Hacked your website
“Hacked your website” is a dangerous piece of malware that belongs to the category of Trojan horse viruses. Trojans like “Hacked your website” are very stealthy and may not exhibit any symptoms that would make their presence known.
If you have landed on this page because you have received a strange blackmailing email from a self-proclaimed hacker, who claims that they have compromised your computer with some secret malware, then you most probably have become one of the numerous victims of a viral Bitcoin phishing email scam.
The premise of this scam usually goes like this: a hacker sends you an informative email message where they tell you that they have acquired some sensitive information about you and maybe even that they have been spying on you through your webcam and mic with the help of a hidden Trojan horse virus that’s currently on your computer. Then, the crook asks for a ransom payment that needs to be sent to a specific Bitcoin wallet and threatens that if you don’t fulfill the ransom demands, they will use the acquired information against you.
Many of our users reported to us about an ongoing email spam with the following message:
Name: XXX
Email: [email protected]
Phone:
Message:
PLEASE FORWARD THIS EMAIL TO SOMEONE IN YOUR COMPANY WHO IS ALLOWED TO MAKE IMPORTANT DECISIONS!We have hacked your website XXX and extracted your databases.
How did this happen?
Our team has found a vulnerability within your site that we were able to exploit. After finding the vulnerability we were able to get your database credentials and extract your entire database and move the information to an offshore server.What does this mean?
We will systematically go through a series of steps of totally damaging your reputation. First your database will be leaked or sold to the highest bidder which they will use with whatever their intentions are. Next if there are e-mails found they will be e-mailed that their information has been sold or leaked and your site XXX was at fault thusly damaging your reputation and having angry customers/associates with whatever angry customers/associates do. Lastly any links that you have indexed in the search engines will be de-indexed based off of blackhat techniques that we used in the past to de-index our targets.
How do I stop this?
We are willing to refrain from destroying your site’s reputation for a small fee. The current fee is .33 BTC in bitcoins ($3000 USD).
Send the bitcoin to the following Bitcoin address (Copy and paste as it is case sensitive):
1FjMYuEXXRSPbey42fRkHwLgH1yohE2PZF
Once you have paid we will automatically get informed that it was your payment. Please note that you have to make payment within 5 days after receiving this notice or the database leak, e-mails dispatched, and de-index of your site WILL start!
How do I get Bitcoins?
You can easily buy bitcoins via several websites or even offline from a Bitcoin-ATM. We suggest you https://cex.io/ for buying bitcoins.
What if I don’t pay?
If you decide not to pay, we will start the attack at the indicated date and uphold it until you do, there’s no counter measure to this, you will only end up wasting more money trying to find a solution. We will completely destroy your reputation amongst google and your customers.
This is not a hoax, do not reply to this email, don’t try to reason or negotiate, we will not read any replies. Once you have paid we will stop what we were doing and you will never hear from us again!
Please note that Bitcoin is anonymous and no one will find out that you have complied.
Recently, thousands of web users have received similar phishing messages in their email inbox and are being blackmailed to send money to the hackers behind the scheme. Security experts, however, inform that most emails with such content are nothing but a scam, the sole aim of which is to scare web users and to extort their money. Therefore, security researchers do not advise to send any payments to anyone.
What our “How to remove” team would highly recommend that you to do as an added precaution, however, is to carefully check your system for any potential hidden infections because, sometimes, nasty malware inside your system may be the reason behind receiving such blackmailing messages. The main reason we advise you to do this is because we have recently learned about the release of one new and particularly nasty Trojan horse infection called “Hacked your website”, which could be used to spy on you and steal your personal data in order to blackmail you in the way described in the aforementioned phishing emails. That’s why, if you have interacted with a scam email lately, like this and Geek Squad Email ,it is a good idea to run a full scan of your machine with a reliable antimalware tool (such as the one on this page) and rule out the possibility of an actual infection with “Hacked your website” or with some other malware.
In case that the system scan detects “Hacked your website” in your system, don’t panic. We have assembled a detailed removal guide below which will help you effectively remove this infection from your computer. It is very important, however, to deal with “Hacked your website” as quickly as possible and use a reliable anti-malware scanner that can help you locate and delete all the hidden malicious files because if you leave a Trojan like this one on your computer or fail to correctly remove it, its effects on your system could be really, really unpleasant.
Not only may you get all your personal information exposed and sent to the hands of some unscrupulous hackers, but you may lose important data and software and may need to reinstall the entire Operating System in order to fix the PC issues which this malware may create. After all, most representatives of the Trojan horse family are very versatile and can launch many different criminal activities. That’s why our advice is to carefully scan your entire PC and use the instructions above to remove “Hacked your website” or any other hidden malware which you may detect in your system.
SUMMARY:
Name | Hacked your website |
Type | Trojan |
Danger Level | High (Trojans are often used as a backdoor for Ransomware) |
Symptoms | If you receive some scam emails in your inbox, it is a good idea to check your system for a hidden Trojan horse. |
Distribution Method | Malicious emails, spam messages, harmful attachments, infected files, malvertisements, torrents, illegal websites. |
Detection Tool |
Remove Hacked your website Email Scam
If you have a Windows virus, continue with the guide below.
If you have a Mac virus, please use our How to remove Ads on Mac guide.
If you have an Android virus, please use our Android Malware Removal guide.
If you have an iPhone virus, please use our iPhone Virus Removal guide
Some of the steps will likely require you to exit the page. Bookmark it for later reference.
Reboot in Safe Mode (use this guide if you don’t know how to do it).
WARNING! READ CAREFULLY BEFORE PROCEEDING!
Press CTRL + SHIFT + ESC at the same time and go to the Processes Tab. Try to determine which processes are dangerous.
Right click on each of them and select Open File Location. Then scan the files with our free online virus scanner:
After you open their folder, end the processes that are infected, then delete their folders.
Note: If you are sure something is part of the infection – delete it, even if the scanner doesn’t flag it. No anti-virus program can detect all infections.
Hold together the Start Key and R. Type appwiz.cpl –> OK.
You are now in the Control Panel. Look for suspicious entries. Uninstall it/them. If you see a screen like this when you click Uninstall, choose NO:
Type msconfig in the search field and hit enter. A window will pop-up:
Startup —> Uncheck entries that have “Unknown” as Manufacturer or otherwise look suspicious.
- Remember this step – if you have reason to believe a bigger threat (like ransomware) is on your PC, check everything here.
Hold the Start Key and R – copy + paste the following and click OK:
notepad %windir%/system32/Drivers/etc/hosts
A new file will open. If you are hacked, there will be a bunch of other IPs connected to you at the bottom. Look at the image below:
If there are suspicious IPs below “Localhost” – write to us in the comments.
Type Regedit in the windows search field and press Enter.
Once inside, press CTRL and F together and type the virus’s Name. Right click and delete any entries you find with a similar name. If they don’t show up this way, go manually to these directories and delete/uninstall them:
- HKEY_CURRENT_USER—-Software—–Random Directory. It could be any one of them – ask us if you can’t discern which ones are malicious.
HKEY_CURRENT_USER—-Software—Microsoft—-Windows—CurrentVersion—Run– Random
HKEY_CURRENT_USER—-Software—Microsoft—Internet Explorer—-Main—- Random
If the guide doesn’t help, download the anti-virus program we recommended or try our free online virus scanner. Also, you can always ask us in the comments for help!
Leave a Comment