Bitcoin Extortion Password Scam


You may have recently received an email claiming hacking of your system where data, activity or login details were captured. The blackmailer then demands payment to a bitcoin address.

The emails that raise the most concern are the emails that contain user passwords. These passwords are normally collected from previous leaks where passwords were leaked or hacked.

We have recently recorded an increase in distribution of this email:


My nickname in darknet is keir43. I hacked this mailbox more than six months ago, through it I infected your operating system with a virus (trojan) created by me and have been monitoring you for a long time.

So, your password from <email address> is <password>

Even if you changed the password after that - it does not matter, my virus intercepted all the caching data on your computer and automatically saved access for me.

I have access to all your accounts, social networks, email, browsing history. Accordingly, I have the data of all your contacts, files from your computer, photos and videos.

I was most struck by the intimate content sites that you occasionally visit. You have a very wild imagination, I tell you!

During your pastime and entertainment there, I took screenshot through the camera of your device, synchronizing with what you are watching. Oh my god! You are so funny and excited!

I think that you do not want all your contacts to get these files, right? If you are of the same opinion, then I think that $802 is quite a fair price to destroy the dirt I created.

Send the above amount on my BTC wallet (bitcoin): <Bitcoin Walled Address> As soon as the above amount is received, I guarantee that the data will be deleted, I do not need it.

Otherwise, these files and history of visiting sites will get all your contacts from your device. Also, I'll send to everyone your contact access to your email and access logs, I have carefully saved it!

Since reading this letter you have 48 hours! After your reading this message, I'll receive an automatic notification that you have seen the letter.

I hope I taught you a good lesson. Do not be so nonchalant, please visit only to proven resources, and don't enter your passwords anywhere! Good luck!

What to do:

Most of these emails can be ignored, however if your email address and password has been previously leaked, it is advised to change your password on that site, and any other sites that use the same password.

Your passwords should be complex and unique, they should meet or exceed your company password policy requirements. In the absence of a complexity policy you can use this as a guide:

Strong passwords should comprise of a combination of:

  • 2 words, greater than 4 characters with at least 1 capital letter for each word

  • A 2 digit or greater number

  • At least one special character (!$%^&*()_+|-{}[]:<>?/)

It is recommended the password is created in the following format:

<Word><Number><Word><Special Characters>

Example passwords:




Poor, or weak, passwords have the following characteristics: 

  • Contain less than eight characters.

  • Can be found in a dictionary, including foreign language, or exist in a language slang, dialect, or jargon.

  • Contain personal information such as birthdates, addresses, phone numbers, or names of family members, pets, friends, and fantasy characters.

  • Contain work-related information such as building names, system commands, sites, companies, hardware, or software.

  • Contain number patterns such as aaabbb, qwerty, zyxwvuts, or 123321.

  • Contain common words spelled backward, or preceded or followed by a number (for example, terces, secret1 or 1secret).

  • Are some version of “Welcome123” “Password123” “Changeme123”

To check if your details were previously leaked, you can use this website:

if you are at all unsure, please feel free to call us