Dear blog readers,
This is Dancho.
How to use this manual testimony?
- Reference me Dancho Danchev
- My web site
(https://ddanchev.blogspot.com)
- My research portfolio as PoC
(Proof of Concept) (https://archive.org/details/@ddanchev)
- My email address
(
dancho.danchev@hush.com;
disruptive.individuals@gmail.com)
My key points:
- I have never received anyone's
acknowledgment for my achievements or a reward
- I was never approached with any
sort of acknowledgment by Facebook on my Koobface Gang research
- I'm publishing my own testimony with the idea that I'm looking for someone's acknowledgment for my
contributions and impact in the field and as a possible form of
financial reward achievement that I could get prior to publishing my manual testimony and in a way as a form for my retirement from
the field
Key summary points that you didn't
know:
- up to my invitation to join
ZDNet in 2008 from 2005 to 2008 the only thing that mattered to me
the most was to publish at my personal blog
https://ddanchev.blogspot.com
never seeing or realizing any possible or potential income and it
really worked
- the modest amount for the
articles that I was getting from ZDNet I was using to maintain a
teenager lifestyle and it was enough
- prior to joining Webroot where
I was surprisingly but according to me well deserved salary I was
earning more than any of my colleagues or people that I knew online
were
Quick Q&A:
Who are you?
I'm a 41 years old security blogger cybercrime researcher OSINT analyst and threat intelligence analyst from Bulgaria. I've always been an independent contractor and I often work under NDAs.
What are you up to?
I'm trying to claim a reward from Rewards for Justice for my Conti Ransomware Gang research.
What do you want?
Acknowledgement from someone in the field for my Koobface Gang research from 2008 to 2013.
How can we assist?
Drop me a line and say hi and keep up the good work.
Date: 16.01.2025
Email: dancho.danchev@hush.com
Web Site:
https://ddanchev.blogspot.com
Executive Summary:
Ladies and
gentlemen, esteemed colleagues, and friends, Today, I stand before
you to shed light on a pressing issue that affects every single one
of us in this digital age. It is a journey I have taken, inspired by
the insights of a remarkable individual, Dancho Danchev. A
cybersecurity expert who has navigated the complex and often murky
waters of the information security industry. His self-hosted
testimony resonates deeply, urging us to pause and reflect on how
this industry functions, or rather how it is failing to function as
it should. In a world where everything is interconnected, we rely on
technology to communicate, work, and thrive. Yet with every click of
a button, we expose ourselves to vulnerabilities that can have dire
consequences. Dancho Danchev’s experiences highlight the paradox we
face. Despite our increased reliance on technology, the information
security industry often seems ill-equipped to protect us from the
very threats it promises to defend against. Let us consider the core
of Dancho’s testimony. He argues that while we have made
significant advancements in technology, the industry itself has
become bogged down by bureaucracy, profit motives, and a lack of
genuine understanding of real threats. These issues create a chasm
between what we need in cybersecurity and what is actually delivered.
The industry is filled with products and services that are marketed
as solutions but often do not address the root causes of our
vulnerabilities. Imagine for a moment that you are standing at the
edge of a vast ocean. You see the waves crashing against the shore,
powerful and relentless. You know that beneath the surface lies a
world of unknowns. This is akin to our online presence. Every day, we
dive into the digital ocean, armed with the tools provided by the
information security industry. Yet, how many of us truly understand
what lurks beneath the surface? How many of us are equipped to
navigate through potential dangers? Danchev’s testimony serves as a
wake-up call. He emphasizes the importance of education and
awareness. It is not enough to rely solely on technology to protect
us. We must be proactive in our approach. We must take the time to
educate ourselves about the risks and the challenges we face. It is
about building a culture of cybersecurity awareness that transcends
beyond just the IT department. It is about empowering every
individual to take responsibility for their own digital safety. In
his remarks, Dancho highlights the need for transparency within the
cybersecurity industry. Too often, companies hide behind jargon and
complex terminologies that only serve to confuse rather than clarify.
It is essential that we demystify the language of cybersecurity and
make it accessible to everyone. We need to foster an environment
where open communication thrives, where questions can be asked
without fear, and where knowledge is shared freely. Furthermore, we
must recognize the role that collaboration plays in strengthening our
defenses. Dancho advocates for partnerships across sectors and
industries. Cybersecurity is not just an IT issue; it is a business
issue, a social issue, and a global issue. By coming together,
sharing insights, and learning from one another, we can create a more
robust framework for protection. The strength of our collective
knowledge can be our greatest asset. As we reflect on Dancho
Danchev's insights, I urge you to consider your own role in this
ecosystem. Each of us has a part to play in shaping the future of
cybersecurity. Whether you are an IT professional, a business leader,
or simply a concerned citizen, your voice matters. Your actions
matter. The choices we make today will determine the security
landscape of tomorrow. So what can we do? First, let us commit to
lifelong learning. The digital landscape is constantly evolving, and
with it, the threats we face. Stay informed, take courses, attend
workshops, and engage in discussions. Arm yourselves with knowledge,
for it is the most powerful weapon we have against cyber threats.
Second, let us advocate for better practices within our
organizations. Support initiatives that prioritize cybersecurity
training for all employees. Encourage open dialogues about potential
threats and vulnerabilities. Create a culture where cybersecurity is
everyone’s responsibility, not just the IT team. And finally, let
us push for change within the industry itself. Demand transparency
from cybersecurity providers. Seek out solutions that are not only
effective but also understandable. Engage with organizations that
prioritize education and awareness over profit margins. Together, we
can hold the industry accountable for its promises. In conclusion,
Dancho Danchev’s testimony is not just a critique of the
information security industry. It is a call to action. It challenges
us to rethink how we approach cybersecurity and inspires us to take
charge of our own digital safety. As we move forward, let us embrace
the responsibility that comes with our technological advancements.
Let us work together to create a safer digital world for ourselves
and for future generations. Thank you.
Let's start from the basics. Check out the following image of Facebook's Chief Security Officer Joe Sullivan. What's the first thing that you notice on the attached image? Check out the Christmas tree screenshot of the Koobface botnet which is clearly visible on the right.
If it's supposed to take you back you should be clearly familiar with the screenshot courtesy of my blog where the actual Christmas message and screenshot by the Koobface Gang were actually referencing me and a personal link to my blog.
Our work against Koobface would not
have been possible without the work of the following - Gadi
Evron, Jan Droemer, Gary Warner, Brian Tanner, The Koobface Working
Group - Facebook Security thanks them for their continued
help.
We were all
jumping in on trying to solve the issue with multitude of unknown
individuals doing the research and Facebook doesn't knowing a clue
about it or approaching the researchers or crediting and giving
donation amounts to the wrong individuals.
Some key summary points:
- I was never
approached by Facebook
-
I was never
offered a job
-
My research
was never mentioned
-
I never got
public acknowledgment of my work
In 2010 I was
approached by NYTimes journalist Riva Richmond in terms of my
research on the Koobface botnet and we eventually ended up meeting in
Sofia, Bulgaria to discuss my research where I eventually got quoted
in the NYTimes article with my research on the Koobface botnet.
What was
specifically and basically going on back then in terms of the
Koobface botnet and research on the Koobface botnet was that an
unknown set of individuals were supposedly tracking it down and
monitoring it where in reality and in fact I was among the few and
the primary sources of information on the daily whereabouts of the
Koobface botnet in terms of actionable intelligence and research.
My primary
contacts at Facebook at the time were Donald Webster, Ryan McGeehan
and Alex Rice with whom I've exchanged emails on the topic.
Back in the day
Facebook's CISO was Joe Sullivan who I never really knew or got
approached by.
The interesting
part here is that although I really pretended that I was the primary
and among the few original sources in terms of research and analysis
on the Koobface botnet I never really knew anyone or actually how
they managed to contribute to properly distribute and disseminate
their research on how they did. In terms of the Koobface Working
Group although I got something in the lines of an invitation to
participate my primary concern and motivation at the time was to
continue monitoring it and disseminating my research to the security
community and my blog readers which I was actively doing at the time
on a full time basis on my own for a period of two and a half years.
