Tuesday, April 7, 2026

ShinyHunters Phishing Email with subject Information about your online security. You've been hacked


For the record, this is a ShinyHunters storage phishing email attempt that is recently going around, with subject Information about your online security and body "We've known each other for a while, at least we know you."

What to do?  Report them, goto bottom of page. 


From: You've been HACKED <ubwab@dsk.zaq.ne.jp>

Subject: Information about your online security

Hello,

We are ShinyHunters hacking group.
We've known each other for a while, at least we know you.
A few months ago, we gained access to your devices and started monitoring your online activities.

What happened:
We got access to the database SoundCloud.com where you had an account with and easily accessed your e-mail.
You weren't very careful about the links you opened.
A week later, we installed an exploit on your devices including your phone, giving us access to your microphone,
camera, keyboard, and all your data.
We have your photos,browsing history, conversations, and contact list.

Besides other things, we discovered that you frequently visit adult websites and watch explicit videos.
We managed to record you and created videos of you pleasuring yourself.
With a few clicks, we can share these videos with your friends,
colleagues, and family or even make them public.

Proposal:
Send us $2000 in Bitcoin to the following wallet:
bc1qsqeej5svqlvs703t9djlxmdzxuncl53yw78ffd

We'll delete everything immediately.
You have 48 hours from the moment you opened this e-mail.
Once the payment is received, we'll remove the malware from your devices.

What you should NOT do: 
Do not reply (email is sent from a hacked account).
Do not contact the police or anyone else—we'll release the videos along with other stuff all over the internet.
Do not try to reset your devices—everything is stored on remote servers.

What you don’t need to worry about:
Will see your payment immediately—The wallet is generated specially for you.
Will not share your videos or other things after payment—There is no reason to keep causing problems.


Phishing Link
1. none detected


Can they track you? Yes, but not this email. Downloaded source and upload to Gemini.

Summary for your peace of mind:
  • Can they see you opened it? No.
  • Is there a virus in the text? No.
  • Did they record you? No.

Based on the technical content of the email provided, here is the confirmation of those points:

  • Can they see you opened it? Likely no. While the email claims you have 48 hours from the moment it was opened , there are no visible tracking links or external image tags in the provided message body to trigger such a notification. The sender is also using a hacked Japanese ISP account, which is not a sophisticated command-and-control setup.

  • Is there a virus in the text? No. The provided content is a "Content-Type: text/plain" message. Standard text files cannot execute code or install viruses on their own. The email claims they installed an "exploit" after you clicked links in the past, but the message itself is just text.

  • Did they record you? No. This is a classic "sextortion" script used in bulk email campaigns. The message claims to have recorded you via your camera and microphone, but it provides no proof (such as a screenshot or a specific password you use) to back up these claims. The reference to a "SoundCloud.com" database breach is a common template used to make the threat seem more legitimate to a wide audience.


How to tell this is a Phishing email?

  1. Check email address in full, if it's not from originating company then it's phishing.
  2. Hover over all links in email, if it's not from the company's website then forget it.
  3. The best way is to 

How to examine Email Message Source?

Now let's look at message source
  1. Outlook.com->Actions->View Message Source. 
  2. Gmail.com->More (down arrow to top right)->Show original.
Check for suspicious links, anything that does not originate from source domain, like apple.com.


Report Phishing Email (not as Spam)

  1. Outlook.com->Junk (at Top)->Phishing Scam
  2. Gmail.com->More (down-arrow to top right)->Report Phishing 

Report Phishing to Google

If you have received this email, take further action by

  1. https://www.google.com/safebrowsing/report_phish/

Report phishing at Microsoft and government agencies

  1. http://www.microsoft.com/security/online-privacy/phishing-faq.aspx

Posted by metadataconsulting (profile) at 7:30 AM

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)