Over the last few days, the group responsible for extortion attempts and death threats against Ashley Madison users has turned to a new set of targets – Patreon users.
The group sending the messages has claimed to be DD4BC, and they have a history of extortion and DDoS attacks. They surfaced in 2014, and until recently they've kept their efforts below the radar.
In an email sent from the same forged AOL account used in previous campaigns, sharingservices [at] aol.com, the new messages demand a payment of 1 BTC or else the Patreon user will have their personal information exposed:
"Unfortunately, your data was leaked in the recent hacking of the Patreon web site and I now have your information. I have your tax id, tax forms, SSN, DOB, Name, Address, Credit card details and more sensitive data. Now, I can go ahead and leak your details online which would damage your credit score like hell and would create a lot of problems for you."
The wallet being used by the group has barely collected anything, suggesting that after their massive push towards Ashley Madison users, people have stopped falling for their scams.
Previously, their efforts earned the group nearly $20,000 USD before the money stopped. Once that happened, they shifted tactics and started threatening to expose alleged sex tapes, before moving on to death threats.
Patreon, who by all accounts has done a decent job dealing with the breach since it was announced in September, sent users an email addressing the recent extortion attempts on Saturday.
The letter, penned by Jack Conte, Patreon's CEO and co-founder, debunks the scam and informs users that the company is working with law enforcement on the matter.
"I learned yesterday evening that some Patreon users have been receiving a scam email. The sender claims to have the recipient's SSN, credit card number and other personal information. I want to assure everyone that the claims in this email are false, and we are already working with federal law enforcement.
Do not reply to the email—it is a scam. The tax forms we store are securely encrypted with RSA 2048-bit encryption, and we do not store full credit card numbers. If you receive this email I suggest you flag it as spam and ignore any further emails. Do not reply."
In messages viewed by Salted Hash the Bitcoin wallet being used is: