Envelope-to: lojban@lojban.org
Delivery-date: Sat, 11 Mar 2023 16:25:40 -0800
Auto-Submitted: auto-replied
From: Mail Delivery System <Mailer-Daemon@stodi.digitalkingdom.org>
To: request@digitalkingdom.org
References: <C3798516633FEAF04AB625500CD63A00@digitalkingdom.org>
Content-Type: multipart/report; report-type=delivery-status; boundary=1678580737-eximdsn-1978953677
MIME-Version: 1.0
Subject: Mail delivery failed: returning message to sender
Message-Id: <E1pb9Wr-00BhQU-0Q@stodi.digitalkingdom.org>
Date: Sat, 11 Mar 2023 16:25:37 -0800
X-Spam_score: -1.0
X-Spam_score_int: -9
X-Spam_bar: -

--1678580737-eximdsn-1978953677
Content-type: text/plain; charset=us-ascii

This message was created automatically by mail delivery software.

A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:

  lojban@lojban.org
    (generated from request@digitalkingdom.org)
    host jukni.lojban.org [50.250.232.18]
    SMTP error from remote mail server after end of data:
    550-Your message scored 9.5 SpamAssassin point. Report follows:
    550-Spam detection software, running on the system "e87f7907b374",
    550-has identified this incoming email as possible spam.  The original
    550-message has been attached to this so you can view it or label
    550-similar future email.  If you have any questions, see
    550-@@CONTACT_ADDRESS@@ for details.
    550-Content preview:  Dear user of digitalkingdom.org! I am a spyware software
    550-developer.
    550-Your account has been hacked by me couple months ago. The hacking was
    550-carried
    550-out using a hardware vulnerability through which you went online (Cisco
    550-router,
    550-vulnerability CVE-2023-20026).
    550-Content analysis details:   (9.5 points, 5.0 required)
    550-pts rule name              description
    550----- ---------------------- --------------------------------------------------
    550-0.0 RCVD_IN_SORBS_DUL      RBL: SORBS: sent directly from dynamic IP
    550-address
    550-[181.51.34.1

--1678580737-eximdsn-1978953677
Content-type: message/delivery-status

Reporting-MTA: dns; stodi.digitalkingdom.org

Action: failed
Final-Recipient: rfc822;request@digitalkingdom.org
Status: 5.0.0
Remote-MTA: dns; jukni.lojban.org
Diagnostic-Code: smtp; 550-Your message scored 9.5 SpamAssassin point. Report follows:
 550-Spam detection software, running on the system "e87f7907b374",
 550-has identified this incoming email as possible spam.  The original
 550-message has been attached to this so you can view it or label
 550-similar future email.  If you have any questions, see
 550-@@CONTACT_ADDRESS@@ for details.
 550-Content preview:  Dear user of digitalkingdom.org! I am a spyware software
 550-developer.
 550-Your account has been hacked by me couple months ago. The hacking was
 550-carried
 550-out using a hardware vulnerability through which you went online (Cisco
 550-router,
 550-vulnerability CVE-2023-20026).
 550-Content analysis details:   (9.5 points, 5.0 required)
 550-pts rule name              description
 550----- ---------------------- --------------------------------------------------
 550-0.0 RCVD_IN_SORBS_DUL      RBL: SORBS: sent directly from[truncated]

--1678580737-eximdsn-1978953677
Content-type: message/rfc822

Return-path: <request@digitalkingdom.org>
Received: from [181.51.34.154] (port=8092 helo=static-ip-18151034154.cable.net.co)
	by stodi.digitalkingdom.org with esmtp (Exim 4.96)
	(envelope-from <request@digitalkingdom.org>)
	id 1pb9Wk-00BhPf-0x
	for request@digitalkingdom.org;
	Sat, 11 Mar 2023 16:25:32 -0800
Message-ID: <C3798516633FEAF04AB625500CD63A00@digitalkingdom.org>
From: <request@digitalkingdom.org>
To: <request@digitalkingdom.org>
Subject: Settle your debt in order to avoid additional fees.
Date: 11 Mar 2023 12:57:26 -0600
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Mailer: Qcfuxlmq ipibsg 5.7
X-Spam-Flag: YES
X-Spam-Score: 11.7 (+++++++++++)
X-Spam_score: 11.7
X-Spam_score_int: 117
X-Spam_bar: +++++++++++
X-Spam-Report: Spam detection software, running on the system "stodi.digitalkingdom.org",
 has identified this incoming email as possible spam.  The original
 message has been attached to this so you can view it or label
 similar future email.  If you have any questions, see
 the administrator of that system for details.
 
 Content preview:  Dear user of digitalkingdom.org! I am a spyware software developer.
    Your account has been hacked by me couple months ago. The hacking was carried
    out using a hardware vulnerability through which you went online (Cisco router,
    vulnerability CVE-2023-20026). 
 
 Content analysis details:   (11.7 points, 5.0 required)
 
  pts rule name              description
 ---- ---------------------- --------------------------------------------------
 -1.9 BAYES_00               BODY: Bayes spam probability is 0 to 1%
                             [score: 0.0000]
  1.6 DATE_IN_PAST_03_06     Date: is 3 to 6 hours before Received: date
  1.3 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in
                             bl.spamcop.net
               [Blocked - see <https://www.spamcop.net/bl.shtml?181.51.34.154>]
  0.0 RCVD_IN_ZEN_BLOCKED_OPENDNS RBL: ADMINISTRATOR NOTICE: The query
                              to zen.spamhaus.org was blocked due to
                             usage of an open resolver. See
                             https://www.spamhaus.org/returnc/pub/
                             [181.51.34.154 listed in zen.spamhaus.org]
  1.3 RCVD_IN_VALIDITY_RPBL  RBL: Relay in Validity RPBL,
                             https://senderscore.org/blocklistlookup/
                             [181.51.34.154 listed in bl.score.senderscore.com]
  0.0 RCVD_IN_SORBS_DUL      RBL: SORBS: sent directly from dynamic IP
                             address
                             [181.51.34.154 listed in dnsbl.sorbs.net]
  2.7 RCVD_IN_PSBL           RBL: Received via a relay in PSBL
                             [181.51.34.154 listed in psbl.surriel.com]
  0.0 SPF_FAIL               SPF: sender does not match SPF record (fail)
 [SPF failed: Please see http://www.openspf.org/Why?s=mfrom;id=request%40digitalkingdom.org;ip=181.51.34.154;r=stodi.digitalkingdom.org]
  0.0 SPF_HELO_NONE          SPF: HELO does not publish an SPF Record
  0.8 RDNS_NONE              Delivered to internal network by a host with no rDNS
  2.3 XM_RANDOM              X-Mailer apparently random
  1.0 TO_EQ_FM_DIRECT_MX     To == From and direct-to-MX
  0.0 TO_EQ_FM_DOM_SPF_FAIL  To domain == From domain and external SPF
                             failed
  0.0 TO_EQ_FM_SPF_FAIL      To == From and external SPF failed
  2.6 MALWARE_NORDNS         Malware bragging + no rDNS

Dear user of digitalkingdom.org!

I am a spyware software developer.
Your account has been hacked by me couple months ago.

The hacking was carried out using a hardware vulnerability through which you went online (Cisco router, vulnerability CVE-2023-20026).

I went around the security system in the router, installed an exploit there.
When you went online, my exploit downloaded my malicious code (rootkit) to your device.
This is driver software, I constantly updated it, so your antivirus is silent all time.

Since then I have been following you (I can connect to your device via the VNC protocol).
That is, I can see absolutely everything that you do, view and download your files and any data to yourself.
I also have access to the camera on your device, and I periodically take photos and videos with you.

At the moment, I have harvested a solid dirt... on you...
I saved all your email and chats from your messangers. I also saved the entire history of the sites you visit.

I note that it is useless to change the passwords. My malware update passwords from your accounts every times.

I know what you like hard funs (adult sites).
Oh, yes .. I'm know your secret life, which you are hiding from everyone.
Oh my God, what are your like... I saw THIS ... Oh, you dirty naughty person ... :)

I took photos and videos of your most passionate funs with adult content, and synchronized them in real time with the image of your camera.
Believe it turned out very high quality!

So, to the business!
I'm sure you don't want to show these files and visiting history to all your contacts.

Transfer $1310 to my Bitcoin cryptocurrency wallet: 14YLQ A98RN JX22W2 Prmc7PR QNf6QQ f1B1D
Just copy and paste the wallet number when transferring.

An important notice: I have specified my Bitcoin wallet with spaces, hence once you carry out a transfer, 
please make sure that you key-in my bitcoin address without spaces to be sure that your funds successfully reach my wallet!

If you do not know how to do this - ask Google.

My system automatically recognizes the translation.
As soon as the specified amount is received, all your data will be destroyed from my server, and the rootkit will be automatically removed from your system.
Do not worry, I really will delete everything, since I am 'working' with many people who have fallen into your position.
You will only have to inform your provider about the vulnerabilities in the router so that other hackers will not use it.

Since opening this letter you have 48 hours.
If funds not will be received, after the specified time has elapsed, the disk of your device will be formatted,
and from my server will automatically send email and sms to all your contacts with compromising material.

P.S. Do not try to contact me (this is impossible, sender's address was randomly generated).

I advise you to remain prudent and not engage in nonsense (all files on my server).

Good luck!


--1678580737-eximdsn-1978953677--