"Installed One Rat Software into You Device" Extortion Email

Installed One Rat Software into You Device Extortion Email

Recipients of the "Installed One Rat Software into You Device" extortion email below, which claims they have viewed child porn and threatens to expose them if they do not send money or Bitcoins, are asked to delete them and should not send any money or Bitcoin. This is because the email is being sent by cybercriminals who are attempting to frighten and trick their potential victims into sending them money.

Cybercriminals have been extorting money from their potential victims by falsely claiming they have installed some Remote Administration Tool or REMOTE ACCESS TROJAN on their potential victims' computers and lie about having videos of them in a compromised position or watching porn.

The cybercriminals may have your old password, but it doesn't mean that they have anything on you. It appears they may have gotten your password from the Yahoo or other internet hacks or data breaches that took place a few months or years ago. Yahoo and the companies who suffered the data breach have forced their users to change their passwords, so they should have nothing to worry about.

An "Installed One Rat Software into You Device" Extortion Email

Hi, dear user of

We have installed one RAT software into you device

For this moment your email account is hacked too.

Changed your password? You're doing great!

But my software recognizes every such action. I'm updating passwords!

I'm always one step ahead....

So... I have downloaded all confidential information from your system and I got some more evidence.

The most interesting moment that I have discovered are videos records where you masturbating.

I posted EternalBlue Exploit modification on porn site, and then you installed my malicious code (trojan) on your operation system.

When you clicked the button Play on porn video, at that moment my trojan was downloaded to your device.

After installation, your front camera shoots video every time you masturbate, in addition, the software is synchronized with the video you choose.

For the moment, the software has harvrested all your contact information from social networks and email addresses.

If you need to erase all of your collected data and video with your enjoy, send me $600(usd) in BTC (crypto currency).

This is my Bitcoin wallet: 15Z4Y1q5QufvFPvRBKhwVhQyFTLwEQ5f4J

You have 48 hours after reading this letter.

After your transaction I will erase all your data.

Otherwise, I will send video with your pranks to all your colleagues, friends and relatives!!!

P.S. I'm asking you - not to answer this letter because the sender's address is fake, just to keep me incognito.

And henceforth be more careful!

Please visit only secure sites!


It is possible to use Java Applet in older web browsers, which is a small application or plugin used in web browsers, to collect MAC address and maybe browser history, but none of the other listed items. And, all new web browsers do not support Java Applet. So, we know who sent the email is lying.

And, the FBI will never ask you to send them money.

Check the comment section below for additional information, share what you know, or ask a question about this article by leaving a comment below. And, to quickly find answers to your questions, use our search Search engine.

Note: Some of the information in samples on this website may have been impersonated or spoofed.
Was this article helpful?  +
Share this with others:

Comments, Questions, Answers, or Reviews

Comments (Total: 1)

To protect your privacy, please remove sensitive information from your comments, questions, or reviews. We will use your IP address to display your approximate location to other users when you make a post. That location is not enough to find you.

Your post will be set as anonymous because you are not signed in. An anonymous post cannot be edited or deleted, therefore, review it carefully before posting. Sign-in.

The comments, reviews or answers below do not necessarily reflect the views of Online Threat Alerts (OTA).

  • October 10, 2019 at 2:48 PM by info

    Here is another scam:

    -Original Message-

    From: I Know <IKnow87@0934.com>

    Sent: Thu, Sep 12, 2019 10:23 pm

    Subject: You got recorded -

    Hey, I know your password is:

    Your computer was infected with my malware, RAT (Remote Administration Tool), your browser wasn't updated / patched, in such case it's enough to just visit some website where my iframe is placed to get automatically infected, if you want to find out more - Google: "Drive-by exploit".

    My malware gave me full access and control over your computer, meaning, I got access to all your accounts (see password above) and I can see everything on your screen, turn on your camera or microphone and you won't even notice about it.

    I collected all your private data and I RECORDED YOU (through your webcam) SATISFYING YOURSELF!

    After that I removed my malware to not leave any traces.

    I can send the video to all your contacts, post it on social network, publish it on the whole web, including the darknet, where the sick people are, I can publish all I found on your computer everywhere!

    Only you can prevent me from doing this and only I can help you out in this situation.

    Transfer exactly 1400$ with the cryptocurrency Monero (XMR) to my Monero (XMR) address.

    You can easily buy Monero (XMR) here: www.anycoindirect.eu/en/buy-monero, www.bitnovo.com/buy-monero-online-en, www.localmonero.co, or Google for other exchanger.

    You can send the Monero (XMR) directly to my address, or download and create your own wallet first from here: www.mymonero.com, or simply create your online wallet here: www.cryptonator.com, www.freewallet.org, then receive and send to mine.

    It's a very good offer, compared to all that horrible sh**t that will happen if I publish everything!

    My Monero (XMR) address is: 4BrL51JCc9NGQ71kWhnYoDRffsDZy7m1HUU7MRU4nUMXAHNFBEJhkTZV9HdaL4gfuNBxLPc3BeMkLGaPbF5vWtANQmhvbmBTJbpSXqZx82

    Copy and paste my address, it's (cAsE-sEnSEtiVE), yes that's how the address looks like and you don't need to include payment-id or memo.

    I give you 2 days to transfer the Monero (XMR).

    As I got access to this email account, I will know if this email has already been read.

    If you get this email multiple times, it's to make sure you read it, my mailer script has been configured like that and after payment you can ignore it.

    After receiving the payment, I will remove everything and you can life your live in peace like before.

    Next time update your browser before browsing the web!

Comments Show More Comments (0)

Write Your Comment, Question, Answer, or Review

"Installed One Rat Software into You Device" Extortion Email