November 13, 2022

A group of extortion scammers called Team Montesano is targeting website owners and administrators around the world. They claim to have hacked their servers and are demanding $2,500 not to release any data after sending emails that read “Your website, databases and emails have been hacked.”

The spam message also warns that the hackers will unpack stolen data, damage their reputation and blacklist the site for spam if the targets do not pay $2,500.

“Our team found several vulnerabilities within your website and company computers that we were able to exploit. After finding them, we were able to get their database credentials and extract their complete data from their computers, from their site and copies of all emails in all their mailboxes with ***.gov domain and finally we moved the information to a foreign server,” it says.

It goes on to say that it will go through a number of steps to completely destroy its reputation: the first is to leak and sell a database for any purpose to the highest bidder; the second is to threaten to send emails to all customers, suppliers and business partners claiming that their information has been sold or leaked and that the attacked site is to blame for leaking the information and damaging the reputation of all customers and providers. Finally, all links indexed in search engines will be de-indexed using the same blackhat techniques that were previously used to de-index targets and blacklist the company.

It then demands $2,500 in Bitcoins to resolve the situation.

The sources for this piece include an article in BleepingComputer.