Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
Get HideMyAss! VPN, PC Mag's Top 10 VPNs of 2016 for 55% off for a Limited Time ×
Bitcoin Crime The Internet

Patreon Users Threatened By Ashley Madison Scammers (csoonline.com) 76

itwbennett writes: "Over the last few days, the group responsible for extortion attempts and death threats against Ashley Madison users has turned to a new set of targets – Patreon users," writes CSO's Steve Ragan. A message sent from the same account used in previous campaigns by the scammers demands a payment of 1 BTC or else the Patreon user will have their personal information exposed. "The [Bitcoin] wallet being used by the group has barely collected anything," says Ragan, "suggesting that after their massive push towards Ashley Madison users, people have stopped falling for their scams."
This discussion has been archived. No new comments can be posted.

Patreon Users Threatened By Ashley Madison Scammers

Comments Filter:
  • "...suggesting that after their massive push towards Ashley Madison users, people have stopped falling for their scams."

    ...Or they're just casting a wider net.
    • ...Or they're just casting a wider net.

      Somewhat ham-fistedly.

      One of these days, they are going to find themselves accidently threatening a russian mafia boss, hells angel commander, mexican cartel boss or something to that effect, and they will find themselves very very dead.

  • Nothing to hide (Score:5, Interesting)

    by supremebob ( 574732 ) <themejunky.geocities@com> on Monday November 23, 2015 @09:34PM (#50990601) Journal

    The "problem" that they're having with threatening to dox Patreon users is that most of them don't have a dirty secret that they're trying to hide like the Ashley Madison folks.

    Hey... if you want to "out" people for donating to good causes, go ahead! They'll probably get more sympathy than anything else. Odds are that you're just going to piss off a rival hacking group like Anonymous who's going to return the favor against the scammers.

    • Re:Nothing to hide (Score:4, Interesting)

      by sheetsda ( 230887 ) <doug.sheetsNO@SPAMgmail.com> on Monday November 23, 2015 @09:54PM (#50990721)

      They're threatening to release SSN and related information that is being used as verification for credit applications, etc. The companies negligently using SSN as a verification mechanism is where we (the public) need to start suing in order to clean up this mess.

      • They can threaten that if they want, but they don't actually have that information. Sure, they might have a (probably canceled by now) credit card number and your address, but they don't have any tax info like a social security number.

        • Re:Nothing to hide (Score:5, Interesting)

          by Anonymous Coward on Monday November 23, 2015 @10:28PM (#50990935)

          Technically, they do... The September Patreon leak had ENCRYPTED tax form data, but the keys to access it were never in that data leak, and even if they had 10 million bots in a botnet to try and crack the RSA key for the tax form informaiton, that's a largely disproportionate amount of CPU time dedicated to trying to decrypt information that is effectively worthless to criminals outside of the US.

          As for leaking any damaging information .... the Patreon data leak was back in September, it wouldn't matter if they leaked anything they have or not, the people who would be "worst damaged" from the leak would be the people who are paying artists to draw them porn. Oh boo hoo. Finding anything that someone would want to pay for to keep buried on Patreon is pretty hard, considering that people that don't speak or read English wouldn't know what kind of information would be considered embarrassing. Nobody is going to kill themselves over Patreon, nobody. Most of the "porn" on Patreon is of the furry variety, and at worst, furries aren't embarrassed to be furries.

          • by AmiMoJo ( 196126 )

            People who supposed GamerGate supporters, people who supported feminists, people who supported LGBT activists, people who supported anti-LGBT activists, people who supported religious crazies... I'm really surprised there has not been more fallout from it.

            Having seen data related to people like Thunderf00t and Dave Jones, there is some potentially embarrassing stuff in there. Their supporters include people from some fairly extreme groups, and there is a really obvious correlation between income and them ta

            • by KGIII ( 973947 )

              http://yro.slashdot.org/commen... [slashdot.org]

              Just for you. ;-) You win a gold star for improvement. Marginal improvement but improvement nonetheless.

              Hmm... No... Marked improvement, really. I dunno how I remembered the earlier posts (I can't even be certain what I ate for dinner two nights ago) but somehow that stuck in my head. I dare say, with some work, you'll be almost rational again in a few years. Think carefully how the data can be abused. You don't think your heroes are without blemish, do you? In certain subse

              • by AmiMoJo ( 196126 )

                Oh dear, you are rather confused, aren't you KGill? You seem to think I am advocating this abuse. You really need to concentrate on improving your reading comprehension.

                • by KGIII ( 973947 )

                  Well, you made me use the Google. The funny thing is, I should still be sleeping. Something made a loud noise and I was woken up.

                  The passwords are actually the least interesting part of the leak. There are unencrypted private messages and a user database that allows you to see who was supporting whom.

                  Expect some interesting articles about people like Thunderf00t and Sargon of Akkad in the next few days. Their private messages are likely a goldmine of damning information and may help the campaign to get them de-funded.

                  Now unless I'm reading "goldmine" as something that's not positive and "help the campaign" as an active campaign to get people "de-funded" which will limit their ability to speak to a wide audience then no - you're guilty of exactly those things.

                  Perhaps, maybe, it is my reading comprehension. I didn't cherry pick, I quoted the entirety of your quote. I'm a fair individual. I'm not

                  • by AmiMoJo ( 196126 )

                    There is an active campaign to get some people de-funded. It's hardly new, there have been campaigns to stop funding various groups for decades. Anyway, your reading comprehension failure is that you seem to think I have stated I am an active member of those groups or support what they are doing. You talk about be being "guilty", yet you just imagined the whole confession in your mind.

                    This may come as a bit of a shock, so you may want to sit down, but people can report events and other people's points of vi

                    • by KGIII ( 973947 )

                      *chuckles* The only tuition that I'm getting is that you're willing to try to weasel out of your prior statements. That's why I quoted them in their entirety.

                      There is a *slim* chance that you worded it poorly or there's some colloquialisms that I'm unfamiliar with. But it being a goldmine *and* a possible aid to those who want to get someone defunded is quite a bit different from being a goldmine *to* the people who want to get someone defunded. I'd also add that you're not a journalist. I'd also assume a

                    • by AmiMoJo ( 196126 )

                      If I say "it's a good thing and it will help group B" then it's wildly different then "it's a good thing for group B" (to use your journalistic example). The two are not synonymous and have quite different meanings in the English that I'm familiar with.

                      This kind of language lawyering means you lost the argument. You are drawing huge inferences that just happen to reflect negatively on me from what is at the absolute worst a slight ambiguity.

                      If you constantly read everything in this manner, looking for slight flaws that you can pry open into an argument that the writer believes what you think they believe rather than the more obvious and common interpretation, it's going to be hard to have a discussion with anyone.

      • by DarkOx ( 621550 )

        They're threatening to release SSN and related information that is being used as verification for credit applications

        Irritating yes but troubling not really. The fact is you SSN is out there for anyone who wants it.

        Its in all the major subscription database PI's and LEOs can subscribe to, almost for certain. Some of my licensed co-workers have access to that information and they shown me they can pull the SSN for just about anyone I could name. It would be naive to think the identity thieves don't have straw accounts and leaked creds for many of these sources.

        I an not suggesting anyone go posting their SSN all over t

        • SSN is, unfortunately, a big deal. With your SSN, date of birth, and name, anyone can open lines of credit in your name. This includes credit cards, loans, etc. I found this out the hard way when someone opened a credit card in my name after somehow obtaining my name, DOB, SSN, and home address. (I never found out how they got this information and never will.)

          I was lucky in that the thieves paid for rush delivery of the card and the card was sent out before their address change request (from my address

          • I would have found out about it when the collection agencies banged on my door for payment and they wouldn't be likely to take "But I didn't open that account or spend that money" as an excuse for not paying "my" debts.

            But they really should.

            The creditors are responsible for this situation through their lax authentication measures, even more so than the ones directly committing the fraud. The single most effective thing that could be done to prevent this type of identity fraud would be to void any attempt to collect on a debt (and consider it libel to include the debt in your credit history) unless the creditor can show that the target of the collection was the one that took out the loan—and obviously knowledge of p

            • You'll get no argument from me that the system is in serious need of changes at many levels to protect people from identity theft. Unfortunately, the credit agencies and credit card companies profit off of identity theft (selling people's data, taking in fees from fraudulent purchases and then writing them off if proven to be fraud, etc). They have powerful lobbying groups that will fight any changes that threaten their business - a category which includes increased consumer protections.

  • by DRJlaw ( 946416 ) on Monday November 23, 2015 @09:35PM (#50990607)

    A message sent from the same account used in previous campaigns by the scammers demands a payment of 1 BTC or else the Patreon user will have their personal information exposed.

    Ashley Madison users had something that they might want to hide - the fact that they had signed up for the site which when combined with an assumption that they'd used it to cheat would be socially costly.

    But oh noes! Someone might find out that you crowdfunded an artist to create culture! Boy... really going to be ashamed of that one, aren't you?

    Not a member of either, but can't possibly think of why I'd pay in this new instance.

    • by AmiMoJo ( 196126 )

      It's not just artists, a lot of Patreon users are supporting people who produce political and philosophical content. People like Thunderf00t and Sargon of Akkad, or Zoe Quinn and Randi Harper. Those are at the fairly mild end of the spectrum.

  • by geekd ( 14774 ) on Monday November 23, 2015 @09:41PM (#50990635) Homepage

    I'm a Patreon user, and I got the scam email.

    They claimed "I have your tax id, tax forms, SSN, DOB, Name, Address, Credit card details and more sensitive data..."

    All Patreon has of mine is my credit card info, name, and billing address. The same stuff any online retailer, or anyone who takes payment has. They DO NOT have my tax id, etc.

    So it's obviously a scam right from the beginning.

    • I'm a Patreon user, and I got the scam email.

      Note immediately the difference between the AM hack........un all the AM stories we had on Slashdot, not one person said, "I am an AM user...."

    • I'm pretty sure you could find all that about by googling my /. user name.
    • I got the same email. I didn't even realize it until the deadline was up because I don't check my spam box very often. What I did see in my inbox was the email from Patreon informing me that these scammers didn't have any of the shit they claimed to have.
      • by Guspaz ( 556486 )

        Ditto, just checked my spam folder and I found the scam mail. Except, they don't have most of the stuff they're claiming. Why would they have any tax information in the first place? And I don't have an SSN, since I'm not American, so clearly they don't have that either.

  • by Anonymous Coward
    I was a paying member of Ashley Madison and I have been getting these extortion emails for months. Every day there's a new bitcoin address to send 1-5 bitcoins to keep them from publishing my information. If I acted on every email I would be flat broke by now. No matter how many bitcoins you send, someone else has your information and will try to extort you. It will never end......
    • well it was on a torrent, so who knows how many people it'll spread out to.

      it'll never go away either.

  • by KitFox ( 712780 ) on Monday November 23, 2015 @09:57PM (#50990749)

    Perhaps the biggest problem they encountered is the fact that the email service providers are sending their threats to the spam box where nobody is likely to see them. Hard to have good return on your marketing when you don't have trusted email.

    What amuses me most is that they'd probably make more money if they set up their own Patreon account.

  • Whut? (Score:5, Insightful)

    by godel_56 ( 1287256 ) on Monday November 23, 2015 @10:02PM (#50990775)
    It would have been nice if the fucking summary had told us who or what Patreon [wikipedia.org] was.
  • I got a threat from these clowns. I take it about as seriously as those douchebags who say they want my help to claim their 8 million dollar inheritance from their deceased parents in Nigeria.

    -jcr

  • You can just tell if someone's wallet is getting paid? I assume a wallet is like an account; I've never used bitcoin.

    You can just look that shit up? The all-anonymous bitcoin? I'm skeptical.

    • by Qzukk ( 229616 ) on Monday November 23, 2015 @10:32PM (#50990973) Journal

      https://blockchain.info/ [blockchain.info]

      A bitcoin isn't a "thing". It's an entry in a public ledger that says "wallet X paid wallet Y 0.001BTC". All* the wallets start out at 0 and if you want to see how much money wallet Y has now, you start at the beginning and add all the payments into it and subtract all the payments out of it. Example:

      https://blockchain.info/addres... [blockchain.info]

      has 0 BTC balance after receiving 3 payments and making 3 payments (the tiny fraction of a BTC missing each transaction is the fee paid to miners to process it).

      As for anonymity, I normally have no way of telling you who 1ENYmn1eCWPa4MFD4VU9wUFqLrzPcqUgaY is. But if one of those payments there was made from an ATM that converts money to BTC (and takes a photo) or one of those debits was sent to a drug dealer who mailed the drugs to the wallet owner's home address, then got busted by the cops who got a customer list, then it could be figured out.

      • by mlts ( 1038732 )

        Very true. Blockchains definitely are truly proof of where the coins went. However, there are ways to launder BTC, such as tumblers, CoinJoin, exchanging for another currency and then back, and so on.

        Because of this, BitCoin is still used for nefarious purposes, as the transactions may be 100% traceable, but once moved out of the BTC arena into another currency, that is where the trail can go cold quickly.

  • What are you going to out? My geeky tastes in comics and music.

    Ocremix
    Evil inc

    Oops, I did it myself. Blackmail only works on somebody with something they're ashamed of our worried about being revealed.

  • I didn't get the original email, but I got one from Patreon repudiating that original email.

    I contribute to a couple of Youtube channels. This is one about aviation [youtube.com]. This one [youtube.com] is too. So sue me.

    ...laura

"Open the pod bay doors, HAL." -- Dave Bowman, 2001

Working...