Thursday, December 30, 2021

A Visual Representation of Today's Modern Cybercrime Ecosystem - A Cybercrime-Friendly Forum Communities Screenshots Compilation - An Analysis - Part Two




Tuesday, December 28, 2021

Presenting Dancho Danchev's Ultimate "Cybercrime Forum Data Set for 2021" - Direct Download Available!

 

Dear blog readers,
 
Have you ever wanted to give your team vendor or organization a boost in terms of cybercrime research for free? Consider grabbing a copy of my Ultimate "Cybercrime Forum Data Set for 2021" which you  can use for data mining actionable threat intelligence including situational awareness building in terms of current and emerging cyber threats and cybercrime trends.  
 
 
Sample screenshots of Dancho Danchev's Ultimate "Cybercrime Forum Data Set for 2021":
 

Sample screenshots of Dancho Danchev's Ultimate "Cybercrime Forum Data Set for 2021":

Stay tuned!

Presenting Dancho Danchev's Ultimate "Cybercrime Research Compilation" - Direct Download Available!

Dear blog readers,

 Have you ever wanted to grab a direct download copy of all of my publicly accessible research in a convenient multiple E-Book readers compatible form including all the "juicy details" in terms of thousands of high-quality and never-released before IoCs including OSINT research and analysis including threat intelligence type of research and analysis and information?

 
Sample screenshots of Dancho Danchev's Ultimate "Cybercrime Research Compilation":

 

Sample screenshots of Dancho Danchev's Ultimate "Cybercrime Research Compilation":

Stay tuned!

Saturday, December 25, 2021

Why Did Bulgaria's DANS Agency Gave Me a Visit and a Pension?

Dear blog readers,

I've been persistently asked on what really took place back in 2010 when I was kidnapped by local police officers in my hometown Troyan Bulgaria using my stolen ID and back in 2015 when I was drug poisoned by Bulgaria's DANS Agency who gave me a visit to my place? Keep reading.

It appears that back in my homeland it has a long way to go in terms of getting lost to the point of oblivion where when you don't have anything it means don't touch other people's stuff or they will break your ankle and then politely take you back to your non-existent method of existence called a car in your homeland and politely ask you to enter and never think of coming back or going to anyone's place again. Whether you are a moron or let's not forget whether you're a Bulgarian or not take a photo of yourself and never show it to anyone. No one cares and we don't care. Try to forget about the fact that you took a photo of yourself and believe it or not the photo never really existested. It does not exist.
 

By the way who hacked DANS.bg? We did not. We did not. Someone else did it and we came up with an analysis on the topic. For free. Forget about public sources. We did it using public sources.

Do you want to infect journalists with malware? This is amusing as they have infected you already. With themselves.

Do you want to celebrate the "holidays"? Do you know what a work day is to begin with? You can't celebrate the holidays. There are no holidays.

Don't forget to use your ultra favorite Web site to post photos of your social spit and vomit and don't forget no one cares. Including you.

Sanctions anyone? You bet. And yes you bet.

Now the single most important thing to remember is to go back home. Only in case you know what a home is. Only in a case whether you have a home and never forget not to go to other people's homes to do your naughty stuff. Steal rob kidnap molest and steal everyone's money.

This is not Bulgaria and this is not the holidays.

Happy holidays!

Stay tuned!

Tuesday, December 21, 2021

Check out my Official Dark Web Onion!

Folks,

Here are some sample statistics from my official Dark Web Onion - http://aklw6fojficmu3zqsdsffprbas3kqrheej4ntvynfl5xkrjpqhlq55yd.onion/




Stay tuned!

Labels: , , , , , ,

Tuesday, December 14, 2021

Sample Cybercrime Incident Response and Cyber Threat Actor Attribution Campaigns Maltego Graphs - An Analysis

Did you miss me folks? Guess what? Christmas came earlier! Check out the following Maltego graphs courtesy of me during the research and investigation of various cybercrime incident response cases including various cyber threat actor attribution campaigns.

Enjoy!
























Stay tuned!

Labels: , , , , , , ,

Happy Holidays, Everyone!

If it's going to be massive it better be good. Did you grab a free PDF copy of my personal memoir? Have you ever wanted to find out how many people actually brag about and care about my personal blog? Check out the following screenshots.

Don't forget to be the best and that you should aim to nuke the rest.

Happy holidays and happy New Year and Christmas celebration!

 
  



Stay tuned!

Labels: , , , ,

Friday, December 10, 2021

What You Get From "Peasant-aria Land" - A New Cyber Security Center - Behold Yourself To the Almighty Savior! - An Analysis

Is it crap or is it bullshit? Is it a dipshit or is it a moron? Did the Klingons did it or did we do it on our own? Did Jessus give us the money or did we steal it from somewhere? No. It's called cyber security industry in Bulgaria in 2021 led managed and operated by the infamous Yavor Kolev who kidnapped and home molested me with a stolen ID and dragged me out of my place with no witnesses and no legal repercussion for his illegal activities in the country and my illegal arrest with the assistance of local police offers from the city of Troyan, Bulgaria circa 2010 which is my hometown in Bulgaria.

In this post I'll elaborate more on one of my kidnappers who greatly contributed to my illegal arrest courtesy of Bulgaria Law Enforcement and basically dragged me out of my place with a stolen ID and held me hostage for a period of several months in a confined environment without Bulgaria Ministry of Interior knowing anything about this and with no witnesses and with force which resulted in a direct loss of $85,000 throughout the next period of five years following a successful kidnapping and home molestation attempt courtesy of local police officers from Troyan Bulgaria which is my home town which you can catch up in terms of going through the related posts at the end of this post.
 

Labels: , , ,

Thursday, December 09, 2021

Presenting Astalavista.box.sk's Flagship "Wisdom Kings Magazine" - Issue One - Grab a Copy Today!

Dear blog readers,

I've decided to let everyone know that I just released and came up with Astalavista.box.sk's flagship E-Zine for hackers security cybercrime research OSINT and threat intelligence and actually released issue one of the E-Zine which you can grab a copy of on my personal blog in the true spirit of the Christmas holidays.

Wisdom Kings Magazine Issue One - "Existence is Futile, Relevance Is Non-Existent"

+    01. Introduction........................................by Phemonix
+    02. 10 years back in the future.........................by Phemonix
+    02. Back to basics .....................................by Phenomix
+    03. The basics of Social engineering....................by Phenomix
+    04. How to make anarchy for beginners...................by Phenomix
+    05. How to hack for fun.................................by Phenomix
+    06. The ultimate guide to getting a girlfriend..........by Phenomix
+    07. Exploiting the scene for fun and profit.............by Phenomix
+    08. Hacking your school for fun and profit..............by Phenomix
+    09. Exposing the "Data Leaks" Paradise..................by Phenomix
+    10. How not to get "caught".............................by Phenomix
+    11. CYBERINT and Virtual SIGINT Exposed.................by Phenomix
+    12. From Cybercrime to Multi-Billion Dollar Industry....by Phenomix
+    13. The "Dark Web" Exposed and Profiled.................by Phenomix
+    14. Exposing the Bastards who stole the Scene...........by Phenomix
+    15. Top 20 Hacking Sites and Hacking Forums.............by Phenomix
+    16. Greetz and Shouts go out to.........................by Phenomix
+    17. Conclusion..........................................by Phenomix
 

01. Introduction

Greetings,

Welcome, to the first issue of Wisdom Kings Magazine.

Let us introduce, ourselves.

Over the years the demise of the scene greatly contributed to the overall irrelevance of the basic principles that used to drive it - knowledge and power and yes irrelevance.

With major scene information repositiories and hacking sites going down the landscape greatly re-transformed itself into a commercial landscape re-transforming the scene the way we know it into a commercial paradise in particular the rise of the Threat Intelligence and Virtual CYBERINT marketplace consisting of thousands of active participants sharing data information and knowledge on current and emerging cyber threats and cyber threat attack vectors including a multitude of nation-state sponsored and tolerated Cyber Threat Actor adversaries successfully running a huge portion of fraudulent and malicious online campaigns and participating in a multi-million dollar underground Cybercrime Ecosystem.

The first issue of "Wisdom Kings" aims to inform and educate on the basic principles that used to drive the Scene - knowldge information and power.

Happy hacking!

Greetz,
Phenomix
Web site: https://astalavista.box.sk
Email: dancho.danchev@hush.com

+-+-++-+-++-+-++-+-++-+-++-+-++-+-+-+-+
+ 01. Setting them straight - 10 years back in the future

The year is 1998 and Progenic's Top 100's has just added yet another hacking group's portfolio such as for instance among my favorite hacking and security resources which included at the time - WarIndustries, System7, Blackcode, Progenic. Web Fringe, Neworder and TechnicalWarfare.

What was really taking place within the Scene and the Industry at the time? With new hacking and community projects continuing to pop-up on a daily basis it wasn't largely a surprise that a new generation of novice and amateur hackers was just beginning to take place with vast repositiories of tools and tutorials including articles and guides publicly accessible for everyone to take advantage of and most importantly to get in touch with someone and to learn.

What did we managed to achieve throughtout the past decade in terms of innovation development knowledge and data spreading to thousands of novice and experienced users across the globe? Let's take for instance the Threat Intelligence market segment - a pioneering passive and active virtual SIGINT marketplace with hundreds of groups participating including thousands of malicious and fraudulent online actors utilizing and relying on basic quality assurance and malicious economies of scale type of market-driven factors to scale their cybercrime and fraud-driven operations online prompting a systematic and nation-state driven response to a growing set of economic and financial terrorism type of online activity largely provoked by a specific set of Russian and Eastern European online adversaries.

Among my favorite personal Web site bookmarks at the time were the NBA.com including various other X-Files and related UFO-themed video and photo archive type of personal Web sites.

Believe it or not among the early basics of Technical Collection that I managed to inquire were throughout the public and proprietary research published by a company called iDefense which was basically always there to provide the necessary intelligence on current and future cyber groups and current and future cyber actors which greatly inspired me on my way to do my research in the field of OSINT (Open Source Intelligence) and later on Cybercrime Research and Threat Intelligence gathering. Who were the hackers and what were they up to? What tools did they use? How famous were they at the time? How did they manage to achieve all of this?

Remember the U.S-China crashed airplance skirmish? If it's going to be massive it better be good. What this incident clearly showcased at the time is the possible offensive cyber warfare scenario where U.S based and China-based hackers actually popped-up online to defend and actually launch attacks against each other potentially signifying one of the first major international cyber incidents at the time.

With TextFiles.com additions continuing to pop-up among the first and most notable sections that truly made me an impression and actually inspired me to get involved in the world of Hacking and basically the Scene was the Anarchy and Phreaking and Hacking sections next to the daily visits to Progenic.com Top100 list of hacking and security Web sites to actually catch up with the votes and check the new additions to the list to potentially obtain various hacking tools and trojan horses futher motivating me to work with them and potentially show them and share them with some of my closest friends of the time circa the 90's for the purpose of attempting to trick irc.dal.net users from various channels including #gay and #lesbians into accepting the latest bogus "screensaver" while exploiting a common flaw in the actual mIRC client where you could easily make it look like that the actual user is receiving an image which in reality was actually an executable part of the server client of a popular trojan horse release at the time.

01. Back to basics

When was the last time you actually bothered to visit the archive.org looking for old copies of your favorite Web sites to possibly inspire you on your way to achieve your latest project in the field of Intelligence Studies and the Information Security market segment or to actually upload your old UFO photos and videos collection online? Keep reading.

Among the key Web sites that you should consider visiting using archive.org include:

- Progenic.com
- TextFiles.com
- Webfringe.com
- Newoder.box.sk
- rootshell
- packetstormsecurity

Including the following modern alternatives in terms of your will and desire to acquire data information and knowledge:

- C4I.org
- packetstormsecurity
- link-base.org
-

The Definite Manual to Helping Re-surrect the Scene and the Security Industry in this particular case would be for novice users to launch a personal blog where they can share their ideas and actual research publications with the rest of the security community and the Scene including to launch and maintain something in the lines of a file and security directory repository next to a personal Web site or a YouTube vlog that also includes a podcast including to publicly host and share their research and presentations.

03. The Basics of Social Engineering

01. Introduction

Social engineering is the art, of portraying, a situation, to one's perceivable conscious needs, for, the purpose, of pre-emptively, portraying, the same situation, seeking long term and short team, social gain.

02. Picking up a target

For the purpose of this article, we'll pick up your local school.

You can be anything, that, you, want to be. It's all a matter of perspective. And objective. Setting up the right, expectations, when, assuming to, own, a target, is vital, for the success of your, attack.

Successfully, presumuing, the very best, in a, person, greatly, ensures, your success, from a self-positioning, potentially, owning, phrase, of the actual communication. We're all elite, when, we, tend, to rock, together. The difference?
We rock for ourselves. Our wisdom is our king, and our king is our prevalence. Pre-dominantly, positioning, ourselves, as communication,

Invite:
CrackZ@hotmail.com

09. Exposing the "Data Leaks" Paradise

In a world dominated by a countless number of malicious and fraudulent cyber threat actor adversaries including the rise of the "penetration testing" crowd whose ultimately goal is to actually lower down the entry barriers into the World of Information Security potentially resulting in thousands of enthical and unethetical penetration testing aware users across the globe who have the capacity and the potential to target thousands of legitimate Web sites in an attempt to take advantage of the "low-hanging fruit" it should be clearly noteated that throughout the past couple of years a new generation of wannabe hackers and information security enthusiasts began to take place namely the rise of the data brach and data leaks community within the Information Security Industry whose ultimately goal is to actually obtain access to compromised and potentially leaked database of confidential records including high-profile data leaks in the context of government-based leaked data that will be later on eventually traded and attempted to be taken advantage of in the context of launching targeted phishing and malware-spreading campaigns potentially affecting hundreds of thousands of users in the process.

The very notion that cybercriminals including white hat security experts and cybercrime fighters will eventually attempt to obtain access to for instance a compromised cybercrime forum for the purpose of exposing the personal details of its users that also include to possibly track down and geolocate including to actually profile and prosecute some of its members should be definitely considered as an old-fashioned trend in the actual fight against cybercrime online with more users and researchers joining the fight including the actual cybercriminals who might take additional measures to actually protect and prevent possible data leaks including various other OPSEC (Operational Security) type of measures in terms of positioning their cybercrime-friendly forum community as a invite-only or actually launching it in a a vetted and invite-only fashion.

What's should be clearly noted is that with the mainstream media continuing to raise awareness on the existence of high-profile hacking groups and hackers including the rise of the Anonymous crowd it should be clearly noted that wannabe and potential hackers would continue trying to steal the necessary media attention and actual "know-how" from high-profile hacking groups and individual hackers involved in high-profile data leaks and data breaches.

10. How not to get "caught"

Have you ever dreamed of getting "caught" and actually making the headlines with your latest research that also includes the digirally naughty party of your research? It should be clearly noted that every decent security researcher and wannabe hacker should take basic pracautions for the purpose of ensuring that their online activities including access to their research remains properly protected from nation-state and fellow researcher's access with basic OPSEC (Operational Security) in mind which basically includes basic "sock-puppet" type of online personas including the active use of proprietary and off-the-shelf VPN (Virtual Private Network) including the active use of anti-fingerprint based browser including basic online pracautions such as for instance the use of PGP and end-to-end real-time communication encryption for the purpose of getting involved in related projects and actually keeping in touch with fellow colleagues and researchers.

Let's discuss some basic OPSEC (Operational Security) principles and offer an in-depth discussion on various practical OPSEC tactics and strategies for the purpose of ensuring that your online activity remains properly protected including the actual protection of your intelellectual "know-how" and research and analysis data. Among the first basic principles that you should properly ensure is the active use of basic "hardware-isolation" principles that also includes the active use of a proprietary commercial and off-the-shelf VPN service provider such as for instance Cryptohippie.

14. Exposing the Bastards who the Scene

It used to be a situation where technological "know-how" and operational capabilities to make an impact globally used to be the primary motivation factor for an entire generation of hackers/crackers/phreakers and security experts globally today's modern and sophisticated security industry with hundreds of participants and high-profile experts who are basically responsible for protecting high-profile and nation-state networks including their direct involvement in high-profile and sensitive security and cyber intelligence gathering projects where everyone is busy gathering cyber intelligence including to actually take the game a little bit deeper potentially causing widespread industry buzz in case where a successful cyber attack attribution takes place or in case where the team of professionals somehow manages to establish a direct relationship between a cyber attack instance with a real-life person or a group of people most notably hackers or another team of high-profile or nation-state hacking group or a team of professional security experts.

Do you remember the Scene the way we know it circa the 90's? Who were some of your favorite high-profile researchers at the time including high-profile hackers and security experts? Did you hang out a lot on IRC? Have you ever dreamed of speaking with a hacker or joining a hacker group on your own? Keep reading.

In this article I'll discuss in-depth the Scene the way we know it circa and try to compile in-depth personal dossiers of some of the people that inspired me to join the Scene and the security industry at the time and offer an in-depth overview and discussion of their professional path and achievements circa the 90's up to present day and basically explain and actually expose the bastards who stole the scene. Keep reading.

16. Greetz and Shouts go out to

In this section we wanted to take the time and effort and elaborate more on folks that we know touch base with work with cherish and continue to support in a variety of projects namely:

- Lance Spitzner from the Honeynet Projects who personally invited me to visit the GCHQ back in 2008 and make a presentation

- Steve Santorelli from Team Cumry who personally invited me to visit the INTERPOL HQ in Lyon and make a presentation at an invite only conference

- John Young from Cryptome.org for keeping it cool and for keeping in touch throughout the years and for maintaining the repositiory.

Saturday, December 04, 2021

Automated Social Engineering Driven OTP (One-Time-Passwords) and Two Factor Authentication Bypassing Platform and Mobile Application Spotted in the Wild - An Analysis

I've recently stumbled upon a newly released DIY social engineering and OTP (One-Time-Passwords) and two-factor authentication bypassing platform and mobile application which is fully capable of socially engineering a gullible end user into falling victim into a targeted social engineering driven campaign that's currently impersonating a variety of services and financial institutions globally.


Sample screenshots of the DIY OTP (One-Time Passwords) and two-factor authentication bypassing platform:




















Labels: , , , , , ,