Your Site Has Been (Not) Hacked

Understatement
By Andrew Davidson
on Nov. 1, 2022

PLEASE FORWARD THIS EMAIL TO SOMEONE IN YOUR COMPANY WHO IS ALLOWED TO MAKE IMPORTANT DECISIONS! (If you want to be fired for annoying higher-ups with obviously baseless threats from anonymous assholes)

We have hacked your website http://www.jawn.us and extracted your databases. Cool. You know there's no database on that site, right? What lazy IT professional would store a database on an unsecured (http://) server?

How did this happen?

Our team has found a vulnerability within your site that we were able to exploit. After finding the vulnerability we were able to get your database credentials and extract your entire database and move the information to an offshore server.. We bought your email address from another scammer and decided to go phishing for suckers.. Will we catch you? Also, we surreptitiously changed all the letter 'i's in this missive into 'í' (accent on i) which will throw so many spelling errors to get past the spam detectors.

What does this mean?

We will systematically go through a series of steps of totally damaging your reputation. First your database will be leaked or sold to the highest bidder which they will use with whatever their intentions are. Next if there are e-mails found they will be e-mailed that their information has been sold or leaked and your site http://www.jawn.us was at fault thusly damaging your reputation and having angry customers/associates with whatever angry customers/associates do. Lastly any links that you have indexed in the search engines will be de-indexed based off of blackhat techniques that we used in the past to de-index our targets.

Blackhat techniques to de-index me from all the major search engines? Not only impossible, but improbable, too. These knuckleheads couldn't break into one search engine company, let alone multiple nor do their tiny worthless week-old domains have any reputation that would affect SEO. All bullshit.

How do i stop this?

We are willing to refrain from destroying your site’s reputation for a small fee. The current fee is $3000 in bitcoins (BTC).

Please send the bitcoin to the following Bitcoin address (Make sure to copy and paste):

shitforbrainsassfacescammerscansuckmybigfatweiner

Once you have paid we will automatically get informed that it was your payment. Please note that you have to make payment within 5 days after receiving this e-mail or the database leak, e-mails dispatched, and de-index of your site WILL start!

How do you get notified of my identity on an anonymous payment system? You should throw away this email immediately and never think of it again.

How do I get Bitcoins?

You can easily buy bitcoins via several websites or even offline from a Bitcoin-ATM. If you been tracking them at all, you'd think now is a terrible time to invest in them, and find the transaction fees are untenable for small transactions like this.

What if I don’t pay?

If you decide not to pay, we will start the attack at the indicated date and uphold it until you do, there’s no counter measure to this, you will only end up wasting more money trying to find a solution. We will completely destroy your reputation amongst google and your customers. You must come from a country where reputation matters. I live in the USA, and we elected that dumpster fire Trump. Reputation doesn't mean shit. And my customers must be as dumb as I to believe any of this poorly worded bullshit.

This is not a hoax, do not reply to this email, don’t try to reason or negotiate, we will not read any replies. Once you have paid we will stop what we were doing and you will never hear from us again! So, not only no way to contact you, no way to tell if you've begun or stopped this 'digital terror', and no way to tell if my reputation was actually harmed. Seems almost like... nothing will happen!

Please note that Bitcoin is anonymous and no one will find out that you have complied. Doesn't anonymous also mean that you won't know who sent you the Bitcoin, so how will you know who to target and whom not to target? This loophole absolves me of doing anything, right?