Avoid being scammed via Your device was infected with my private malware

Also Known As: possible malware infections
Distribution: Moderate
Damage level: Medium

"Your device was infected with my private malware" removal guide

What is "Your device was infected with my private malware"?

"Your device was infected with my private malware" is the name of a spam campaign, a scam that scammers use to trick people into paying them money. They threaten to share a non-existing video with other people if they will receive a certain amount of money in 72 hours. Emails of this type should never be trusted, people who received "Your device was infected with my private malware" or any other email of this kind should ignore it.

Your device was infected with my private malware spam campaign

The person behind this scam presents himself as a hacker and programmer, he claims that he got access to recipients email. In other words, he has hacked recipient's email account. He also claims that recipient's device is infected with some malware that gave him access to all accounts and allows to control the operating system remotely. He stole some private data and used computer's webcam to record a few videos. According to scammer, these videos were recorded while a recipient was "satisfying himself". He threatens to send these videos to all recipient's contacts, share them on darknet, social networks and so on. To avoid any of this from happening recipients are asked to pay $726 in Bitcoins, the money must be transferred in 72 hours after receiving this email. Transaction must be made to the provided BTC wallet address. As we mentioned in the first paragraph, this is just a scam and none of the claims should be taken seriously. Unfortunately, some people are not aware of such scams and still fall for them.

We receive a great deal of feedback from concerned users about this type of email scam. Here is the most popular question we receive (in this case, relating to a scam that claims to have obtained compromising videos or photos of the user):

Q: Hi pcrisk.com team, I received an email stating that my computer was hacked and they have a video of me. Now they are asking for a ransom in Bitcoins. I think this must be true because they listed my real name and password in the email. What should I do?

A: Do not worry about this email. Neither hackers nor cyber criminals have infiltrated/hacked your computer and there is no video of you watching pornography. Simply ignore the message and do not send any Bitcoins. Your email, name, and password was probably stolen from a compromised website such as Yahoo (these website breaches are common). If you are concerned, you can check if your accounts have been compromised by visiting the haveibeenpwned website.

Threat Summary:
Name Your device was infected with my private malware
Threat Type Phishing, Scam, Social Engineering, Fraud
Fake Claim Scammer claim that he has infected a computer with malware which allowed him to record compromising videos. He threatens to share those videos with other people if he will not be paid on time.
Ransom Size $726 in Bitcoins
Cyber Criminal Cryptowallet Address 14LYbckmC9gKJ6LR1JAWaKSsCojZfURbzH (Bitcoin)
Symptoms Unauthorized online purchases, changed online account passwords, identity theft, illegal access of one's computer.
Distribution methods Deceptive emails, rogue online pop-up ads, search engine poisoning techniques, misspelled domains.
Damage Loss of sensitive private information, monetary loss, identity theft.
Removal

To eliminate possible malware infections our malware researchers recommend scanning your computer with Spyhunter.
▼ Download Spyhunter
Free scanner checks if your computer is infected. To remove malware, you have to purchase the full version of Spyhunter.

More examples of similar scams are "ChaosCC hacker group", "The last time you visited a Porn website" and "Hacker who has access to your operating system". Scammers behind these scams might be claiming different things, however, all of them use them to swindle unsuspecting people from their money. Unfortunately, there are many scammers who use similar emails to infect computers with malicious programs. They attach malicious files and hope that recipients will open them. If opened, these files install malware like TrickBot, Hancitor, Emotet, FormBook or other high-risk malicious software.

How do spam campaigns infect computers?

Malicious files that cyber criminals attach to emails cannot infect computers if recipients do not open them. Typically, cyber criminals disguise their emails as important and official, attached files usually are various Microsoft Office or PDF documents, archives like ZIP, RAR, JavaScript files, executable files like .exe and so on. Once opened, they lead to downloads and/or installations of malware. For example, MS Office documents, if opened, first ask for a user's permission to enable macros commands. In other words, to enable editing. If such permission is given, then a malicious documents installs some high-risk malware (for example, ransomware). To sum up, computers are safe from damage that can be caused through emails as long as the attached files (or web links) are unopened.

How to avoid installation of malware?

All emails that are received from unknown, suspicious addresses should be crefully analyzed, especially if they contain web links or attachments. If there is a reason to think that an email should not be trusted, then the best option is to leave attached files or presented links unopened. Furthermore, we recommend to download software from official websites and use direct download links. Peer-to-Peer networks like torrent clients, eMule, unofficial websites, third party downloaders, and other tools of this kind should not be trusted. Installed software should be updated software through tools (or functions) that are provided by official software developers. Note, software 'cracking' tools that supposed to bypass paid activation of some program are not legal and often cause installation of some malware. Another useful thing is to use MS Office versions that are later than 2010. They have the "Protected View" mode which prevents malicious files from installing malware. Computers should be scanned for viruses regularly, it is recommended to use reputable anti-virus or ant-spyware programs for that. If you've already opened malicious attachments, we recommend running a scan with Spyhunter for Windows to automatically eliminate infiltrated malware.

Text presented in the "Your device was infected with my private malware" email letter:

Hi, I'm a hacker and programmer, I got access to your account -

Your device was infected with my private malware, because your browser wasn't updated / patched,
in such case it's enough to just visit some website where my iframe is placed to get automatically infected, if you want to find out more - Google: "Drive-by exploitH".

My malware gave me full access to all your accounts, full control over your OS and it was possible for me to spy on you over your webcam.

I collected all your private data, recorded few videos of you (through your webcam) and I RECORDED YOU SATISFYING YOURSELF!!!
I can publish all your private data everywhere, including the darknet, where the very sick people are and the videos of you,
send them to your contacts, post them on social network and everywhere else!

Only you can prevent me from doing this and only I can help you out, there are no traces left,
as I removed my malware after my job was done and this email(s) has been sent from some hacked server...

The only way to stop me, is to pay exactly 726$ in bitcoin (BTC).

It's a very good offer, compared to all that HORRIBLE shit that will happen if you don't pay!

You can easily buy bitcoin on the next services: paxful, coinbase or check for bitcoin ATM near you, or Google for other exchanger.
You can send the bitcoin directly to my wallet, or create your own wallet first here: blockchain com, then receive and send to mine.

My bitcoin wallet is: 14LYbckmC9gKJ6LR1JAWaKSsCojZfURbzH, 1MYJjmYScwmFfthAQNXWb5fhNMRVcAiZd
Copy and paste it, it's (cAsE-sEnSEtiVE)
You got 72 hours time.

As I got access to this email account, I will know if this email has been read.
If you get this email multiple times, it's to make sure that you read it, my mailer script is configured like this and after payment you can ignore it.
Please do not reply to this email. The sender's address is automatically generated to ensure that this email is received.

After receiving the payment, I remove all your data and you can life your live in peace like before.

Next time update your browser before browsing the web!

Instant automatic removal of possible malware infections: Manual threat removal might be a lengthy and complicated process that requires advanced computer skills. Spyhunter is a professional automatic malware removal tool that is recommended to get rid of possible malware infections. Download it by clicking the button below:
▼ DOWNLOAD Spyhunter By downloading any software listed on this website you agree to our Privacy Policy and Terms of Use. Free scanner checks if your computer is infected. To remove malware, you have to purchase the full version of Spyhunter.

Quick menu:

How to remove malware manually?

Manual malware removal is a complicated task, usually it's better to let antivirus or anti-malware programs do it automatically. To remove this malware we recommend using  Spyhunter for Windows. If you wish to remove malware manually, the first step is to identify the name of the malware that you are trying to remove. Here's an example of a suspicious program running on user's computer:

malicious process running on user's computer sample

If you checked the list of programs running on your computer, for example using task manager and identified a program that looks suspicious you should continue with these steps:

manual malware removal step 1 Download a program called Autoruns. This program shows auto-start applications, Registry and file system locations:

screenshot of autoruns application

manual malware removal step 2Restart your computer into Safe Mode:

Windows XP and Windows 7 users: Start your computer in Safe Mode. Click Start, click Shut Down, click Restart, click OK. During your computer start process, press the F8 key on your keyboard multiple times until you see the Windows Advanced Option menu, and then select Safe Mode with Networking from the list.

Safe Mode with Networking

Video showing how to start Windows 7 in "Safe Mode with Networking":

Windows 8 users: Start Windows 8 is Safe Mode with Networking - Go to Windows 8 Start Screen, type Advanced, in the search results select Settings. Click Advanced startup options, in the opened "General PC Settings" window, select Advanced startup. Click the "Restart now" button. Your computer will now restart into the "Advanced Startup options menu". Click the "Troubleshoot" button, and then click the "Advanced options" button. In the advanced option screen, click "Startup settings". Click the "Restart" button. Your PC will restart into the Startup Settings screen. Press F5 to boot in Safe Mode with Networking.

Windows 8 Safe Mode with networking

Video showing how to start Windows 8 in "Safe Mode with Networking":

Windows 10 users: Click the Windows logo and select the Power icon. In the opened menu click "Restart" while holding "Shift" button on your keyboard. In the "choose an option" window click on the "Troubleshoot", next select "Advanced options". In the advanced options menu select "Startup Settings" and click on the "Restart" button. In the following window you should click the "F5" button on your keyboard. This will restart your operating system in safe mode with networking.

windows 10 safe mode with networking

Video showing how to start Windows 10 in "Safe Mode with Networking":

 

manual malware removal step 3Extract the downloaded archive and run Autoruns.exe file.

extract autoruns.zip and run autoruns.exe

manual malware removal step 4In the Autoruns application click "Options" at the top and uncheck "Hide Empty Locations" and "Hide Windows Entries" options. After this procedure click the "Refresh" icon.

Click 'Options' at the top and uncheck 'Hide Empty Locations' and 'Hide Windows Entries' options

manual malware removal step 5Check the list provided by Autoruns application and locate the malware file that you want to eliminate.

You should write down it full path and name. Note that some malware hides their process names under legitimate Windows process names. At this stage it's very important to avoid removing system files. After you locate he suspicious program you want to remove right click your mouse over it's name and choose "Delete"

locate the malware file you want to remove

After removing the malware through Autoruns application (this ensures that the malware won't run automatically on the next system startup) you should search for the malware name on your computer. Be sure to enable hidden files and folders before proceeding. If you find the file of the malware be sure to remove it.

searching for malware file on your computer

Reboot your computer in normal mode. Following these steps should help remove any malware from your computer. Note that manual threat removal requires advanced computer skills, it's recommended to leave malware removal to antivirus and anti-malware programs. These steps might not work with advanced malware infections. As always it's better to avoid getting infected that try to remove malware afterwards. To keep your computer safe be sure to install latest operating system updates and use antivirus software.

To be sure your computer is free of malware infections we recommend scanning it with Spyhunter for Windows.

About the author:

Tomas Meskauskas

Tomas Meskauskas - expert security researcher, professional malware analyst.

I am passionate about computer security and technology. I have an experience of over 10 years working in various companies related to computer technical issue solving and Internet security. I have been working as an author and editor for pcrisk.com since 2010. Follow me on Twitter and LinkedIn to stay informed about the latest online security threats. Contact Tomas Meskauskas.

PCrisk security portal is brought by a company RCS LT. Joined forces of security researchers help educate computer users about the latest online security threats. More information about the company RCS LT.

Our malware removal guides are free. However, if you want to support us you can send us a donation.

Malware activity

Global virus and spyware activity level today:

Medium threat activity
Medium

Increased attack rate of infections detected within the last 24 hours.

QR Code
possible malware infections QR code
A QR code (Quick Response Code) is a machine-readable code which stores URLs and other information. This code can be read using a camera on a smartphone or a tablet. Scan this QR code to have an easy access removal guide of possible malware infections on your mobile device.
We Recommend:

Get rid of possible malware infections today:

▼ REMOVE IT NOW with Spyhunter

Platform: Windows

Editors' Rating for Spyhunter:
Editors ratingOutstanding!

[Back to Top]

Free scanner checks if your computer is infected. To remove malware, you have to purchase the full version of Spyhunter.