Yesterday Someone Tried to Extort Me

E.J. Hilbert
9 min readOct 15, 2018
Image produced by Reolink Blog

Imagine my surprise when, while driving my daughter to lacrosse practice, I received a telegram message trying to extort me and the company I work for, Path Network, for $1.6 million.

Let me set the scene for you, I’m driving in my Mini with my daughter talking about lacrosse and of course the boys she likes when my phone goes off. My daughter sees it and lets me know that I have a message from a business associate, we will call him Bob. Bob and I have just finished a buyout and company acquisition deal, so if he is reaching out on a Sunday something might be wrong.

I asked my daughter to respond and the extortion begins.

The individual who has taken over Bob’s account claims he has compromising data about Path and our negotiations and threatens to go public with the information. Since everything Path has done has been on the up and up with full reporting and visibility, I know this claim is wrong but let’s see where this goes.

The attacker proceeds to openly admit he has compromised Bob’s email and telegram account. He also admits that he is trying to extort me, an ex-FBI agent. (I know I have been out for 10 years but come on, is that really a smart move?)

The attacker later admits that he is in the UK, that he is promoting ICO’s, and that he has done no research on Path Network. In the end he claims he just wants the list of people who pre-bought Path utility tokens (those used for credits on the Path and Path Connect service lines) so he can pitch those “investors” on his ICO’s. He even agrees to send me an email, so we can discuss who he should contact.

The full transcript is included below save for redactions to protect the innocent. (Also, don’t judge my daughter’s spelling. I took over the typing at 13:15 she didnt want to stop but her coach threatened sprints.)

I have dealt with these types of attacks numerous times throughout my career both in the private and public sector but, no one has been this ill prepared, naïve or idiotic.

Leave out the fact of my background, if he had investigated Path he would have found out that the company is full of ex-hackers (mostly white and gray) who would jump at a chance to track him down. Further he gives up information about himself and…

--

--

E.J. Hilbert

Work in the CyberSecurity and Privacy Arena worldwide, Owner of KCECyber, Ex-FBI. All opinions posted are my own !!!