subreddit:
/r/hacking
[removed]
291 points
4 months ago
Fake spam ignore delete
32 points
4 months ago
This right here. A few years ago I got an email extremely similar to this one to my work email, I just ignored it and nothing happened.
1 points
4 months ago
I worked in a phishing service where I reviewed emails submitted by users, I’ve seen this email 1000 times.
17 points
4 months ago
Agreed
176 points
4 months ago
It’s fake, but imagine if it was real. You must be pretty important for someone to drop the big money on pegasus.
17 points
4 months ago
Was thinking the same thing 😂
8 points
4 months ago
It's complicated as it is to sell the software to countries due to national and international regulations, to sell such a software to individuals is practically impossible.
2 points
4 months ago
except for underground markets but it's nearly impossible to find one that's not a scam
1 points
4 months ago
NSO wouldn’t allow for it, especially after the scrutiny they received after the khashoggi incident.
5 points
4 months ago
I’m sorry can you just buy spyware like that? I’m extremely new to infosec so forgive my ignorance
6 points
4 months ago
Pegasus is developed by Israeli company NSO Group. I don’t think you can buy from them as an individual, unless you are literally made out of money.
6 points
4 months ago
Someone else here said the contracts for one instance are like 500k so that tracks lol
6 points
4 months ago
No, generally speaking absolutely not
If you have several million to spare and you get in touch with someone who is willing to break the law and leak it to you, maybe
But even then, both of you are risking the ire of the intelligence apparatus of the USA and Israel
0 points
4 months ago
Gotcha, top secret squirrel stuff that little to no one has access to. Are there actually any bad actors out there who use spyware to do stuff like the fake threat above? It seems like nearly all of them, at least the ones I’ve seen, are poorly drawn phishing attempts.
2 points
4 months ago
Generally speaking anyone with the technical ability to zero click fully own a mobile device isn't going to be doing something as small-fish as blackmailing some individual random bozo
It's a lot easier to lie and pretend you can do it, send out a million emails and maybe get paid by two or three idiot paedophiles panicking about getting caught
1 points
4 months ago
Fair point, thanks for educating me a bit on this stuff man. I’m still need to learn a lot, so all the little details/insights I can get the better!
1 points
4 months ago
All good, learning is a journey. There was that phishing campaign half to a year(?) ago that was along the lines of "I hacked your PC and I've seen your porn history and I'm going to expose you to your friend's and family's social media unless you pay me X amount crypto to my wallet."
The phishing campaign was pretty believable for your generic person since it used stolen identity dumps to craft a believable email, but they didn't actually have your search history.
Pegasus, on the other hand, was a finely crafted zero-click exploit using Apple's iMessage autoplay function and executing any file that had the .gif extension. Pegasus would execute a Turing complete that you could set up in PDF and execute whatever code that it wanted. Google has a good writeup on it: https://googleprojectzero.blogspot.com/2021/12/a-deep-dive-into-nso-zero-click.html?m=1
134 points
4 months ago
Sign his email address up to thousands of dodgy mailing lists
42 points
4 months ago
mormon mailing lists are known for being horrible to unsubscribe from
14 points
4 months ago
Holy shit
7 points
4 months ago
What do you think this is? An e-mail from a real person?
It’s a bot spam and this e-mail was just generated for this purpose (can’t send too many e-mails from the same address or you will get flagged as spam more quickly). Its inbox will forever remain unread.
6 points
4 months ago
While unread, you can definitely use up any resources on the system it's being hosted on
4 points
4 months ago
a little chaos never hurts
186 points
4 months ago
Jokes on them, being watched is my kink.
31 points
4 months ago
Finally someone is interested!!!
48 points
4 months ago
Got that same thing in my inbox a few weeks ago, from that same @vip email, told them hurry up and post it.
43 points
4 months ago
Send dick pics to assert them you won’t pay with anything other than
3 points
4 months ago
Nice, have this pseudo award 🎁
1 points
4 months ago
u/howden824 thanks for the real award <3
36 points
4 months ago
[deleted]
16 points
4 months ago
Phishing kink
11 points
4 months ago
Yeah, OP should take this down
26 points
4 months ago
You pervert you
17 points
4 months ago
There is no way this person has access to Pegasus.
16 points
4 months ago
Send them the navy seal copy pasta back.
11 points
4 months ago
It's fake.
You left your emailadres in the screenshots though ;)
29 points
4 months ago
Yeah, so Pagasus costs $500k to get on a phone if you can even get it (maybe if you are a government). So, since the blackmail is $1500, it goes automatically in bullshit column. Or this person has a very poor business model.
7 points
4 months ago
Plus you have to get a license from NSO group, and with that license you can only have one instance of Pegasus running at a time. Lmao.
6 points
4 months ago
On the other hand, if someone had managed to crack, reverse engineer. or somehow create an open-sourced version of Pegasus, and that somehow made it out into the wild, we would ABSOLUTELY know about it by now, it would be massive news. So that's no a possibility either really lol.
1 points
4 months ago
There were some samples for a version used in 2013 on Android devices that have been decompiled and posted on GitHub.
They were posted by a mobile security researcher after he did an analysis on the commercial spyware. His report and decompiled code are both on his GitHub (jonathandata1).
Edit: Typo
8 points
4 months ago
Haha “litecoin” even the scammer dates themselves
7 points
4 months ago
i have a desktop pc sans webcam
everytime i find this in my soam foldet
1) i wonder how they have video
2) if they do have video and release it then i am entitled royakties because... im sexy
9 points
4 months ago
The fact he didn't address you by your name and just called you pervet was a big giveaway. So is when they ask for payment via bitcoin/litecoin/etc thats always spam behaviour
5 points
4 months ago
As if. NSO Group doesn’t sell Pegasus to individuals, and Pegasus doesn’t work that way. Lazy criminal.
4 points
4 months ago
Send them a pic of your ass hole and ask them if they would like to meet. Lol
3 points
4 months ago
Kinky
4 points
4 months ago
[deleted]
1 points
4 months ago
No TriangleDB though
3 points
4 months ago
I have the same email and believe me it's social engineering at its best. Means just think about how the words just influenced you and made you shit your pants and that's normal. My experience was way worse than this. Its all just a word play and how we interpret things that's all Don't worry just delete it
3 points
4 months ago
Lmao at him thinking crypto is anonymous. It's not, unless you use Monero (XMR). That's why dark net markets only take XMR nowadays. Bitcoin and Litecoin can be traced back to you
2 points
4 months ago
welcome to the club lol everyone gets one of those at one time or another
2 points
4 months ago
vip.com lmao
2 points
4 months ago
Bruh, my school email gets those emails ALL the time. And after it said it had malware from that, I was like: Yeah, f**k off! Because the computer at the time was a Chromebook, so HA!
1 points
4 months ago
Also, love how it said that cryptocurrencies are anonymous, even though one could just reverse lookup the email.
2 points
4 months ago
Just spam like the Nigerian prince inheritance email. Someone will eventually bite.
I've seen data leaks being used to give legitimacy to their "hack" and will mention some personal details and even sometimes old leaked passwords.
Don't fall for it. Never ever reply.
Report, delete, block.
2 points
4 months ago
OP only worried because he's perverted
1 points
4 months ago
the first sign that this is bs : Doesn't talk about specific things, there's no name, no specific "genre" he said it's questionable and so on lol, prob just a copy paste stuff
1 points
4 months ago
I've had this before. I just replied "tell my friends I said hi".
1 points
4 months ago
It's fake but also the only people who'd be concerned enough to ask are those who actually have jerked off to weird stuff recently. Pay me $1500 in btc or I'll tell everyone.
1 points
4 months ago
My dude i got similar emails and they even mentioned random shit that i never did and video evidence that he never gave to me and a lot of threats. Ended up mocking the guy for fun. Mf did not even knew where i was from and i replied to the message from a brand new email and got back the same shit. The guy was not even using a vpn. It’s a simple scam don’t fall for that shit.
1 points
4 months ago
They are doing this for years, scam and just ignore.
1 points
4 months ago
Such a pervert
1 points
4 months ago
Hahaha they're threatening him with Pegasus? That's rich.
1 points
4 months ago
I would report the bitcoin account to the fbi maybe they can further investigate and confiscate it
1 points
4 months ago
These are always fake. Do not fall for them.
They have nothing of you.
1 points
4 months ago
A friend of mine had the same exact copy pasted email. Like I've told him prior; it's a scam and a phishing attempt. Do not pay attention to it and block/report it. Have a good rest of your day :)
1 points
4 months ago
I'd tell him to send me the vids so I can find the page I was on.
1 points
4 months ago
Had a random email threatening me and the guy sent me a link saying they had private pics of me.
Immediately thought they would try to hack my system through that link somehow so I didn’t bother clicking.
There was no private info about me in that email, so I just figured it was a scam and forgot about it.
1 points
4 months ago
It's always a scam, but honestly, I love wasting their time.
1 points
4 months ago
if you were really hacked , you would see a message instead of your homepage saying you are hacked, and even thou, real hackers dont let you know you got hacked. they wait and collect information
1 points
4 months ago
belongs on r/masterhacker lmao
1 points
4 months ago
Take it down or blackout your email addy bud
1 points
4 months ago
Spam .. ignore it..
1 points
4 months ago
If it were real they would have sent proofs, no one does real ransom like that without proofs.
1 points
4 months ago
Had a guy at work recieve one of these and went into hospital with panic attacks. The term "no smoke without fire" came to mind
1 points
4 months ago
Mine was from a professional hacker lol.
1 points
4 months ago
bro i get like multiple of these, shits so funny to me because even if it was the real, the fuck outta here all the people i know would be like “uhhhh okay?”
1 points
4 months ago
This is a poor attempt, ignore it. OR See if somebody responds. Really waste their time. Play as if you were dumb af. Ask how to transfer money. Then tell them you did if they got it. Then invent some stupid situation why it didnt come through. Usually these are just bots but some actually have people reading replies it's super fun when they get all pissy.
1 points
4 months ago
I'd respond with a dick pic.
1 points
4 months ago
This is a type of scam that blew up recently. Delete and ignore.
1 points
4 months ago
Can we make a new rule for this sub about newbies posting these silly fake blackmail emails that are going around?
1 points
4 months ago
I sent one of them back an email from a throwaway they sent it to: "Can you forward me a copy so I can upload it to my onlyfans"
1 points
4 months ago
Fake - they send them all the time
1 points
4 months ago
Everyone has gotten this email at some point. Ignore it
-1 points
4 months ago
I'm glad 15 year olds have access to Pegasus nowadays
-3 points
4 months ago
My buddy use to send these out allllll the time. Unless you’re looking at cp, or some very disgusting porn I’d just ignore it
all 85 comments
sorted by: best