Return-Path: <grady34@rioroses.com>
Delivered-To: thehunarfound+spam@54-179-220-51.cprapid.com
Received: from 54-179-220-51.cprapid.com
	by 54-179-220-51.cprapid.com with LMTP
	id 6J1nMACe/2U6bwAAZmiI5A
	(envelope-from <grady34@rioroses.com>)
	for <thehunarfound+spam@54-179-220-51.cprapid.com>; Sun, 24 Mar 2024 03:29:04 +0000
Return-path: <grady34@rioroses.com>
Envelope-to: support@thehunarfoundation.org
Delivery-date: Sun, 24 Mar 2024 03:29:04 +0000
Received: from [143.137.216.160] (port=21424 helo=143-137-216-160.gmsolucoes.net.br)
	by 54-179-220-51.cprapid.com with esmtp (Exim 4.96.2)
	(envelope-from <grady34@rioroses.com>)
	id 1roEXb-0003Ks-3B
	for support@thehunarfoundation.org;
	Sun, 24 Mar 2024 03:29:04 +0000
Message-ID: <8581251F2621BB1C18BC86BFB8228581@WGTIIN7BSC>
From: "raj sandy" <grady34@rioroses.com>
To: <support@thehunarfoundation.org>
Date: 23 Mar 2024 20:13:11 -0400
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
Importance: Normal
X-Mailer: Microsoft Windows Live Mail 16.4.3505.912
X-MimeOLE: Produced By Microsoft MimeOLE V16.4.3505.912
X-Spam-Status: Yes, score=36.7
X-Spam-Score: 367
X-Spam-Bar: ++++++++++++++++++++++++++++++++++++
X-Spam-Report: Spam detection software, running on the system "54-179-220-51.cprapid.com",
 has identified this incoming email as possible spam.  The original
 message has been attached to this so you can view it or label
 similar future email.  If you have any questions, see
 root\@localhost for details.
 Content preview:  Hello! I am a hacker who has access to your operating system.
    I also have full access to your account. I've been watching you for a few
    months now. The fact is that you were infected with malware through an adult
    site that you visited. 
 Content analysis details:   (36.7 points, 5.0 required)
  pts rule name              description
 ---- ---------------------- --------------------------------------------------
  0.0 RCVD_IN_ZEN_BLOCKED_OPENDNS RBL: ADMINISTRATOR NOTICE: The query
                              to zen.spamhaus.org was blocked due to
                             usage of an open resolver. See
                             https://www.spamhaus.org/returnc/pub/
                             [143.137.216.160 listed in zen.spamhaus.org]
  1.1 DATE_IN_PAST_03_06     Date: is 3 to 6 hours before Received: date
  1.3 RCVD_IN_VALIDITY_RPBL  RBL: Relay in Validity RPBL,
                             https://senderscore.org/blocklistlookup/
                           [143.137.216.160 listed in bl.score.senderscore.com]
  2.0 PYZOR_CHECK            Listed in Pyzor
                             (https://pyzor.readthedocs.io/en/latest/)
  2.1 BITCOIN_VISTA          Bitcoin + old MSFT msgid format
  8.5 KAM_CRIM               Extortion Email
  2.5 BITCOIN_SPAM_03        BitCoin spam pattern 03
  3.9 HELO_DYNAMIC_IPADDR2   Relay HELO'd using suspicious hostname (IP
                             addr 2)
  2.0 RDNS_NONE              Delivered to internal network by a host with no rDNS
  3.5 HDR_ORDER_FTSDMCXX_NORDNS Header order similar to spam
                             (FTSDMCXX/boundary variant) + no rDNS
  0.0 KAM_DMARC_STATUS       Test Rule for DKIM or SPF Failure with Strict
                             Alignment
  1.0 KAM_LAZY_DOMAIN_SECURITY Sending domain does not have any
                             anti-forgery methods
  0.6 PDS_BTC_MSGID          Bitcoin ID with T_MSGID_NOFQDN2
  0.5 PDS_BTC_ID             FP reduced Bitcoin ID
  2.5 BITCOIN_XPRIO          Bitcoin + priority
  2.0 BITCOIN_EXTORT_01      Extortion spam, pay via BitCoin
  0.0 FSL_BULK_SIG           Bulk signature with no Unsubscribe
  0.3 MIMEOLE_DIRECT_TO_MX   MIMEOLE + direct-to-MX
  2.0 HDR_ORDER_FTSDMCXX_DIRECT Header order similar to spam
                             (FTSDMCXX/boundary variant) + direct-to-MX
  1.0 XPRIO_SHORT_SUBJ       Has X Priority header + short subject
  0.0 NO_FM_NAME_IP_HOSTN    No From name + hostname using IP address
X-Spam-Flag: YES
Subject:  ***SPAM***  Fw:

Hello!

I am a hacker who has access to your operating system.
I also have full access to your account.

I've been watching you for a few months now.
The fact is that you were infected with malware through an adult site that you visited.

If you are not familiar with this, I will explain.
Trojan Virus gives me full access and control over a computer or other device.
This means that I can see everything on your screen, turn on the camera and microphone, but you do not know about it.

I also have access to all your contacts and all your correspondence.

Why your antivirus did not detect malware?
Answer: My malware uses the driver, I update its signatures every 4 hours so that your antivirus is silent.

I made a video showing how you satisfy yourself in the left half of the screen, and in the right half you see the video that you watched.
With one click of the mouse, I can send this video to all your emails and contacts on social networks.
I can also post access to all your e-mail correspondence and messengers that you use.

If you want to prevent this,
transfer the amount of 1300 USD (US dollars) to my bitcoin address (if you do not know how to do this, write to Google: "Buy Bitcoin").

My bitcoin address (BTC Wallet) is: 113wK8pSWRmBy4QGRPegTLhyt58jwcWZNn

After receiving the payment, I will delete the video and you will never hear me again.
I give you 50 hours (more than 2 days) to pay.
I have a notice reading this letter, and the timer will work when you see this letter.

Filing a complaint somewhere does not make sense because this email cannot be tracked like my bitcoin address.
I do not make any mistakes.

If I find that you have shared this message with someone else, the video will be immediately distributed.

Best regards!