one RAT software into you device” Email Scam

If you — or someone you know — gets an email like this, below are some easy steps which you need to follow:

• First and foremost, do not pay the cyber criminals!
• If the password emailed to you is your current password, then you should change it everywhere it’s in use.
• Use two-factor authentication wherever possible.
• We recommend creating a new password when you set up a new account.
• Report it immediately to your local police, and the FBI.
• It is a good idea to run a malware scan on all your devices to be sure that there is no malicious software installed.
• Install an anti-phishing software.

How to scan your computer for malware

Removal utilities listed below are pretty effective when you think your personal computer is affected by malicious software. Below we’ll discover best utilities that can be used to detect and remove malware from your device and web-browser.

Zemana Free is a complete package of anti-malware utilities. Despite so many features, it does not reduce the performance of your PC. Zemana Free can be used to remove almost all the types of malware including hijackers, potentially unwanted applications, adware, trojans, worms and harmful internet browser extensions. Zemana Anti-Malware has real-time protection that can defeat most malicious software. You can use Zemana with any other anti-virus without any conflicts.

1. First, visit the page linked below, then press the ‘Download’ button in order to download the latest version of Zemana.
   
   

   Zemana AntiMalware
   164028 downloads
   Author: Zemana Ltd
   Category: Security tools
   Update: July 16, 2019
   
2. At the download page, click on the Download button. Your browser will display the “Save as” dialog box. Please save it onto your Windows desktop.
3. Once the downloading process is done, please close all apps and open windows on your computer. Next, launch a file called Zemana.AntiMalware.Setup.
4. This will start the “Setup wizard” of Zemana Anti-Malware (ZAM) onto your system. Follow the prompts and do not make any changes to default settings.
5. When the Setup wizard has finished installing, the Zemana Free will run and display the main window.
6. Further, click the “Scan” button . Zemana Free program will scan through the whole PC for malware. This task can take some time, so please be patient. When a malicious software, adware or potentially unwanted software are found, the number of the security threats will change accordingly.
7. After that process is finished, it will display the Scan Results.
8. When you are ready, click the “Next” button. The tool will delete malware and add all security threats to the Quarantine. After the clean up is finished, you may be prompted to reboot the computer.
9. Close the Zemana Anti Malware and continue with the next step.

How to protect yourself from phishing web-sites

Use an ad blocking tool such as AdGuard will protect you from harmful ads and content. Moreover, you can find that the AdGuard have an option to protect your privacy and block phishing and spam web-pages. Additionally, ad blocking apps will help you to avoid annoying pop-up ads and unverified links that also a good way to stay safe online.

Download AdGuard on your computer by clicking on the following link.

Adguard download
26627 downloads
Version: 6.4
Author: © Adguard
Category: Security tools
Update: November 15, 2018

After downloading it, start the downloaded file. You will see the “Setup Wizard” screen as shown below.

Follow the prompts. Once the install is done, you will see a window as displayed in the figure below.

You can press “Skip” to close the installation application and use the default settings, or click “Get Started” button to see an quick tutorial which will allow you get to know AdGuard better.

In most cases, the default settings are enough and you don’t need to change anything. Each time, when you launch your machine, AdGuard will start automatically and stop unwanted ads, block phishing, as well as harmful or misleading web sites. For an overview of all the features of the application, or to change its settings you can simply double-click on the AdGuard icon, which is located on your desktop.