Patreon Users Threatened By Ashley Madison Scammers (csoonline.com) 76
itwbennett writes: "Over the last few days, the group responsible for extortion attempts and death threats against Ashley Madison users has turned to a new set of targets – Patreon users," writes CSO's Steve Ragan. A message sent from the same account used in previous campaigns by the scammers demands a payment of 1 BTC or else the Patreon user will have their personal information exposed. "The [Bitcoin] wallet being used by the group has barely collected anything," says Ragan, "suggesting that after their massive push towards Ashley Madison users, people have stopped falling for their scams."
Re: (Score:2)
Why would they? What would they have to gain from doing that, compared to what they lose (ie the entire racket, considering they just killed any reason at all for anyone to give them any money)
Are you serious? What would they gain? That's not a question to ask. "What would they lose" is more appropriate. They lose nothing, NOTHING. Blackmailers don't lose anything. It is a bonus if they gain some things. In the end, it is still a scam.
Re: (Score:2)
"She" was a bot, kid.
If modern robots look like that, then I, for one, welcome our hot robotic overlords.
Re: (Score:1)
or... (Score:2)
Re: (Score:2)
Somewhat ham-fistedly.
One of these days, they are going to find themselves accidently threatening a russian mafia boss, hells angel commander, mexican cartel boss or something to that effect, and they will find themselves very very dead.
Re:or... (Score:4, Insightful)
One of these days, they are going to find themselves accidently threatening a russian mafia boss, hells angel commander, mexican cartel boss or something to that effect, and they will find themselves very very dead.
Get real this isn't a movie...
Nothing to hide (Score:5, Interesting)
The "problem" that they're having with threatening to dox Patreon users is that most of them don't have a dirty secret that they're trying to hide like the Ashley Madison folks.
Hey... if you want to "out" people for donating to good causes, go ahead! They'll probably get more sympathy than anything else. Odds are that you're just going to piss off a rival hacking group like Anonymous who's going to return the favor against the scammers.
Re:Nothing to hide (Score:4, Interesting)
They're threatening to release SSN and related information that is being used as verification for credit applications, etc. The companies negligently using SSN as a verification mechanism is where we (the public) need to start suing in order to clean up this mess.
Re: (Score:2)
They can threaten that if they want, but they don't actually have that information. Sure, they might have a (probably canceled by now) credit card number and your address, but they don't have any tax info like a social security number.
Re:Nothing to hide (Score:5, Interesting)
Technically, they do... The September Patreon leak had ENCRYPTED tax form data, but the keys to access it were never in that data leak, and even if they had 10 million bots in a botnet to try and crack the RSA key for the tax form informaiton, that's a largely disproportionate amount of CPU time dedicated to trying to decrypt information that is effectively worthless to criminals outside of the US.
As for leaking any damaging information .... the Patreon data leak was back in September, it wouldn't matter if they leaked anything they have or not, the people who would be "worst damaged" from the leak would be the people who are paying artists to draw them porn. Oh boo hoo. Finding anything that someone would want to pay for to keep buried on Patreon is pretty hard, considering that people that don't speak or read English wouldn't know what kind of information would be considered embarrassing. Nobody is going to kill themselves over Patreon, nobody. Most of the "porn" on Patreon is of the furry variety, and at worst, furries aren't embarrassed to be furries.
Re: (Score:2)
People who supposed GamerGate supporters, people who supported feminists, people who supported LGBT activists, people who supported anti-LGBT activists, people who supported religious crazies... I'm really surprised there has not been more fallout from it.
Having seen data related to people like Thunderf00t and Dave Jones, there is some potentially embarrassing stuff in there. Their supporters include people from some fairly extreme groups, and there is a really obvious correlation between income and them ta
Re: (Score:2)
If you follow this topic back to the beginning of it - as it showed up here, you can find that AmiMojo very specifically rooted for this data to be released in hopes that it would be used to silence the people they don't agree with. They were quite pleased about the idea and hoped that it would make people cut off their funding and inhibit these people's ability to be heard and motivation to speak. In other words, they wanted to make them less able to act on their freedom of speech. They were quite open abo
Re: (Score:2)
http://yro.slashdot.org/commen... [slashdot.org]
Just for you. ;-) You win a gold star for improvement. Marginal improvement but improvement nonetheless.
Hmm... No... Marked improvement, really. I dunno how I remembered the earlier posts (I can't even be certain what I ate for dinner two nights ago) but somehow that stuck in my head. I dare say, with some work, you'll be almost rational again in a few years. Think carefully how the data can be abused. You don't think your heroes are without blemish, do you? In certain subse
Re: (Score:2)
Oh dear, you are rather confused, aren't you KGill? You seem to think I am advocating this abuse. You really need to concentrate on improving your reading comprehension.
Re: (Score:2)
Well, you made me use the Google. The funny thing is, I should still be sleeping. Something made a loud noise and I was woken up.
The passwords are actually the least interesting part of the leak. There are unencrypted private messages and a user database that allows you to see who was supporting whom.
Expect some interesting articles about people like Thunderf00t and Sargon of Akkad in the next few days. Their private messages are likely a goldmine of damning information and may help the campaign to get them de-funded.
Now unless I'm reading "goldmine" as something that's not positive and "help the campaign" as an active campaign to get people "de-funded" which will limit their ability to speak to a wide audience then no - you're guilty of exactly those things.
Perhaps, maybe, it is my reading comprehension. I didn't cherry pick, I quoted the entirety of your quote. I'm a fair individual. I'm not
Re: (Score:2)
There is an active campaign to get some people de-funded. It's hardly new, there have been campaigns to stop funding various groups for decades. Anyway, your reading comprehension failure is that you seem to think I have stated I am an active member of those groups or support what they are doing. You talk about be being "guilty", yet you just imagined the whole confession in your mind.
This may come as a bit of a shock, so you may want to sit down, but people can report events and other people's points of vi
Re: (Score:2)
*chuckles* The only tuition that I'm getting is that you're willing to try to weasel out of your prior statements. That's why I quoted them in their entirety.
There is a *slim* chance that you worded it poorly or there's some colloquialisms that I'm unfamiliar with. But it being a goldmine *and* a possible aid to those who want to get someone defunded is quite a bit different from being a goldmine *to* the people who want to get someone defunded. I'd also add that you're not a journalist. I'd also assume a
Re: (Score:2)
If I say "it's a good thing and it will help group B" then it's wildly different then "it's a good thing for group B" (to use your journalistic example). The two are not synonymous and have quite different meanings in the English that I'm familiar with.
This kind of language lawyering means you lost the argument. You are drawing huge inferences that just happen to reflect negatively on me from what is at the absolute worst a slight ambiguity.
If you constantly read everything in this manner, looking for slight flaws that you can pry open into an argument that the writer believes what you think they believe rather than the more obvious and common interpretation, it's going to be hard to have a discussion with anyone.
Re: (Score:2)
They're threatening to release SSN and related information that is being used as verification for credit applications
Irritating yes but troubling not really. The fact is you SSN is out there for anyone who wants it.
Its in all the major subscription database PI's and LEOs can subscribe to, almost for certain. Some of my licensed co-workers have access to that information and they shown me they can pull the SSN for just about anyone I could name. It would be naive to think the identity thieves don't have straw accounts and leaked creds for many of these sources.
I an not suggesting anyone go posting their SSN all over t
Re: (Score:2)
SSN is, unfortunately, a big deal. With your SSN, date of birth, and name, anyone can open lines of credit in your name. This includes credit cards, loans, etc. I found this out the hard way when someone opened a credit card in my name after somehow obtaining my name, DOB, SSN, and home address. (I never found out how they got this information and never will.)
I was lucky in that the thieves paid for rush delivery of the card and the card was sent out before their address change request (from my address
Re: (Score:2)
I would have found out about it when the collection agencies banged on my door for payment and they wouldn't be likely to take "But I didn't open that account or spend that money" as an excuse for not paying "my" debts.
But they really should.
The creditors are responsible for this situation through their lax authentication measures, even more so than the ones directly committing the fraud. The single most effective thing that could be done to prevent this type of identity fraud would be to void any attempt to collect on a debt (and consider it libel to include the debt in your credit history) unless the creditor can show that the target of the collection was the one that took out the loan—and obviously knowledge of p
Re: (Score:2)
You'll get no argument from me that the system is in serious need of changes at many levels to protect people from identity theft. Unfortunately, the credit agencies and credit card companies profit off of identity theft (selling people's data, taking in fees from fraudulent purchases and then writing them off if proven to be fraud, etc). They have powerful lobbying groups that will fight any changes that threaten their business - a category which includes increased consumer protections.
Oh noes! (Score:3)
Ashley Madison users had something that they might want to hide - the fact that they had signed up for the site which when combined with an assumption that they'd used it to cheat would be socially costly.
But oh noes! Someone might find out that you crowdfunded an artist to create culture! Boy... really going to be ashamed of that one, aren't you?
Not a member of either, but can't possibly think of why I'd pay in this new instance.
Re: (Score:2)
It's not just artists, a lot of Patreon users are supporting people who produce political and philosophical content. People like Thunderf00t and Sargon of Akkad, or Zoe Quinn and Randi Harper. Those are at the fairly mild end of the spectrum.
The claim to have info they can't have (Score:5, Informative)
I'm a Patreon user, and I got the scam email.
They claimed "I have your tax id, tax forms, SSN, DOB, Name, Address, Credit card details and more sensitive data..."
All Patreon has of mine is my credit card info, name, and billing address. The same stuff any online retailer, or anyone who takes payment has. They DO NOT have my tax id, etc.
So it's obviously a scam right from the beginning.
Re: (Score:2)
I'm a Patreon user, and I got the scam email.
Note immediately the difference between the AM hack........un all the AM stories we had on Slashdot, not one person said, "I am an AM user...."
Honestly given how little privacy there is (Score:2)
Re: (Score:2)
Re: (Score:2)
Ditto, just checked my spam folder and I found the scam mail. Except, they don't have most of the stuff they're claiming. Why would they have any tax information in the first place? And I don't have an SSN, since I'm not American, so clearly they don't have that either.
Soooo... (Score:1)
Re: (Score:2)
well it was on a torrent, so who knows how many people it'll spread out to.
it'll never go away either.
Good email services (Score:3)
Perhaps the biggest problem they encountered is the fact that the email service providers are sending their threats to the spam box where nobody is likely to see them. Hard to have good return on your marketing when you don't have trusted email.
What amuses me most is that they'd probably make more money if they set up their own Patreon account.
Whut? (Score:5, Insightful)
Re: (Score:1)
Re: (Score:2)
A way of giving financial support to content creators. ...kind of like a Patron
So why not call it "Find a Gullible Fucking Patron" or isn't that hipstery enough?
Re: (Score:2)
Wait, what? You can see other peoples' wallets? (Score:2)
You can just tell if someone's wallet is getting paid? I assume a wallet is like an account; I've never used bitcoin.
You can just look that shit up? The all-anonymous bitcoin? I'm skeptical.
Re:Wait, what? You can see other peoples' wallets? (Score:5, Informative)
https://blockchain.info/ [blockchain.info]
A bitcoin isn't a "thing". It's an entry in a public ledger that says "wallet X paid wallet Y 0.001BTC". All* the wallets start out at 0 and if you want to see how much money wallet Y has now, you start at the beginning and add all the payments into it and subtract all the payments out of it. Example:
https://blockchain.info/addres... [blockchain.info]
has 0 BTC balance after receiving 3 payments and making 3 payments (the tiny fraction of a BTC missing each transaction is the fee paid to miners to process it).
As for anonymity, I normally have no way of telling you who 1ENYmn1eCWPa4MFD4VU9wUFqLrzPcqUgaY is. But if one of those payments there was made from an ATM that converts money to BTC (and takes a photo) or one of those debits was sent to a drug dealer who mailed the drugs to the wallet owner's home address, then got busted by the cops who got a customer list, then it could be figured out.
Re: (Score:3)
Very true. Blockchains definitely are truly proof of where the coins went. However, there are ways to launder BTC, such as tumblers, CoinJoin, exchanging for another currency and then back, and so on.
Because of this, BitCoin is still used for nefarious purposes, as the transactions may be 100% traceable, but once moved out of the BTC arena into another currency, that is where the trail can go cold quickly.
Going to out me? (Score:1)
What are you going to out? My geeky tastes in comics and music.
Ocremix
Evil inc
Oops, I did it myself. Blackmail only works on somebody with something they're ashamed of our worried about being revealed.
To quote Arthur Wellesley, the Duke of Wellington (Score:2)
Publish and be damned!
Real email from Patreon (Score:2)
I didn't get the original email, but I got one from Patreon repudiating that original email.
I contribute to a couple of Youtube channels. This is one about aviation [youtube.com]. This one [youtube.com] is too. So sue me.
...laura