Hidden Bomb In The Building Email Scam

Also Known As: possible malware infections
Distribution: Low
Damage level: Severe

"Hidden Bomb In The Building" removal guide

What is "Hidden Bomb In The Building"?

"Hidden Bomb In The Building" is an email scam. There are many scams of this type, most of which are sextortion-type: they are used to trick people into believing that humiliating or compromising material (videos or photos) have been obtained and shared with all users on the recipient's contacts list. Note, however, that "Hidden Bomb In The Building" differs, since it is categorized as a terrorist threat.

Hidden Bomb In The Building spam campaign

Cyber criminals use the "Hidden Bomb In The Building" scam to make threats about an explosive that has supposedly been planted. They make ransom demands in the Bitcoin cryptocurrency. The email message states that a bomb has been planted in the recipient's company building. It goes on to state that the explosive is small but powerful enough to harm many people. They also warn recipients that if a 'recruited person' notices any unusual activities (such as people calling the police), this person will detonate the explosive. Cyber criminals demand payment of "20.000 $" in Bitcoins (using a Bitcoin wallet address provided) by the end of the day, otherwise the explosives will be detonated. They also state that this is not a personal threat and that only the recipient's company is being threatened. They will not check the email and will only check the Bitcoin wallet every thirty minutes. Once payment is received, they will inform the 'mercenary' present in the building to leave with the explosives, thus eliminating the threat. There is also a note for authorities stating that they are not terrorists (do not belong to any terrorist group) and do not take responsibility for explosions in other buildings. Cyber criminals behind this email scam have used many different messages and have sent them to various facilities, however, all include identical demands: to pay "20.000 $" in Bitcoins to an identical Bitcoin wallet.

As mentioned above, many email scams are of the sextortion type and are popular amongst cyber criminals. If you have not already received such an email, be aware that you might in future. They sometimes contain attached links that lead to various computer infections. In these cases, scammers invite recipients to watch a video or view an image before transferring payment. The video/photo is a download link (for example, Google Docs) that leads to a file, usually an archive that contains executables. When opened, these files download and install high-risk computer infections. Read more about sextortion email scams that proliferate viruses here.

How do spam campaigns infect computers?

Spam email campaigns (those that proliferate infections through attachments) cannot infect computers without users first opening the attachment or executing a malicious executable file. If the attached file is a Microsoft Office document, the downloaded malicious attachment will demand permission to enable macro commands. If enabled, these commands allow the infection to be downloaded/installed. Remember that infections proliferated through these malicious email attachments cannot do any harm unless they are opened.

How to avoid installation of malware?

Be careful with emails received from unknown or suspicious addresses, especially those that contain attachments or web links. If the email seems suspicious or irrelevant, ignore it. Do not use untrustworthy sources when downloading software - this includes various software downloaders, peer-to-peer networks, and so on. These are often used to promote rogue applications that might cause computer infections. Download and install software with care: check "Custom", "Advanced", and other settings of the download/installation setup. Deselect offers to uninstall unwanted apps and only then finish the process. Update your software using tools or implemented functions provided by official software developers, and not fake/unofficial updaters. Use newer versions of Microsoft Office (later than 2010), since these have "Protected View" mode that prevents malicious attachments from automatically downloading/installing malware or other computer infections. If you have already opened malicious attachments, we recommend running a scan with Spyhunter for Windows to automatically eliminate infiltrated malware.

Text presented in the first "Hidden Bomb In The Building" email message:

Subject: No need to be heroic

There is the bomb (Hexogen) in the building where your company is located. My recruited person assembled the bomb according to my instructions. It has small dimensions and it is covered up very carefully, it can not destroy the building structure, but there will be many victims if it explodes.
My mercenary is watching the situation around the building. If he sees any unusual behavior or policemen he will blow up the device.
I can call off my recruited person if you make a transfer. You transfer me 20.000 $ in BTC and the bomb will not detonate, but do not try to cheat -I ensure you that I have to withdraw my mercenary only after 3 confirmations in blockchain network.

Here is my Bitcoin address : 1Dnw2qJxGFCZdE3PzCaVioBB9zERc7SzRB

You have to pay me by the end of the workday. If you are late with the transaction explosive will detonate.
Nothing personal, if I do not receive the bitcoins and the explosive device explodes, other commercial enterprises will pay me a lot more, because this is not a single case.
For security and anonymity reasons, I wont visit this email account. I check my address every thirty minutes and if I receive the payment I will give the command to my person to leave your district.

If an explosion occurred and the authorities read this email:
We arent a terrorist society and do not take any responsibility for explosions in other buildings.

Screenshot of a second "Hidden Bomb In The Building" email:

hidden bomb in the building second email

Text presented in the second "Hidden Bomb In The Building" email message:

Subject: You don't have much time

There is the bomb (Hexogen) in the building where your company is located. My recruited person assembled the bomb according to my instructions. It has small dimensions and it is covered up very carefully, it can not destroy the building structure, but there will be many victims if it explodes.
My mercenary is watching the situation around the building. If he sees any unusual behavior or policemen he will blow up the device.
I can call off my recruited person if you make a transfer. You transfer me 20.000 $ in BTC and the bomb will not detonate, but do not try to cheat -I ensure you that I have to withdraw my mercenary only after 3 confirmations in blockchain network.

Here is my Bitcoin address : 1Dnw2qJxGFCZdE3PzCaVioBB9zERc7SzRB

You have to pay me by the end of the workday. If you are late with the transaction explosive will detonate.
Nothing personal, if I do not receive the bitcoins and the explosive device explodes, other commercial enterprises will pay me a lot more, because this is not a single case.
For security and anonymity reasons, I wont visit this email account. I check my address every thirty minutes and if I receive the payment I will give the command to my person to leave your district.

If an explosion occurred and the authorities read this email:
We arent a terrorist society and do not take any responsibility for explosions in other buildings.

Instant automatic removal of possible malware infections: Manual threat removal might be a lengthy and complicated process that requires advanced computer skills. Spyhunter is a professional automatic malware removal tool that is recommended to get rid of possible malware infections. Download it by clicking the button below:
▼ DOWNLOAD Spyhunter By downloading any software listed on this website you agree to our Privacy Policy and Terms of Use. Free scanner checks if your computer is infected. To remove malware, you have to purchase the full version of Spyhunter.

Quick menu:

How to remove malware manually?

Manual malware removal is a complicated task - usually it is best to allow antivirus or anti-malware programs to do this automatically. To remove this malware we recommend using Spyhunter for Windows. If you wish to remove malware manually, the first step is to identify the name of the malware that you are trying to remove. Here is an example of a suspicious program running on a user's computer:

malicious process running on user's computer sample

If you checked the list of programs running on your computer, for example, using task manager, and identified a program that looks suspicious, you should continue with these steps:

manual malware removal step 1 Download a program called Autoruns. This program shows auto-start applications, Registry, and file system locations:

screenshot of autoruns application

manual malware removal step 2Restart your computer into Safe Mode:

Windows XP and Windows 7 users: Start your computer in Safe Mode. Click Start, click Shut Down, click Restart, click OK. During your computer start process, press the F8 key on your keyboard multiple times until you see the Windows Advanced Option menu, and then select Safe Mode with Networking from the list.

Safe Mode with Networking

Video showing how to start Windows 7 in "Safe Mode with Networking":

Windows 8 users: Start Windows 8 is Safe Mode with Networking - Go to Windows 8 Start Screen, type Advanced, in the search results select Settings. Click Advanced startup options, in the opened "General PC Settings" window, select Advanced startup. Click the "Restart now" button. Your computer will now restart into the "Advanced Startup options menu". Click the "Troubleshoot" button, and then click the "Advanced options" button. In the advanced option screen, click "Startup settings". Click the "Restart" button. Your PC will restart into the Startup Settings screen. Press F5 to boot in Safe Mode with Networking.

Windows 8 Safe Mode with networking

Video showing how to start Windows 8 in "Safe Mode with Networking":

Windows 10 users: Click the Windows logo and select the Power icon. In the opened menu click "Restart" while holding "Shift" button on your keyboard. In the "choose an option" window click on the "Troubleshoot", next select "Advanced options". In the advanced options menu select "Startup Settings" and click on the "Restart" button. In the following window you should click the "F5" button on your keyboard. This will restart your operating system in safe mode with networking.

windows 10 safe mode with networking

Video showing how to start Windows 10 in "Safe Mode with Networking":

 

manual malware removal step 3Extract the downloaded archive and run the Autoruns.exe file.

extract autoruns.zip and run autoruns.exe

manual malware removal step 4In the Autoruns application, click "Options" at the top and uncheck the "Hide Empty Locations" and "Hide Windows Entries" options. After this procedure, click the "Refresh" icon.

Click 'Options' at the top and uncheck 'Hide Empty Locations' and 'Hide Windows Entries' options

manual malware removal step 5Check the list provided by the Autoruns application and locate the malware file that you want to eliminate.

You should write down its full path and name. Note that some malware hides process names under legitimate Windows process names. At this stage, it is very important to avoid removing system files. After you locate the suspicious program you wish to remove, right click your mouse over its name and choose "Delete".

locate the malware file you want to remove

After removing the malware through the Autoruns application (this ensures that the malware will not run automatically on the next system startup), you should search for the malware name on your computer. Be sure to enable hidden files and folders before proceeding. If you find the filename of the malware, be sure to remove it.

searching for malware file on your computer

Reboot your computer in normal mode. Following these steps should remove any malware from your computer. Note that manual threat removal requires advanced computer skills. If you do not have these skills, leave malware removal to antivirus and anti-malware programs. These steps might not work with advanced malware infections. As always it is best to prevent infection than try to remove malware later. To keep your computer safe, install the latest operating system updates and use antivirus software.

To be sure your computer is free of malware infections, we recommend scanning it with Spyhunter for Windows.