Exposing Bulgaria’s "Circles" Commercial Spyware Vendor - An Analysis

0
April 26, 2024

It doesn't get any better than this.

Infecting users with commercial spyware where you've managed to somehow infiltrate the global ecosystem of exploits vulnerabilities including "cyber arms" for your own commercial gain and other's suffering to the point of point and click malware infections to both experienced and simple users is simply disgusting.

Here's my OSINT analysis of Bulgaria's infamous commercial spyware vendor known as Circles.

hxxp://circles.bz - support@circles.bz

Nadezhda Ropleva -> hxxp://lighthousesystem.net

52.29.174.30 -> ec2-52-29-174-30.eu-central-1.compute.amazonaws.com -> hxxp://vulcan-club-online.com

Related responding IPs:

52.59.17.122

52.57.237.76

52.59.25.179

52.59.84.176

52.58.213.184

97.74.215.85

50.87.144.136

46.107.239.88

118.169.224.5

hxxp://tracksystem.info

87.121.58.6

46.107.239.141

87.121.58.4

46.107.239.89

46.107.239.12

hxxp://nac-2013.us - Email: dimitar.markov@circles.bz

hxxp://globalhubcom.com - Email: YyhplaFwhvhlp@hotmail.com - Email: nadia.ropleva@circles.bz

46.107.239.88 -> hxxp://worldsupport.info

AS60097

hxxp://vulcan-club-online.com -> hxxp://vlk-casino-club.com

Social media accounts:

hxxp://www.facebook.com/nadia.ropleva

hxxp://www.slideshare.net/nadiaropleva

Sample screenshots:

Related sample screenshots:

Stay tuned.

About Dancho Danchev

Independent Security Consultancy, Threat Intelligence Analysis (OSINT/Cyber Counter Intelligence) and Competitive Intelligence research on demand. Insightful, unbiased, and client-tailored assessments, neatly communicated in the form of interactive reports - because anticipating the emerging threatscape is what shapes the big picture at the end of the day. Approach me at dancho.danchev@hush.com

0 Comments:

Subscribe to: Post Comments (Atom)