About the "Hacker who has access to your operating system" spam email campaign

Also Known As: possible malware infections
Distribution: Moderate
Damage level: Medium

"Hacker Who Has Access To Your Operating System" removal guide

What is "Hacker Who Has Access To Your Operating System"?

"Hacker Who Has Access To Your Operating System" is yet another spam email campaign that falls within the 'sextortion' category. Cyber criminals send hundreds of thousands of deceptive emails stating that they have hijacked the victim's computer and recorded a 'humiliating video'. In fact, this is merely a scam and such emails should be ignored.

Hacker Who Has Access To Your Operating System spam campaign

The message essentially states that cyber criminals have infected the computer with a trojan when the recipient was purportedly visiting an adult website. Criminals also state that they have used the hijacked computer's webcam and microphone to recorded a video of the recipient "pleasing himself" and have also stolen his contacts. These claims are followed by a threat/ransom demand. These people state that they will send the recorded video (together with the video that the recipient has supposedly watched) to all of the recipient's contacts, unless a ransom of $500 is paid. Recipients are instructed to pay the ransom within 50 hours and they must use the Bitcoin cryptocurrency. Once payment is received, the video will supposedly be permanently deleted. Be aware, however, that this is a scam. Your computer is probably virus-free and these people certainly have not recorded any video. Cyber criminals send these emails to many people hoping that some will fall for the scam. Unfortunately, many people do, and criminals generate revenue with minimum effort. Therefore, ignore "Hacker Who Has Access To Your Operating System" and other similar emails, and certainly do not send any money.

We receive a great deal of feedback from concerned users about this type of scam email. Here are the most popular questions we receive (in this case, relating to a scam claiming to have obtained compromising videos or photos of the user):

Q: Hi pcrisk.com team, I received an email stating that my computer was hacked and they have a video of me. Now they are asking for a ransom in Bitcoins. I think this must be true because they listed my real name and password in the email. What should I do?

A: Do not worry about this email. Neither hackers nor cyber criminals have infiltrated/hacked your computer and there is no video of you watching pornography. Simply ignore the message and do not send any Bitcoins. Your email, name, and password was probably stolen from a compromised website such as  Yahoo (these website breaches are common). If you are concerned, you can check if your accounts have been compromised by visiting the haveibeenpwned website.

Threat Summary:
Name Hacker Who Has Access To Your Operating System Email Scam
Threat Type Phishing, Scam, Social Engineering, Fraud
Fake Claim Criminals claim that they have humiliating material and attempt to blackmail victims.
Cyber Criminal Cryptowallet Address 3AvVjgoYfrtbbG2repDCdcLLMcjJ73jLqm (Bitcoin), 3GyUyLv6X6erPibUSavuuHGKzpDUWxNcCF (Bitcoin), 3391uBm42nTiHnjaeLqauuze57syqTk2zp (Bitcoin), 1AJ4syJxPPP7hYhURPiQUQMY4LurJgYvY8 (Bitcoin)
Size Of Ransom
$500
Symptoms Unauthorized online purchases, changed online account passwords, identity theft, illegal access of the computer.
Distribution methods Deceptive emails, rogue online pop-up ads, search engine poisoning techniques, misspelled domains.
Damage Loss of sensitive private information, monetary loss, identity theft.
Removal

To eliminate malware infections our security researchers recommend scanning your computer with Spyhunter.
▼ Download Spyhunter
Free scanner checks if your computer is infected. To remove malware, you have to purchase the full version of Spyhunter.

There are many spam email campaigns similar to "Hacker Who Has Access To Your Operating System". The list of examples includes "You Certainly Do Not Know Me", "Looked At You For Several Months", and "So I'm The Hacker Who Broke Your Email". Note that 'sextortion' is not the only type of spam campaign. Criminals also use this tactic to spread high-risk malware (e.g., TrickBot, Hancitor, Emotet, FormBook, etc.). They send deceptive emails that contain malicious attachments (typically, Microsoft Office documents) and messages encouraging recipients to open the attached files. Opening them results in malware infection.

How do spam campaigns infect computers?

For spam email campaigns to be successful, user interaction is required. Cyber criminals send emails containing malicious attachments and messages encouraging recipients to open them. These attachments might be presented as important documents in attempts to give the impression of legitimacy and increase the chance of tricking recipients. In most cases, they come in format of Microsoft Office documents (e.g., Excel, Word, and other similar files), which infect computers using malicious macro commands, however, they might also be PDF documents, archive, links, and so on. In any case, these attachments are harmless, unless they are opened. The main reasons for these computer infections are poor knowledge of the threats and careless behavior.

How to avoid installation of malware?

To prevent this situation, be very cautious when browsing the Internet and downloading/installing/updating software. Handle all email attachments with care. Files/links receipts from suspicious/unrecognizable email addresses should never be opened. Furthermore, download programs from official sources only, preferably using direct download links. Third party downloaders/installers often include rogue apps, and thus these tools should not be used. Carefully analyze each window of the download/installation dialogs using the "Custom" or "Advanced" settings. Opt-out of all additionally-included programs and decline offers to download/install them. Keep installed applications and operating systems up-to-date, however, use implemented functions or tools provided by the official developer only. Bear in mind that older versions of Microsoft Office are vulnerable to malware attacks. 2010 and later versions have "Protected View" mode, which prevents newly-downloaded documents from executing rogue macros and downloading/installing malicious software. Therefore, we strongly advise you to avoid using older versions of MS Word. The key to computer safety is caution. If you have already opened malicious attachments, we recommend running a scan with Spyhunter for Windows to automatically eliminate infiltrated malware.

Text presented in the "Hacker Who Has Access To Your Operating System" email message:

Subject: Security Alert. Your accounts were hacked by a criminal group.

Hello!

I am a hacker who has access to your operating system.
I also have full access to your account.

I've been watching you for a few months now.
The fact is that you were infected with malware through an adult site that you visited.

If you are not familiar with this, I will explain.
Trojan Virus gives me full access and control over a computer or other device.
This means that I can see everything on your screen, turn on the camera and microphone, but you do not know about it.

I also have access to all your contacts and all your correspondence.

Why your antivirus did not detect malware?
Answer: My malware uses the driver, I update its signatures every 4 hours so that your antivirus is silent.

I made a video showing how you satisfy yourself in the left half of the screen, and in the right half you see the video that you watched.
With one click of the mouse, I can send this video to all your emails and contacts on social networks.
I can also post access to all your e-mail correspondence and messengers that you use.

If you want to prevent this,
transfer the amount of $500 to my bitcoin address (if you do not know how to do this, write to Google: "Buy Bitcoin").

My bitcoin address (BTC Wallet) is:  3AvVjgoYfrtbbG2repDCdcLLMcjJ73jLqm, 395wdUpmkEG6iPdCguKCqYJR5UkpdWm5Wk, 3HnDpvc9mXTcmAePPCaU3q82egxP8p5P6G, 3JgjbyQJcymqApzph5EWDQdH8cNphXFZKu, 3NmUUGnYGkMn2hAi9L8sd5J4okWjq3mZNe, 1ELKdWgfedTJ9FV4U5W2JVXFzTpKSqcCjM, 3HxqrQmEffcMZo5cgNqRXwD3dw5LCYSx7K, 1ANFoTP6ETjBfL6o3ZhJm1jag1x1KAbAxZ, 37yLxF7mM7h3KiDvqWh88wm1VjFvemDYpf, 358MfWU8MctxPJhFBiNpsdGtxDtHixTi8r, 3AVitbSbsDWRyda9JNs8avrjhq2ZN7uCMy, 15Q5a6gHDaAtqFE3uEhfAhY8PqJiaw94vT, 3FL1txfM4knPnySJHiXAsK91cnmEXHGemv, 1CMBC1Mj86GHmbwzcMMP8xUe1hQTwk4Ds7, 1Ji2K8EVzxDRnpuXts1kKAjMwTrV2LTnRS, 3QikbxiTy7cWH7ZGZbLQYANxZA2MZHmmDs, 3JPdsEkcxv715Th7hN7fgoUYds22xBaPno, 1Niyhcqd8MNT8tpRs8gK6Ho3V8fJy2wbF, 1FErgudo2nCpuu9XSLJkSiqQBy62N1weiy, 1NvwQchudHai3KcqDkwTGgNzHK9YrWHzV6, 1AfwxZ8nYzwEzME39PuqVZU7Mn73XxQTqq, 17nhAbZGm4UmSVj5Zx8amwAbjVXcxGtEAz, 1ipEif9Roe3DjboppZ99mswU6r7Y1puUi, 1Dg5UsxMEG41TC3i9ugxcFV6cVtz8cpfXE, 1DpfAYoWGpTprX3cRg6mnUuYqNm3eXiR4F, 1BcpAGfamAy81enJtHahKedaWx1yATTXT7, 1KUknkh9bC4TPUoPXv4SnKdib8RAnUXDGw, 1G3UXmDBoeRvU3D2tGmGGU7fpCAEY1dBQV, 18Jro9LNFqBQarcc63WYGf3w7PdDAiwXpk

After receiving the payment, I will delete the video and you will never hear me again.
I give you 50 hours (more than 2 days) to pay.
I have a notice reading this letter, and the timer will work when you see this letter.

Filing a complaint somewhere does not make sense because this email cannot be tracked like my bitcoin address.
I do not make any mistakes.

If I find that you have shared this message with someone else, the video will be immediately distributed.

Best regards!

Another variant of "Hacker Who Has Access To Your Operating System" spam campaign:

Hacker Who Has Access To Your Operating System spam campaign (sample 2)

Text presented within this email (in order to avoid spam email filters hackers use letter look-alike symbols):

Subject: Cåutíøň! åttåck håckěřs tø yøuř åccøuňt!

 

Hěllø!

Í åm å håcker whø hås åccess tø =øür øpěråtíng systěm.
Í ålsø håvě full åccěss tø =øür åccøüňt.

Í'vě běěn wåtchíng yøü før =#229; fěw mønths nøw.
Thě fåct ís thåt yøü wěrě =#237;nfěctěd wíth målwårě =hrøügh ån ådült sítě thåt =øü vísítěd.

Íf yøü årě nøt =åmílíår wíth thís, Í wíll =#283;xplåín.
Trøjån Vírüs gívěs mě füll =#229;ccěss ånd cøntrøl øvěr å =ømpütěr ør øthěr =ěvícě.
Thís měåns thåt Í cån sěě =#283;věrythíng øn yøür scrěěn, =ürn øn thě cåměrå ånd =ícrøphøně, büt yøü dø nøt =nøw åbøüt ít.

Í ålsø håvě åccěss tø åll =øür cøntåcts ånd åll yøür =ørrěspønděncě.

Why yøür åntívírüs díd nøt =etěct målwårě?
Ånswěr: My målwårě üsěs thě =rívěr, Í üpdåtě íts =ígnåtürěs ěvěry 4 høürs sø =håt yøür åntívírüs ís =ílěnt.

Í mådě å víděø shøwíng =øw yøü såtísfy yøürsělf ín =hě lěft hålf øf thě scrěěn, ånd =#237;n thě ríght hålf yøü sěe thě =íděø thåt yøü wåtchěd. =íth øně clíck øf thě =øüsě,
Í cån sěnd thís víděø tø =#229;ll yøür ěmåíls ånd =øntåcts øn søcíål nětwørks. =#205; cån ålsø pøst åccěss tø =#229;ll yøür ě-måíl =ørrěspønděncě ånd =ěssěngěrs thåt yøü üsě.

Íf yøü wånt tø prěvěnt thís, =rånsfěr thě åmøünt øf $1500(USD) =ø my bítcøín åddrěss (íf =øü dø nøt knøw høw tø dø =hís, wrítě tø Gøøglě: 'Büy =ítcøín').

My bítcøín åddrěss (BŤC Wållět) =#237;s: 19A5rdrxb4MREtyGWo944uRoNDBxBPNNG8, 1KVX9hCnQ9MfSoEFyxqAXGFXdTFNyzD22n, 1DFJ43RgsMWuUBEZymeGUvExXbmYqct5Z3, 15mQnofT3UUCAdVmaZgw3FwKRwNb7WAVai, 1heepxWduq4DKcH1jx9oAVEvjamZEJcmr, 15WupGihVvzTTPxyzvAjbmZnwmHdFHtWtv, 1GnWLzR2SWvnpPkcRk6PTZ9zQ1te9bdopr

Åftěr rěcěívíng thě =åyměnt, Í wíll dělětě thě =íděø ånd yøü wíll něvěr =ěår mě ågåín.
Í gívě yøü 48 høürs tø =åy.
Í håvě å nøtícě =ěådíng thís lěttěr, ånd thě =íměr wíll wørk whěn yøü =ěě thís lěttěr.
Fílíng å cømplåínt =øměwhěrě døěs nøt måkě =ěnsě běcåüsě thís =#283;måíl cånnøt bě tråckěd =íkě my bítcøín åddrěss.
Í dø nøt måkě åny =íståkěs.

Íf Í fínd thåt yøü håvě =hårěd thís měssågě wíth =øměøně ělse, thě víděø =íll bě ímmědíåtěly =ístríbütěd.

Běst rěgårds!

Yet another variant of this email spam campaign:

Hacker Who Has Access To Your Operating System Email Scam (February 17, 2020)

Text presented within this email:

Subject: Your PC has been Hacked!

Hello My friend,
I am a hacker who has access to your operating system. I also have full access to your accounts, email (*****), phone contacts, etc

I've been watching you for a few months now. The fact is that you were infected with malware through an adult site that you visited.

If you are not familiar with this, I will explain. Trojan Virus gives me full access and control over a computer and other devices, this means that I can see everything on your screen, turn on the camera and microphone, but you do not know about it.

I also have access to all your contacts and all your correspondence. Why your antivirus did not detect malware? Answer: My malware uses the driver, I update its signatures every 4 hours so that your antivirus is silent.

I have crazy videos of you satisfying yourself, I can send this video to all your emails and contacts on social networks. I can also post access to all your e-mail correspondence and messengers that you use.

If you want to prevent this, transfer the amount of $1500 to my bitcoin address (if you do not know how to do this, search Youtube or Google it "Buy Bitcoin").

My bitcoin address (BTC Wallet) is: 1HtSWihs3EnNS7zGavPhPx2bF5s2igtxsG, 1LFkUg9nWmZEBYMxzizXpHXfyy5CRvmzaA

After receiving the payment, I will delete the video and you will never hear from me again. I give you 48 hours (2 days) to pay. I have a notice reading this letter, and the timer will work when you see this letter.

Filing a complaint somewhere does not make sense because this email cannot be tracked like my bitcoin address. I do not make any mistakes.

If I find out that you have shared this message with someone else, the video will be immediately distributed.

NOTE: REMEMBER TO RECONFIRM THE BITCOIN ADDRESS WITH ME BEFORE MAKING PAYMENT TO AVOID MAKING PAYMENT TWICE. (dyeed23@gmail.com)

Best Regards!

Yet another variant of "Hacker Who Has Access To Your Operating System" email spam (written in French language):

Hacker Who Has Access To Your Operating System email scam French variant

Text presented within this email:

Subject: MESSAGE URGENT: RÉPONSE MAINTENANT


This message has been analyzed and no issues were discovered.


salut!

Je suis un hacker qui a accès à votre système d'exploitation.
J'ai également un accès complet à votre compte.
Je vous surveille depuis quelques mois maintenant.
Le fait est que vous avez été infecté par un logiciel malveillant via un site pour adultes que vous avez visité.

Si vous n'êtes pas familier avec cela, je vais vous expliquer.
Trojan Virus me donne un accès et un contrôle complets sur un ordinateur ou un autre appareil.
Cela signifie que je peux tout voir sur votre écran, allumer l'appareil photo et le microphone, mais vous ne le savez pas.

J'ai également accès à tous vos contacts et à toute votre correspondance.

Pourquoi votre antivirus n'a pas détecté de malware?
Réponse: Mon malware utilise le pilote, je mets à jour ses signatures toutes les 4 heures pour que votre antivirus soit silencieux.

J'ai fait une vidéo montrant comment vous vous contentez dans la moitié gauche de l'écran, et dans la moitié droite vous voyez la vidéo que vous avez regardée.
En un clic de souris, je peux envoyer cette vidéo à tous vos emails et contacts sur les réseaux sociaux.
Je peux également publier l'accès à tous vos courriers électroniques et messagers que vous utilisez.
Mais ne vous inquiétez pas trop, nous pouvons résoudre ce problème de confidentialité. Tout ce dont nous avons besoin, c'est d'un paiement Bitcoin de £3,960.00 GBP, ce qui, à mon avis, est un juste prix compte tenu des circonstances.

L'adresse Bitcoin pour effectuer le paiement est: 17MjmyNpSeyUfC88wYtHduMLgZ4Yy34A8A

REMARQUE: N'OUBLIEZ PAS DE RECONFIRMER L'ADRESSE BITCOIN AVEC NOUS AVANT DE FAIRE LE PAIEMENT POUR ÉVITER DE FAIRE LE PAIEMENT DEUX FOIS.

Si vous ne comprenez pas le bitcoin, allez sur YouTube et recherchez «comment acheter du bitcoin» ou google pour des «bitcoins locaux», c'est assez facile à faire.

Après avoir reçu le paiement, je supprimerai la vidéo et vous n'entendrez plus jamais parler de nous.
Je vous donne 48 heures pour payer. J'ai un avis de lecture de cette lettre, et la minuterie fonctionnera lorsque vous verrez cette lettre.

Déposer une plainte quelque part n'a pas de sens car cet e-mail ne peut pas être suivi comme mon adresse bitcoin.
Je ne fais aucune erreur.
Si je trouve que vous avez partagé ce message avec quelqu'un d'autre, la vidéo sera immédiatement distribuée.

Répondez uniquement pour reconfirmer l'adresse Bitcoin pour le paiement ou vous avez des questions sur le paiement, puis cliquez sur répondre. N'essayez pas de me contacter car j'utilise un e-mail de victime piraté et exposé.

Another variant of "Hacker Who Has Access To Your Operating System" scam email:

Hacker Who Has Access To Your Operating System scam email

Text presented within this email:

Subject: According to our security service, your account has been hacked. Change your password immediately.

Hi!

I'm a hacker who hacked your operating system a few months ago.

This means that I have full access to your account:
At the time of hacking your account(*******) had this password: pcriskas

You can say: this is my, but old password!
Or: I can change my password at any time!

Of course! You will be right,
but the fact is that when you change the password, my malicious code every time saved a new one!

I've been watching you for a few months now.
But the fact is that you were infected with malware through an adult site that you visited.

If you are not familiar with this, I will explain.
Trojan Virus gives me full access and control over a computer or other device.
This means that I can see everything on your screen, turn on the camera and microphone, but you do not know about it.

I also have access to all your contacts and all your correspondence from e-mail and messangers.

Why your antivirus did not detect my malware?
Answer: My malware uses the driver, I update its signatures every 4 hours so that your antivirus is silent.

I made a video showing how you masturbate in the left half of the screen, and in the right half you see the video that you watched.
With one click of the mouse, I can send this video to all your emails and contacts on social networks. I can also post access to all your e-mail correspondence and messengers that you use.

If you want to prevent this, transfer the amount of $950 to my bitcoin address (if you do not know how to do this, write to Google: "Buy Bitcoin").

My bitcoin address (BTC Wallet) is: 1AJ4syJxPPP7hYhURPiQUQMY4LurJgYvY8

After receiving the payment, I will delete the video and you will never hear me again.
I give you 48 hours to pay.
I have a notice reading this letter, and the timer will work when you see this letter.

Filing a complaint somewhere does not make sense because this email cannot be tracked like my bitcoin address.
I do not make any mistakes.

If I find that you have shared this message with someone else, the video will be immediately distributed.
Bye!

Yet another variant of "Hacker Who Has Access To Your Operating System" scam email (written in Portuguese language):

Portuguese variant of Hacker Who Has Access To Your Operating System email scam

Text presented within this email:

Subject: De acordo com nosso serviço de segurança, sua conta foi invadida. Mude sua senha imediatamente.

Olá!

Eu sou um hacker que tem acesso ao seu sistema operacional.
Eu também tenho acesso total à sua conta.

Estou observando você há alguns meses agora.
O fato é que você foi infectado por malware através de um site adulto que você visitou.

Se você não está familiarizado com isso, vou explicar.
O Trojan Virus me dá acesso total e controle sobre um computador ou outro dispositivo.
Isso significa que eu posso ver tudo em sua tela, ligue a câmera e microfone, mas você não sabe sobre isso.

Eu também tenho acesso a todos os seus contatos e toda a sua correspondência.

Por que seu antivírus não detectou malware?
Responda: Meu malware usa o driver, eu atualizo suas assinaturas a cada 4 horas para que seu antivírus seja silencioso.

Eu fiz um vídeo mostrando como você se masturba na metade esquerda da tela, e na metade direita você vê o vídeo que estava assistindo.
Com um clique do mouse, posso enviar este vídeo para todos os seus e-mails e contatos em redes sociais.
Eu também posso postar acesso a toda a sua correspondência de e-mail e mensageiros que você usa.

Se você quiser evitar isso,
transferir o montante de $650 para o meu endereço bitcoin (se você não sabe como fazer isso, escreva para o Google: "Buy Bitcoin").

O meu endereço bitcoin (carteira BTC) é: 1993DD32oRbnfqJjUVm2xvkdw1g28bBjnz

Depois de receber o pagamento, eu vou apagar o vídeo e você nunca mais vai me ouvir novamente.
Dou-lhe 50 horas (mais de 2 dias) para pagar.
Eu tenho um aviso lendo esta carta, e o temporizador vai funcionar quando você vir esta carta.

Arquivar uma reclamação em algum lugar não faz sentido porque este e-mail não pode ser rastreado como meu endereço bitcoin.
Eu não cometo nenhum erro.

Se eu descobrir que você compartilhou esta mensagem com outra pessoa, o vídeo será imediatamente distribuído.

Com os melhores cumprimentos!

Another Portuguese variant of "Hacker Who Has Access To Your Operating System" scam email:

Portuguese variant of Hacker Who Has Access To Your Operating System email scam

Text presented within this email:

Subject: RESPONDA E SALVAR

Olá
 
Eu sou um hacker que tem acesso ao seu sistema operacional.
Eu também tenho acesso total à sua conta.
Estou observando você há alguns meses agora.
O fato é que você foi infectado por malware através de um site adulto que você visitou.
Se você não estiver familiarizado com isso, vou explicar.
O vírus Trojan me dá acesso e controle completos sobre um computador ou outro dispositivo.
Isso significa que eu posso ver tudo na tela, ligar a câmera e o microfone, mas você não sabe disso.
Eu também tenho acesso a todos os seus contatos e toda a sua correspondência.
Por que seu antivírus não detectou malware?
Resposta: Meu malware usa o driver, atualizo suas assinaturas a cada 4 horas para que seu antivírus fique silencioso.
Fiz um vídeo mostrando como você se satisfaz na metade esquerda da tela e na metade direita você vê o vídeo que assistiu.
Com um clique do mouse, posso enviar este vídeo para todos os seus e-mails e contatos nas redes sociais.
Também posso postar acesso a todas as suas correspondências por email e mensageiros que você usa.
Começaremos informando seu parceiro sobre suas atividades de trapaça.
Mas não se preocupe, há uma maneira de corrigir esse problema de privacidade. Tudo o que exigimos é um pagamento em Bitcoin de £1,960.00 GBP, o que eu acho que é um preço justo, considerando as circunstâncias.
O endereço do Bitcoin para efetuar o pagamento é: 1A2Cp1YhQARg8TWDTwaud6bYnDX9nJXHWi
NOTA: Lembre-se de reconfirmar o endereço de Bitcoin conosco antes de fazer o pagamento para evitar fazer o pagamento duas vezes.
Se você não entende o bitcoin, acesse o YouTube e procure por "como comprar bitcoin" ou o google por "bitcoins locais", é muito fácil fazê-lo.
Depois de receber o pagamento, excluirei o vídeo e você nunca mais receberá notícias nossas.
Eu te dou 48 horas para pagar. Tenho um aviso lendo esta carta, e o cronômetro funcionará quando você vir essa carta.
Registrar uma reclamação em algum lugar não faz sentido, porque este email não pode ser rastreado como meu endereço de bitcoin.
Eu não cometo erros.
Se descobrir que você compartilhou esta mensagem com outra pessoa, o vídeo será imediatamente distribuído.
Responda apenas para reconfirmar o endereço do Bitcoin para pagamento ou se você tiver dúvidas sobre como efetuar o pagamento, clique em responder. Não tente entrar em contato comigo porque estou usando um e-mail de vítima que foi invadido e exposto.

Another French variant of "Hacker Who Has Access To Your Operating System" scam email:

French variant of Hacker Who Has Access To Your Operating System email scam

Text presented within this email:

Subject: RÉPONDRE ET SAUVEZ-VOUS

Bonjour
Je suis un pirate qui a accès à votre système d'exploitation.
J'ai également un accès complet à votre compte.
Je vous surveille depuis quelques mois maintenant.
Le fait est que vous avez été infecté par un logiciel malveillant via un site pour adultes que vous avez visité.
Si vous n'êtes pas familier avec cela, je vais vous expliquer.
Trojan Virus me donne un accès et un contrôle complets sur un ordinateur ou un autre appareil.
Cela signifie que je peux tout voir sur votre écran, allumer l'appareil photo et le microphone, mais vous ne le savez pas.
J'ai également accès à tous vos contacts et à toute votre correspondance.
Pourquoi votre antivirus n'a pas détecté de malware?
Réponse: Mon malware utilise le pilote, je mets à jour ses signatures toutes les 4 heures pour que votre antivirus soit silencieux.
J'ai fait une vidéo montrant comment vous vous contentez dans la moitié gauche de l'écran, et dans la moitié droite vous voyez la vidéo que vous avez regardée.
En un clic de souris, je peux envoyer cette vidéo à tous vos emails et contacts sur les réseaux sociaux.
Je peux également publier l'accès à tous vos courriers électroniques et messagers que vous utilisez.
Nous commencerons par parler à votre partenaire de vos activités de triche.
Mais ne vous inquiétez pas trop, nous pouvons résoudre ce problème de confidentialité. Tout ce dont nous avons besoin, c'est d'un paiement Bitcoin de £2,960.00 GBP qui, je pense, est un prix équitable compte tenu des circonstances.
L'adresse Bitcoin pour effectuer le paiement est: 1LyGPvceq88uSPYkS6gkmuBLz1AAetqTFx
REMARQUE: N'OUBLIEZ PAS DE RECONFIRMER L'ADRESSE BITCOIN AVEC NOUS AVANT DE FAIRE LE PAIEMENT POUR ÉVITER DE FAIRE LE PAIEMENT DEUX FOIS.
Si vous ne comprenez pas le bitcoin, allez sur YouTube et recherchez «comment acheter du bitcoin» ou google pour des «bitcoins locaux», c'est assez facile à faire.
Après avoir reçu le paiement, je supprimerai la vidéo et vous n'entendrez plus jamais parler de nous.
Je vous donne 48 heures pour payer. J'ai un avis de lecture de cette lettre, et la minuterie fonctionnera lorsque vous verrez cette lettre.
Déposer une plainte quelque part n'a pas de sens car cet e-mail ne peut pas être suivi comme mon adresse bitcoin.
Je ne fais aucune erreur.
Si je trouve que vous avez partagé ce message avec quelqu'un d'autre, la vidéo sera immédiatement distribuée.
Répondez uniquement pour reconfirmer l'adresse Bitcoin pour le paiement ou vous avez des questions sur le paiement, puis cliquez sur répondre. N'essayez pas de me contacter car j'utilise un e-mail de victime piraté et exposé.

A Russian variant of "Hacker Who Has Access To Your Operating System" email scam:

Hacker Who Has Access To Your Operating System russian scam email

Text presented within this email:

Subject: Срочное обращение службы безопасности. Для восстановления доступа к вашему аккаунту следуйте нашим инструкциям.

3дрaвcтвуйте!

Я прогрaмми́cт, кoторый взломaл 0С вaшeго уcтройcтвa.

Я нaблюдaю зa вaми́ ужe неcколько мecяцев.
Дело в том, что вы были́ зaрaжены вредоноcным П0 черeз caйт для взроcлых, который вы поcети́ли́.

Еcли́ вы не знaкомы c эти́м, я объяcню.
Троянcки́й ви́руc дaет мне полный доcтуп и́ контроль нaд компьютером и́ли́ любым други́м уcтройcтвом.
Это ознaчaет, что я могу ви́деть вcе нa вaшем экрaне, включи́ть кaмеру и́ ми́крoфон, но вы нe знaетe oб этом.

У меня тaкже еcть доcтуп ко вcем вaши́м контaктaм, дaнным по cоци́aльным cетям и́ вcей вaшей пeрепи́cке.

Почему вaш aнти́ви́руc не обнaружи́л вредоноcное ПO?
Ответ: Моя вредоноcнaя прогрaммa и́cпользует дрaйвер, я обновляю его cи́гнaтуры кaждые 4 чaca, чтобы вaш aнти́ви́руc молчaл.

Я cделaл ви́део, покaзывaющее, кaк вы удовлетвoряeте cебя в левой полови́не экрaнa, a в прaвой полoви́не вы ви́ди́те ви́део, которое вы cмотрели́.
одни́м щелчком мыши́ я могу отпрaви́ть это ви́део нa вcе вaши́ контaкты и́з почты и́ cоци́aльных ceтей.
Я тaкже могу oпубли́ковaть доcтуп ко вcей вaшей электронной почте и́ меccенджерaм, которые вы и́cпользуете.

еcли́ вы хoти́те предoтврaти́ть это, тo:
Перeвeди́те 500$(USD) нa мой би́ткoи́н-кошeлек (еcли́ вы не знaете кaк это cделaть, то нaпи́ши́те в Google: "Купи́ть би́ткойн").

Мой би́ткойн-кошелек (BTC Wallet): 13Wz36TzbjskL6VohwCPpCFqRJBps2YpHC

Пocле пoлучени́я оплaты я удaлю ви́деo, и́ вы ни́когдa меня бoльше не уcлыши́те.
Я дaю вaм 50 чacов (более двух дней) для оплaты.
У меня еcть уведомлени́е о прочтени́и́ этого пи́cьмa, и́ тaймер cрaботaет, когдa вы уви́ди́те это пи́cьмо.

Не пытaйтеcь мне отвечaть. Это беccмыcленно (aдреc отпрaви́теля генери́руетcя aвтомaти́чеcки́).
Подaчa жaлобы кудa-ли́бо не и́меет cмыcлa, потому что это пи́cьмо не может быть отcлежено, кaк и́ мой би́ткойн-aдреc.
Я не делaю оши́бок.

Еcли́ я обнaружу, что вы подели́ли́cь эти́м coобщени́eм c кем-то eще, ви́дeо будет нeмедленно рacпроcтрaнeно.

Удачи́!

Instant automatic malware removal: Manual threat removal might be a lengthy and complicated process that requires advanced computer skills. Spyhunter is a professional automatic malware removal tool that is recommended to get rid of malware. Download it by clicking the button below:
▼ DOWNLOAD Spyhunter By downloading any software listed on this website you agree to our Privacy Policy and Terms of Use. Free scanner checks if your computer is infected. To remove malware, you have to purchase the full version of Spyhunter.

Quick menu:

How to remove malware manually?

Manual malware removal is a complicated task - usually it is best to allow antivirus or anti-malware programs to do this automatically. To remove this malware we recommend using Spyhunter for Windows. If you wish to remove malware manually, the first step is to identify the name of the malware that you are trying to remove. Here is an example of a suspicious program running on a user's computer:

malicious process running on user's computer sample

If you checked the list of programs running on your computer, for example, using task manager, and identified a program that looks suspicious, you should continue with these steps:

manual malware removal step 1 Download a program called Autoruns. This program shows auto-start applications, Registry, and file system locations:

screenshot of autoruns application

manual malware removal step 2Restart your computer into Safe Mode:

Windows XP and Windows 7 users: Start your computer in Safe Mode. Click Start, click Shut Down, click Restart, click OK. During your computer start process, press the F8 key on your keyboard multiple times until you see the Windows Advanced Option menu, and then select Safe Mode with Networking from the list.

Safe Mode with Networking

Video showing how to start Windows 7 in "Safe Mode with Networking":

Windows 8 users: Start Windows 8 is Safe Mode with Networking - Go to Windows 8 Start Screen, type Advanced, in the search results select Settings. Click Advanced startup options, in the opened "General PC Settings" window, select Advanced startup. Click the "Restart now" button. Your computer will now restart into the "Advanced Startup options menu". Click the "Troubleshoot" button, and then click the "Advanced options" button. In the advanced option screen, click "Startup settings". Click the "Restart" button. Your PC will restart into the Startup Settings screen. Press F5 to boot in Safe Mode with Networking.

Windows 8 Safe Mode with networking

Video showing how to start Windows 8 in "Safe Mode with Networking":

Windows 10 users: Click the Windows logo and select the Power icon. In the opened menu click "Restart" while holding "Shift" button on your keyboard. In the "choose an option" window click on the "Troubleshoot", next select "Advanced options". In the advanced options menu select "Startup Settings" and click on the "Restart" button. In the following window you should click the "F5" button on your keyboard. This will restart your operating system in safe mode with networking.

windows 10 safe mode with networking

Video showing how to start Windows 10 in "Safe Mode with Networking":

 

manual malware removal step 3Extract the downloaded archive and run the Autoruns.exe file.

extract autoruns.zip and run autoruns.exe

manual malware removal step 4In the Autoruns application, click "Options" at the top and uncheck the "Hide Empty Locations" and "Hide Windows Entries" options. After this procedure, click the "Refresh" icon.

Click 'Options' at the top and uncheck 'Hide Empty Locations' and 'Hide Windows Entries' options

manual malware removal step 5Check the list provided by the Autoruns application and locate the malware file that you want to eliminate.

You should write down its full path and name. Note that some malware hides process names under legitimate Windows process names. At this stage, it is very important to avoid removing system files. After you locate the suspicious program you wish to remove, right click your mouse over its name and choose "Delete".

locate the malware file you want to remove

After removing the malware through the Autoruns application (this ensures that the malware will not run automatically on the next system startup), you should search for the malware name on your computer. Be sure to enable hidden files and folders before proceeding. If you find the filename of the malware, be sure to remove it.

searching for malware file on your computer

Reboot your computer in normal mode. Following these steps should remove any malware from your computer. Note that manual threat removal requires advanced computer skills. If you do not have these skills, leave malware removal to antivirus and anti-malware programs. These steps might not work with advanced malware infections. As always it is best to prevent infection than try to remove malware later. To keep your computer safe, install the latest operating system updates and use antivirus software.

To be sure your computer is free of malware infections, we recommend scanning it with Spyhunter for Windows.

About the author:

Tomas Meskauskas

Tomas Meskauskas - expert security researcher, professional malware analyst.

I am passionate about computer security and technology. I have an experience of over 10 years working in various companies related to computer technical issue solving and Internet security. I have been working as an author and editor for pcrisk.com since 2010. Follow me on Twitter and LinkedIn to stay informed about the latest online security threats. Contact Tomas Meskauskas.

PCrisk security portal is brought by a company RCS LT. Joined forces of security researchers help educate computer users about the latest online security threats. More information about the company RCS LT.

Our malware removal guides are free. However, if you want to support us you can send us a donation.

Removal Instructions in other languages
Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

QR Code
possible malware infections QR code
A QR code (Quick Response Code) is a machine-readable code which stores URLs and other information. This code can be read using a camera on a smartphone or a tablet. Scan this QR code to have an easy access removal guide of possible malware infections on your mobile device.
We Recommend:

Get rid of Windows malware infections today:

▼ REMOVE IT NOW
Download Spyhunter

Platform: Windows

Editors' Rating for Spyhunter:
Editors ratingOutstanding!

[Back to Top]

Free scanner checks if your computer is infected. To remove malware, you have to purchase the full version of Spyhunter.