This is a wildly dramatised view of hackers, from

Apparently this blog, having only barely squeaked past 1000 unique visitors for the first time last month (according to awstats, at least) and even with my posting having dropped off dramatically what with the kids being stuck at home full-time these days … has arrived.

We haz been haxxored.

Well, kinda.

But that looks cooler than:

We are being extorted, and probably scammed.

See, I got this email today; it’s kinda long, so I’ll tack it onto the end of this post instead of inserting it here.

It was sent via the contact page on the site, and it basically says “we haxxored u; pay us $2k”.

Ah, Internet.

See, this site runs WordPress which is a popular and free blogging platform. It is not particularly secure, though they do try.

So it’s totally plausible that some bot equipped with a library of WordPress exploits came by, managed to pull a copy of the db and dropped that email on the way out.

It’s more likely, of course, that a bot that knows how to use the contact form came by and dropped that email hoping it’ll hit enough WordPress sites that a few will panic and pay up without it ever actually breaching the database.

A bot that posts to contact forms is, after all, way easier to write than one that actually breaks into WordPress would be.

And note that the email doesn’t actually offer anything scraped from the db, like say a list of user email addresses or the hash of a user passord for example, to prove it managed to copy the db.

So, this is likely a con.

Not definitely, but likely.

So, how to respond?

This is a good example of something sysadmin/ops engineers have to deal with all the time; I literally get emails like this every day, though most are much more obviously scams.

This one needs to be looked at and weighed to decide what to do.

It’s a plausible threat, but the odds are it’s just a con.

So the only thing to do is ignore it.

Maybe comment on it here on the site, too, since this does mean that the site has now surfaced far enough into search engines that scammer bots are finding it.

Which is annoying, since I don’t really have the time to waste examining this, but I guess it’s nice to be noticed?

The email:

Subject: This Needs Fixin' "Your Site Has Been Hacked"
Date: Wed, 10 Jun 2020 00:34:15 +0000
From: "This Needs Fixin'" ...
From: Shoshana Tellez
Subject: Your Site Has Been Hacked
Message Body:
We have hacked your website and extracted your
How did this happen?
Our team has found a vulnerability within your site that we were able to
exploit. After finding the vulnerability we were able to get your database
credentials and extract your entire database and move the information to an
offshore server.
What does this mean?
We will systematically go through a series of steps of totally damaging your
reputation. First your database will be leaked or sold to the highest bidder
which they will use with whatever their intentions are. Next if there are
e-mails found they will be e-mailed that their information has been sold or
leaked and your site was at fault thusly damaging your
reputation and having angry customers/associates with whatever angry
customers/associates do. Lastly any links that you have indexed in the search
engines will be de-indexed based off of blackhat techniques that we used in the
past to de-index our targets.
How do I stop this?
We are willing to refrain from destroying your site's reputation for a small
fee. The current fee is $2000 USD in bitcoins (BTC).
Send the bitcoin to the following Bitcoin address (Copy and paste as it is case
Once you have paid we will automatically get informed that it was your payment.
Please note that you have to make payment within 5 days after receiving this
notice or the database leak, e-mails dispatched, and de-index of your site WILL
How do I get Bitcoins?
You can easily buy bitcoins via several websites or even offline from a
Bitcoin-ATM. We suggest you for buying bitcoins.
What if I don’t pay?
If you decide not to pay, we will start the attack at the indicated date and
uphold it until you do, there’s no counter measure to this, you will only end
up wasting more money trying to find a solution. We will completely destroy your
reputation amongst google and your customers.
This is not a hoax, do not reply to this email, don’t try to reason or
negotiate, we will not read any replies. Once you have paid we will stop what we
were doing and you will never hear from us again!
Please note that Bitcoin is anonymous and no one will find out that you have

Leave a Reply