Return-path: Envelope-to: lojban@lojban.org Delivery-date: Wed, 17 Apr 2024 11:11:34 -0700 Received: from [192.168.123.254] (port=60080 helo=stodi.digitalkingdom.org) by 9b22896a5f05 with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1rx9kp-000QI1-07 for lojban@lojban.org; Wed, 17 Apr 2024 11:11:32 -0700 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=digitalkingdom.org; s=202111010720; h=Content-Transfer-Encoding: Content-Type:MIME-Version:Date:Subject:To:From:Message-ID:Sender:Reply-To:Cc: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=r0jm1ILQAqg8cYtvreUH19QlQPN3JRMEBAG8X+Z0tfA=; b=4imt/KRf7Xe0aTVP3tGkbIOABu sQbMk3yeZqkCsqsLEuDbnr1Hc9p17E+KP7hVznJbTb/dzIR8B/v9scNSj+PPambX/hD3XRdtrY96V VJVllNPMeQjrjDqC6en3+/nm/Sxlqs/oCdNnX+oypv4K+V85Q8zb0mvNJfLs8vmCZbAzYsDLuDdum UxCYgLp/XwmxSOED8Mlbnf49tgiw/F6dZW7F/MeYWlMlqJd+XNyCnMnNgz6AFYxcz8DQcFgRBLmFe Uir1EtB7CpJJwfuYfXNmhCk0yiTOPivnGEoSBh33f90/kqDE9v1aoqxTApoYwV1xSzwgwvP9COPjH tIQ0/rQw==; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=evolutionlab.org; s=202111010720; h=Content-Transfer-Encoding:Content-Type: MIME-Version:Date:Subject:To:From:Message-ID:Sender:Reply-To:Cc:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=r0jm1ILQAqg8cYtvreUH19QlQPN3JRMEBAG8X+Z0tfA=; b=fEGjsWo+o+nwck2dmNLSABLiLA tIG3bBdlvk4IP2LKIYsS7GGZGfiDi8X+1fvsneaEqLpry/PXeWq6F5jLMDybAbKUcF1euUTnVvATk gzIXeHDhQsdxVVkbwOtzUNDa4KpAHaOsNprCxifN2/G4hZqgg0jr422r8MaIaGmzQdSl9Ug2q9NWH OQFaqs+8UcBmhboPcEGW5gdp2eKvu3POSKaZMihGduGl0LkU1IIZMKEyVtR47xKm6jURuzDeBBkJC ME5tcxYY/hoBCpm6FdrV62gx11m6mdvlbvgTLa0ywMb6HCFt1hKPeUq3u7472G8eF/cxV3oyPeqPG 2TSFdnmQ==; Received: from [89.113.146.153] (port=63527 helo=blackboardcdn.com) by stodi.digitalkingdom.org with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1rx9km-00G9EC-0X for bugs@teddyb.org; Wed, 17 Apr 2024 11:11:30 -0700 Message-ID: <87e78229dd1933381f753c976b4f647a4cada5@daum.net> From: info1@daum.net To: bugs@teddyb.org Subject: Date: Wed, 17 Apr 2024 21:11:20 +0300 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Spam-Score: 3.2 (+++) X-Spam_score: 3.2 X-Spam_score_int: 32 X-Spam_bar: +++ X-Spam-Report: Spam detection software, running on the system "stodi.digitalkingdom.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Well, hello there, my perverted friend. I'll get right to the point. We've actually known each other for a while now, at least I've known you. You can call me Big Brother or the All-Seeing Eye. I'm a [...] Content analysis details: (3.2 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 RCVD_IN_ZEN_BLOCKED_OPENDNS RBL: ADMINISTRATOR NOTICE: The query to zen.spamhaus.org was blocked due to usage of an open resolver. See https://www.spamhaus.org/returnc/pub/ [89.113.146.153 listed in zen.spamhaus.org] -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1% [score: 0.0000] -5.0 RCVD_IN_DNSWL_HI RBL: Sender listed at https://www.dnswl.org/, high trust [89.113.146.153 listed in list.dnswl.org] 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider [info1[at]daum.net] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in digit [info1[at]daum.net] 0.7 SPF_SOFTFAIL SPF: sender does not match SPF record (softfail) 0.8 RDNS_NONE Delivered to internal network by a host with no rDNS 0.5 PDS_BTC_ID FP reduced Bitcoin ID 0.8 BITCOIN_DEADLINE BitCoin with a deadline 0.0 SPOOFED_FREEMAIL_NO_RDNS From SPOOFED_FREEMAIL and no rDNS 2.4 BITCOIN_MALWARE BitCoin + malware bragging 1.5 MALWARE_NORDNS Malware bragging + no rDNS 0.0 SPOOFED_FREEMAIL No description available. 1.0 BITCOIN_SPAM_05 BitCoin spam pattern 05 2.2 BITCOIN_ONAN BitCoin + [censored] X-Spam-Score: 2.7 (++) X-Spam_score: 2.7 X-Spam_score_int: 27 X-Spam_bar: ++ X-Spam-Report: Spam detection software, running on the system "50bab00d4276", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see @@CONTACT_ADDRESS@@ for details. Content preview: Well, hello there, my perverted friend. I'll get right to the point. We've actually known each other for a while now, at least I've known you. You can call me Big Brother or the All-Seeing Eye. I'm a [...] Content analysis details: (2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [URIs: evolutionlab.org] 0.0 URIBL_DBL_BLOCKED_OPENDNS ADMINISTRATOR NOTICE: The query to dbl.spamhaus.org was blocked due to usage of an open resolver. See https://www.spamhaus.org/returnc/pub/ [URIs: evolutionlab.org] -5.0 RCVD_IN_DNSWL_HI RBL: Sender listed at https://www.dnswl.org/, high trust [89.113.146.153 listed in list.dnswl.org] 0.0 RCVD_IN_ZEN_BLOCKED_OPENDNS RBL: ADMINISTRATOR NOTICE: The query to zen.spamhaus.org was blocked due to usage of an open resolver. See https://www.spamhaus.org/returnc/pub/ [89.113.146.153 listed in zen.spamhaus.org] 0.0 URIBL_ZEN_BLOCKED_OPENDNS ADMINISTRATOR NOTICE: The query to zen.spamhaus.org was blocked due to usage of an open resolver. See https://www.spamhaus.org/returnc/pub/ [URIs: evolutionlab.org] 0.8 BAYES_50 BODY: Bayes spam probability is 40 to 60% [score: 0.5000] 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider [info1[at]daum.net] 0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in digit [info1[at]daum.net] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.7 SPF_SOFTFAIL SPF: sender does not match SPF record (softfail) -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid 0.8 RDNS_NONE Delivered to internal network by a host with no rDNS 0.5 PDS_BTC_ID FP reduced Bitcoin ID 3.0 BITCOIN_DEADLINE BitCoin with a deadline 0.7 MALWARE_NORDNS Malware bragging + no rDNS 1.0 BITCOIN_ONAN BitCoin + [censored] Well, hello there, my perverted friend. I'll get right to the point. We've actually known each other for a while now, at least I've known you. You can call me Big Brother or the All-Seeing Eye. I'm a hacker who a few months ago gained access to your device, including your browser history and webcam. And I recorded some videos of you jerking off to highly controversial "adult" videos. I doubt very much you'd want your family, coworkers, and your entire contact list to see footage of you pleasuring yourself, especially given the specifics of your favorite genre. I'll also put these videos on porn sites, and they'll go viral, so much so that it will be physically impossible to remove them from everywhere. How did I do that? Because of your disregard for Internet security, I was able to easily install a Trojan horse on your device. which accessed all the data on your device and allowed me to control it remotely. Once I infected one device, I had no problem accessing all the other devices. My spyware is embedded in the drivers and updates its signature every few hours, so no antivirus or firewall can even detect it. So now I'm just gonna give you a condition. A small sum in exchange for your former quiet life. Transfer 1200 USD to my bitcoin wallet: 3E5kH22Z5ozUhfqg3emYDQ9oDy1frgq3mr As soon as I receive confirmation of the transfer, I will delete all the videos that compromise you, remotely erase the virus on your devices and you will never hear from me again. Agree, it's a very small price to pay for not destroying your reputation in the eyes of others who, judging by your correspondence in messengers, has an opinion of you as a decent human being. You can think of me as a kind of mentor who wants you to start appreciating what you have. You have 48 hours - I'll be notified as soon as you open this letter, and from then on it's a countdown. If you've never dealt with cryptocurrency before, it's super easy - type "crypto exchange" into a search engine, and the next thing to do. Here's what you shouldn't do: Don't reply to my email. It was sent from a disposable e-mail account. Don't call law enforcement. Remember, I have access to all of your devices, and as soon as I notice such activity, it will automatically lead to the release of all of your data. Do not attempt to reinstall your system or factory reset your device. First of all, I already have the video and all your data, and secondly, as I already said, I have remote access to all your devices and as soon as I notice such an attempt, it will lead to irreversible consequences. Remember that crypto-addresses are anonymous, so you won't be able to figure me out from my wallet. Anyway, let's make this a win-win situation. I always keep my word, unless I'm being tricked. Advice for the future: take more seriously your security on the Internet. Also regularly change passwords and set up multi-factor authorization on all your accounts.