Dear blog readers,
Do you remember the Koobface botnet? And did you know that the Koobface botnet master KrotReal used to maintain a legitimate Facebook account back in 2011 at the peak of the Koobface botnet that no one has ever referenced or possibly knew that it existed?
In this post I'll share with everyone some of my latest research and analysis on the topic and will share with everyone including my blog readers some actionable intelligence on his whereabouts in 2025.
Related posts:
- Dancho Danchev's Testimony on “How Facebook Today's Meta Failed To Protect Its Users and React To The Koobface Botnet And What We Should Do About It?”
- Where Is Anton Nikolaevich Korotchenko (Антон Николаевич Коротченко) Also Known as Koobface Botnet Master KrotReal? - Part Four
- Where Is Anton Nikolaevich Korotchenko (Антон Николаевич Коротченко) Also Known as Koobface Botnet Master KrotReal? - Part Three
- Where Is Anton Nikolaevich Korotchenko (Антон Николаевич Коротченко) Also Known as Koobface Botnet Master KrotReal? - Part Two
- Where Is Anton Nikolaevich Korotchenko (Антон Николаевич Коротченко) Also Known as Koobface Botnet Master KrotReal?
- Koobface Redirectors and Scareware Campaigns Now Hosted in Moldova
- The Koobface Gang Wishes the Industry "Happy Holidays"
- Koobface Gang Responds to the "10 Things You Didn't Know About the Koobface Gang Post"
10 things you didn't know about the Koobface gang - How the Koobface Gang Monetizes Mac OS X Traffic
- Koobface Botnet's Scareware Business Model - Part Two
- Koobface Botnet's Scareware Business Model
- From the Koobface Gang with Scareware Serving Compromised Site
- Koobface Botnet Starts Serving Client-Side Exploits
- Koobface-Friendly Riccom LTD - AS29550 - (Finally) Taken Offline
- Dissecting Koobface Gang's Latest Facebook Spreading Campaign
- Koobface - Come Out, Come Out, Wherever You Are
- Dissecting Koobface Worm's Twitter Campaign
- Koobface Botnet Redirects Facebook's IP Space to my Blog
- Koobface Botnet Dissected in a TrendMicro Report
- Massive Scareware Serving Blackhat SEO, the Koobface Gang Style
- Movement on the Koobface Front - Part Two
- Movement on the Koobface Front
- Dissecting the Koobface Worm's December Campaign
- The Koobface Gang Mixing Social Engineering Vectors
- Dissecting the Latest Koobface Facebook Campaign
In 2025 Anton Nikolaevich Korotchenko (Антон Николаевич Коротченко) also known as Koobface botnet master KrotReal is known to own Born To Earn CO. LTD. (HuaHin Rent) (hxxp://www.facebook.com/THCars.Rent) with his partner Olesya Lyashenko.
Sample details:
Born To Earn Co. Ltd.
32/90 Petchakasem road, Soi Hua Hin 10
Hua Hin, Prachuap Khiri Khan, 77110
Tax id: 0775558002551
Bank Account: 074-1-56966-5
Bank: Krungsri Bank
+66 9236 777 99
And in 2025 his original and official Facebook account is (hxxp://www.facebook.com/banelly.tony) which appears to have been active and posting in 2011 at the peak of the Koobface botnet. He also owns the following properties:
hxxp://www.facebook.com/ForFriendsRestaurant
hxxp://www.instagram.com/happybabythai/
hxxp://www.facebook.com/sabaishop.net/
hxxp://www.instagram.com/buyfromthai/
hxxp://t.me/thaipills
In 2025 he also owns the following domains originally registered with his original krotreal@gmail.com:
hxxp://mobile-sexy.biz
hxxp://thai-pills.com
hxxp://homexxxvids.info
hxxp://uploadfile.asia
hxxp://homexxxvids.com
hxxp://huahin.rent
hxxp://homexxxvids.net
hxxp://vip-redir.com
hxxp://adult-redirect.biz
hxxp://sabaishop.net
hxxp://thcars.biz
hxxp://forfriends.rest
hxxp://peretrax.com
Related details about his partner Olesya Lyashenko:
hxxp://www.instagram.com/aliceinthai
hxxp://www.facebook.com/alice.carrol.5/
hxxp://dzen.ru/aliceinthai
hxxp://t.me/aliceinthai
hxxp://www.threads.com/@aliceinthai
hxxp://www.instagram.com/aliceinthai.bubbles/
Sample screenshot:
Sample photos:
