[BreachExchange] Ashley Madison blackmailers threaten to create Cheater’s Gallery exposing members who don’t pay up

Tue Apr 25 19:11:33 EDT 2017

https://hotforsecurity.bitdefender.com/blog/ashley-
madison-blackmailers-threaten-to-create-cheaters-gallery-
exposing-members-who-dont-pay-up-17942.html

Blackmailers are once again trying to make money out of the notorious
Ashley Madison hack, which exposed the details of registered members of the
cheating website in 2015.

Robin Harris writes on ZDNet that he has received a blackmail threat,
alerting him that unless he pays up $500 worth of Bitcoin his personal
details will be shared on a new website being created by the extortionists.

The site, which the blackmailers claim will be launched on May 1 2017, is
said to be called “Cheater’s Gallery”:

“On May 1 2017 we are launching our new site — Cheaters Gallery – exposing
those who cheat and destroy families. We will launch the site with a big
email to all the friends and family of cheaters taken from Facebook,
LinkedIn and other social sites. This will include you if do not pay to
opting out.”

Of course, the truth is that opting out isn’t really an option at all.

If the extortionists claiming to be creating the new “Cheater’s Gallery”
site have your data, that’s because they got their paws on the 9.7 GB
database dump released by the Impact Team way back in 2015. That data has
been swirling around the internet for almost two years now, and has
regularly been plundered by trouble-makers and ne’er-do-wells, some of whom
have even targeted users listed in the database through blackmail letters
sent via the US post.

So, paying this particular group of extortionists in the vain hope that
they might not include your details in the “Cheater’s Gallery” (if such a
site is even created) is kind of pointless, as it doesn’t stop other
criminals trying the same dirty trick. It doesn’t even stop blackmailers
specifically targeting you in an attempt to extract even more money… as
they now know you’re prepared to pay at least once.

Furthermore, one has to consider if the blackmail gang’s alleged plan to
write to the friends and family of Ashley Madison members is viable. Let’s
not forget, it takes a lot more effort to determine the alternative contact
details for someone’s wife, their friends and colleagues – information
which was not stored in the hacked Ashley Madison database. And for what
gain? If the bad guys tell your family that you were on Ashley Madison then
there is no chance that you will ever pay them any money.

As you may recall, tragically a number of suicides have been linked to
Ashley Madison’s user database being leaked. The hackers and extortionists
have blood on their hands.

Don’t forget – just because a name might have been included in the Ashley
Madison database doesn’t mean anyone had an affair, or ever would. They may
not have been been looking for an online romance. They may have been
chatting to a robot, rather than a real human being. It may not even have
been them who created the account, as Ashley Madison never bothered to
verify email addresses.

So, don’t be too quick to judge. And if you do receive a blackmail demand,
be strong and resist the temptation to pay up. Consider informing the
authorities instead that someone is trying to extort money out of you.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20170425/f6a02ad1/attachment.html>