Malicious keylogger?

[jdmckay]

Hi,

I have been receiving spam for a while from hacker who claims to have installed a keyboard logger on my system. Says my computer was infected from a <violates forum rules> site (I never view them). I never worried about it much: he (?) always sent spam with my email address and I know this is easy to do. He wants bitcoin to destroy info he says he's collected (again, nothing I'm worried about).

He's also said he has my email contact list (I do not use any social media on this computer).

I'm posting because I got the same spam last night, but return email address is one from my contact list which I haven't used in 4+ years. So I wonder how he got that?

I'm running Mint 18.3 (always updated weekly), have latest FF and Google Chrome.

I thought I had my Firewall on BASIC, just checked it and it was off (no idea how that happened).

I'm not adverse to doing a fresh install if the gurus here suggest it. I just installed 19.1 on new laptop, it's fine (a few minor hiccups I"m sure updates will address). I would like to know if indeed a key stroke logger got on this machine, how I can detect it and how to prevent it in the future.

I realize this may be well discussed topic: I did search of the forums and couldn't find anything that addressed my questions.

And FWIW, my email runs on NAMECHEAP using my own domain.


Thx in advance.

[pizzadude]

Known spam email:

https://krebsonsecurity.com/2018/07/sex ... passwords/

Just keep ignoring them.

[philotux]

Just keep ignoring them.

+1
I got a couple of mails with more or less same content a while back. I ignored them and nothing nasty happened.

[Moem]

I'm posting because I got the same spam last night, but return email address is one from my contact list which I haven't used in 4+ years. So I wonder how he got that?

I can't tell you that, but it's otherwise still the same old rubbish. Ignore, and cover your webcam if there is one. If only for your peace of mind.

[lsemmens]

Don't bother to even read such SPAM then you won't need to worry about it.

[PhilippeH]

I'm posting because I got the same spam last night, but return email address is one from my contact list which I haven't used in 4+ years. So I wonder how he got that?

Faking your email as a sender is easy, but getting your contacts is not, and could be the sign that your email address is or has been compromised in some way. You could try to submit it on this website to check if it is the case ?

[jdmckay]

Hi,

Yes, I know it was a scam and ignored for months when return email was my own. This one used return email from my email contact list, that's what concerned me.

PhilippeH » Thu Jun 13, 2019 3:02 am

Faking your email as a sender is easy, but getting your contacts is not, and could be the sign that your email address is or has been compromised in some way. You could try to submit it on this website to check if it is the case ?

Thanks, I checked. 3 breaches:

1) Linux Mint: In February 2016
2) Mac Forums: In July 2016
3) Verifications.io

No other nefarious activity that I know of (Identity theft, CC or bank hack etc.) but think I'll change my email/passwords to be sure.

Thx

[mediclaser]

...
I'm posting because I got the same spam last night, but return email address is one from my contact list which I haven't used in 4+ years. So I wonder how he got that?...

It is more likely the email in your contact is the one which got compromised. Moreover, if you didn't do the things mentioned in the spam mail, you should not worry at all.

[DAMIEN1307]

Now im really feeling left out...lol...i never get any spam e-mail since i dumped gmail and msn mail and use nothing but protonmail and zoho now...DAMIEN

[mediclaser]

Now im really feeling left out...lol...i never get any spam e-mail since i dumped gmail and msn mail and use nothing but protonmail and zoho now...DAMIEN

It starts with a bad browsing habit (like not having ad blocker). A classic example was a very old guy clicking on pop-up windows (asking for email) that appear when he visits a website or click on an ad link that interests him. Later on, all the emails in his contact list started getting spam mails about the things he look for in the internet.

[Crippled]

At most the Spammer may have hacked your E-mail account. I would recommend changing your E-mail password just in-case. There is no way the Spammer was able to install a keylogger on Linux mint. You are not using Windows where a keylogger can be installed on top of the Microsoft Spyware/Malware on it. Keep your computer backed up because Linux is not impervious to Ransomeware.

[Moem]

It starts with a bad browsing habit (like not having ad blocker).

Not necessarily. Having an email address that you've had for a long time, and used in many places, puts you at risk too. Spam and phishing are facts of modern life, no need to have bad browsing habits in order to attract them.

[gittiest personITW]

Beware his friend, The Prince.
Or his cousin, The Government Official.
They all have lots of money they would like you to look after.

Importantly if anyone rings you up - don't even confirm your name, or your bank, or address. They rang you so should know who you are.
If its an old Contacts List - chances are it got hacked from an old server or, did you used to use AOL or Yahoo (that was hacked a couple of years ago) or one of the countless other companies.

Just the fact that they hold 2 or 3 bits of information is not enough to get worried about. With a little time and effort and facebook, its not hard.

[Pepi]

I'm still living High-On-The-Hog from my great great uncle in Nigeria that left me a billion dollars

[gittiest personITW]

Dammit - he offered it to me and I told him to pee off.

[DAMIEN1307]

hi gittiest personITW...i love the Machiavellian quote...a "Prince" by any other name...DAMIEN

Beware his friend, The Prince.
Or his cousin, The Government Official.
They all have lots of money they would like you to look after.

[gittiest personITW]

Forgive me Oh Dark Lord

[Pepi]

hi gittiest personITW...i love the Machiavellian quote...a "Prince" by any other name...DAMIEN

Beware his friend, The Prince.
Or his cousin, The Government Official.
They all have lots of money they would like you to look after.

DUDE

[HaveaMint]

I'm still living High-On-The-Hog from my great great uncle in Nigeria that left me a billion dollars

I know a guy that sent his whole pay check to get his inheritance. I suggested to him to send his next check to the same place to see if they will return his first check. He is a person that has removed any doubt that he is a full blown idiot.