Cryptscam Abuse Explorer

Stay safe, check if wallets are scam!

Support us with a donation

search by:

Wallet address
1MaiKELpXqgnrtGjdHbdaS4RpaX2TGx7ox
Report number
6
Wallet balance
 BTC → 
Total received
 BTC → 
Transaction number
date
20 May 2019 Monday. 09:44:49 UTC
type
ransomware
scammer/abuser
[email protected]
country
Taiwan
description
Deleted DB and asked for ransom. If we checked the MySQL DB we can find a 'README' database > To recover your lost Database and avoid leaking it: Send us 0.05 Bitcoin (BTC) to our Bitcoin address 1MAikeLUHocwmKZLZfZAoh6n9G9j4CKp13 and contact us by Email with your Server IP or Domain name and a Proof of Payment. Your Database is downloaded and backed up on our servers. Backups that we have right now: elementview_master, If we dont receive your payment in the next 10 Days, we will make your database public or use them otherwise.
source
bitcoinabuse
Site url
date
15 May 2019 Wednesday. 05:20:23 UTC
type
ransomware
scammer/abuser
[email protected]
country
India
description
To recover your lost data : Send 0.045 BTC to our BitCoin Address and Contact us by eMail with your server IP Address or Domain Name and a Proof of Payment. Any eMail without your server IP Address or Domain Name and a Proof of Payment together will be ignored. Your File and DataBase is downloaded and backed up on our servers. If we dont receive your payment,we will delete your databases.
source
bitcoinabuse
Site url
date
10 May 2019 Friday. 22:11:22 UTC
type
ransomware
scammer/abuser
211.57.200.104
country
United States
description
Script that discovered my unprotected phpmyadmin on a home test server, dumped my mysql databse of useless test data, and left the below ransom message: "To recover your lost data : Send 0.045 BTC to our BitCoin Address and Contact us by eMail with your server IP Address or Domain Name and a Proof of Payment. Any eMail without your server IP Address or Domain Name and a Proof of Payment together will be ignored. Your File and DataBase is downloaded and backed up on our servers. If we dont receive your payment,we will delete your databases." It's okay buddy, you can delete those 5 row's of irrelevant text. The related Apache access log entry: (Yes, the credentials were root:root) 211.57.200.104 - - \ "GET /phpmyadmin/index.php?pma_username=root&pma_password=root&server=1 HTTP/1.1" 302 958 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36"
source
bitcoinabuse
Site url
date
06 May 2019 Monday. 00:10:55 UTC
type
ransomware
scammer/abuser
[email protected]
country
Papua New Guinea
description
To recover your lost data : Send 0.045 BTC to our BitCoin Address and Contact us by eMail with your server IP Address or Domain Name and a Proof of Payment. Any eMail without your server IP Address or Domain Name and a Proof of Payment together will be ignored. Your File and DataBase is downloaded and backed up on our servers. If we dont receive your payment,we will delete your databases.
source
bitcoinabuse
Site url
date
24 April 2019 Wednesday. 22:26:02 UTC
type
ransomware
scammer/abuser
[email protected]
country
Australia
description
I'd setup a test mysql server, forgotten about it, and came back to find: To recover your lost data : Send 0.045 BTC to our BitCoin Address and Contact us by eMail with your server IP Address or Domain Name and a Proof of Payment. Any eMail without your server IP Address or Domain Name and a Proof of Payment together will be ignored. Your File and DataBase is downloaded and backed up on our servers. If we dont receive your payment,we will delete your databases.
source
bitcoinabuse
Site url
date
10 April 2019 Wednesday. 16:59:14 UTC
type
ransomware
scammer/abuser
[email protected]
country
Peru
description
Deletes my MySQL db and asks for ramson
source
bitcoinabuse
Site url