What's new
By:
Filters
Steroid Source Talk

Register a free account today to become a member! Once signed in, you'll be able to participate on this site by adding your own topics and posts.

Purple Panda Labs Spearphishing Email

B

brick

New member
Joined
Feb 27, 2020
Messages
2
Reaction score
0
From: [email protected]
Subject: PPL leak warning

"Dear Previously Used Receiver Name!

We are the private investigators working as appointment by Drug Enforcement Administration. Recently we have seized PurplePandaLabs databases with all sensitive information.

As I can see you have bought here some controlled substances, which was delivered to your address Previously Used Receiver Address.

In fact, I have to send all found information for our employers, but since we are private investigators and not the direct staff of DEA, I can erase some information before sending.

But since it carries risks for me and my job anyway, I will not do it for free. In order for me to do this, you must transfer $950 (USD) worth of bitcoins to the address: 1FBGLMZNzd9TqQQX3j7SbZ3Zd41FUX42v8

After you make the transaction, write to me at [email protected] from your email that you used to order. In the letter, write the wallet number or transaction number that you used to transfer.

As soon as I receive the transaction, I will delete all information related to your email and your orders from the database, before it is transferred to DEA.

You can ignore this letter or think for a while, but hurry - on Monday I have to send all the information I received to DEA and then no one will be able to delete records from their databases about your actions.

So, I expect from you to transfer $950 (USD) in BTC to the address 1FBGLMZNzd9TqQQX3j7SbZ3Zd41FUX42v8 and letter with your wallet or transaction number to the email [email protected]"

So it looks like someone’s got some explaining to do. Either the website database was cracked or it’s an inside job, and it’s impossible to tell if it’s a spoofed email or not owing to the wonderful way ALL of Panda’s emails fail domain authentication.
 
Last edited:
M

MikeAlstott

Active member
Joined
Feb 22, 2018
Messages
815
Reaction score
164
@brick can you post the headers of the email? guy could be spoofing the email address too.
 
Last edited:
CaptainAmerica

CaptainAmerica

The Bodybuilding Admin
Staff member
Administrator
Joined
Feb 18, 2018
Messages
2,136
Reaction score
1,002
We have reports of this as well to modmail. We’ve reached out to PPL and confirmed this is being taken care of. Please consider it spam/spoof phishing for now and we will update when we know more.
 
Last edited:
E

egoliftlowbench

New member
Joined
May 16, 2019
Messages
261
Reaction score
21
yeah bullshit. China and Xi dont give a fuck and wont let some DEA retards into China. It is completely legal to produce raws in China, finished product may be illegal but PPL is a legit business in China and quite quite wealthy. Ive ordered from ppl plenty never got this email. The fact they say they will save you or some shit, deadline monday, its bullshit. Got same list of emails many months ago beating my dick and told they accessed my laptop webcam and had pics of me beating it and said I had good taste. They try to make this shit sound legit but they just got emails no actual data. like wtf is ppl info deletion, boomers fall for these kinds of scams. If they actually got breached/seized myself and all my friends who buy ppl would have emails too because we have accounts with ppl.
“on Monday I have to send all the information I received to DEA and then no one will be able to delete records from their databases about your actions.”
not even proper fucking grammar/english. to DEA not the DEa. delete records about your actions? who phrases it like that? the attempt at sounding professional almost mimics the replies i got from bulk king reps. Id be surprised ithis scammer had a GED.
If you arent on tor etc its possible they could have gotten any info through your regular web traffic through chrome.
 
Last edited:
C

chuckynoars

New member
Joined
Jan 2, 2021
Messages
29
Reaction score
14
The actual phishing attempt is obviously amateur and unlikely to fool anyone, but the bigger issue is how that data leaked. They have names and addresses. What else might they have? Do they have the itemized list of orders? I know a number of vendors on here used PPL as a supplier, so I imagine they’re shitting bricks right now.

PPL needs to overhaul OPSEC. It’s time to start using PGP to encrypt names and addresses. FFS, the data doesn’t even seem like it was hashed. It was probably stored on the server in plaintext.

To the guy wanting to see the email header, here you go:
Code: 
Return-Path: [email protected]
X-Original-To: me
Delivered-To: me
Received: from m17618.mail.qiye.163.com (m17618.mail.qiye.163.com [59.111.176.18]) (using
 TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate
 requested) by mailin014.protonmail.ch (Postfix) with ESMTPS id E5A923000270 for
me; Fri, 15 Jan 2021 20:51:29 +0000 (UTC)
Received: from [127.0.0.1] (unknown [51.68.119.146]) by m17618.mail.qiye.163.com (Hmail)
 with ESMTPA id CEE234E0FDB for me; Sat, 16 Jan 2021 04:51:26
 +0800 (CST)
Authentication-Results: mailin014.protonmail.ch; dmarc=fail (p=none dis=none)
 header.from=purplepandalabs.com
Authentication-Results: mailin014.protonmail.ch; spf=fail
 [email protected]
auth results obviously failed
 
Last edited:
D

dxstxjames

New member
Joined
Jan 17, 2021
Messages
1
Reaction score
0
I send this in the main PPL thread but I’ll ask here since it’s relevant:

"I was going to order from them but I was sketched out about the chance of email too.

I was trying to order via email but when I tried reaching PPLrep through tuta it says it’s not a valid email and I had emailed the address that sent you that - luckily I didn’t send in an order or any info yet.

Is PPL compromised then? Or is there a different address to reach them now?"
 
Last edited:
K

Kree2212

New member
Joined
Apr 3, 2019
Messages
1
Reaction score
0
Its been a few days, anyone have any updates?
 
Last edited:
P

purplepandaRep

Active member
Joined
Sep 9, 2018
Messages
230
Reaction score
38
Yo, what’s up. We are aware of the issue, we are investigating thoroughly at this time. We believe this to the be actions of a disgruntled former employee, and it is a scam. Our operation has not been compromised and will remain intact and as is because no information was leaked and will not compromise anyone.

Please know the website is safe and we go to great lengths to protect what we have built and to keep all our customers safe.
 
Last edited:
P

purplepandalabs

Member
Verified Source
Joined
Apr 15, 2018
Messages
19
Reaction score
1
@slickrick69 said in Purple Panda Labs Spearphishing Email:
@CaptainAmerica ppl actually did get busted … feel free to send a email. And we can talk private
Click to expand...
Well, Chinese prison is actually nice. They gave me a cell inside your mothers bedroom. My only daily task is to pleasure her, repeatedly. Which for me, is okay, because I love anal. She’s a nasty lady though. Hope she doesn’t kiss you with that mouth. Otherwise, you know the flavor of Panda Escobar ass.

#Free Panda
 
Last edited:
You must log in or register to reply here.
Top