Cyber Security Project Investment Proposal - DIA Needipedia - Fight Cybercrime and Cyber Jihad With Sensors - Grab Your Copy Today!

Dear blog readers, I decided to share with everyone a currently pending project investment proposal regarding the upcoming launch of a proprietary Technical Collection analysis platform with the project proposal draft available on request part of DIA's Needipedia Project Proposal Investment draft or eventually through the Smith Richardson Foundation.

In case you're interested in working with me for the purpose of implementing the project solution including a possible investment proposal on your behalf -- that also includes a possible VC or an angel investor introduction -- I can be reached at dancho.danchev@hush.com

Looking forward to receiving your comments questions feedback and general remarks including possible investment proposal requests. Happy Holidays!

Enjoy!

01. Executive summary
The Obmonix platform aims to build the world's most versatile and comprehensive sensor network for intercepting cybercrime and cyber jihad activity on a global scale successfully positioning the project as a leading in-house built provider for actionable intelligence within the Intelligence Community.

02. What are you trying to do?
The Obmonix platform aims to build the world's most versatile and comprehensive sensor network for intercepting cybercrime and cyber jihad activity successfully positioning the platform as a leading in-house provider of actionable intelligence within the Intelligence Community.

03. How is it currently done?
Largely relying on a selected set of outsourced intelligence-gathering providers the Intelligence Community overall reliance on commercial intelligence gathering providers has successfully positioned the Intelligence Community with a limited sight in terms of pro-active and systematic response to cybercrime and cyber jihad events globally.

04. What's new?
Largely relying on the utilization of multiple interception vectors including hybrid-based type of sensor networks the Intelligence Community is successfully positioned to successfully intercept and proactively respond to a growing set of cybercrime and cyber jihad events globally.

05. Who cares?
The Intelligence Community largely positioned to take advantage of a growing set of technologies for the purpose of pro-actively responding to a growing set of cybercrime and cyber jihad events globally is ultimately empowered to take advantage of modern hybrid-based type of sensor networks for the purpose of successfully intercepting and responding to a growing set of cybercrime and cyber jihad events globally.

06. What are the risks?
Successfully positioning the provider as a leading provider for actionable intelligence in terms of cybercrime and cyber jihad events globally within the Intelligence Community will successfully position the Obmonix platform and its operator as a leading provider of actionable intelligence within the Intelligence Community.

Transmittal Letter

My name is Dancho Danchev I'm an internationally recognized cybercrime researcher security blogger and threat intelligence analyst currently maintaining some of the industry's leading threat intelligence gathering information-sharing resources having successfully contributed to the overall demise of cybercrime internationally having successfully monitored analyzed and processed some of the industry's major nation-state and  malicious actor type of malicious campaigns over the last decade leading me to a successful  career as a cybercrime researcher security blogger and threat intelligence analyst leading me  to a successful launch of my newly launched startup named Disruptve Individuals and the Obmonix - Cybercrime and Cyber Jihad Fighting Sensor Network.

Having successfully pioneered my own methodology for processing threat intelligence data including active dissemination of threat intelligence data to a variety of sources including an in-depth understanding of the Intelligence Cycle I'm certain that based on my experience the time  has come to establish a professional and working relationship with a government-private sector enterprise leading me to a successful project proposal within the Intelligence Community and the security industry.

My initial goal for submitting a project proposal is to ensure that the Intelligence Community remains on the top of its game and that the United States remains ahead of adversaries looking  to  profit from its economic might including the successful compromise of its infrastructure potentially targeting the life's and well-being of its citizens globally.

Largely relying on a set of industry-leading contacts my initial idea is to ensure that the Intelligence Community remains actively empowered with the world's largest and most comprehensive platform for monitoring profiling and proactively responding to malicious nation-state malicious actors type of cybercrime and cyber-jihad activity globally through the successful establishing of a government-private sector type of partnership leading me to a successful launch of my own company leading me to a successful project-based type of project proposal.

Having actively contributed to the overall demise of cybercrime internationally through the last  decade I'm certain that my expertise ambition and expertise in the field will successfully contribute to the Intelligence Community's overall mission including a currently active project within the Intelligence Community and the security industry.

I sincerely hope that my project proposal will be eventually funded leading me to become an active participant within the Intelligence Community with a currently active project within the Intelligence Community and the security-industry.

Company Overview

The following brief will provide a detailed summary of the company overview including key success factors and a project taxonomy.

Disruptive Individuals is a research-intensive data-driven company successfully establishing the world's largest snapshot of malicious cybercrime activity for the purpose of offering the industry the world's most versatile portfolio of malicious cybercrime-driven services successfully positioning itself as the world's leading provider of real- time intelligence-driven services and product portfolio including cybercrime-research data malicious activity profiling services and custom-tailored intelligence assessments successfully positioning the company as the world's leading provider of cybercrime-data driven research-intensive intelligence data-driven company.

Key Success Factors

• the platform will be ultimately capable of establishing the industry's largest data set of cybercrime activity for the purpose of real-time monitoring and profiling of malicious cybercrime activity successfully infiltrating the majority of cybercrime forum communities successfully establishing the foundations for an intelligence gathering process
• the platform will be ultimately capable of real-time forum data localization for the purpose of successfully establishing the foundations for a successful intelligence gathering process
• the platform will be ultimately capable of establishing the foundations for real-time monitoring and profiling of malicious activity including forum member data successfully establishing the foundations for a successful intelligence gathering process
• the platform will be ultimately capable of establishing the world's largest data set of historical cybercrime activity successfully establishing the foundations for a successful intelligence gathering process

Return on Investment

• research-based forum activity driven intelligence feeds
• the company will be ultimately capable of offering subscription based type of intelligence driven services including intelligence and data-driven cybercrime and malicious-activity capable feeds
• community-driven data processing capabilities
• the company will be ultimately capable of offering public feeds to include the necessary data for the purpose of establishing an active community-based intelligence-data driven type of intelligence-data driven type of services and feeds
• intelligence feed subscription type of managed intelligence-feed driven services
• the company will be ultimately capable of offering tailored intelligence-driven data feeds successfully empowering security enthusiasts security experts researchers and government contractors with the necessary data and expertise to offer an insight into the company's vast network of data and intelligence driven type of services

Company Data Project Taxonomy

This intelligence brief will details the basic company project taxonomy structure for the purpose of establishing the foundations for a successful data and intelligence-driven type of research based type of cybercrime and malicious-activity tracking activity to include but not limited to cybercrime community forum data and active social media monitoring and, profiling capabilities.

Cybercrime Sensor Network

This intelligence brief will details the basic company project taxonomy structure for the purpose of establishing the foundations for a successful data and intelligence-driven type of research based type of cybercrime and malicious-activity tracking activity to include but not limited to cybercrime community forum data and active social media monitoring and profiling capabilities.

Spam Message

• spam source
• spam message
• nation-state actors
• malicious-adversaries
• country
• hosting provider
• ASN
• IP reputation
• message
• embedded URL
• embedded attachment

Phishing Message

• phishing source
• phishing message
• nation-state
• malicious-actors
• spear-phishing
• targeted-attack
• country
• hosting provider
• ASN
• IP reputation
• message
• embedded URL
• embedded attachment

Malicious Software

• nation-state actors
• malicious-adversaries
• C&C phone back location
• country
• hosting location
• ASN
• screenshot
• malicious MD5

Malicious URL

• nation-state actors
• malicious-adversaries
• country
• hosting provider
• ASN
• client-side exploitation
• client-side exploit sample

Android malware

• nation-state actors
• malicious-adversaries
• C&C phone back
• country
• hosting provider
• ASN
• SMS feature
• Screenshot
• malicious MD5

Mac OS X malware

• nation-state actors
• malicious-adversaries
• C&C phone back
• country
• hosting provider
• ASN
• Screenshot
• malicious MD5

Explanation of Honeypot Technology

Honeypot technology greatly ensures that actionable and real-time data of jihadist activities can be acquired profiled and analyzed acting as an early warning system for jihadist activity online.It relies on the systematic positioning of misconfigured network devices to better allow the use of monitoring sensors attracting malicious traffic leading to an eventual compromise allowing for better understanding of the motivation and capability estimation of the attacker including active motivation and capabilities type of attribution leading to the production of actionable real-time type of intelligence type of research and analysis type of data.

Honepot Deployment Strategy

Honeypot technology greatly ensures that actionable and real-time data of jihadist activities can be acquired profiled and analyzed acting as an early warning system for jihadist activity online.

• Fake Newspaper - Al-Jihah

The initial idea behind setting up a fake newspaper (in Persian, Arabic) would be to establish the foundation for a successful deceptive early warning system sensor further ensuring that actionable and real-time jihadist activity data can be collected profiled and interpreted for producing real-time intelligence summary reports. Daily updates with pro-jihadist material would ensure the quality acquisition of traffic including potential deceptive campaigns to be intercepted profiled an analyzed acting as an early warning system sensor further ensuring the collection of actionable real-time jihadist activities data.

The Al-Jilah newspaper would act as a central repository for, various anti-jihad content successfully positioning the paper as a primary attack target for cyber jihadist online successfully increasing the probability for a successful attack and eventually collecting and interpreting the attack data. The Al-Jilah newspaper would act as a central repository of anti-jihad content and would be localized in Persian in Arabic successfully penetrating local and highly segmented markets for the purpose of increasing the probability of a successful attack.

Various public placement strategy in terms of positioning the honeypot technology within the eventual attack compromise activity would include active search engine optimization techniques successfully leading to a great degree of capability estimation attack traffic and would also result in eventual direct forum placement within various prominent jihadist activity online forum communities.

• Fake Bank – Arabah Financing

The initial idea behind setting up a fake bank (in Persian, Arabic) would be to establish the foothold of a deceptive campaign ensuring the collection of actionable real-time time jihadist data to be analyzed and profiled. Successfully positioning the bank within the network assets acquisition would ensure the collection of actionable and real-time jihadist data further ensuring the successful interception of jihadist activities online.

The initial idea behind setting up a fake bank would be to successfully position a fake Web site successfully resulting in the active deployment of honeypot appliance technologies for the purpose of monitoring and profiling various jihadist activity online. Successfully setting up a fake bank in Persian and Arabic would result in the active penetration of various market segment properties successfully resulting in the active profiling and monitoring of jihadist activity online. 

Successfully setting up a fake bank would result in the active publication of content inter-related news releases emphasizing on major localized and segment released type of content successfully resulting in the active profiling and monitoring of various jihadist activity online.Successful positioning in terms of points of contact would ensure active phishing and malware attack profiling and monitoring successfully resulting in active profiling and monitoring of jihadist activity online.

• Fake university – Abkazah University

The initial idea behind setting up a fake university (in Persian, Arabic) would be to establish the foothold of a deceptive campaign ensuring the collection of actionable real-time time jihadist data to be analyzed and profiled. Successfully positioning the bank within the network assets acquisition would ensure the collection of actionable and real-time jihadist data further ensuring the successful interception of jihadist activities online.Successful positioning in terms of points of contact would ensure active phishing and malware attack profiling and monitoring successfully resulting in active profiling and monitoring of jihadist activity online.

The initial idea of setting up a fake university would result in the active profiling and monitoring of various jihadist community type of jihadist activity online successfully positioning a localized in Persian and Arabic fake university successfully resulting in the active profiling and monitoring of jihadist activity online. Sample fake university content type of localized fake university portfolio of facilities and educational courses would result in the active positioning for a localized and segmented active profiling and monitoring of jihadist activity online. 

It would consist of active SCADA research and cyber security type of research and analysis facility allowing the active monitoring of malicious activity, for the origin source country Iran, Pakistan, Saudi Arabia, Iraq and Syria.Successful positioning in terms of points of contact would ensure active phishing and malware attack profiling and monitoring successfully resulting in active profiling and monitoring of jihadist activity online.

• Fake Company – Ostan Industries

The initial idea behind setting up a fake company would be to successfully intercept and profile actionable real-time jihadist activities online to successfully intercept and profile various jihadist activities online.The initial idea behind setting up a fake company would be to position a SCADA type of infrastructure localized in Persian, Arabic for the purpose of successfully profiling and monitoring various jihadist activity online. 

With a successful placement and active content generating localized in Persian, Arabic a fake company deployment using honeypot appliance technology would result in active capability estimation and profiling of various jihadist activity online.Successful positioning in terms of points of contact would ensure active phishing and malware attack profiling and monitoring successfully resulting in active profiling and monitoring of jihadist activity online.

Cyber Jihad Sensor Network

This intelligence brief will details the basic company project taxonomy structure for the purpose of establishing the foundations for a successful data and intelligence-driven type of research based type of cybercrime and malicious-activity tracking activity to include but not limited to cybercrime community forum data and active social media monitoring and profiling capabilities.

• forum topic

the platform will be ultimately capable of processing a particular forum topic for the purpose of establishing the foundations for a successful intelligence gathering process

• forum message

the platform will be ultimately capable of processing a particular forum message for the purpose of establishing the foundations for a successful intelligence gathering process

• forum member

the platform will be ultimately capable of processing a particular forum member for the purpose of establishing the foundations for a successful intelligence gathering process

• forum member message

the platform will be ultimately capable of processing a particular forum member message for the purpose of establishing the foundations for a successful intelligence gathering process

• forum message

- the platform will be ultimately capable of processing a particular forum message for the purpose of establishing the foundations for a successful intelligence gathering process

• forum message

- the platform will be ultimately capable of processing a particular forum external message for the purpose of successfully establishing the foundations for a successful intelligence gathering process

• forum time

- the platform will be ultimately capable of processing a particular forum time for the purpose of establishing the foundations for a successful intelligence gathering process

• forum data

the platform will be ultimately capable of processing data including date time message url email ultimately establishing the foundations for a successful intelligence gathering process

• forum URL

the platform will be ultimately capable of processing a particular forum URL further establishing the foundation for the Obnomix platform further establishing the foundations for a  successful intelligence gathering  process

• forum media

the platform will be ultimately capable of processing forum media further establishing th foundations for the Obnomix platform further establishing the foundations for a successful intelligence gathering process

• forum email

the platform will be ultimately capable of processing forum email further establishing the foundations for the Obnomix platform further establishing the foundations for a successful intelligence gathering process

• forum contact

the platform will be ultimately capable of processing forum contact further establishing the foundations for the Obnomix platform further establishing the foundations for a successful intelligence gathering process

Sample ISIS Social Media Twitter Accounts:

• https://twitter.com/As_soumaly
• https://twitter.com/wilayat_cairo56
• https://twitter.com/lSmisMUJAHlDAH
• https://twitter.com/islamdamas1980 40k
• https://twitter.com/HA_alshami03
• https://twitter.com/jundi71033868
• https://twitter.com/nor92331
• https://twitter.com/WmWmWm57
• https://twitter.com/tytxzxxz
• https://twitter.com/raisiiiiii
• https://twitter.com/FIIIIII2015
• https://twitter.com/BrCdPrsnr
• https://twitter.com/leembfs2017
• https://twitter.com/Sheb84669751
• https://twitter.com/GMCTNT_1979
• https://twitter.com/i593162
• https://twitter.com/bela_hudood
• https://twitter.com/_u_r7yok
• https://twitter.com/kalmat_haaq
• https://twitter.com/meersbo2
• https://twitter.com/iahmd61
• https://twitter.com/TurMedia316
• https://twitter.com/shamtu_33
• https://twitter.com/hoec15
• https://twitter.com/ll41lll
• https://twitter.com/AlJabarti45
• https://twitter.com/abo_roqaia82
• https://twitter.com/inmyheartisis
• https://twitter.com/gurababiz1551
• https://twitter.com/jhkghjy
• https://twitter.com/Hero_isis_711
• https://twitter.com/itc_hallo
• https://twitter.com/TurMedia316
• https://twitter.com/JUI_LJ
• https://twitter.com/SomQaeda
• https://twitter.com/TARLEE4
• https://twitter.com/Muj_93_Hed
• https://twitter.com/dieebkhel
• https://twitter.com/HJdjdu
• https://twitter.com/anwartab
• https://twitter.com/SYRIA_GID
• https://twitter.com/Xkb038
• https://twitter.com/MKoshur2
• https://twitter.com/abutalut8
• https://twitter.com/AEJKhalil
• https://twitter.com/abu2legend
• https://twitter.com/Gqeflfwlemqpdmf
• https://twitter.com/alhlby027
• https://twitter.com/SuehwShehe
• https://twitter.com/sdsdsd325245
• https://twitter.com/gffggll1
• https://twitter.com/ISIS_1979GMC
• https://twitter.com/dola24687
• https://twitter.com/timbosulli
• https://twitter.com/f75da586675f456
• https://twitter.com/khilafahinfos
• https://twitter.com/allbasra
• https://twitter.com/Muhaajirah_
• https://twitter.com/abufalahalhind4
• https://twitter.com/Saeed_alHalabi0
• https://twitter.com/iislamic12
• https://twitter.com/TaWhEeD_O
• https://twitter.com/avuOmar_shams
• https://twitter.com/abouanstunisi
• https://twitter.com/homsiia
• https://twitter.com/4_7m0o0d
• https://twitter.com/ Djoiyriajw
• https://twitter.com/96176629289
• https://twitter.com/killer_cail99
• https://twitter.com/mfawas1
• https://twitter.com/ohatab8
• https://twitter.com/Ultrasmuslim1
• https://twitter.com/A05462492
• https://twitter.com/azve76
• https://twitter.com/ClemStalDim
• https://twitter.com/mahmood
• https://twitter.com/aqill41
• https://twitter.com/iahmd61
• https://twitter.com/azve76
• https://twitter.com/PicotNo
• https://twitter.com/h_a_e_23
• https://twitter.com/goo_ias
• https://twitter.com/_irl_toby6
• https://twitter.com/samha1o
• https://twitter.com/samha1o
• https://twitter.com/rdcongo_news
• https://twitter.com/hytegetydyte
• https://twitter.com/f75da586675f456
• https://twitter.com/Muj_93_Hed
• https://twitter.com/abohashmily
• https://twitter.com/Alhareth_2
• https://twitter.com/wfsfsd
• https://twitter.com/FoopSeven
• https://twitter.com/azve77
• https://twitter.com/Ali_G303L
• https://twitter.com/R9O7GupXDM0b0pd
• https://twitter.com/georgebinto1
• https://twitter.com/nightwalker_74he
• https://twitter.com/ahmadvasvv565
• https://twitter.com/Ansar_AlSharia0
• https://twitter.com/Alsloli_dog/media
• https://twitter.com/inmyheartisis
• https://twitter.com/om_elbarae1
• https://twitter.com/saadsaudi2014
• https://twitter.com/timotim91217281
• https://twitter.com/ii_o_01ru
• https://twitter.com/aljanady75
• https://twitter.com/Katz0UmAlBaraa0
• https://twitter.com/_Mi_Sk_
• https://twitter.com/Misk_2_a
• https://twitter.com/ISIS1995DD
• https://twitter.com/moohger121
• https://twitter.com/Omisshaq
• https://twitter.com/qatada_93
• https://twitter.com/Is_zarkiue
• https://twitter.com/Ali_G303L
• https://twitter.com/fgh959
• https://twitter.com/sdg42303540
• https://twitter.com/alptter_
• https://twitter.com/umaisha55
• https://twitter.com/algwsd2233
• https://twitter.com/dfgndf2
• https://twitter.com/leembfs2017
• https://twitter.com/wearekillkofar
• https://twitter.com/Om_islam47
• https://twitter.com/islamic_iso
• https://twitter.com/_a_a_20
• https://twitter.com/truth_ee
• https://twitter.com/Fahad_Buhendi
• https://twitter.com/lmj_hallo
• https://twitter.com/er_er_500
• https://twitter.com/86Roben
• https://twitter.com/DsdsdsfSddsd
• https://twitter.com/abu_a_88
• https://twitter.com/sadkingp20
• https://twitter.com/noor_sban6
• https://twitter.com/is5_is5
• https://twitter.com/JUI_LJ
• https://twitter.com/qatada_9
• https://twitter.com/abo_al_zubair
• https://twitter.com/Othman14_C4
• https://twitter.com/nedalo9314
• https://twitter.com/SamaIQ__90
• https://twitter.com/Mar44ma
• https://twitter.com/Manaln9
• https://twitter.com/phupeuea
• https://twitter.com/raisiiiiii
• https://twitter.com/aljanady75/
• https://twitter.com/_Mi_Sk_
• https://twitter.com/Misk_2_a
• https://twitter.com/ISIS1995DD
• https://twitter.com/moohger121
• https://twitter.com/198_mazen
• https://twitter.com/CavalierDuSham
• https://twitter.com/SinaiTor
• https://twitter.com/NaserIS8
• https://twitter.com/oumme_aymen10
• https://twitter.com/gaznaya
• https://twitter.com/un_serviteur
• https://twitter.com/Tekindebeyvin
• https://twitter.com/_DavidThomson
• https://twitter.com/VegetaMoustache
• https://twitter.com/MillatIbrahim1
• https://twitter.com/Hayati_LiLLah_
• https://twitter.com/Alitt1245
• https://twitter.com/salehalawlqi1
• https://twitter.com/SimNasr
• https://twitter.com/xonraqqa
• https://twitter.com/aodaaoda4
• https://twitter.com/_Mi_Sk_
• https://twitter.com/anwartab
• https://twitter.com/waswa0127
• https://twitter.com/ali523480
• https://twitter.com/Rhbdbd1
• https://twitter.com/AnsarAlSharia13
• https://twitter.com/AlJabarti46
• https://twitter.com/IslamiyaKurdi
• https://twitter.com/zayanepower
• https://twitter.com/WalaAndBara
• https://twitter.com/SFKIIIHHF__oO33
• https://twitter.com/AAdhim10
• https://twitter.com/MhdSayf
• https://twitter.com/abo_67_omar
• https://twitter.com/DawlaBrulFrance
• https://twitter.com/strange76292811
• https://twitter.com/VbnIsrt
• https://twitter.com/IS_IS021
• https://twitter.com/IS_IS022
• https://twitter.com/AbdAllahGaza
• https://twitter.com/khilafah01_
• https://twitter.com/iislamic12
• https://twitter.com/ajmurgent
• https://twitter.com/baqiya79R
• https://twitter.com/abujamaludeen02
• https://twitter.com/ibn_abdiqany
• https://twitter.com/killercat600
• https://twitter.com/MisciFromTheD
• https://twitter.com/3aam_Al_Diri
• https://twitter.com/mnhtye
• https://twitter.com/block_151
• https://twitter.com/Hijazi_9111
• https://twitter.com/ibn_dyala93
• https://twitter.com/jxcjcj1
• https://twitter.com/mosalma1991
• https://twitter.com/rfvb7
• https://twitter.com/alaser100
• https://twitter.com/asd4000hd
• https://twitter.com/AbdAllahGaza
• https://twitter.com/MhdSayf
• https://twitter.com/aqaq1qa
• https://twitter.com/mhunc1231
• https://twitter.com/azdyisis55
• https://twitter.com/Baghdad9191
• https://twitter.com/74gh1
• https://twitter.com/nnbb77881
• https://twitter.com/a_t__29__7a
• https://twitter.com/Kh_nsa143
• https://twitter.com/theykillmybro
• https://twitter.com/210Birdy
• https://twitter.com/daish90
• https://twitter.com/A___A_c
• https://twitter.com/soman611
• https://twitter.com/qwerwoow
• https://twitter.com/fojraqqa
• https://twitter.com/saegr2
• https://twitter.com/ezzislamm
• https://twitter.com/ach3ari_maliki
• https://twitter.com/Ansar5433
• https://twitter.com/waja__1
• https://twitter.com/Islamic_3344
• https://twitter.com/Oj7jl (doe
• https://twitter.com/zeses2
• https://twitter.com/abu_a_89
• https://twitter.com/medad_med1
• https://twitter.com/block_151
• https://twitter.com/Alkurdi1995
• https://twitter.com/haydra2233
• https://twitter.com/Asirat_Tunisia1
• https://twitter.com/Rouba56
• https://twitter.com/KA_ll7
• https://twitter.com/bwwwg
• https://twitter.com/aljabri354
• https://twitter.com/msaks241
• https://twitter.com/wffff11089
• https://twitter.com/Djjjdjd4
• https://twitter.com/parisINHELL
• https://twitter.com/IllI32lIIl
• https://twitter.com/Daaeem51
• https://twitter.com/malekaty891
• https://twitter.com/mouwa7ed_03
• https://twitter.com/sunnahth1000
• https://twitter.com/R_nxxt_1
• https://twitter.com/qq_qq_79
• https://twitter.com/rkrk4m25
• https://twitter.com/OT_lll57
• https://twitter.com/Migrant2Allah
• https://twitter.com/adgr19
• https://twitter.com/Njd__zz77zz
• https://twitter.com/Hhgff26176827
• https://twitter.com/OOUltra00
• https://twitter.com/rkrk4m25
• https://twitter.com/rkrk4m26,
• https://twitter.com/rkrk4m27
• https://twitter.com/rkrk4m28
• https://twitter.com/rkrk4m29
• https://twitter.com/rkrk4m30
• https://twitter.com/rkrk4m31
• https://twitter.com/rkrk4m32
• https://twitter.com/kaj__s
• https://twitter.com/ABu_AlAyInaa
• https://twitter.com/ABO_SLEMAN_9
• https://twitter.com/d_mf33
• https://twitter.com/Turbo_zahid
• https://twitter.com/ww_cvf
• https://twitter.com/IlTllillTIl
• https://twitter.com/CF_G66
• https://twitter.com/abu_juuad
• https://twitter.com/isis_2277
• https://twitter.com/Asd15Wreg
• https://twitter.com/abcdfghjkl12
• https://twitter.com/71AprVISHV18VIP
• https://twitter.com/Ha23ra3F987
• https://twitter.com/UiU_o_UiU
• https://twitter.com/isuwh
• https://twitter.com/III__Heart
• https://twitter.com/Sabaa760
• https://twitter.com/zajell8
• https://twitter.com/clockwise75
• https://twitter.com/jxcjcj1
• https://twitter.com/gjdfoi221qw
• https://twitter.com/smjh2154
• https://twitter.com/Aymanjrjr2
• https://twitter.com/khatabb66
• https://twitter.com/sor_hall
• https://twitter.com/isis_1188
• https://twitter.com/allmah89
• https://twitter.com/j3x_w8p
• https://twitter.com/om_ans102
• https://twitter.com/mfaw18
• https://twitter.com/dfgvdffcxx
• https://twitter.com/ississ_is
• https://twitter.com/DrAlnefisi
• https://twitter.com/Abovaseer34
• https://twitter.com/zeydusame5
• https://twitter.com/KH50380
• https://twitter.com/dskvnsflk/
• https://twitter.com/Cano65525269
• https://twitter.com/AL_adnani_69
• https://twitter.com/isnacon0020
• https://twitter.com/lvj7165d
• https://twitter.com/zeses2
• https://twitter.com/asloly_____Ws5
• https://twitter.com/alansari32MMOMM
• https://twitter.com/hajed114
• https://twitter.com/aboalhsn1111
• https://twitter.com/paris_pigs
• https://twitter.com/ibn_abdiqany
• https://twitter.com/zzzassertty233
• https://twitter.com/Bbdbd8
• https://twitter.com/mozamjaer_16
• https://twitter.com/TNT7mslm7
• https://twitter.com/isis_7744
• https://twitter.com/ayshafalaste2
• https://twitter.com/d_m11a
• https://twitter.com/Dhhd4874
• https://twitter.com/Dr_MagedMohamad
• https://twitter.com/omar14373
• https://twitter.com/cyberkhilafa05
• https://twitter.com/IlIl32IlIl
• https://twitter.com/Dhhd4874
• https://twitter.com/akhy01
• https://twitter.com/jahezona13
• https://twitter.com/71AprVISHV18VIP
• https://twitter.com/HuChuin_63
• https://twitter.com/Katusha__28
• https://twitter.com/Aamn145Aamn
• https://twitter.com/Njd__zz77zz
• https://twitter.com/DERA_AR
• https://twitter.com/Migrant2Allah
• https://twitter.com/Cbhj180
• https://twitter.com/syppmgyfsvx34
• https://twitter.com/abu2legend
• https://twitter.com/cyberkhilafa05
• https://twitter.com/asrtyuyufhd
• https://twitter.com/abo33dojana1992
• https://twitter.com/GHOTA_AHRAR____
• https://twitter.com/bhCotn
• https://twitter.com/aboferasalhalab
• https://twitter.com/sdg42303540
• https://twitter.com/M_Alfstaat
• https://twitter.com/Amatullah_222
• https://twitter.com/ward_aljanh
• https://twitter.com/arradar1
• https://twitter.com/aslan555111
• https://twitter.com/Saifaljzrawi
• https://twitter.com/abo_ali442
• https://twitter.com/114Muawiya
• https://twitter.com/JonnyDavid2
• https://twitter.com/khilafatekrit
• https://twitter.com/an_qa3
• https://twitter.com/mhmdfaisel
• https://twitter.com/seto_maiko
• https://twitter.com/___17G_________
• https://twitter.com/kjul03
• https://twitter.com/bent_A1
• https://twitter.com/abufalahalhind4
• https://twitter.com/mustafaklsh12
• https://twitter.com/abuhurairah103
• https://twitter.com/jihadist_s
• https://twitter.com/Saeed_alHalabi0
• https://twitter.com/ValkryV5
• https://twitter.com/zd__bu
• https://twitter.com/x150isisa
• https://twitter.com/moslem_1110
• https://twitter.com/HdIsishd
• https://twitter.com/iislamic12
• https://twitter.com/SFKIIIHHF__oO33
• https://twitter.com/block_151
• https://twitter.com/ibn_e_umarr
• https://twitter.com/ibn_e_umarr
• https://twitter.com/wilayet_alhabas
• https://twitter.com/aadr40
• https://twitter.com/ali112777
• https://twitter.com/abuanas_13
• https://twitter.com/m1b2q
• https://twitter.com/ir_12_aq
• https://twitter.com/ayshafalaste2
• https://twitter.com/Muhaajirah_
• https://twitter.com/Bukhari_7
• https://twitter.com/Dawlastan
• https://twitter.com/Fahad_Buhendi
• https://twitter.com/baqiya79R
• https://twitter.com/mustafaklashi12
• https://twitter.com/VegetaMoustache
• https://twitter.com/norry28974869
• https://twitter.com/dherghamm31
• https://twitter.com/clash_eshke
• https://twitter.com/maheridlbe1
• https://twitter.com/IbrahimNomay
• https://twitter.com/eysaneyw22
• https://twitter.com/abubakr1435
• https://twitter.com/bodyking8484
• https://twitter.com/AL_____21
• https://twitter.com/nasirulddin
• https://twitter.com/abubakr1435
• https://twitter.com/bodyking8484
• https://twitter.com/Bghd100
• https://twitter.com/_ihsen_086_
• https://twitter.com/q___zx4
• https://twitter.com/Ali_G303L
• https://twitter.com/Ali_G303L
• https://twitter.com/Abohatem_8
• https://twitter.com/abohatim122
• https://twitter.com/41invasion
• https://twitter.com/Ad98Dawla
• https://twitter.com/ShShlondon2027
• https://twitter.com/xcvraqqa
• https://twitter.com/rtjfwgr
• https://twitter.com/ahmed88a2
• https://twitter.com/nomangias
• https://twitter.com/moosabm738
• https://twitter.com/yfh_gcj
• https://twitter.com/vrjevve1
• https://twitter.com/Anti_lying73
• https://twitter.com/0l0asmar
• https://twitter.com/nsar110
• https://twitter.com/al_ganh__2
• https://twitter.com/sahabaarmy12
• https://twitter.com/ab__ub
• https://twitter.com/sahabaarmy12
• https://twitter.com/sahabasupport1
• https://twitter.com/ReportSahaba4
• https://twitter.com/isis_hd_aus
• https://twitter.com/jasadiq423
• https://twitter.com/radjurijal
• https://twitter.com/annushroh
• https://twitter.com/Khoiru_Ummah05
• https://twitter.com/Muhaajirah_
• https://twitter.com/abuomar79_
• https://twitter.com/sriyanto_andi
• https://twitter.com/abu_haidarabu8
• https://twitter.com/Inghemasiyyin
• https://twitter.com/AbuQilabah_
• https://twitter.com/daulahi
• https://twitter.com/Zahed_911
• https://twitter.com/jejak_salaf
• https://twitter.com/MansurahThaifah
• https://twitter.com/alFaruuq_Media
• https://twitter.com/IbnahAsyiqah
• https://twitter.com/Istisyhadi
• https://twitter.com/HadyGusti
• https://twitter.com/virusSEVEN
• https://twitter.com/muhaimin_777
• https://twitter.com/agus_alsundawi
• https://twitter.com/abuaqilla6
• https://twitter.com/jonosersan
• https://twitter.com/Fakta_IS
• https://twitter.com/Ultrasmuslim1
• https://twitter.com/UmmuShabrina1
• https://twitter.com/AbuRpg9
• https://twitter.com/Sara231Abdullah
• https://twitter.com/padri_kaandi776
• https://twitter.com/aleim_aray
• https://twitter.com/InshaSyahid
• https://twitter.com/UsaidAshShohroo
• https://twitter.com/MIT_Voice
• https://twitter.com/rizki150712
• https://twitter.com/lovely__ummi
• https://twitter.com/Ar_Zanll
• https://twitter.com/HazlMuhammad
• https://twitter.com/musaalindunisy
• https://twitter.com/Hamba_Allahswt
• https://twitter.com/FA_Muntaqo
• https://twitter.com/ibraheem52s
• https://twitter.com/ShamiIndunisy
• https://twitter.com/abo_zax
• https://twitter.com/al_qurani
• https://twitter.com/enemtop2
• https://twitter.com/madhankhan0653
• https://twitter.com/abu_manshur1
• https://twitter.com/abu__aisyah5
• https://twitter.com/rikwanhadi
• https://twitter.com/dedihardi
• https://twitter.com/Yayaz_coz%20
• https://twitter.com/Al_Indunisiy
• https://twitter.com/hazone89
• https://twitter.com/Azam_Ismail96
• https://twitter.com/AbuDzakiyyah2
• https://twitter.com/Ummu_Raqqy
• https://twitter.com/SasDarIslam
• https://twitter.com/tauhidwaljihad
• https://twitter.com/mhd_fachry
• https://twitter.com/KMaghaazii
• https://twitter.com/abu_ibnihi
• https://twitter.com/JENGKINGMALAYA
• https://twitter.com/zackmustafa86
• https://twitter.com/mankasim88
• https://twitter.com/Daulah_dais
• https://twitter.com/keepsilenttt
• https://twitter.com/ibnualkhaleed
• https://twitter.com/AbuSyamilsyams
• https://twitter.com/khilaFahi77
• https://twitter.com/IkhwanDibanned
• https://twitter.com/bintangmelati1
• https://twitter.com/Ukhti_Daeng
• https://twitter.com/AbuShaffa
• https://twitter.com/arlin_manson
• https://twitter.com/akh_razid
• https://twitter.com/AbuYahya__
• https://twitter.com/PanglimaKribo
• https://twitter.com/554Gen
• https://twitter.com/abujamal2129
• https://twitter.com/abujamal2129
• https://twitter.com/abughibran1
• https://twitter.com/Hamba_001
• https://twitter.com/Adeen70
• https://twitter.com/anisaa202
• https://twitter.com/sukumaran_15
• https://twitter.com/med_fajr
• https://twitter.com/Jundullahalind5
• https://twitter.com/ferdij521
• https://twitter.com/bintmuq
• https://twitter.com/AnsarIndo007
• https://twitter.com/Abu_Ibraheem_23
• https://twitter.com/abumahmoud444
• https://twitter.com/AbdulKhaaliq86
• https://twitter.com/FaruqAlbany
• https://twitter.com/abu_ahmedagain
• https://twitter.com/antipancasila5
• https://twitter.com/goremaja_islam
• https://twitter.com/AbuMalaziy
• https://twitter.com/muslim_share
• https://twitter.com/alhisbahcom
• https://twitter.com/Azharine92
• https://twitter.com/kittylovers1453
• https://twitter.com/ann219187
• https://twitter.com/AseeraFiDunya
• https://twitter.com/al_brijef
• https://twitter.com/MuslimPrisoners
• https://twitter.com/sitizahra1704
• https://twitter.com/MohammadAntonP
• https://twitter.com/AlfathKampung
• https://twitter.com/ali005_saif
• https://twitter.com/DebuPertempuran
• https://twitter.com/Abu__Hanan
• https://twitter.com/AJundu
• https://twitter.com/abo_maleek
• https://twitter.com/al_indonesi
• https://twitter.com/IbrahimMedia1
• https://twitter.com/Ari_al_indonesi
• https://twitter.com/rafaiejem
• https://twitter.com/abufatih380
• https://twitter.com/saifulizuwan90
• https://twitter.com/AMaliziya
• https://twitter.com/Mujahideen670
• https://twitter.com/Abu_Baraa1
• https://twitter.com/abouabdullah7
• https://twitter.com/anjemchoudary
• https://twitter.com/IbnNuhaas
• https://twitter.com/onthatpath3
• https://twitter.com/belgikie
• https://twitter.com/AlMaghrebiyyah
• https://twitter.com/HeadShots4Toge
• https://twitter.com/BakrSomali
• https://twitter.com/syuhada_umar
• https://twitter.com/DBerdarah
• https://twitter.com/BergPaling
• https://twitter.com/baretta384
• https://twitter.com/AmrullohAkbar
• https://twitter.com/dirjmc
• https://twitter.com/iimbaasyir
• https://twitter.com/IKalasnikov
• https://twitter.com/Forum_Al_Busyro
• https://twitter.com/Gashibu
• https://twitter.com/WF4WF4
• https://twitter.com/EhsanAhrar5
• https://twitter.com/ajnadmaghr47
• https://twitter.com/soly_ia
• https://twitter.com/janah_sabil
• https://twitter.com/LucasAnton58
• https://twitter.com/lkjhgasdf11
• https://twitter.com/saeaf1986
• https://twitter.com/63Ba17q
• https://twitter.com/SdffksoJ
• https://twitter.com/abubkertrkomtrk
• https://twitter.com/abo_askndr1166
• https://twitter.com/andre_poulin49
• https://twitter.com/seragggggg08
• https://twitter.com/orch123
• https://twitter.com/hamah_094
• https://twitter.com/C_NN__15
• https://twitter.com/IlIl32lIlI
• https://twitter.com/qjffjf1
• https://twitter.com/watara211
• https://twitter.com/ahmdb10591
• https://twitter.com/kqhg2020
• https://twitter.com/baskan360
• https://twitter.com/ali1133asd
• https://twitter.com/wilayet_alhabas
• https://twitter.com/ayshafalaste2
• https://twitter.com/abokbb?s=09
• https://twitter.com/ss__k37
• https://twitter.com/mdf_ss
• https://twitter.com/dsgbxv1
• https://twitter.com/aboodyaa33
• https://twitter.com/qwaq9
• https://twitter.com/ZAZAZAZ77538028
• https://twitter.com/VXr8_911_a761
• https://twitter.com/qasem77_is
• https://twitter.com/byt_18
• https://twitter.com/gun14_5
• https://twitter.com/jihadiuser58
• https://twitter.com/mseo556
• https://twitter.com/ahmdl62
• https://twitter.com/da3sh11
• https://twitter.com/Shdd36
• https://twitter.com/solyia_S
• https://twitter.com/6rY5BpfDrlEez0o
• https://twitter.com/aboaldardaa3
• https://twitter.com/isis_1188
• https://twitter.com/klash252
• https://twitter.com/frooUmAlBaraa
• https://twitter.com/khilafatekrit
• https://twitter.com/TagBq08yYyk
• https://twitter.com/gffggll1
• https://twitter.com/Shdd36
• https://twitter.com/afsd111
• https://twitter.com/boxl9xl1
• https://twitter.com/94hja1
• https://twitter.com/dolawi_y
• https://twitter.com/dola24687
• https://twitter.com/abobilal11436
• https://twitter.com/TurMedia318
• https://twitter.com/mohb_7
• https://twitter.com/Bbdbd8
• https://twitter.com/thecom90
• https://twitter.com/karim_soura
• https://twitter.com/AaaHakam
• https://twitter.com/mhsyaf4
• https://twitter.com/hubaishi35kh
• https://twitter.com/001_Jabhat
• https://twitter.com/TurMedia318
• https://twitter.com/TagBq08yYyk
• https://twitter.com/saqur27
• https://twitter.com/Katusha__28
• https://twitter.com/adg01210
• https://twitter.com/alrawimot
• https://twitter.com/ansary2banghaz
• https://twitter.com/ali_1987_mag
• https://twitter.com/madnov28
• https://twitter.com/kjknh1
• https://twitter.com/elturkii1
• https://twitter.com/Abuaishah_01
• https://twitter.com/sayyyfff333
• https://twitter.com/hassin2121
• https://twitter.com/AwakGiantxxx
• https://twitter.com/all_ameer47
• https://twitter.com/Sultan1Engabu
• https://twitter.com/asdmiabr
• https://twitter.com/islams5E
• https://twitter.com/JgcZq
• https://twitter.com/jamalbasha_000
• https://twitter.com/g8670062_7
• https://twitter.com/isisAnbar54
• https://twitter.com/irontekken94
• https://twitter.com/Skxxxnews
• https://twitter.com/isisom60
• https://twitter.com/3bdr7mana1
• https://twitter.com/HyAm1999
• https://twitter.com/adnan1177655249
• https://twitter.com/sheeb21
• https://twitter.com/islam_net2
• https://twitter.com/ghareb_alsomal
• https://twitter.com/turmeda000313
• https://twitter.com/Anbar5m
• https://twitter.com/de2mu
• https://twitter.com/c429197ed6d0474
• https://twitter.com/abu_nidhal_32
• https://twitter.com/abdallah28891
• https://twitter.com/abuoyosfalansa5
• https://twitter.com/joso99292
• https://twitter.com/ghasal0
• https://twitter.com/agwied
• https://twitter.com/zh74cLdPD9Uf3KO
• https://twitter.com/kh8gh
• https://twitter.com/gmcgmc888870
• https://twitter.com/0178105
• https://twitter.com/kkk_aymenbas95
• https://twitter.com/EPlC14
• https://twitter.com/scamp_faridxx
• https://twitter.com/jundullah_24
• https://twitter.com/Al_Radically01
• https://twitter.com/AbSallahdin9
• https://twitter.com/osamatz
• https://twitter.com/PraySalah
• https://twitter.com/56a37f7197ba41c
• https://twitter.com/AbuSeid123
• https://twitter.com/sakwamr
• https://twitter.com/OmarTheMuslim
• https://twitter.com/umm_nigeri
• https://twitter.com/bint_hijratyn
• https://twitter.com/trillionaire_23
• https://twitter.com/Islam4EveryOne_
• https://twitter.com/amiromar1975
• https://twitter.com/shahkhannum1
• https://twitter.com/__Slavery93
• https://twitter.com/NikoRea_
• https://twitter.com/AbuRaihaan8
• https://twitter.com/987uzhg43efdv
• https://twitter.com/Tariqul_Mawt
• https://twitter.com/ben7491
• https://twitter.com/kayadamVF
• https://twitter.com/ALG_muslim011
• https://twitter.com/skrp
• https://twitter.com/AlMuwahhidi
• https://twitter.com/ab0_Sulayman7
• https://twitter.com/killercat600
• https://twitter.com/khilafah01_
• https://twitter.com/a_hattem
• https://twitter.com/therinshaAllah
• https://twitter.com/TRefugees
• https://twitter.com/IbnHassany
• https://twitter.com/AbuAlasRoban
• https://twitter.com/mod3stbeliever
• https://twitter.com/mohamme55607260
• https://twitter.com/HanzaKhattab
• https://twitter.com/Abusumal3
• https://twitter.com/abujalaall
• https://twitter.com/llqwert312
• https://twitter.com/ygc7xfy
• https://twitter.com/ramiallolah
• https://twitter.com/timbosulli
• https://twitter.com/qatada_93
• https://twitter.com/aljanady75
• https://twitter.com/_Mi_Sk_
• https://twitter.com/ISIS1995DD
• https://twitter.com/moohger121
• https://twitter.com/iislamic12
• https://twitter.com/MhdSayf
• https://twitter.com/ibn_abdiqany
• https://twitter.com/Dhhd4874
• https://twitter.com/Migrant2Allah
• https://twitter.com/abu2legend
• https://twitter.com/Saeed_alHalabi0
• https://twitter.com/iislamic12
• https://twitter.com/ibn_e_umarr
• https://twitter.com/ayshafalaste2
• https://twitter.com/Fahad_Buhendi
• https://twitter.com/VegetaMoustache
• https://twitter.com/abubakr1435
• https://twitter.com/bodyking8484
• https://twitter.com/wilayet_alhabas
• https://twitter.com/ayshafalaste2
• https://twitter.com/dola24687
• https://twitter.com/Bbdbd8
• https://twitter.com/khilafah01_
• https://twitter.com/dola24687
• https://twitter.com/jihadiuser58
• https://twitter.com/nor92331
• https://twitter.com/_ihsen_086_
• https://twitter.com/saeu17
• https://twitter.com/Yamani_5
• https://twitter.com/tamer1437
• https://twitter.com/qwerwoow
• https://twitter.com/abu_khalid118
• https://twitter.com/Dhhd4874
• https://twitter.com/aawwss_22
• https://twitter.com/AnsarAlSharia13
• https://twitter.com/solyia_S
• https://twitter.com/HuChuin_63
• https://twitter.com/NeightMid
• https://twitter.com/Dhhd4874
• https://twitter.com/Ali7070Alisalam
• https://twitter.com/soman611
• https://twitter.com/xxx__800
• https://twitter.com/88ibramz
• https://twitter.com/OT_lll57
• https://twitter.com/samaka_26
• https://twitter.com/Hamdan25Odai
• https://twitter.com/kalmat_haaq
• https://twitter.com/itc_hallo
• https://twitter.com/SomQaeda
• https://twitter.com/TARLEE4
• https://twitter.com/HJdjdu
• https://twitter.com/dola24687
• https://twitter.com/timbosulli
• https://twitter.com/allbasra
• https://twitter.com/mahmood
• https://twitter.com/goo_ias
• https://twitter.com/rdcongo_news
• https://twitter.com/Amirbakistani3
• https://twitter.com/Alhareth_2
• https://twitter.com/FoopSeven
• https://twitter.com/R9O7GupXDM0b0pd
• https://twitter.com/Ansar_AlSharia0
• https://twitter.com/om_elbarae1
• https://twitter.com/saadsaudi2014
• https://twitter.com/timotim91217281
• https://twitter.com/ii_o_01ru
• https://twitter.com/aljanady75
• https://twitter.com/_Mi_Sk_
• https://twitter.com/ISIS1995DD
• https://twitter.com/moohger121
• https://twitter.com/Omisshaq
• https://twitter.com/qatada_93
• https://twitter.com/Is_zarkiue
• https://twitter.com/algwsd2233
• https://twitter.com/dfgndf2
• https://twitter.com/islamic_iso
• https://twitter.com/truth_ee
• https://twitter.com/Fahad_Buhendi
• https://twitter.com/er_er_500
• https://twitter.com/86Roben
• https://twitter.com/DsdsdsfSddsd
• https://twitter.com/sadkingp20
• https://twitter.com/noor_sban6
• https://twitter.com/is5_is5
• https://twitter.com/qatada_93
• https://twitter.com/nedalo9314
• https://twitter.com/Mar44ma
• https://twitter.com/Manaln9
• https://twitter.com/aljanady75
• https://twitter.com/_Mi_Sk_
• https://twitter.com/ISIS1995DD
• https://twitter.com/moohger121
• https://twitter.com/198_mazen
• https://twitter.com/CavalierDuSham
• https://twitter.com/NaserIS8
• https://twitter.com/oumme_aymen10
• https://twitter.com/gaznaya
• https://twitter.com/un_serviteur
• https://twitter.com/Tekindebeyvin
• https://twitter.com/VegetaMoustache
• https://twitter.com/MillatIbrahim1
• https://twitter.com/Hayati_LiLLah_
• https://twitter.com/Alitt1245
• https://twitter.com/salehalawlqi1
• https://twitter.com/_Mi_Sk_
• https://twitter.com/waswa0127
• https://twitter.com/ali523480
• https://twitter.com/AnsarAlSharia13
• https://twitter.com/MhdSayf
• https://twitter.com/IS_IS021
• https://twitter.com/IS_IS022
• https://twitter.com/AbdAllahGaza
• https://twitter.com/khilafah01_
• https://twitter.com/iislamic12
• https://twitter.com/ajmurgent
• https://twitter.com/abujamaludeen02
• https://twitter.com/ibn_abdiqany
• https://twitter.com/MisciFromTheD
• https://twitter.com/3aam_Al_Diri
• https://twitter.com/alaser100
• https://twitter.com/asd4000hd
• https://twitter.com/mhunc1231
• https://twitter.com/Baghdad9191
• https://twitter.com/A___A_c
• https://twitter.com/soman611
• https://twitter.com/ezzislamm
• https://twitter.com/ach3ari_maliki
• https://twitter.com/waja__1
• https://twitter.com/haydra2233
• https://twitter.com/Asirat_Tunisia1
• https://twitter.com/KA_ll7
• https://twitter.com/aljabri354
• https://twitter.com/msaks241
• https://twitter.com/wffff11089
• https://twitter.com/Djjjdjd4
• https://twitter.com/qq_qq_79
• https://twitter.com/OT_lll57
• https://twitter.com/Migrant2Allah
• https://twitter.com/adgr19
• https://twitter.com/rkrk4m26
• https://twitter.com/kaj__s
• https://twitter.com/ABu_AlAyInaa
• https://twitter.com/ABO_SLEMAN_9
• https://twitter.com/d_mf33
• https://twitter.com/Turbo_zahid
• https://twitter.com/IlTllillTIl
• https://twitter.com/abu_juuad
• https://twitter.com/Asd15Wreg
• https://twitter.com/Ha23ra3F987
• https://twitter.com/UiU_o_UiU
• https://twitter.com/isuwh
• https://twitter.com/zajell8
• https://twitter.com/j3x_w8p
• https://twitter.com/dfgvdffcxx
• https://twitter.com/ississ_is
• https://twitter.com/DrAlnefisi
• https://twitter.com/zeydusame5
• https://twitter.com/KH50380
• https://twitter.com/dskvnsflk
• https://twitter.com/aboalhsn1111
• https://twitter.com/ibn_abdiqany
• https://twitter.com/Bbdbd8
• https://twitter.com/ayshafalaste2
• https://twitter.com/Dhhd4874
• https://twitter.com/Dr_MagedMohamad
• https://twitter.com/omar14373
• https://twitter.com/Dhhd4874
• https://twitter.com/akhy01
• https://twitter.com/HuChuin_63
• https://twitter.com/Aamn145Aamn
• https://twitter.com/DERA_AR
• https://twitter.com/Migrant2Allah
• https://twitter.com/syppmgyfsvx34
• https://twitter.com/abu2legend
• https://twitter.com/bhCotn
• https://twitter.com/aboferasalhalab
• https://twitter.com/arradar1
• https://twitter.com/an_qa3
• https://twitter.com/mhmdfaisel
• https://twitter.com/___17G_________
• https://twitter.com/kjul03
• https://twitter.com/jihadist_s
• https://twitter.com/Saeed_alHalabi0
• https://twitter.com/x150isisa
• https://twitter.com/moslem_1110
• https://twitter.com/HdIsishd
• https://twitter.com/iislamic12
• https://twitter.com/ibn_e_umarr
• https://twitter.com/ibn_e_umarr
• https://twitter.com/wilayet_alhabas
• https://twitter.com/aadr40
• https://twitter.com/ali112777
• https://twitter.com/abuanas_13
• https://twitter.com/m1b2q
• https://twitter.com/ir_12_aq
• https://twitter.com/ayshafalaste2
• https://twitter.com/Bukhari_7
• https://twitter.com/Dawlastan
• https://twitter.com/Fahad_Buhendi
• https://twitter.com/VegetaMoustache
• https://twitter.com/norry28974869
• https://twitter.com/dherghamm31
• https://twitter.com/maheridlbe1
• https://twitter.com/eysaneyw22
• https://twitter.com/abubakr1435
• https://twitter.com/bodyking8484
• https://twitter.com/AL_____21
• https://twitter.com/nasirulddin
• https://twitter.com/abubakr1435
• https://twitter.com/bodyking8484
• https://twitter.com/_ihsen_086
• https://twitter.com/q___zx4
• https://twitter.com/abohatim122
• https://twitter.com/ShShlondon2027
• https://twitter.com/xcvraqqa
• https://twitter.com/ahmed88a2
• https://twitter.com/nomangias
• https://twitter.com/moosabm738
• https://twitter.com/WF4WF4
• https://twitter.com/EhsanAhrar5
• https://twitter.com/soly_ia
• https://twitter.com/janah_sabil
• https://twitter.com/LucasAnton58
• https://twitter.com/saeaf1986
• https://twitter.com/SdffksoJ
• https://twitter.com/abo_askndr1166
• https://twitter.com/andre_poulin49
• https://twitter.com/hamah_094
• https://twitter.com/IlIl32lIlI
• https://twitter.com/ahmdb10591
• https://twitter.com/baskan360
• https://twitter.com/ali1133asd
• https://twitter.com/wilayet_alhabas
• https://twitter.com/ayshafalaste2
• https://twitter.com/ss__k37
• https://twitter.com/dsgbxv1
• https://twitter.com/ZAZAZAZ77538028
• https://twitter.com/jihadiuser58
• https://twitter.com/mseo556
• https://twitter.com/da3sh11
• https://twitter.com/solyia_S
• https://twitter.com/6rY5BpfDrlEez0o
• https://twitter.com/klash252
• https://twitter.com/afsd111
• https://twitter.com/dolawi_y
• https://twitter.com/dola24687
• https://twitter.com/abobilal11436
• https://twitter.com/mohb_7
• https://twitter.com/Bbdbd8
• https://twitter.com/karim_soura
• https://twitter.com/mhsyaf4
• https://twitter.com/001_Jabhat
• https://twitter.com/saqur27
• https://twitter.com/alrawimot
• https://twitter.com/ansary2banghaz
• https://twitter.com/ali_1987_mag
• https://twitter.com/madnov28
• https://twitter.com/kjknh1
• https://twitter.com/elturkii1
• https://twitter.com/Abuaishah_01
• https://twitter.com/hassin2121
• https://twitter.com/all_ameer47
• https://twitter.com/Sultan1Engabu
• https://twitter.com/asdmiabr
• https://twitter.com/JgcZq
• https://twitter.com/jamalbasha_000
• https://twitter.com/irontekken94
• https://twitter.com/Skxxxnews
• https://twitter.com/isisom60
• https://twitter.com/HyAm1999
• https://twitter.com/adnan1177655249
• https://twitter.com/islam_net2
• https://twitter.com/ghareb_alsomal
• https://twitter.com/turmeda000313
• https://twitter.com/Anbar5m
• https://twitter.com/de2mu
• https://twitter.com/c429197ed6d0474
• https://twitter.com/abdallah28891
• https://twitter.com/abuoyosfalansa5
• https://twitter.com/joso99292
• https://twitter.com/ghasal0
• https://twitter.com/agwied
• https://twitter.com/zh74cLdPD9Uf3KO
• https://twitter.com/kh8gh
• https://twitter.com/gmcgmc888870
• https://twitter.com/0178105
• https://twitter.com/kkk_aymenbas95
• https://twitter.com/AbSallahdin9
• https://twitter.com/osamatz
• https://twitter.com/PraySalah
• https://twitter.com/56a37f7197ba41c
• https://twitter.com/AbuSeid123
• https://twitter.com/OmarTheMuslim
• https://twitter.com/umm_nigeri
• https://twitter.com/Islam4EveryOne_
• https://twitter.com/amiromar1975
• https://twitter.com/shahkhannum1
• https://twitter.com/__Slavery93
• https://twitter.com/NikoRea_
• https://twitter.com/987uzhg43efdv
• https://twitter.com/Tariqul_Mawt
• https://twitter.com/ben7491
• https://twitter.com/AlMuwahhidi
• https://twitter.com/khilafah01_
• https://twitter.com/therinshaAllah
• https://twitter.com/mod3stbeliever
• https://twitter.com/HanzaKhattab
• https://twitter.com/abujalaall
• https://twitter.com/Ansar_Dawla10
• https://twitter.com/yesteyesic4
• https://twitter.com/lieffejongen
• https://twitter.com/Ticaal90
• https://twitter.com/AliAdenalSomali
• https://twitter.com/ns45678
• https://twitter.com/AbouShahadeh
• https://twitter.com/jihadi10744139
• https://twitter.com/abohamzaalturki
• https://twitter.com/JoniManm
• https://twitter.com/almuhajerBackup
• https://twitter.com/dhxhsvd2
• https://twitter.com/77nb_
• https://twitter.com/dawlajokers
• https://twitter.com/dawlawialg671
• https://twitter.com/fahadeyad62
• https://twitter.com/btr333btr4
• https://twitter.com/dola24687
• https://twitter.com/Talal_Q3O
• https://twitter.com/muslimmouwahed8
• https://twitter.com/8itismesalman
• https://twitter.com/jihadiuser58
• https://twitter.com/meek_don
• https://twitter.com/yotorg
• https://twitter.com/facebookaccoun2
• https://twitter.com/nseem066
• https://twitter.com/ieshabaqea
• https://twitter.com/aassddffa833
• https://twitter.com/nor92331
• https://twitter.com/1ElNusra1
• https://twitter.com/j_jj_jjj_5577
• https://twitter.com/_________N___34
• https://twitter.com/Uddjdn1
• https://twitter.com/bbgg75157900
• https://twitter.com/Rama15202
• https://twitter.com/_J_I_T_E_M_
• https://twitter.com/mohamed_zainab4
• https://twitter.com/Tr8_K0
• https://twitter.com/eng__sr
• https://twitter.com/Om_khatabb
• https://twitter.com/ubj_k
• https://twitter.com/KhilafahDawah5
• https://twitter.com/AbuDharIslandi7
• https://twitter.com/ixcncn1
• https://twitter.com/anaeldora30
• https://twitter.com/mazenhapne
• https://twitter.com/Dabiiq7
• https://twitter.com/A05462492
• https://twitter.com/Hmode5556Www
• https://twitter.com/ukhtiaisha1
• https://twitter.com/abcd123456789a7
• https://twitter.com/AmonMame
• https://twitter.com/Abu_Bin_Fartin
• https://twitter.com/_ihsen_086_
• https://twitter.com/gajhfjfd
• https://twitter.com/Obayd6Wevrw
• https://twitter.com/e30isisa
• https://twitter.com/K_H_O34
• https://twitter.com/know_paris
• https://twitter.com/saeu17
• https://twitter.com/anjemchoudary
• https://twitter.com/gmailco69426226
• https://twitter.com/muslim_libi
• https://twitter.com/aabuyosif
• https://twitter.com/saeu17
• https://twitter.com/kabugezo
• https://twitter.com/AbuIslamIS1990
• https://twitter.com/mafel_65
• https://twitter.com/AbuHafsaBritani
• https://twitter.com/Ahmadkhalf2012
• https://twitter.com/YourOwnBro116
• https://twitter.com/Reporters000
• https://twitter.com/WakeUp_MV
• https://twitter.com/saeu17
• https://twitter.com/jabalybaraa
• https://twitter.com/s_2O17_
• https://twitter.com/frm450
• https://twitter.com/gogoaag82
• https://twitter.com/xxx__800
• https://twitter.com/IslamArmy01
• https://twitter.com/g8670062_8
• https://twitter.com/del_elremah1
• https://twitter.com/Idififkk1
• https://twitter.com/makdici1970
• https://twitter.com/mahsud117
• https://twitter.com/K_A_S_E_R_5
• https://twitter.com/lmaqdese
• https://twitter.com/nour_umm
• https://twitter.com/5aq5qDGpNsr4IDU
• https://twitter.com/gaza9310
• https://twitter.com/Jfdlbk
• https://twitter.com/Elkhelafa_Now
• https://twitter.com/IssamSayari
• https://twitter.com/Abo_mhdi29
• https://twitter.com/moedker01
• https://twitter.com/hafeed1001
• https://twitter.com/Yamani_5
• https://twitter.com/teagouch1
• https://twitter.com/aawwss_22
• https://twitter.com/Dolawiyah_Jo6
• https://twitter.com/gfd6064
• https://twitter.com/asaudicowdonkey
• https://twitter.com/UmmAbdallah89
• https://twitter.com/EhliSunneti3
• https://twitter.com/salilbnim
• https://twitter.com/ab1o3zam12
• https://twitter.com/frost0023
• https://twitter.com/drherhdfbdrhdhs
• https://twitter.com/kinght78ag
• https://twitter.com/Ffhfbfb1
• https://twitter.com/Almohajer_103
• https://twitter.com/ahmadsaid91
• https://twitter.com/dograqqa
• https://twitter.com/OMoudjahid
• https://twitter.com/Yamani_5
• https://twitter.com/ghanimaetfa
• https://twitter.com/kilafa1235
• https://twitter.com/gh4704721
• https://twitter.com/Ahmadccx
• https://twitter.com/alibosatl77
• https://twitter.com/John23130788
• https://twitter.com/Hilafet_Haber
• https://twitter.com/yahyakurdi00
• https://twitter.com/Ablul_Vahhab
• https://twitter.com/dareyya32
• https://twitter.com/tamer1437
• https://twitter.com/AbdullahSadun
• https://twitter.com/MastafaMrafa
• https://twitter.com/LeysEbu
• https://twitter.com/taqaddem
• https://twitter.com/ok____11
• https://twitter.com/abd_zyaad
• https://twitter.com/B_1437K12
• https://twitter.com/devletul_islam
• https://twitter.com/rakka44
• https://twitter.com/h_k_A010
• https://twitter.com/for123123123
• https://twitter.com/is_power33
• https://twitter.com/LA_HWADEH_61
• https://twitter.com/whbbzva
• https://twitter.com/ihlas95
• https://twitter.com/qwerwoow
• https://twitter.com/tamtot2510
• https://twitter.com/iad1306
• https://twitter.com/aloqabflag13
• https://twitter.com/2bamino
• https://twitter.com/assiawaisha
• https://twitter.com/e7isisa
• https://twitter.com/NasruQarib3
• https://twitter.com/fffggghhgf
• https://twitter.com/AbuQaeqae1924
• https://twitter.com/abu_khalid118
• https://twitter.com/Jbilou__
• https://twitter.com/Newsazerty
• https://twitter.com/truckii
• https://twitter.com/DiscoSysteme
• https://twitter.com/hkwaky1
• https://twitter.com/abuRawaha008
• https://twitter.com/muaz19966
• https://twitter.com/da_fa_ma
• https://twitter.com/basira67
• https://twitter.com/Xay_015
• https://twitter.com/Islamhalal15
• https://twitter.com/BABER_6666
• https://twitter.com/aliali29619801
• https://twitter.com/Dhhd4874
• https://twitter.com/shaefk112
• https://twitter.com/Khaledakis_
• https://twitter.com/abo_askndr120
• https://twitter.com/KNTLExfn1vO1Nzh
• https://twitter.com/darimi22
• https://twitter.com/baqqiiya
• https://twitter.com/HAYAH_MAN
• https://twitter.com/qtada212
• https://twitter.com/gra7_q
• https://twitter.com/ibn_adam75
• https://twitter.com/soul___011
• https://twitter.com/x35xisis
• https://twitter.com/runaway003
• https://twitter.com/sami_almani
• https://twitter.com/tarkuliev
• https://twitter.com/Sdy23326287
• https://twitter.com/TrdfhYtggg
• https://twitter.com/aawwss_22
• https://twitter.com/88ibramz
• https://twitter.com/auwtwg
• https://twitter.com/Dawla_Baqyia
• https://twitter.com/erher11
• https://twitter.com/Bdjdjd16
• https://twitter.com/alaminhajinubua
• https://twitter.com/dtdet2
• https://twitter.com/abu_albelgiki
• https://twitter.com/akhi_j2
• https://twitter.com/jjbgcff
• https://twitter.com/hgf8273
• https://twitter.com/mhteeg137
• https://twitter.com/SawfaNamdzi
• https://twitter.com/khilafa01
• https://twitter.com/Karib_Alsham
• https://twitter.com/nnlllgfd
• https://twitter.com/alshamiabdalla1
• https://twitter.com/ghareeb_001
• https://twitter.com/samaka_26
• https://twitter.com/AgeOfKhilafah
• https://twitter.com/Rehamis58
• https://twitter.com/sarah19anbar
• https://twitter.com/OussamaBagdadi
• https://twitter.com/AnsarAlSharia13
• https://twitter.com/0____8
• https://twitter.com/SaefAzd14
• https://twitter.com/IbnElwalid4
• https://twitter.com/SeifMark16
• https://twitter.com/Ahlu__Sunnah
• https://twitter.com/ridaibnwalid
• https://twitter.com/nabilbgari
• https://twitter.com/_abdulmatin_
• https://twitter.com/rabe13anbar
• https://twitter.com/arab_ellsajinne
• https://twitter.com/abo_A_M_E_R
• https://twitter.com/Leathiraq88
• https://twitter.com/abomoath1437
• https://twitter.com/Ade_superriadi
• https://twitter.com/samirahijazi1
• https://twitter.com/a090322228
• https://twitter.com/afad111
• https://twitter.com/cmmff1
• https://twitter.com/BahrainiAgam1
• https://twitter.com/vip_salami
• https://twitter.com/deppalotaipi04
• https://twitter.com/Aomar771
• https://twitter.com/CitizenArkhab
• https://twitter.com/Q8__tk
• https://twitter.com/par1284
• https://twitter.com/pc13simpanan
• https://twitter.com/5antithogut
• https://twitter.com/Y_XXXIV
• https://twitter.com/Ara3i_Ebl98
• https://twitter.com/Q0220Q
• https://twitter.com/Harth615
• https://twitter.com/Buibrahim12__04
• https://twitter.com/im_here__
• https://twitter.com/Ultrasmuslim1
• https://twitter.com/7eccba5cf36840e
• https://twitter.com/twin1943
• https://twitter.com/V0CON9S12321232
• https://twitter.com/asyiya_04
• https://twitter.com/AbangFal
• https://twitter.com/SadekPasent
• https://twitter.com/solyia_S
• https://twitter.com/ghzhj11
• https://twitter.com/HuChuin_63
• https://twitter.com/NeightMid
• https://twitter.com/alhareth0770
• https://twitter.com/CqlXfdwac
• https://twitter.com/Daesh_NewsS
• https://twitter.com/hg5599
• https://twitter.com/xbee12
• https://twitter.com/well155951
• https://twitter.com/T7__n3w
• https://twitter.com/year2022end
• https://twitter.com/th_akrh
• https://twitter.com/bladi_00alaslam
• https://twitter.com/ettaboy3
• https://twitter.com/wefet_37
• https://twitter.com/NeightMid
• https://twitter.com/anasjpumk1
• https://twitter.com/AheheHaw
• https://twitter.com/mo895_mo
• https://twitter.com/baqiya80
• https://twitter.com/isis_3366
• https://twitter.com/al_wafaa1083
• https://twitter.com/e55isisa
• https://twitter.com/Sahkr_k
• https://twitter.com/i_iii11
• https://twitter.com/Dhhd4874
• https://twitter.com/ibn_al_khattb
• https://twitter.com/Hmdani__t
• https://twitter.com/ao55206
• https://twitter.com/Cxch2
• https://twitter.com/jhjhjee_lk
• https://twitter.com/ShamCenterINFO
• https://twitter.com/islam_net2
• https://twitter.com/dawla_tnt
• https://twitter.com/moshawkani
• https://twitter.com/cc_erreer
• https://twitter.com/combattantdivin
• https://twitter.com/Amirbakistani3
• https://twitter.com/ebu_nusra
• https://twitter.com/mabed_5
• https://twitter.com/Ablul_Vahhab
• https://twitter.com/dareyya32
• https://twitter.com/Hilafet_Haber
• https://twitter.com/yahyakurdi00
• https://twitter.com/Ablul_Vahhab
• https://twitter.com/dareyya32
• https://twitter.com/kudusungelini
• https://twitter.com/hpLmnX6tvw2F2mN
• https://twitter.com/hpLmnX6tvw2F2mN
• https://twitter.com/turmeda000313
• https://twitter.com/AbuDharIslandi7
• https://twitter.com/K_H_O34
• https://twitter.com/56a37f7197ba41c
• https://twitter.com/anjemchoudary
• https://twitter.com/ben7491
• https://twitter.com/Raqqa_SL
• https://twitter.com/qwerwoow
• https://twitter.com/1ElNusra1
• https://twitter.com/SomQaeda
• https://twitter.com/SomQaeda
• https://twitter.com/is5_is5
• https://twitter.com/sarokhsam25
• https://twitter.com/taher3832
• https://twitter.com/beeshbeeshbees3
• https://twitter.com/aljanady75
• https://twitter.com/_Mi_Sk_
• https://twitter.com/AbuDharIslandi7
• https://twitter.com/iislamic12
• https://twitter.com/soman611
• https://twitter.com/zFrBNMg0hJGCOcz
• https://twitter.com/zxyor09
• https://twitter.com/iuIwiz9Scbm90
• https://twitter.com/y8_i8_
• https://twitter.com/abo_hagar44
• https://twitter.com/gharebb00
• https://twitter.com/ab0khalid13
• https://twitter.com/Aomar771
• https://twitter.com/ississ_is
• https://twitter.com/mo895_mo
• https://twitter.com/solyia_S
• https://twitter.com/isis_3366
• https://twitter.com/Migrant2Allah
• https://twitter.com/G6A77
• https://twitter.com/achbahlaill0075
• https://twitter.com/reem_153_
• https://twitter.com/zFrBNMg0hJGCOcz
• https://twitter.com/sh33445555
• https://twitter.com/Alethawiya44
• https://twitter.com/As_soumaly
• https://twitter.com/nor92331
• https://twitter.com/islamdamas1980
• https://twitter.com/HA_alshami03
• https://twitter.com/jundi71033868
• https://twitter.com/zzzzzx175
• https://twitter.com/azdisis58
• https://twitter.com/tckfnfm1
• https://twitter.com/AstCiIs71
• https://twitter.com/Muwaxxid/following
• https://twitter.com/champ1007469284
• https://twitter.com/abo___111ali
• https://twitter.com/CbbjVnnj
• https://twitter.com/yw217
• https://twitter.com/umm_yasmine
• https://twitter.com/cz1bCfZ0MnyubOd
• https://twitter.com/muahied_8
• https://twitter.com/AlnjlatMohamad
• https://twitter.com/iplee4
• https://twitter.com/isis_3344
• https://twitter.com/nor964432
• https://twitter.com/Turbo_113
• https://twitter.com/ivfkfj2
• https://twitter.com/CIh9ML
• https://twitter.com/157aboismail
• https://twitter.com/cmdmmx1
• https://twitter.com/RxdctfvDtfhj
• https://twitter.com/zhrany100
• https://twitter.com/kalldd345
• https://twitter.com/invasion44
• https://twitter.com/26anneza3
• https://twitter.com/Gareeeb45
• https://twitter.com/baqya520
• https://twitter.com/fbdfberberber
• https://twitter.com/treraqqa
• https://twitter.com/talwtalbghdady1
• https://twitter.com/M_m_m_m_2000
• https://twitter.com/alsloulistupid
• https://twitter.com/Aleeeiiii4444
• https://twitter.com/MatarMurad
• https://twitter.com/GMC_IS
• https://twitter.com/Diteslavrit4
• https://twitter.com/abou_walaa12
• https://twitter.com/LLAA554
• https://twitter.com/safeallah425
• https://twitter.com/kinght78ag
• https://twitter.com/Bdjdjd16
• https://twitter.com/Ik_32_state
• https://twitter.com/hjfkdsl1
• https://twitter.com/Om_Osaid_63
• https://twitter.com/kurdish22_22
• https://twitter.com/AzdiSayil
• https://twitter.com/ahmedx360x18
• https://twitter.com/HuChuin_63
• https://twitter.com/parisonourfire
• https://twitter.com/20Trewq
• https://twitter.com/gkgjfufjc
• https://twitter.com/humaninnocence
• https://twitter.com/monaser156
• https://twitter.com/muriidi12
• https://twitter.com/poompaiii
• https://twitter.com/muslim_13_
• https://twitter.com/ahmadkhloof115
• https://twitter.com/Mas124an
• https://twitter.com/ahmedmahmoudi12
• https://twitter.com/dfghujuiytrr
• https://twitter.com/mejedklm
• https://twitter.com/f73071755
• https://twitter.com/rkrk4m26
• https://twitter.com/dyalla72
• https://twitter.com/sa7awetbuslim04
• https://twitter.com/TP57iQ3lCAGgKzV
• https://twitter.com/mohammedsz6
• https://twitter.com/1993Agmad1993
• https://twitter.com/Bbsswwnn
• https://twitter.com/almnasron4
• https://twitter.com/bar_bel1
• https://twitter.com/ManguAilon55
• https://twitter.com/modie_50
• https://twitter.com/Njd___qt78is
• https://twitter.com/Gehaaad1122
• https://twitter.com/bladi_00alaslam
• https://twitter.com/fallujha1
• https://twitter.com/AboFareed10
• https://twitter.com/manerland
• https://twitter.com/abo_a_94
• https://twitter.com/3Abouwalid
• https://twitter.com/bakreebeeko_5
• https://twitter.com/3li1187
• https://twitter.com/Alnablsy97
• https://twitter.com/G6A77
• https://twitter.com/TheObserver91
• https://twitter.com/6cccg2
• https://twitter.com/ISIS_HERO1
• https://twitter.com/ZZzBXqHOymuBANK
• https://twitter.com/teamsystemdz
• https://twitter.com/vbhgxdfc
• https://twitter.com/bhCotn
• https://twitter.com/maktaba_1
• https://twitter.com/osama_dam1
• https://twitter.com/fata_almosel
• https://twitter.com/xxmm4455777
• https://twitter.com/abujalaall
• https://twitter.com/Waseemalsaudi
• https://twitter.com/Khlifa27a12
• https://twitter.com/AbidaGina
• https://twitter.com/Ansar_Dawla10
• https://twitter.com/yesteyesic4
• https://twitter.com/lieffejongen
• https://twitter.com/MohammedAtta22
• https://twitter.com/Ticaal90
• https://twitter.com/AliAdenalSomali
• https://twitter.com/ns45678
• https://twitter.com/AbouShahadeh
• https://twitter.com/jihadi10744139
• https://twitter.com/abohamzaalturki
• https://twitter.com/JoniManm
• https://twitter.com/omar1985741
• https://twitter.com/see00012
• https://twitter.com/almuhajerBackup
• https://twitter.com/sadking23
• https://twitter.com/qwttpIIy
• https://twitter.com/k42isisa
• https://twitter.com/dhxhsvd2
• https://twitter.com/77nb_
• https://twitter.com/dawlajokers
• https://twitter.com/monaser0017
• https://twitter.com/dawlawialg671
• https://twitter.com/fahadeyad62
• https://twitter.com/btr333btr4
• https://twitter.com/vrjevve1
• https://twitter.com/Hhdhdg1
• https://twitter.com/GF98LKI
• https://twitter.com/dola24687
• https://twitter.com/Talal_Q3O
• https://twitter.com/muslimmouwahed8
• https://twitter.com/8itismesalman
• https://twitter.com/kubuiman03v
• https://twitter.com/jihadiuser58
• https://twitter.com/PARRIS_951
• https://twitter.com/isis_1144
• https://twitter.com/SyariahISlight8
• https://twitter.com/meek_don
• https://twitter.com/yotorg
• https://twitter.com/facebookaccoun2
• https://twitter.com/nseem066
• https://twitter.com/AnsarAd98
• https://twitter.com/ieshabaqea
• https://twitter.com/batist550
• https://twitter.com/aassddffa833
• https://twitter.com/madridi4good
• https://twitter.com/nor92331
• https://twitter.com/1ElNusra1
• https://twitter.com/j_jj_jjj_5577
• https://twitter.com/strange566
• https://twitter.com/gp2126
• https://twitter.com/pp62068813
• https://twitter.com/_________N___34
• https://twitter.com/Uddjdn1
• https://twitter.com/kathebw11
• https://twitter.com/bbgg75157900
• https://twitter.com/Rama15202
• https://twitter.com/_J_I_T_E_M_
• https://twitter.com/mohamed_zainab4
• https://twitter.com/ChicbnmAbn
• https://twitter.com/Tr8_K0
• https://twitter.com/eng__sr
• https://twitter.com/gjjkjtogfffdr
• https://twitter.com/Om_khatabb
• https://twitter.com/ubj_k
• https://twitter.com/KhilafahDawah5
• https://twitter.com/AbuDharIslandi7
• https://twitter.com/ixcncn1
• https://twitter.com/anaeldora30
• https://twitter.com/mazenhapne
• https://twitter.com/qwtpIIry
• https://twitter.com/Dabiiq7
• https://twitter.com/A05462492
• https://twitter.com/Hmode5556Www
• https://twitter.com/3MlagDO1
• https://twitter.com/meditato
• https://twitter.com/ukhtiaisha1
• https://twitter.com/abcd123456789a7
• https://twitter.com/abou_amina37
• https://twitter.com/AmonMame
• https://twitter.com/Oo800Oo8001
• https://twitter.com/Abu_Bin_Fartin
• https://twitter.com/marsds98zahrany
• https://twitter.com/_ihsen_086_
• https://twitter.com/33Khilafa
• https://twitter.com/gajhfjfd
• https://twitter.com/Obayd6Wevrw
• https://twitter.com/0o00ooq
• https://twitter.com/e30isisa
• https://twitter.com/41invasion
• https://twitter.com/OpIS75
• https://twitter.com/K_H_O34
• https://twitter.com/h90_6
• https://twitter.com/know_paris
• https://twitter.com/saeu17
• https://twitter.com/anjemchoudary
• https://twitter.com/tnt502tnt502
• https://twitter.com/AbuFullaan9th
• https://twitter.com/gmailco69426226
• https://twitter.com/Owais_51
• https://twitter.com/mohamed20607
• https://twitter.com/med_syr_ira91
• https://twitter.com/muslim_libi
• https://twitter.com/muahied_7
• https://twitter.com/qqeqq00111
• https://twitter.com/ahmed14377
• https://twitter.com/aabuyosif
• https://twitter.com/vip444662
• https://twitter.com/saeu17
• https://twitter.com/dgsdg00712420
• https://twitter.com/kabugezo
• https://twitter.com/AbuIslamIS1990
• https://twitter.com/mafel_65
• https://twitter.com/AbuHafsaBritani
• https://twitter.com/Ahmadkhalf2012
• https://twitter.com/YourOwnBro116
• https://twitter.com/Reporters000
• https://twitter.com/TurMedia318/
• https://twitter.com/GermanyUnderAtk
• https://twitter.com/WakeUp_MV
• https://twitter.com/saeu17
• https://twitter.com/Bushra11_IS
• https://twitter.com/TurMedia318
• https://twitter.com/jabalybaraa
• https://twitter.com/s_2O17_
• https://twitter.com/frm450
• https://twitter.com/gogoaag82
• https://twitter.com/xxx__800
• https://twitter.com/pe0jnv39mvnf
• https://twitter.com/IslamArmy01
• https://twitter.com/g8670062_8
• https://twitter.com/yyf_hallo
• https://twitter.com/e1AFX9kbARBByHv
• https://twitter.com/lba559721
• https://twitter.com/del_elremah1
• https://twitter.com/isisom61
• https://twitter.com/Idififkk1
• https://twitter.com/makdici1970
• https://twitter.com/mahsud117
• https://twitter.com/K_A_S_E_R_5
• https://twitter.com/lmaqdese
• https://twitter.com/nour_umm
• https://twitter.com/5aq5qDGpNsr4IDU
• https://twitter.com/AbdMouwahid
• https://twitter.com/gaza9310
• https://twitter.com/Jfdlbk
• https://twitter.com/Elkhelafa_Now
• https://twitter.com/jazaer12254477
• https://twitter.com/IssamSayari
• https://twitter.com/Abo_mhdi29
• https://twitter.com/moedker01
• https://twitter.com/hafeed1001
• https://twitter.com/Yamani_5
• https://twitter.com/alsumoud17
• https://twitter.com/nbn1000
• https://twitter.com/khilafahinfos
• https://twitter.com/teagouch1
• https://twitter.com/aaallaaallaaa__
• https://twitter.com/ondayiwillkilly
• https://twitter.com/DjibrilParisi
• https://twitter.com/aawwss_22
• https://twitter.com/Dolawiyah_Jo6
• https://twitter.com/gfd6064
• https://twitter.com/ansaar132
• https://twitter.com/drwaleed5253
• https://twitter.com/ajnad55
• https://twitter.com/inbes3
• https://twitter.com/asaudicowdonkey
• https://twitter.com/zxzx321zxzx
• https://twitter.com/UmmAbdallah89
• https://twitter.com/arabhty
• https://twitter.com/Asirat_hramin19
• https://twitter.com/EhliSunneti3
• https://twitter.com/salilbnim
• https://twitter.com/Saifjazraawi
• https://twitter.com/ab1o3zam12
• https://twitter.com/frost0023
• https://twitter.com/uiopup
• https://twitter.com/Kassar_Iam
• https://twitter.com/gmccccc10
• https://twitter.com/drherhdfbdrhdhs
• https://twitter.com/kinght78ag
• https://twitter.com/JUI_LJ
• https://twitter.com/snipern433
• https://twitter.com/Ffhfbfb1
• https://twitter.com/Almohajer_103
• https://twitter.com/oummoudjahid
• https://twitter.com/ahmadsaid91

Detailed Project Funding Stages Information

The initial stage of the project will consist of selective and timely purchase of all the necessary appliances including the timely localization and successful acquisition of fake Web sites honeypot solutions including the active acquisition of network assets for the purpose of successfully honeypot solution placement.

• The main objective of the initial phase would be to acquire all the necessary equipment for the purpose of setting up the foundations for the Obmonix platform. The equipment will be acquired in a timely fashion largely relying on a selected set of proprietary industry leading set of contacts.
• The main objective of the next phrase would be to ensure that the equipment is placed in a secure location and is properly maintained for the purpose of ensuring that the operator is capable of operating the Obmonix platform in a secure way.
• The main objective of the next phase would be to establish the foundations of the world's largest data set of intelligence data for the purpose of ensuring that the Obmonix platform is capable of processing and intercepting the necessary data.
• The main objective of the next phase would be to acquire the necessary proprietary service based solutions that would empower the operator with the necessary tools to process and intercept data.
• The main objective of the next phase would be to process and intercept the world's largest data set of cybercrime and cyber jihad data.

Sample Cyber Jihad Forums:

• http://rion2005.100free.com
• http://2s2s.com
• http://abo-ali.com
• http://Aboalqaqa.blogspot.com
• http://aboaumir.modawanati.com
• http://abomoath.ahlablog.com
• http://abomosab-s.110mb.com
• http://abu-hadi.net
• http://abu-qatada.com
• http://abubaraa.co.uk
• http://abujibriel.com
• http://aekhlaas.com
• http://aekhlaas.net
• http://ahlu-tawheed.com
• http://al3aren.com/vb/index.php
• http://al3wda.com/vb/index.php
• http://al-amanh.net
• http://al-ansar.net
• http://al-boraq.info
• http://al-boraq.org
• http://al-busyro1.info
• http://al-busyro.info
• http://al-ekhlaas.net
• http://al-ekhlaas.net/forum
• http://al-ekhlaas.org
• http://al-faloja.com
• http://al-faloja.info/vb/index.php
• http://al-farooq.net
• http://al-jahafal.com/vb
• http://al-kafkaz.com
• http://al-mustaqbal.net
• http://al-nour.net
• http://al-ommh.net
• http://al-qimmah.net
• http://al-rashedeen.info
• http://al-tamkeen.com
• http://al-yemen.org
• http://alahed.org
• http://alamer.biz/ameer/home.html
• http://alanbar.topgoo.net
• http://alanssar.net
• http://alaseb.com
• http://albasrah.net/index.php
• http://albawaba.com
• http://albayan.co.uk
• http://albayanislamac.com
• http://albetaqa.com
• http://alboraq.info
• http://Alboraq.info/forum
• http://alboraqforum.info
• http://albtar.1talk.net/index.htm
• http://albusyro.info
• http://albuxoriy.com
• http://alekhlaas.com
• http://alekhlaas.info
• http://alekhlaas.net
• http://alekhlaas.org
• http://alemara1.org
• http://alemarah.org
• http://alfajrtaqni.net
• http://alfetn.com
• http://alfetn.com
• http://alfida.jeeran.com
• http://alfidaa.biz
• http://alfidaa.info/vb
• http://alfidaa.org/vb
• http://alforqan.ingoo.us
• http://Alforqan.ingoo.us
• http://alfurq4n.org
• http://algyshalmnsur.r8.org
• http://AlHanein.com
• http://AlHesbah.net
• http://AlHesbah.org
• http://alifati.wordpress.com
• http://alintiqad.com
• http://aljazeeratalk.net/forum/
• http://aljazeeratalk.net/portal
• http://alkhelafa.eu
• http://allah4ever.hi5.com
• http://almaqdese.net
• http://almaqreze.net
• http://almaqreze.net/ar
• http://almedad.com/vb
• http://almnbr.net/vb
• http://almob2.com
• http://almobshrat.net
• http://almokhtsar.com
• http://almqdes.net
• http://almubarakradio.com
• http://Alnakshabandia-army.com
• http://alnakshabandia-army.org/home
• http://Alneda.com
• http://Alnour.hyperphp.com
• http://alnour.hyperphp.com/vb
• http://Alnusra.net
• http://alnusrra.net
• http://alokab.com
• http://alokab.com/forums/lofiversion
• http://alqassam.ps
• http://alqoqaz.net
• http://alquds.co.uk
• http://alrafdean.org
• http://alraiah.net
• http://Alsaha.com
• http://alshahid.org
• http://alsomod-iea.info
• http://alsomod.com
• http://alsunnah.info
• http://Alsunnah.info
• http://altabetoun.110mb.com
• http://altarefe.com
• http://altarefe.com is
• http://altawbah.net/vb
• http://altaybeh.net
• http://alweya.com
• http://an-najah.net
• http://anashid.ru
• http://Anbaar.net
• http://anjemchoudary.co.uk
• http://ansa1.info
• http://ansaaar.com
• http://ansar1.info
• http://ansar11.org
• http://ansar-alhaqq.net
• http://ansar-jihad.net
• http://ansar.tv
• http://Ansarnet.ws
• http://ansharulislam.com
• http://anti-majos.com
• http://antiliberalnews.com
• http://antydetroidmichigan.blog.onet.pl
• http://aqeeda2008.maktoobblog.com
• http://aqlislamiccenter.com
• http://arrahmah.com
• http://asad101.jeeran.com
• http://asaeb.net
• http://asaebweb.com
• http://asd813.maktoobblog.com
• http://atahadii.com/vb
• http://Azzam.com
• http://azzammedia.com
• http://azzammedia.net
• http://bab-ul-islam.net
• http://baghdadsniper.net
• http://bintjbeil.com
• http://bumisyam.com
• http://cageprisoners.com
• http://cageuk.org
• http://chechensinsyria.com
• http://ClearGuidance.com
• http://clearinghous.infovlad.net
• http://cyberkov.com
• http://czeczenia.blog.onet.pl
• http://d-sunnah.net
• http://dakwahmedia.net
• http://darelhadi.com
• http://Darelhadi.com
• http://daruhilafe.com
• http://darultavhid.com
• http://daulahislamiyah.net
• http://daulahislamiyyah.com
• http://dawaalhaq.com
• http://dawatehaq.net
• http://dawla-is.cf
• http://dd-sunnah.net/forum/index.php
• http://dhiqar.net
• http://dinhaqq.info
• http://doguturkistanbulteni.com
• http://dr-algzouli.com
• http://dr-mahmoud.com
• http://drbj.net
• http://duniaterkini.com
• http://dwl-is.appspot.com
• http://dyou1991.maktoobblog.com
• http://e-kl-s.info
• http://e-kl-s.net
• http://egysite.com/al2nsar
• http://ek-ls.org
• http://ekhlaas.biz
• http://ekhlaas.cc
• http://Ekhlaas.cc
• http://ekhlaas.com
• http://ekhlaas.info
• http://ekhlaas.net
• http://ekhlaas.org
• http://ekhlaas.ws
• http://el-tewhid.com
• http://eldorar.com
• http://elmanara.org
• http://Elshouraa.ws/vb
• http://eltwhed.110mb.com
• http://eltwhed.110mb.com/homepage.htm
• http://enfalmedya.com
• http://eramuslim.com
• http://eraqeidawlh.maktoobblog.com
• http://f2008h.maktoobblog.com
• http://falestiny.net
• http://falloja.blogspot.com
• http://farouqomar.net
• http://fatehforums.com
• http://fidaa1.net/vb
• http://fisyria.info
• http://forum.hawaaworld.com
• http://forum.saraya.ps
• http://forums.ikhwan.net/t
• http://forums.naseej.com
• http://fpi.or.id
• http://fursan-al-iraq.over-blog.com
• http://g-elshmal.com/vb/index.php
• http://generalvekalat.org
• http://ghaaly.com
• http://ghaliboun.net
• http://gimfmedia.com/tech
• http://gulf-up.com
• http://gurmad.info
• http://h-alali.net
• http://halabnews.com
• http://halifat.info
• http://halifat.org
• http://hamas.ps
• http://hamasaliraq.com
• http://hamasiraq.org
• http://hanein.info
• http://hanein.info/
• http://hanein.info/vb
• http://hanein.info/vb/forum.php
• http://harb-net.com/vb
• http://harunyahya.com
• http://health1.maktoobblog.com
• http://hewar.khayma.com
• http://heyetnet.org
• http://hidayatullah.com
• http://hizb-afghanistan.com
• http://hizb-america.org
• http://hizb-australia.org
• http://hizb-eastafrica.com
• http://hizb-pakistan.com
• http://hizb-russia.info
• http://hizb-turkiston.net
• http://hizb-turkiye.org
• http://hizb-ut-tahrir-almaghreb.info
• http://hizb-ut-tahrir.dk
• http://hizb-ut-tahrir.info
• http://hizb-ut-tahrir.org
• http://hizb-ut-tahrir.se
• http://hizb-uzbekistan.info
• http://hizb.org.ua
• http://hizb.org.uk
• http://Hizbollah.org
• http://hizbollah.tv
• http://Hizbollah.tv
• http://hizbut-tahrir.or.id
• http://hizbuttahrir.info
• http://hizbuttahrir.org
• http://ht-afghanistan.org
• http://ht-bangladesh.info
• http://ht-tunisie.info
• http://htmedia.info
• http://alboraqmedia.org
• http://alekhlaas.cc
• http://alweehdat.com/vb
• http://Hussamaldin.jeeran.com
• http://iaisite-eng.org
• http://iaisite.biz
• http://Iaisite.info
• http://iaisite.info
• http://iaisite.info/index.php
• http://iaisite.net
• http://iaisite.org
• http://iczkeria.blog.onet.pl
• http://ikhwan.net
• http://imamtv.com
• http://imamtv.com/
• http://infovlad.net/mirror_alansar_alsunnah
• http://invitetoislam.com
• http://invitetoislam.org
• http://iraq-war.ru
• http://Iraqiasaeb.org
• http://iraqipa.net
• http://iraqirabita.org.uk
• http://iraqiyoon.com
• http://Iraqpatrol.com
• http://iraqpatrol.com
• http://iraqpatrol.com/php
• http://isdarat-tube.com
• http://isdarat.org
• http://isdarat.tv
• http://isecur1ty.com
• http://islahhaber.net
• http://islam-iea.com
• http://islamdaveti.com
• http://islamdevleti.info
• http://islamdevleti.org
• http://islamdevleti.org/
• http://islamdin.com
• http://islamdin.net
• http://islamic-dw.com
• http://islamic-f.net/vb
• http://Islamic-f.net/vb
• http://islamic-state.ga
• http://islamic-state.media
• http://islamicawakening.com
• http://islamicdigest.net
• http://islamiciraq.maktoobblog.com
• http://IslamicIraq.modawanati.com
• http://islamiciraq.modawanati.com
• http://islamicstate.media
• http://islamicstate.pro
• http://islamicsupremecouncil.org
• http://islammemo.cc
• http://islampos.com
• http://islamqa.info
• http://islamway.com
• http://isnews.net
• http://j-aliraq.net
• http://jaami.info
• http://jaber-m-b.maktoobblog.com
• http://jaber-mb.maktoobblog.com
• http://jabhtnosra.appspot.com
• http://jaishabibaker.net
• http://JaishabiBaker.net
• http://jamaatshariat.com/ru
• http://jamahirl.ps
• http://jamatdawa.com
• http://jamatdawa.org
• http://jannatoshiqlari.net
• http://jehadway.7olm.org
• http://jihadmin.com
• http://jnoub.org
• http://JondurRahmaan.com
• http://jsc-web.net/vb
• http://kabardeyonline.org/tr/index_tr.htm
• http://kafilahmujahid.com
• http://kafkaz.maktoobblog.com
• http://Kataeb-20.org
• http://kataeb-20.org/main
• http://kataibaqssa.com/forum/index.php
• http://kataibaqssa.com/newarab
• http://kavkaz.org.uk
• http://kavkaz.tv
• http://kavkazcenter.com
• http://kavkazcenter.info
• http://kavkazcenter.net
• http://kavkazchat.com
• http://kavkazjihad.com
• http://khabarpana.com
• http://khaleelstyle.com
• http://khelafa.org
• http://khilafa.org
• http://khilafah-archives.com
• http://khilafah.com
• http://khilafah.net
• http://khilafat.dk
• http://kiblat.net
• http://kirkuk.kalamfikalam.com
• http://kokludegisim.net
• http://ktb-20.com
• http://Kwaflislam.com
• http://kwaflislam.com/vb/index.php
• http://ladn.maktoobblog.com
• http://lakii.com
• http://land-alsham.com
• http://lasdipo.com
• http://liputan-kita.com
• http://m3ark.com
• http://mail.ek-ls.org
• http://Majahd.quickbb.net
• http://majahd.quickbb.net/index.htm
• http://majahden.com
• http://majelismujahidi.com
• http://majles.alukah.net
• http://maktoobblog.com
• http://manbar.me
• http://maqrezeradio.net
• http://marsad.net
• http://mediaislam.ucoz.ru
• http://medicine2001.maktoobblog.com
• http://mhesne.com
• http://mitv.moy.su
• http://mnbr.info
• http://mobasher.110mb.com
• http://moj-irq.com
• http://montada.yaqen.net
• http://moqavemat.com
• http://moqawama.org
• http://moqawama.tv
• http://moqawmh.com
• http://morasl.maktoobblog.com/
• http://mujahideenarmy.com
• http://muntada.sawtalummah.com
• http://muqawamah.com
• http://muslimdaily.net
• http://muslimprisoners.com
• http://muslimuzbekistan.net
• http://muslm.net
• http://muslm.net/vb
• http://muslm.org
• http://muvahhid.info
• http://muwahhid.info
• http://muwahideen.co.nr
• http://myhesbah.net
• http://mykhilafah.com
• http://mymy.my-goo.net/index.htm
• http://nahimunkar.com
• http://nasrollah.org
• http://Nasrunmiallah.net
• http://nepras.ps
• http://news.stcom.net
• http://News.stcom.net
• http://nkusa.org
• http://nmayd.com
• http://nmayd.com/
• http://nuruddin.4bb.ru
• http://nusraah.com
• http://old.kavkazcenter.com
• http://omar-abdrahman.110mb.com
• http://pal-is.net/vb
• http://paldf.net
• http://paldf.net/forum
• http://palestine-info.com
• http://palestinegallery.com
• http://palestinianforum.net
• http://palir.net
• http://panjimas.com
• http://pda.kavkaz.tv
• http://profetensummah.com
• http://qassam-rockets.skyrock.com
• http://qassam-rockets.skyrock.com
• http://qassam.ps
• http://qudsnews.net
• http://qyemen.com
• http://radioalfurqaan.com
• http://radioalfurqaan.com is
• http://radioandalus24.com
• http://radyotevhid.com
• http://ramaadi.1talk.net/index.htm
• http://rawadalmaly.com/vb
• http://reformandjihadfront.org
• http://revolution.muslimpad.com
• http://rjfront.info
• http://rjfront.org
• http://Rmadi.top-me.com
• http://saadarmy.com
• http://saaid.net
• http://sadcom.montadamoslim.com
• http://salaf-us-saalih.com
• http://Salafia.balder.prohosting.com
• http://salafiah.com
• http://salafimediauk.com
• http://salam-online.com
• http://samirkuntar.org
• http://saraya.ps
• http://Sarayaalquds.org
• http://sarayaalquds.org
• http://Sarayasaad.com
• http://sarayasaad.com
• http://save-islam.com
• http://Sawtaljihad.org
• http://sawtaljihad.org
• http://sawtalummah.com
• http://se-te.com
• http://shabakataljahad.com
• http://shahamat-arabic.com
• http://shahamat-english.com
• http://shahamat-farsi.com
• http://shahamat-movie.com
• http://shahamat-urdu.com
• http://shamikh1.info
• http://shamilonline.org/rusnya/index_ru.htm
• http://sharia4indonesia.com
• http://Shiaweb.org
• http://shiaweb.org/hizbulla/index.html
• http://Shmo5alIslam.net
• http://shoutussalam.org
• http://skaba.ps
• http://Sobhank.com
• http://sobhank.com/vb
• http://somalimemo.net
• http://somod.org
• http://soutalhaq.net
• http://Soutweb.100free.com
• http://sqr-al3rb.com
• http://suara-islam.com
• http://sunnahcare.com
• http://sunnahonline.com
• http://suwaidan.com
• http://swalif.net
• http://syamina.com
• http://syamorganizer.com
• http://tahrir-syria.info
• http://tajdeed.org.uk
• http://takvahaber.net
• http://tarani.info
• http://Tawhed.ws
• http://tevhiddergisi.com
• http://tevhiddersleri.com
• http://tevhididavet.com
• http://tevhidigundem.net
• http://theshamnews.com
• http://thethirdjihad.com
• http://thoriquna.com
• http://thoriquwna.com
• http://toorabora.org
• http://turkhackteam.org
• http://twelvershia.net
• http://uicforce.co.vu
• http://ummah.com
• http://ummahislam.com
• http://ummetislam.info
• http://ummetislam.net
• http://vb999.maktoobblog.com
• http://vb.fpnp.net
• http://vb.roro44.com/index.php
• http://vd.ag
• http://vdagestan.com
• http://voa-islam.com
• http://W-N-N.net
• http://Wa3ad.org
• http://wa3iarabi.com
• http://wa7at.org/vb
• http://wap.kavkaz.tv
• http://worldakhbar.com
• http://worldnet.ws
• http://worldnet.ws/radio/index.html
• http://worldnet.ws/vb
• http://yenidenislam.com
• http://zad-muslim.com
• http://zaeer1.22web.net
• http://zaidhamid.pk
• http://zuheer17.maktoobblog.com

Detailed Project Funding Phase Information

01. The initial stage of the project will consist of selective and timely purchase of all the necessary appliances including the timely localization and successful acquisition of fake Web sites honeypot solutions including the active acquisition of network assets for the purpose of successfully honeypot solution placement.

• Associated deliverables will include access to proprietary technology the ability to associate long-term task including the ability to set the foundation for the Obmonix platform including eventual commercialization of the Obmonix platform further enhancing the operator's ability to continue providing the Intelligence Community with the necessary data to proactively respond to a growing set of malicious nation-state and malicious actors type of cybercrime and cyber-jihad activity globally.

02. The next stage will consist of active placement of the required equipment in a secure location including the placement of active secure measures in place to ensure that the Obmonix operator remains work in a secure location including premise.

• Associated deliverables will include secure work place including the ability to empower the operator with the necessary data to perform various operator activity ensuring global presence for Intelligence Community members and the security industry

03. The next stage will consist of active spam phishing and malware feed access purchase including successfully geolocated placement within specific regions of choice of interest inducing but not limited to Algeria, Argentina, Bahrain, Bolivia, Brazil, Burkina Faso, Chile, China, Colombia, Cyprus, Ecuador, Guatemala, Jordan, Democratic People’s Republic of Korea, Liberia, Macao, Maldives, Moldova, Republic of Nauru, Niger, Pakistan, Poland, Romania, Sierra Leone, Sudan, Arab Republic Syrian, Togo, Uganda, Vanuatu, Yemen.

• Associated deliverables will include access to the world's largest portfolio of threat intelligence data set including access to real-time data successfully empowering the operator with the necessary data to perform an operator activity.

04. The next stage will include the active acquisition of service-based type of localization and acquisition solutions leading to a successful set of data to be processed and collected by the sensor.

• Associated deliverables will include access to proprietary technology successfully empowering the operator with the necessary data to perform the operator activity including real-time monitoring of the world's largest and most comprehensive sensor network based type of cybercrime and cyber-jihad sensor based type of platform.

05. The next phase will include the active data acquisition from the Intelligence Community's leading intelligence gathering platform in the form of active data placement including the establishment of an active threat intelligence-gathering portal based type of platform.

• Associated deliverable will include the world's largest data set of cybercrime and cyber jihad activity sensor type of platform eventually leading the Obmonix platform to reach a commercialization stage further enhancing the Intelligence Community's and the security industry's mission.

Detailed Project Cost Proposal Information

The initial stage of the project will consist of selective and timely purchase of all the necessary appliances including the timely localization and successful acquisition of fake Web sites honeypot solutions including the active acquisition of network assets for the purpose of successfully honeypot solution placement.

• FortiMail

Key points:

• The appliance is capable of processing millions of emails on a daily basis
• The appliance is capable of maintaining a list of thousands of fake emails allowing additional attribution potentially expanding the capabilities of the appliance to include additional custom made spam origin sources.
• The appliance is capable of delivering actionable intelligence on millions of spam origin sources, for Iran, Pakistan, Saudi Arabia, Iraq and Syria, on a daily basis
• The appliance is capable of delivering detailed information, leading, to the production of actionable intelligence, for Iran, Pakistan, Saudi Arabia, Iraq and Syria, on a daily basis.

The FortiMail appliance would ensure the active acquisition of spam for the purpose of establishing the foundations for a successful research and monitoring type of research and analysis type of system allowing the systematic real-time and automated acquisition of malicious software phishing and social engineering.

• Blue Coat Malware Analysis

Key points:

• The appliance is capable of processing thousands of malware samples, on a daily basis
• The appliance is capable of maintaining detailed information processed and delivered in an automated fashion for malicious sources originating in Iran, Pakistan, Saudi Arabia, Iraq and Syria
• The appliance is capable of interacting with Web links found in malicious spam emails for the purpose of establishing the foundations, for successful monitoring of malicious software phishing and social engineering originating for Iran, Pakistan, Saudi Arabia, Iraq, and Syria including the automated processing and interaction with mobile malware
• The appliance is capable of maintaining detailed information leading to the production of quality real-time, actionable intelligence type of reports for malicious software phishing and social engineering data type of origin sources for Iran, Pakistan, Saudi Arabia, Iraq and Syria

The Blue Coat Malware Analysis would ensure the automated and real-time acquisition of malicious software phishing and social engineering type of research and analysis type of research for the purpose of ensuring the active and real-time acquisition of malicious software phishing and social engineering research type of activity originating in these sources.

• Vormetric encryption appliance

Key points:

• The encryption appliance would ensure the real-time data storage of the research and analysis type of research and analysis type of data to ensure the availability confidentiality and integrity of the data for the purpose of producing actionable real-time intelligence based type of research and analysis reports type of research and analysis data.
• The encryption appliance would ensure the active real-time storage of the actionable and real-time delivered type of research and analysis type of data allowing the efficient and systematic and automated research and analysis type of research report data to be processed and analyzed.

The encryption appliance would ensure that the platform operator is properly empowered with the necessary data techniques and technologies to properly act upon analyze and respond to cybercrime and cyber jihad events globally.

• Barracuda Web Application appliance

Key points:

• The Web application appliance would allow the automated secure use of the robot system allowing the systematic real-time data acquisition on various jihadst sources
• The Web application appliance would ensure the automated and efficient use of the robot in a secure fashion allowing the production of real-time actionable intelligence allowing the production of research and analysis based type of research and analysis type of, data.

The Web application appliance would ensure that the operator is properly empowered with the necessary data techniques and technologies to properly act upon analyze and respond to cybercrime and cyber jihad events globally.

• Checkpoint DDoS Protector

Key points:

• The appliance is capable of preventing exposure of the network assets utilized by the network resulting potentially resulting in the exposure of the availability confidentiality and integrity of the information
• The appliance is capable of ensuring the real-time automated and persistent availability and integrity and confidentiality of the information

The Checkpoint DDoS Protector would ensure the constant availability of the network infrastructure utilized in this project potentially preventing compromise of the network assets resulting in improved productivity and realization of various project objectives.

• Encryption appliance

Key points:

• The encryption appliance is capable of ensuring the confidentiality integrity and availability of the information
• The encryption appliance is capable of distinguishing between multiple networks further ensuring a closed network type of network access

The encryption appliance would ensure that the maximum possible secure measures are currently in place further ensuring that access to the closed restricted network remains as private as possible ensuring the confidentiality integrity and availability of the information to further ensure the active real-time intelligence based real-time type of research and analysis type of research and analysis type of data.

• Cisco Catalyst

Key points:

• The appliance is capable of ensuring the real-time and automated use of the network equipment necessary to maintain the active infrastructure to ensure that it's operating in an automated and efficient fashion

Cisco Catalyst is a network equipment allowing the efficient productivity type of interconnection between all the platforms and network equipment used in this project.

• Kapow appliance

Key points:

• The appliance is capable of processing hundreds of thousands of Web sites on a daily basis ensuring the automated processing and analysis of jihadist communities allowing the automation of the monitoring process to further enhance the produced actionable intelligence leading to a research and analysis produced type of research and analysis type of data.
• The appliance is capable of monitoring and establishing the foundations for real-time monitoring and analysis of jihadist communities for the purpose of producing actionable real-time intelligence research and analysis type of research and analysis data.
• The appliance is capable of processing multiple jihadist forum communities for the purpose of establishing the foundations for successful real-time actionable intelligence producing research and analysis type of research and analysis data.

The analysis appliance would ensure timely and real-time access to current and historical intelligence data in regard to jihadist activities online,through the systematic automated and real-time data acquisition from a variety of public and closed sources for the purpose of setting up the foundations for a successful data source leading to a successful analysis and research type of analysis activities.

• Appliance router

Key points:

• The appliance router would ensure the constant and real-time availability of the network assets for the purpose of active and timely acquisition of actionable real-time research and analysis type of research and analysis report type of research and analysis network assets availability.

The purpose of the appliance router would be to ensure real-time connectivity with a variety of platforms to ensure that the operator is properly empowered with the necessary data techniques and technologies to properly act upon analyze and respond to cybercrime and cyber jihad events globally.

• Analytics appliance

Key points:

• the analytics appliance would be capable of performing real-time assessment of cybercrime and cyber jihad events globally and will ultimately empower the Obmonix platform operator with the necessary data information and knowledge to act upon prevent and respond to cybercrime and cyber jihad events globally

The purpose of the appliance would be to empower the operator with the necessary data information and knowledge to act upon react to and respond to various cybercrime and cyber jihad events globally.

• Rosette appliance

Key points:

• The localization appliance will ultimately empower the Obmonix platform operator with the necessary data information and knowledge to act upon respond to and prevent widespread damage while analyzing cybercrime and cyber jihad events globally.

The purpose of the localization appliance would be to empower the Obmonix platform operator with the necessary data information and knowledge to act upon respond to and prevent widespread damage provoked by cybercrime and cyber jihad events globally.

• Systran appliance

Key points:

• The Systran appliance will ultimately empower the operator with the necessary data information and knowledge to act upon respond to and prevent widespread damage while analyzing cybercrime and cyber jihad events globally.

The purpose of the Systran appliance would be to empower the Obmonix platform operator with the necessary data information and knowledge to act upon respond to and prevent widespread damage provoked by cybercrime and cyber jihad events globally.

Funding Phase

The initial funding phrase will consist of active acquisition of assets for the purpose of obtaining access to industry leading and proprietary selected providers of threat intelligence for the purpose of establishing the foundations for an active sensors network type of cybercrime/cyber jihad monitor sensor network type of data. The initial stage will consist of obtaining assets for the purpose of obtaining access to industry leading and proprietary selected equipment for the purpose of setting the foundations for a successful sensor network based type of data.

The initial phase will consist of active purchase of the following equipment: FortiSandbox, Blue Coat Malware Analysis, NAS Storage, Cisco Firewall, PfSense, Cisco Catalyst, Vormetric encryption appliance, including the following subscription-based type of threat intelligence gathering data - Team Cumry, threat, data, feed, Kaspersky, threat, data, feed, Abusix, threat, data, feed, MalwarePatrol, threat, data, feed, Sophos, threat, data, feed, OPSWAT, Abusix, Threat, Feed, Threat, Feed, ProjectHoneypot, threat, data, feed.

- Kaspersky Data Feed
- Sophos Data Feed
- Team Cumry Data Feed
- MalwarePatrol Data Feed
- Abusix Data Feed
- LookingGlass Data Feed
- Cyren Data Feed
- Symantec Data Feed
- VirusTotal Data Feed
- ProjectHoneypot Data Feed

The second funding phase will consist of active acquisition of honeypot appliance including active netblock purchase within a dedicated set of countries for the purpose of establishing the foundations of an active sensor network type of data-acquisition activities. The second funding phase will consist of active acquisition of the following proprietary appliances: Honeybox Enterprise, honeybox SCADA, including netblocks within the following countries,

The third funding phase will consist of active purchase of service and solution-based appliance, including data-processing appliance, including localization appliance, for the purpose of setting up the foundations for the Obmonix platform successfully empowering its operator with the necessary data and expertise for the purpose of actively responding to global cybercrime and jihad events.
The third funding phase will consist of active purchase of the following appliances: Kapow Software, Rosette appliance, Systran appliance, Sentinel appliance, Palantir appliance.

The fourth funding phase will consist of active purchase of the World's most popular solution-oriented portal for Information Security - Expedited Entry Into the Cyber Warfare Realm – a Pro-U.S Based Offensive and Asymmetric Cyber Warfare Practical Trends Application Big Data and Research-Centered R&D Platform - further ensuring successfully and ongoing commercilization including the active acquisition of client-base, including the establishing of the World's largest endpoint based sensor network for tracking and responding to cybercrime and jihad events globally.

Dancho Danchev will build a pro-U.S offensive and asymmetric cyber warfare program that will inevitably dive deep into the Cyber Warfare realm and will produce what can be best described as the U.S primary source for offensive and asymmetric cyber warfare information repository and data-information on current and future trends and provide the foundations for a successful R&D cyber warfare partnership with millions of loyal Pro-Western cyber warriors and researchers globally positioning the platform as the leading think-tank for practical and relevant cyber warfare power including the World's leading Pro-Western Cyber Warfare Research and Development research program center.

With the U.S attempting to tackle the country's perceived and outdated Mis-understanding of Cyber Warfare in Today's Modern Russia China and Iran dominated Cyber Warfare Realm including the ongoing shortage of recruitment and relatively outdated and not necessary dynamic HR-management pool of hundreds of thousands of Pro-U.S Cyber Warriors the platform ultimately empower the re-position the U.S as the dominant Cyber Warfare power by providing actionable think-tank type of proactive and actionable Cyber Warfare insight including the active and permanent recruitment of millions of Pro-U.S Cyber Warriors further supporting the U.S's mission on its way to dominate and launch offensive and defensive cyber missions and related research attacks.

The project will conduct what can be best described as the most comprehensive study and analysis to the United States out-dated understanding of the Cyber Warfare realm and provide actionable and practical insight including a production-ready HR-management and Big Data driven Cyber Warfare platform successfully disrupting international cybercrime networks conducting economic terrorism infiltrating the vibrant cyber-crime and cyber jihad international community and successfully recruiting millions of Pro-U.S Cyber Warriors. The First Stage of the project would ensure that the foundations for a successful invite-only Pro-U.S Cyber Warfare community have already been established through the direct launching and operation of the World's Largest and Proprietary Invite-Only Pro-U.S Cyber Warfare Forum Community.

Associated deliverables will include: the World's largest search engine for security information, the World's most vibrant community for security job search, the World's most vibrant proprietary community for sharing disseminating communicating and enriching security data, the World's most comprehensive sensor network for observing disseminating and responding to global cybercrime-events, the release of community-enriched security router, the successful release of community-enriched privacy router, the development and release of community-enriched public threat feed, the release of community-enriched private threat feed, including, proprietary threat feed, targeted threat intelligence on demand type of research and analysis producing solution, proprietary bug bounty solution, hacking and security-oriented online radio, hacking and security-oriented E-zine, hacking and security-oriented videocast, on-demand penetration testing and offensive team consulting, on-demand Web site monitoring for security events, OEM partnership capabilities, custom-build anti-virus scanner capabilities.

Community Industry Reference

The contractor Dancho Danchev is an internationally recognized cybercrime researcher security blogger and threat intelligence analyst in the field of cybercrime research having successfully contributed to the overall demise of cybercrime internationally throughout the past decade having successfully pioneered a variety of threat intelligence gathering methodologies leading him to a successful, pursued of high profile nation-state actors and malicious actors across the globe leading him to a successful pursued of high-profile nation-state actors and malicious adversaries across the globe the researcher successfully launched a newly launched startup named Disruptive Individuals aiming to disrupt the undermine the international cybercrime and cyber-jihad ecosystem globally.

Statement of Work (SOW)

01. Vendor contact - the initial stage of the project will consist of direct contact between industry leading commercial security appliance providers further requesting pricing and shipping details including a “point-of-contact”.

• Possible deliverables consisting of the initial stage include industry-leading security appliance - FortiMail, Blue Coat Malware Analysis. FortiSandbox, Vormetric encryption appliance, Barracuda Web Application appliance, Checkpoint DDoS Protector, Ethernet encryptor, Cisco Catalyst, Kapow appliance, Palantir appliance, Cisco firewall appliance, Rosette appliance, Systran appliance, NAS appliance, pfSense appliance, Honeybox appliance, Honeybox SCADA appliance.

02. Vendor netblock contact - The initial stage of the project will consist of direct contact between industry leading providers of netblock requesting pricing information for specific pre-defined geolocated regions of interest.

• Possible deliverables including netblock in Algeria, Argentina, Bahrain, Bolivia, Brazil, Burkina faso, Chile, China, Colombia, Cyprus, Ecuador, Guatemala, Jordan, Democratic People’s Republic of Korea, Liberia, Macao, Maldives, Moldova, Republic of Nauru, Niger, Pakistan, Poland, Romania, Sierra Leone, Sudan, Arab Republic Syrian, Togo, Uganda, Vanuatu, Yemen.

03. Vendor threat data contact - the initial stage of the project will consist of direct contact between industry-leading including a selected set of threat data providers requesting pricing information including possible partnership opportunity.

• Possible deliverables including Team Cumry threat data feed Kaspersky threat data feed, Abusix threat data feed, MalwarePatrol threat data feed, Sophos threat data feed, OPSWAT, Abusix Threat Feed, ProjectHoneypot threat data feed.

04. Secure location foundation - the initial stage of the project will consist of direct evaluation of the infrastructure required for the secure location including direct contact between security vendors to ensure a secure location.

• Possible, deliverables, include, military-grade, fence, surveillance, security, guard.

05. Vendor connection contact - the initial stage of the project will consist of direct contact between vendor to ensure that the infrastructure is properly secured ensuring a timely and secure infrastructure.

• Possible deliverables include direct connection.

06. Secure work environment - the initial stage of the project will consist of direct evaluation including a direct purchase of a work terminal to ensure a smooth and secure work environment

• Possible deliverables including RF shielding, SEL SP–157, FSPK-10, SEL SP-113 "Blockade".

07. Secure work environment - the initial stage of the project will consist of direct evaluation including a direct purchase of equipment related to secure work environment to ensure a smooth and secure work environment.

• Possible deliverables including Cisco Firepower ASA, CheckPoint Threat appliance, Nova network appliance, Fortinet security appliance, Dell Soho network, security appliance.

The contractor Dancho, Danchev is one of the world's leading experts in the field of cybercrime research and threat intelligence gathering having successfully tracked monitored and profiled high-profile nation-state and malicious actors type of fraudulent activity over the past decade having successfully pioneered and established  a direct connection with some of the world's leading providers of threat intelligence gathering.

The contractor's  initial goal for the purpose of the Obmonix platform would be to achieve the world's largest and most comprehensive sensor type of network for monitoring profiling and keeping track of nation-state malicious-actors type of fraudulent and malicious activity.

The project main base would be located in a discreet location in Sofia Bulgaria. The contractor would eventually ensure that active RF shielding including basic physical security measures are taken in place including active surveillance military-grade fence and an associated security guard are in place for the purpose of establishing the foundation of a secure work environment.

The Obmonix platform aims to build the World's most versatile and comprehensive sensor network for intercepting monitoring and responding to cybercrime and cyber jihad events successfully deploying a variety of proprietary sensor network based of honeypot appliances industry-wide partnership including the utilization of proprietary cybercrime and cyber jihad forum and community monitoring and infiltration campaigns successfully positioning the platform as the leading indicator for cybercrime and cyber jihad activity globally.

Cost Proposal - Detailed Project Information

01. Equipment cost - The Obmonix platform will ultimately rely on the following equipment cost for the purpose of establishing the foundations for the Obmonix platform.

• FortiMail
• FortiSandbox
• Blue Coat Malware Analysis
• Vormetric encryption appliance
• Checkpoint DDoS Protector
• Encryption appliance
• Cisco Catalyst
• Kapow appliance
• Appliance router
• Analytics appliance
• Infoblox Trinzic 1420
• Nova network security
• Cisco firewall appliance
• IllusionBlack Framework
• Rosette appliance
• Systran appliance
• NAS appliance
• pfSense
• Honeybox appliance
• Honeybox SCADA appliance
• Network equipment

Detailed Project Funding Phase Information

01. The initial funding phrase will consist of active acquisition of assets for the purpose of obtaining access to industry leading and proprietary selected providers of threat intelligence for the purpose of establishing the foundations for an active sensors network type of cybercrime/cyber jihad monitor sensor network type of data. The initial stage will consist of obtaining assets for the purpose of obtaining access to industry leading and proprietary selected equipment for the purpose of setting the foundations for a successful sensor network based type of data.

• The initial phase will consist of active purchase of the following equiptment: FortiSandbox, Blue Coat Malware Analysis, NAS Storage, Cisco Firewall, PfSense, Cisco Catalyst, Vormetric encryption appliance, including the following subscription-based type of threat intelligence gathering data - Team Cumry threat data feed, Kaspersky threat data feed, Abusix,threat data feed, MalwarePatrol threat data feed, Sophos threat data feed, OPSWAT, Abusix Threat Feed, ProjectHoneypot threat data feed.

Including the following Threats Feeds:

• Kaspersky Data Feed
• Sophos Data Feed
• Jigsaw Threat Data Feed
• IBM X-Force Exchange
• Team Cumry Data Feed
• Proofpoint Threat Feed
• NetSTAR Data Feed
• RiskIQ Data Feed
• ESET Data Feed
• Pixalate Data Feed
• MalwarePatrol Data Feed
• Abusix Data Feed
• Massive Data Feed
• PhishLabs Data Feed
• LookingGlass Data Feed
• Blueliv Data Feed
• Mnemonic Data Feed
• Cyren Data Feed
• ADMINUSLabs Data Feed
• NSFOCUS Data Feed
• Webroot Data Feed
• Symantec Data Feed
• VirusTotal Data Feed
• ProjectHoneypot Data Feed

02. The second funding phase will consist of active acquisition of honeypot appliance including active netblock purchase within a dedicated set of countries for the purpose of establishing the foundations of an active sensor network type of data-acquisition activities.

• The second funding phase will consist of active acquisition of the following proprietary appliances: Honeybox Enterprise, Infoblox Trinzic 1420, honeybox SCADA, including netblocks within a dedicated set of countries - Algeria, Argentina, Bahrain, Bolivia, Brazil, Burkina faso, Chile, China, Colombia, Cyprus, Ecuador, Guatemala, Jordan, Democratic People’s Republic of Korea, Liberia, Macao, Maldives, Moldova, Republic of Nauru, Niger, Pakistan, Poland, Romania, Sierra Leone, Sudan, Arab Republic Syrian, Togo, Uganda, Vanuatu, Yemen.

03. The third funding phase will consist of active purchase of service and solution-based appliance, including data-processing appliance, including localization appliance, for the purpose of setting up the foundations for the Obmonix platform successfully empowering its operator with the necessary data and expertise for the purpose of actively responding to global cybercrime and jihad events.

• The third funding phase will consist of active purchase of the following appliances: Kapow Software, Rosette appliance, Systran appliance, Sentinel appliance, Palantir appliance.

In case you're interested in working with me for the purpose of implementing this project including possible investor introduction - I can be reached at dancho.danchev@hush.com

Continue reading →

Historical OSINT - Massive Malicious Software Dropping Campaign Spotted in the Wild

This summary is not available. Please click here to view the post. Continue reading →

People's Information Warfare Concept vs the U.S DoD Cyber Warfare Doctrine

I recently came across to the most recently published DoD Cyberspace Strategy 2018 which greatly reminded me of a variety of resources that I recently took a look at in terms of catching up with some of the latest cyberwarfare trends and scenarios. It appears that the U.S is re-claiming back the dominance over the "communication channel" using a variety of real-life oriented cyber threats including referencing and citing security researchers and NGOs (Non-Profit Organization) as potential threats. Takes you back - doesn't it?

We cannot discuss these if we don't compare their cyber warfare approaches next to one another. It's rather ironic situation, since China has built its cyber warfare doctrine based on the research conducted into the topic by U.S military personnel. At a later stage, Chinese military thinkers perceived the combination of Sun Tzu's military strategies in the virtual realm

The countless number of allegations by countries across the world that China's As for the U.S DoD put in a "catch-up mode" by major news outlets. Pushing the boundaries of the irrelevance? That's for sure.

- Russia doctrine - people's information warfare

With Russia continuing to dominate the threat landscape of terms of massive and large scale economic and financial espionage in the face of cybercrime-driven fraudulent and malicious economy which can be best described as something in the lines of economic terrorism

- China doctrine - people's information warfare - U.S copycats
- Iran's doctrine - academic playground

Let's compare China's People's Army and the U.S DoD to Germany whose vision is that if they forbid the use of "hacking tools" to some and real-life pen-testing tools

The U.S botnet of military hosts was the last indication of total misunderstanding of the current threatscape, by putting the emphasis on the "striking capability", which is rather logical when you have real-life military personnel converted to cyber warriors.

A doctrine that's aiming to prevent sensitive military secrets of leaking is forgetting some of the basics of information warfare - disinformation, or come and hack us, and steal our tweaked sensitive military secrets. On purposely, disinformation on the actual state of cyber warfare preparedness by on purposely suffering security breaches, then whining how they have managed to break.

The left hand never knows what the right one is doing,

Capability matching vs threat acquisition?

China's already reached the unrestricted warfare stage, a phrase when its hacking capabilities empowered Internet users self-mobilize themselves, the U.S DoD is implementing its cyber warfare doctrine, and the rest of the world is whining for yet another password stealer for online games that's phoning back to China.

A little less conversation, a little more action "babe".

Now that's its becoming increasingly clear that cyber jihad is entering into a "stay tuned for a webcast with your favorite terrorist" stage, what we may witness next is terrorist on sand-proof Segways. Cutting the sarcasm, it's becoming boring the listen to the same song played on a different media device. Continue reading →

Joining Team Astalavista - Stay Tuned!

Dear blog readers I wanted to let everyone know that I will be shortly joining Team Astalavista - The World's Most Popular Information Security Portal acting a Managing Director following a successful career as Managing Director through 2003-2006 where I used to maintain a highly informative and educational Security Newsletter featuring exclusive content and security interviews (Security Interviews 2004/2005 - Part 1; Security Interviews 2004/2005 - Part 2; Security Interviews 2004/2005 - Part 3) with people from the Scene including daily content moderation successfully re-positioning the portal as the World's Most Popular Information Security Portal.

How you can help? Consider making a modest donation to ensure a proper and smooth launch of the portal. The donation and sponsorship will go to ensure that the launch is properly empowered with the necessary tools to ensure a smooth launch.

Stay tuned! Continue reading →

Pay-Per-Exploit Acquisition Vulnerability Programs - Pros and cons?

As ZERODIUM starts paying premium rewards to security researchers to acquire their previously unreported zero-day exploits affecting multiple operating systems software and/or devices a logical question emerges in the context of the program's usefulness the potential benefits including potential vulnerabilities within the actual acquisition process - how would the program undermine the security industry and what would be the eventual outcome for the security researcher in terms of fueling growth in the cyber warfare market segment?

In this post I'll discuss the market segment for pay-per-exploit acquisition programs and discuss in-depth the current exploit-acquisition methodology utilized by different vendors and provide in-depth discussion on various over-the-counter acquisition methodologies applied by malicious attackers on their way to monetize access to malware-infected hosts while compromising the confidentiality availability and integrity of the targeted host including an active discussion on the ongoing and potential weaponization of zero day vulnerabilities int the context of today's cyber warfare world.

Having greatly realized the potential of acquiring zero day vulnerabilities for the purpose of actively exploiting end users malicious actors have long been aware of the over-the-counter acquisition market model further enhancing their capabilities when launching malicious campaigns. Among the most widely spread myth about zero day vulnerabilities is the fact that zero day vulnerabilities arethe primary growth factor of the cybercrime ecosystem further resulting in a multi-tude of malicious activity targeting end users.

With vendors continuing to establish the foundations for active vulnerability and exploit acquisition programs third-party vendors and research organizations continue successfully disintermediating the vendor's major vulnerability and exploit acquisition programs successfully resulting in the launch and establishment of third-party services and products further populating the security-industry with related products and services potentially acquiring "know-how" and relevant vulnerability and exploit information from major vendors further launching related companies and services potentially empowering third-party researchers vendors and individuals including nation-state actors with potential weaponization capabilities potentially leading to successful target-acquisition practices on behalf of third-party researchers and individuals.


Becoming a target in the widespread context of third-party vendors and researchers might not be the wisest approach when undermining potential research and in-house research and benchmarking activities in terms of evaluating and responding to vulnerabilities and exploits. Vendors looking for ways to efficiently improve the overall security and product performance in terms of security should consider basic internal benchmarking practices and should also consider a possible incentive-based type of vulnerability and exploit reward-type of revenue-sharing program potentially rewarding company employees and researchers with the necessary tools and incentives to find and discover and report security vulnerabilities and exploits.

Something else worth pointing out in terms of vulnerability research and exploit discovery is a process which can be best described as the life-cycle of a zero day vulnerability and exploit which can be best described as a long-run process utilized by malicious and fraudulent actors successfully utilizing client-side exploits for the purpose of successfully dropping malicious software on the hosts of the targeted victims which often rely on outdated and patched vulnerabilities and the overall misunderstanding that zero day vulnerabilities and exploits are the primary growth factor of the security-industry and will often rely on the fact that end users and enterprises are often unaware of the basic fact that cybercriminals often rely on outdated and patched vulnerabilities successfully targeting thousands of users globally on a daily basis.

What used to be a market-segment dominated by DIY (do-it-yourself) exploit and malware-generating tools is today's modern market-segment dominated by Web malware-exploitation kits successfully affecting thousands of users globally on a daily basis. In terms of Web-malware exploitation kits among the most common misconceptions regarding the utilization of such type of kits is the fact that the cybercriminals behind it rely on newly discovered exploits and vulnerabilities which in fact rely on outdated and already patched security vulnerabilities and exploits for the purposes of successfully enticing thousands of users globally into falling victim into social-engineering driven malicious and fraudulent campaigns.

Despite the evident usefulness from a malicious actor's point of view when launching malicious campaigns malicious actors continue utilizing outdated vulnerabilities for the purpose of launching malicious campaigns further utilizing a multi-tude of social engineering attack vectors to enhance the usefulness of the exploitation vector. Another crucial aspect of the pay-per-exploit acquisition vulnerability model is, the reliance on outdated and unpatchted vulnerabilities for the purpose of launching malicious campaigns further relying on the basic fact that on the majority of occasions end users fail to successfully update their third-party applications often exposing themselves to a variety of successful malicious campaigns utilizing outdated and unpatched vulnerabilities.

We expect to continue observing an increase in the pay-per-exploit acquisition model with, related acquisition model participants continuing to acquire vulnerabilities further fueling growth into the market segment. We expect that malicious actors will adequately respond through over-the-counter acquisition models including the utilization of outdated and unpatched vulnerabilities. End users are advised to continue ensuring that their third-party applications are updated to build a general security awareness and to ensure that they're running a fully patched antivirus solution.

Consider going through the following related posts:
Researchers spot new Web malware exploitation kit
Web malware exploitation kits updated with new Java exploit
Which are the most commonly observed Web exploits in the wild?
Report: Patched vulnerabilities remain prime exploitation vector
Report: malicious PDF files becoming the attack vector of choice
Malvertising campaigns at multiple ad networks lead to Black Hole Exploit Kit
56 percent of enterprise users using vulnerable Adobe Reader plugins
Report: third party programs rather than Microsoft programs responsible for most vulnerabilities
Report: malicious PDF files becoming the attack vector of choice
Malvertising campaigns at multiple ad networks lead to Black Hole Exploit Kit
56 percent of enterprise users using vulnerable Adobe Reader plugins
Report: third party programs rather than Microsoft programs responsible for most vulnerabilities
Report: 64% of all Microsoft vulnerabilities for 2009 mitigated by Least Privilege accounts
Secunia: popular security suites failing to block exploits
37 percent of users browsing the Web with insecure Java versions
Which are the most commonly observed Web exploits in the wild?
Report: Malicious PDF files comprised 80 percent of all exploits for 2009
Secunia: Average insecure program per PC rate remains high

Continue reading →

HIstorical OSINT - Malicious Economies of Scale - The Emergence of Efficient Platforms for Exploitation - 2007

Dear blog readers it's been several years since I last posted a quality update following my 2010 disappearance. As it's been quite a significant period of time since I last posted a quality update I feel it's about time I post an quality update by detailing the Web Malware Exploitation market segment circa 2007 prior to my visit to the GCHQ as an independent contractor with the Honeynet Project.

In this post I'll discuss the rise of Web malware exploitation kits circa 2007 and offer in-depth discussion on the current and emerging tactics techniques and procedures (TTPs) of the cybercriminals behind it. With cybercriminals continuing to actively rely on the exploitation of patched and outdated vulnerabilities and with end users continuing to actively utilize unpatched and outdated third-party software it shouldn't be surprising that today's botnets remain relatively easy to generate and orchestrate for the purpose of committing financial fraud.

Malicious Economies of Scale literally means utilizing attack techniques and exploitation approaches to efficiently, yet cost and time effectively, infect or abuse as many victims as possible, in a combination with an added layer of improved metrics on the success of the campaigns. What are the most popular web exploitation kits that malicious parties use to achieve this? Which are the most popular vulnerabilities used in the majority of the kits? What are the most popular techniques for embedding malware? This white paper will outline this efficiency-centered attack model, and will cover web application vulnerabilities, client-side vulnerabilities, malvertising and black hat SEO (search engine optimization).

An overview of the threats posed by rising number of malware embedded sites, with a discussion of the exploitation techniques and kits used, as well as detailed summaries of all the high-profile such attacks during 2007.

01. Reaching the Efficiency Scale Through a Diverse Set of Exploited Vulnerabilities

2007 was the year in which client-side vulnerabilities significantly replaced server-side ones as the preferred choice of malicious attackers on their way to achieve the highest possible attack success rate, while keeping their investment in terms of know-how and personal efforts to the minimum. Among the most successful such attacks during 2007 was Storm Worm, the perfect example that the use of outdated and already patched vulnerabilities can result in aggregating the world’s largest botnet according to industry and independent researchers’ estimates. By itself, this attack technique is in direct contradiction with the common wisdom that zero day vulnerabilities are more dangerous than already patched ones, however, the gang behind Storm Worm quickly envisioned this biased statement as false, and by standardizing the exploitation process with the help of outdated vulnerabilities achieved an enormous success.

Years ago, whenever, a vulnerability was found and exploit code released in the wild, malicious attackers used to quickly released a do-it-yourself exploitation kit to take advantage of a single exploit only. Nowadays, that’s no longer the case, since by using a single exploit whether an outdated, or zero day one, they’re significantly limiting the probability for a successful attack, and therefore the more diverse and served on-the-fly is the set of exploits used in an attack, the higher would the success rate be.

What was even more interesting to monitor during 2007, was the rise of high-profile sites serving malware, and the decline of malware coming from bogus ones. From the Massive Embedded Malware Attack at a large Italian ISP to the Bank of India, the Syrian Embassy in the U.K, the U.S Consulate in St. Petersburg, China’s CSIRT, Possibility Media’s entire portfolio of E-zines, to the French government’s site related to Lybia, these trusted web sites were all found to serve malware though an embedded link pointing back to the attacker’s malicious server. Let’s clarify what malicious economies of scale means, and how do they do it.

02. What is malicious economies of scale, and how is it achieved?

Malicious economies of scale is a term I coined in 2007 to summarize the ongoing trend of efficiently attacking online users, by standardizing the exploitation process, and by doing so, not just lowering the entry barriers into the process of exploiting a large number of users, but also, maintaining a rather static success rate of infections. Malicious economies of scale is the efficient way by which a large number of end users get infected, or have their online abused, with the malicious parties maintaining a static attack model. It’s perhaps more important to also describe how is the process achieved at the first place? The first strategy applied has to do with common sense in respect to the most popular software applications present at the end user’s end, and the first touch-point in this case would be the end user’s Internet browser.

Having its version easily detected and exploit served, one that’s directly matching the vulnerable version, is among the web exploitation kits main functionalities. Let’s continue with the second strategy, namely to increase the probability of success. As I’ve already pointed out, do-it-yourself single vulnerability exploiting tools matured into web exploitation malware kits, now backed up with a diverse set of exploits targeting different client-side applications, which in this case is the process of increasing the probability of successful infection. The third strategy has to do with attracting the traffic to the malicious server, that as I’ve already discussed is already automatically set to anticipate the upcoming flood of users and serve the malware through exploiting client-side software vulnerabilities on their end. This is mainly done through exploiting remote file inclusion vulnerabilities within the high-profile targets, or through remotely exploitable web application vulnerabilities to basically embed a single line of code, or an obfuscated javascript that when deobfuscated will load the malicious URL in between loading the legitimate site.

Popular Malware Embedded Attack Tactics

This part of the article will briefly describe some of the most common attack tactics malicious parties use to embed links to their malicious servers on either high-profile sites, or any other site with a high pagerank, something they’ve started measuring as of recently according to threat intell assessment on an automated system to embed links based on a site’s popularity.

• The “pull” Approach – Blackhat SEO, Harnessing the Trusted Audience of a Hacked Site

In this tactic, malicious parties entirely rely on the end users to reach their malicious server, compared to the second tactic of “pushing” the malicious links to them. This is primarily accomplished through the use of Blackhat SEO tools generating junk content with the idea to successfully attract search engine traffic for popular queries, thus infecting anyone who visits the site, who often appear within the first twenty search results. The second “pull” approach such tactic is harnessing the already established trust of a site such as major news portal for instance, and by embedding a link to automatically load on the portal, have the users actually “pull” the malware for themselves

• The “push” Approach – Here’s Your Malware Embedded Link

The “push” approach’s success relies in its simple logic, with end users still worrying about downloading or clicking on email attachments given the overall lack of understanding on how to protect from sites serving malware, it’s logical to consider that basically sending a link which once visited will automatically infect the visitor though exploiting a client-side vulnerability, actually works. Storm Worm is the perfect example, and to demonstrate what malicious economies of scale means once again, it’s worth mentioning Storm’s approach of having an already infected host act as an infection vector itself, compared to its authors having to register multiple domains and change them periodically. The result is malware embedded links exploiting client-side vulnerabilities in the form of an IP address, in this case an already infected host that’s now aiming to infect another one

• Automatically Exploiting Web Application Vulnerabilities – Mass SQL Injection Attacks

As I’ve already pointed out, malicious parties are not just efficiently scanning for remotely exploitable web application vulnerabilities or looking for ways to remotely include files on any random host, they’ve started putting efforts into analyzing the page rank, and overall popularity of a site they could exploit. This prioritizing of the sites to be used for a “pull” tactic is aiming to achieve the highest possible success rate by targeting a high-trafficked site, where even though the attack can be detected, the “window of opportunity” while the users were also accessing the malicious server could be far more beneficial than having a permanent malware link on a less popular site for an indefinite period of time.

• Malicious Advertisements - Malvertising

Among the most popular traffic acquisition tactics nowadays remain the active utilization of legitimate Web properties for the purpose of socially engineering an ad network provider into featuring a specific malware-serving advertising at the targeted Web site including active Web site compromise for the purpose of injecting rogue and malicious ads on the targeted host.

Related posts:

• Historical OSINT - Malicious Malvertising Campaign, Spotted at FoxNews, Serves Scareware
• Cybercriminals Launch Malicious Malvertising Campaign, Thousands of Users Affected
• Managed SWF Injection Cybercrime-friendly Service Fuels Growth Within the Malvertising Market Segment

• Buying Access to Hacked Cpanels or Web Servers

Thanks to a vibrant DIY (do-it-yourself) Web malware exploitation kit culture including the active utilization of various DIY Web site exploitation and malware-generating cybercriminals continue actively utilizing stolen and compromised accounting data for the purpose of injecting malicious scripts on the targeted host further compromising the confidentiality availability and integrity of the targeted host.

• Harvesting accounting data from malware infected hosts

Having an administrator access to a domains portfolio, or any type of access though a web application backdoor or direct FTP/SSH, has reached its commercial level a long time ago. In fact, differentiated pricing applies in this case, on the basis of a site’s page rank, whereas I’ve stumbled upon great examples of “underground goods liquidity” as a process, where access to a huge domains portfolio though a hacked Cpanels is being offered for cents with the seller’s main concern that cents are better than nothing, nothing in the sense that she may loose access to the Cpanel before its being sold and thus ends up with nothing. Now, let’s discuss the most popular malware exploitation kits currently in the wild.

The Most Popular Web Malware Exploitation Kits

Going into detail about the most common vulnerabilities used in the multitude of web malware exploitation kits could be irrelevant from the perspective of their current state of “modularity”, that is, once the default installation of the kit contains a rather modest set of exploits, the possibility to add new exploits to be used has long reached the point’n’click stage. Even worse, localizing the kits to different languages further contributes to their easy of use and acceptance on a large scale, just as is their open source nature making it easy for coders to use a successful kit’s modules as a foundation for a new one – something’s that’s happening already, namely the different between a copycat kit and an original coded from scratch one. Among the most popular malware kits remain :

• A Brief Overview of MPack, IcePack, Zunker, Advanced Pack and Fire Pack

During 2007, Mpack emerged as the most popular malware exploitation kit. Originally available for purchase, by the time copies of the kit started leaking out, anyone from a script kiddie to a pragmatic attacker have obtained copy of it. Mpack’s main strength is that of its well configured default installation, which in a combination with a rather modest, but then again, modular set of exploits included, as well as its point’n’click level of sophistication automatically turned it into the default malware kit. Mpack’s malware kit has been widely used on nearly all of the high-profile malware embedded attacks during 2007, however, its popularity resulted in way too much industry attention towards its workings, and therefore, malicious parties starting coming up with new kits, still using Mpack as the foundation at least from a theoretical perspective.

The list is endless, the Nuclear Malware kit, Metaphisher, old version of the WebAttacker and the Rootlauncher kit, with the latest and most advanced innovation named the Random JS Exploitation Kit. Compared to the previous one, this one is going a step beyond the usual centralized malicious server.

With malicious parties now interested in controlling as much infected hosts with as little effort as possible, client-side vulnerabilities will continue to be largely abused in an efficient way thought web malware exploitation kits in 2008. The events that took place during 2007, clearly demonstrate the pragmatic attack approaches malicious parties started applying, namely realizing that an outdated but unpatched on a large scale vulnerability is just as valuable as a zero day one. Continue reading →

Historical OSINT - Massive Blackhat SEO Campaign Spotted in the Wild Serves Scareware

It's 2010 and I've recently stumbled upon a currently active and circulating malicious and fraudulent blackhat SEO campaign successfully enticing hundreds of thousands globally into interacting with a multi-tude of rogue and malicious software also known as scareware.

In this post I'll profile the campaign discuss in-depth the tactics techniques and procedures of the cybercriminals behind it and provide actionable intelligence on the infrastructure behind it.

Related malicious domains known to have participated in the campaign:
hxxp://ozeqiod.cn?uid=213 - redirector - 64.86.25.201 - hxxp://bexwuq.cn

Sample URL redirection chain:
hxxp://ymarketcoms.cn/?pid=123

Related malicious domains known to have responded to the same malicious C&C server IPs (64.86.25.201):
hxxp://bombas101.com
hxxp://trhtrtrbtrtbtb.com
hxxp://opensearch-zone.com
hxxp://imaera.cn
hxxp://ariexa.cn
hxxp://ozeqiod.cn
hxxp://ariysle.cn
hxxp://ajegif.cn
hxxp://adiyki.cn
hxxp://acaisek.cn
hxxp://yvamuer.cn
hxxp://protectinstructor.cn
hxxp://blanshinblansh.net
hxxp://kostinporest.net

Related malicious domains known to have participated in the campaign:
hxxp://azikyxa.cn
hxxp://befaqki.cn
hxxp://ataini.cn
hxxp://atoycri.cn
hxxp://bimpuj.cn
hxxp://bekajop.cn
hxxp://bexwuq.cn
hxxp://azywoax.cn
hxxp://azaijy.cn

We'll continue monitoring the campaign and post updates as soon as new developments take place. Continue reading →

Historical OSINT - A Diversified Portfolio of Fake Security Software Spotted in the Wild

It's 2010 and I've recently stumbled upon yet another malicious and fraudulent domain portfolio serving a variety of fake security software also known as scareware potentially exposing hundreds of thousands of users to a variety of fake security software with the cybercriminals behind the campaign potentially earning fraudulent revenue largely relying on the utilization of an affiliate-network based type of revenue-sharing scheme.

Related malicious domains known to have participated in the campaign:
hxxp://50virus-scanner.com
hxxp://700virus-scanner.com
hxxp://antivirus-test66.com
hxxp://antivirus200scanner.com
hxxp://antivirus600scanner.com
hxxp://antivirus800scanner.com
hxxp://antivirus900scanner.com
hxxp://av-scanner200.com
hxxp://av-scanner300.com
hxxp://av-scanner400.com
hxxp://av-scanner500.com
hxxp://inetproscan031.com
hxxp://internet-scan020.com
hxxp://novirus-scan00.com
hxxp://stopvirus-scan11.com
hxxp://stopvirus-scan13.com
hxxp://stopvirus-scan16.com
hxxp://stopvirus-scan33.com
hxxp://virus66scanner.com
hxxp://virus77scanner.com
hxxp://virus88scanner.com
hxxp://antivirus-scan200.com
hxxp://antispy-scan200.com
hxxp://av-scanner200.com
hxxp://av-scanner300.com
hxxp://antivirus-scan400.com
hxxp://antispy-scan400.com
hxxp://av-scanner400.com
hxxp://av-scanner500.com
hxxp://antivirus-scan600.com
hxxp://antispy-scan600.com
hxxp://antivirus-scan700.com
hxxp://antispy-scan700.com
hxxp://av-scanner700.com
hxxp://antispy-scan800.com
hxxp://antivirus-scan900.com
hxxp://novirus-scan00.com
hxxp://stop-virus-010.com
hxxp://spywarescan010.com

Related malicious domains known to have participated in the campaign:
hxxp://antispywarehelp010.com
hxxp://internet-scan020.com
hxxp://internet-scanner020.com
hxxp://insight-scan20.com
hxxp://internet-scanner030.com
hxxp://stop-virus-040.com
hxxp://internet-scan040.com
hxxp://insight-scan40.com
hxxp://internet-scan050.com
hxxp://internet-scanner050.com
hxxp://insight-scan60.com
hxxp://stop-virus-070.com
hxxp://internet-scan070.com
hxxp://internet-scanner070.com
hxxp://insight-scan80.com
hxxp://stop-virus-090.com
hxxp://internet-scan090.com
hxxp://internet-scanner090.com
hxxp://insight-scan90.com
hxxp://antispywarehelpk0.com
hxxp://inetproscan001.com
hxxp://novirus-scan01.com
hxxp://spyware-stop01.com
hxxp://antivirus-inet01.com
hxxp://stopvirus-scan11.com
hxxp://inetproscan031.com
hxxp://novirus-scan31.com
hxxp://antivirus-inet31.com
hxxp://novirus-scan41.com
hxxp://antivirus-inet41.com
hxxp://antivirus-inet51.com
hxxp://inetproscan061.com
hxxp://novirus-scan61.com

Related malicious domains known to have participated in the campaign:
hxxp://inetproscan081.com
hxxp://novirus-scan81.com
hxxp://inetproscan091.com
hxxp://spyware-stopb1.com
hxxp://spyware-stopm1.com
hxxp://spyware-stopn1.com
hxxp://spyware-stopz1.com
hxxp://antispywarehelp002.com
hxxp://antispywarehelp022.com
hxxp://novirus-scan22.com
hxxp://antispywarehelpk2.com
hxxp://insight-scanner2.com
hxxp://spywarescan013.com
hxxp://stopvirus-scan13.com
hxxp://novirus-scan33.com
hxxp://stopvirus-scan33.com
hxxp://antispywarehelp004.com
hxxp://antispywarehelpk4.com
hxxp://spywarescan015.com
hxxp://novirus-scan55.com
hxxp://insight-scanner5.com
hxxp://stopvirus-scan16.com
hxxp://stopvirus-scan66.com
hxxp://antispywarehelpk6.com
hxxp://spywarescan017.com
hxxp://insight-scanner7.com
hxxp://antispywarehelp008.com
hxxp://spywarescan018.com
hxxp://stopvirus-scan18.com
hxxp://novirus-scan88.com
hxxp://stopvirus-scan88.com
hxxp://antivirus-test88.com
hxxp://antispywarehelpk8.com
hxxp://insight-scanner8.com
hxxp://insight-scanner9.com

Related malicious domains known to have participated in the campaign:
hxxp://10scanantispyware.com
hxxp://20scanantispyware.com
hxxp://30scanantispyware.com
hxxp://60scanantispyware.com
hxxp://80scanantispyware.com
hxxp://2scanantispyware.com
hxxp://3scanantispyware.com
hxxp://5scanantispyware.com
hxxp://7scanantispyware.com
hxxp://8scanantispyware.com
hxxp://spyware200scan.com
hxxp://spyware500scan.com
hxxp://spyware800scan.com
hxxp://spyware880scan.com
hxxp://50virus-scanner.com
hxxp://90virus-scanner.com
hxxp://antivirus900scanner.com
hxxp://antivirus10scanner.com
hxxp://virus77scanner.com
hxxp://virus88scanner.com
hxxp://net001antivirus.com
hxxp://net011antivirus.com
hxxp://net111antivirus.com
hxxp://net021antivirus.com
hxxp://net-02antivirus.com
hxxp://net222antivirus.com
hxxp://net-04antivirus.com
hxxp://net-05antivirus.com
hxxp://net-07antivirus.com

We'll continue monitoring the campaign and post updates as soon as new developments take place. Continue reading →

Historical OSINT - A Diversified Portfolio of Fake Security Software

It's 2010 and I've recently stumbled upon a currently active and circulating malicious and fraudulent porfolio of fake security software also known as scareware potentially enticing hundreds of thousands of users to a multi-tude of malicious software with the cybercriminals behind the campaign potentially earning fraudulent revenue in the process of monetizing access to malware-infected hosts largely relying on the utilization of an affiliate network-based type of revenue sharing scheme.

Related malicious domains known to have participated in the campaign:
hxxp://thebest-antivirus00.com - 91.212.226.203; 94.228.209.195
hxxp://virusscannerpro0.com
hxxp://lightandfastscanner01.com
hxxp://thebest-antivirus01.com
hxxp://thebestantivirus01.com
hxxp://remove-spyware-11.com
hxxp://remove-virus-11.com
hxxp://thebest-antivirus11.com
hxxp://antispyware-module1.com
hxxp://antispywaremodule1.com
hxxp://antivirus-toolsr1.com
hxxp://thebest-antivirus1.com
hxxp://thebest-antivirusx1.com
hxxp://thebestantivirus02.com
hxxp://remove-spyware-12.com
hxxp://remove-virus-12.com
hxxp://delete-all-virus-22.com
hxxp://lightandfastscanner22.com
hxxp://prosecureprotection2.com
hxxp://virusscannerpro2.com
hxxp://antivirus-toolsr2.com
hxxp://thebest-antivirusx2.com
hxxp://thebestantivirus03.com
hxxp://remove-spyware-13.com
hxxp://remove-virus-13.com
hxxp://antispyware-module3.com
hxxp://antispywaremodule3.com
hxxp://virusscannerpro3.com
hxxp://windowsantivirusserver3.com
hxxp://thebest-antivirusx3.com
hxxp://thebestantivirus04.com
hxxp://remove-spyware-14.com
hxxp://remove-virus-14.com
hxxp://antispyware-scann4.com
hxxp://antivirus-toolsr4.com
hxxp://thebest-antivirusx4.com
hxxp://thebestantivirus05.com
hxxp://remove-all-spyware-55.com
hxxp://delete-all-virus-55.com
hxxp://thebest-antivirusx5.com
hxxp://remove-spyware-16.com
hxxp://lightandfastscanner66.com
hxxp://antispywaremodule6.com
hxxp://antispyware-module7.com
hxxp://antispywaremodule7.com
hxxp://antivirus-toolsr7.com
hxxp://antispyware-scann8.com
hxxp://pro-secure-protection8.com
hxxp://windowsantivirusserver8.com
hxxp://antispyware-module9.com
hxxp://antispywaremodule9.com
hxxp://antispyware-scann9.com
hxxp://virusscannerpro9.com
hxxp://antivirus-toolsr9.com
hxxp://thebest-antivirus9.com
hxxp://antiviruspro1scan.com
hxxp://antiviruspro2scan.com
hxxp://antiviruspro7scan.com
hxxp://antiviruspro8scan.com
hxxp://antiviruspro9scan.com
hxxp://antispyware6sacnner.com
hxxp://antivirusv1tools.com
hxxp://antispyware10windows.com
hxxp://antispyware20windows.com
hxxp://antivirus-toolsvv.com
hxxp://remove-spyware-11.com
hxxp://remove-virus-11.com
hxxp://remove-spyware-12.com
hxxp://remove-virus-12.com
hxxp://delete-all-virus-22.com
hxxp://prosecureprotection2.com
hxxp://remove-spyware-13.com
hxxp://remove-virus-13.com
hxxp://windowsantivirusserver3.com
hxxp://remove-spyware-14.com
hxxp://remove-virus-14.com
hxxp://remove-all-spyware-55.com
hxxp://delete-all-virus-55.com
hxxp://remove-spyware-16.com
hxxp://pro-secure-protection8.com
hxxp://windowsantivirusserver8.com
hxxp://antivirus-toolsr9.com
hxxp://antivirusv1tools.com
hxxp://antispyware10windows.com
hxxp://antispyware20windows.com
hxxp://antivirus-toolsvv.com

Related malicious domains known to have participated in the campaign:
hxxp://run-antivirusscan0.com
hxxp://runantivirusscan0.com
hxxp://remove-spyware-11.com
hxxp://remove-virus-11.com
hxxp://run-virus-scanner1.com
hxxp://remove-spyware-12.com
hxxp://remove-virus-12.com
hxxp://delete-all-virus-22.com
hxxp://remove-spyware-13.com
hxxp://remove-virus-13.com
hxxp://runantivirusscan3.com
hxxp://run-virusscanner3.com
hxxp://remove-spyware-14.com
hxxp://remove-virus-14.com
hxxp://run-virusscanner4.com
hxxp://remove-virus-15.com
hxxp://remove-all-spyware-55.com
hxxp://delete-all-virus-55.com
hxxp://remove-spyware-16.com
hxxp://run-virus-scanner6.com
hxxp://run-virusscanner6.com
hxxp://runantivirusscan8.com
hxxp://run-virus-scanner8.com
hxxp://windowsantivirusserver8.com
hxxp://run-virus-scanner9.com
hxxp://run-virusscanner9.com

Related malicious domains known to have participated in the campaign:
hxxp://run-antivirusscan0.com
hxxp://run-antivirusscan1.com
hxxp://run-antivirusscan3.com
hxxp://run-antivirusscan6.com
hxxp://run-antivirusscan8.com
hxxp://runantivirusscan0.com
hxxp://runantivirusscan3.com
hxxp://runantivirusscan4.com
hxxp://runantivirusscan9.com
hxxp://securepro-antivirus1.com

Related malicious domains known to have participated in the campaign:
hxxp://anti-virus-system0.com
hxxp://run-antivirusscan0.com
hxxp://runantivirusscan0.com
hxxp://perform-antivirus-scan-1.com
hxxp://remove-spyware-11.com
hxxp://remove-virus-11.com
hxxp://antivirus-system1.com
hxxp://performspywarescan1.com
hxxp://run-virus-scanner1.com
hxxp://remove-spyware-12.com
hxxp://remove-virus-12.com
hxxp://delete-all-virus-22.com
hxxp://antivirus-scanner-3.com
hxxp://remove-spyware-13.com
hxxp://remove-virus-13.com
hxxp://runantivirusscan3.com
hxxp://run-virusscanner3.com
hxxp://remove-spyware-14.com
hxxp://remove-virus-14.com
hxxp://gloriousantivirus2014.com
hxxp://run-virusscanner4.com
hxxp://smart-pcscanner05.com
hxxp://remove-virus-15.com
hxxp://remove-all-spyware-55.com
hxxp://delete-all-virus-55.com
hxxp://perform-virus-scan5.com
hxxp://perform-antivirus-scan-6.com
hxxp://antivirus-scanner-6.com
hxxp://remove-spyware-16.com
hxxp://run-virus-scanner6.com
hxxp://run-virusscanner6.com
hxxp://antivirus-scan-server6.com
hxxp://perform-antivirus-scan-7.com
hxxp://perform-antivirus-test-7.com
hxxp://antivirus-win-system7.com
hxxp://antivirus-for-pc-8.com

Related malicious domains known to have participated in the campaign:
hxxp://perform-antivirus-scan-8.com
hxxp://perform-antivirus-test-8.com
hxxp://run-antivirusscan8.com
hxxp://runantivirusscan8.com
hxxp://run-virus-scanner8.com
hxxp://windowsantivirusserver8.com
hxxp://perform-antivirus-test-9.com
hxxp://perform-virus-scan9.com
hxxp://antispywareinfo9.com
hxxp://run-virus-scanner9.com
hxxp://run-virusscanner9.com
hxxp://antispyware06scan.com
hxxp://antispywareinfo9.com
hxxp://antivirus-for-pc-2.com
hxxp://antivirus-for-pc-4.com
hxxp://antivirus-for-pc-6.com
hxxp://antivirus-for-pc-8.com
hxxp://antiviruspro8scan.com
hxxp://extra-antivirus-scan1.com
hxxp://extra-security-scanb1.com
hxxp://run-antivirusscan0.com
hxxp://run-antivirusscan1.com
hxxp://run-antivirusscan3.com
hxxp://run-antivirusscan6.com
hxxp://run-antivirusscan8.com
hxxp://runantivirusscan0.com
hxxp://runantivirusscan3.com
hxxp://runantivirusscan4.com
hxxp://runantivirusscan9.com
hxxp://securepro-antivirus1.com
hxxp://super-scanner-2004.com
hxxp://top-rateanrivirus0.com
hxxp://topantimalware-scanner7.com

We'll continue monitoring the campaign and post updates as soon as new developments take place. Continue reading →

Historical OSINT - Massive Blackhat SEO Campaign Spotted in the Wild Drops Scareware

This summary is not available. Please click here to view the post. Continue reading →

Historical OSINT - Spamvertized Swine Flu Domains - Part Two

It's 2010 and I've recently came across to a currently active diverse portfolio of Swine Flu related domains further enticing users into interacting with rogue and malicious content.

In this post I'll profile and expose a currently active malicious domains portfolio currently circulating in the wild successfully involved in an ongoing variety of Swine Flu malicious spam campaigns and will provide actionable intelligence on the infrastructure behind it.

Related malicious domains known to have participated in the campaign:
hxxp://pehwitew.cn - 58.17.3.44; 58.20.140.5; 220.248.167.126; 60.191.221.116; 110.52.6.252

Related name servers known to have participated in the campaign:
hxxp://ns6.plusspice.com - 110.52.6.252
hxxp://ns2.morewhole.com
hxxp://ns2.extolshare.com
hxxp://ns2.pridesure.com
hxxp://ns2.swellwise.com
hxxp://ns4.boostwise.com
hxxp://ns6.maxitrue.com
hxxp://ns4.sharezeal.com
hxxp://ns2.extolcalm.com
hxxp://ns4.humortan.com
hxxp://ns2.joysheer.com
hxxp://ns2.zestleads.com
hxxp://ns4.fizzleads.com
hxxp://ns4.maxigreat.com
hxxp://ns4.spicyrest.com
hxxp://ns4.hardyzest.com
hxxp://ns2.resttrust.com
hxxp://ns2.alertwow.com
hxxp://ns2.savetangy.com
hxxp://ns4.lovetangy.com
hxxp://ns2.coyrosy.com

Related malicious domains known to have participated in the campaign:
hxxp://jihpuyab.cn
hxxp://dabwedib.cn
hxxp://jehrawob.cn
hxxp://lacgidub.cn
hxxp://fektiyub.cn
hxxp://qucmolac.cn
hxxp://xopfekec.cn
hxxp://gamfesec.cn
hxxp://xokdemic.cn
hxxp://papxunic.cn
hxxp://jiqlosic.cn
hxxp://liynaloc.cn
hxxp://womrifuc.cn
hxxp://picduluc.cn
hxxp://feqtawuc.cn
hxxp://becfuzuc.cn
hxxp://ximnusad.cn
hxxp://limyoxed.cn
hxxp://cokgozed.cn
hxxp://qursehod.cn
hxxp://pimfilod.cn
hxxp://zofxitod.cn
hxxp://pehdiwod.cn
hxxp://ruvvabud.cn
hxxp://japwolud.cn
hxxp://qolqaqaf.cn
hxxp://tacreyaf.cn
hxxp://rajvufef.cn
hxxp://hiwjadif.cn
hxxp://pejjenif.cn
hxxp://hakyabof.cn
hxxp://rijgihag.cn
hxxp://pipgaqag.cn
hxxp://jaxkewag.cn
hxxp://cikqumog.cn
hxxp://tircodug.cn
hxxp://juryaqug.cn
hxxp://yawfadah.cn
hxxp://yabtudah.cn
hxxp://qifhihah.cn
hxxp://xeyselah.cn
hxxp://cotmetah.cn
hxxp://bulmitah.cn
hxxp://tegbejih.cn
hxxp://tuymokih.cn
hxxp://modqopoh.cn
hxxp://qejpoduh.cn
hxxp://xajsomuh.cn
hxxp://wisziruh.cn
hxxp://maypajej.cn
hxxp://tivhikej.cn
hxxp://holmayej.cn
hxxp://dabtizej.cn
hxxp://koyxuwij.cn
hxxp://romxebuj.cn
hxxp://hilzuluj.cn
hxxp://zulfavuj.cn
hxxp://vojhowuj.cn
hxxp://daldukak.cn
hxxp://rakvirak.cn
hxxp://fimresak.cn
hxxp://zepyosak.cn
hxxp://tovpiwak.cn
hxxp://raqhizak.cn
hxxp://salhibik.cn
hxxp://xonzulik.cn
hxxp://jezwutik.cn
hxxp://lungodok.cn
hxxp://qeytakok.cn
hxxp://weswukuk.cn
hxxp://lawmamuk.cn
hxxp://xomhoruk.cn
hxxp://zitkowuk.cn
hxxp://hoyzexuk.cn
hxxp://cutholal.cn
hxxp://jidtecel.cn
hxxp://jovmuhil.cn
hxxp://guxdipil.cn
hxxp://kujkuwil.cn
hxxp://kojvifol.cn
hxxp://zitgohol.cn
hxxp://cosxotol.cn
hxxp://wahwoxol.cn
hxxp://siqsayol.cn 
hxxp://pipwoqul.cn
hxxp://zilfumam.cn
hxxp://fokvidem.cn
hxxp://vamhefem.cn
hxxp://hipxetem.cn
hxxp://hasrozem.cn
hxxp://yovbafim.cn
hxxp://zutgaqim.cn
hxxp://kamnorim.cn
hxxp://nussotim.cn
hxxp://yiblegom.cn
hxxp://vorteyom.cn
hxxp://mokgupum.cn
hxxp://xennesum.cn
hxxp://feshivum.cn
hxxp://nakcaban.cn
hxxp://yaxxokan.cn
hxxp://qikciqan.cn
hxxp://gagsuran.cn
hxxp://bopxuran.cn
hxxp://giwduvan.cn
hxxp://gixreqin.cn
hxxp://leccatin.cn
hxxp://jollipon.cn
hxxp://vuzlopon.cn
hxxp://butkoxon.cn
hxxp://falyewun.cn
hxxp://noscajap.cn
hxxp://xirqocep.cn
hxxp://daqdohep.cn
hxxp://wokvarep.cn
hxxp://hoggudip.cn
hxxp://heqfavip.cn
hxxp://jowrewip.cn
hxxp://cimqiqop.cn
hxxp://cibqobup.cn
hxxp://zijreyup.cn
hxxp://tosnabaq.cn
hxxp://tochekaq.cn
hxxp://cosmoqaq.cn
hxxp://zavnusaq.cn
hxxp://vufsaqeq.cn
hxxp://dagligiq.cn
hxxp://wugjaziq.cn
hxxp://fepsuwoq.cn
hxxp://pombeyoq.cn
hxxp://dokcokuq.cn
hxxp://diwsutuq.cn
hxxp://sayjumar.cn
hxxp://jidxurer.cn
hxxp://qalhiyir.cn
hxxp://goqtoqor.cn
hxxp://gaxdavor.cn
hxxp://kazqikas.cn
hxxp://piskeces.cn
hxxp://qamhadis.cn
hxxp://wifdixis.cn
hxxp://hejhelos.cn
hxxp://hedwimos.cn
hxxp://kerrucus.cn
hxxp://forhalus.cn
hxxp://fesnupus.cn
hxxp://lanzuhat.cn
hxxp://kadmepat.cn
hxxp://potzoyat.cn
hxxp://jupkevet.cn
hxxp://xagmiqit.cn
hxxp://woxjatit.cn
hxxp://gukpuxit.cn
hxxp://dubpacut.cn
hxxp://nifbihut.cn
hxxp://qunkofav.cn
hxxp://vippogav.cn
hxxp://rimjulav.cn
hxxp://kemhenav.cn
hxxp://gutziqav.cn
hxxp://gipbilev.cn
hxxp://kaxcidiv.cn
hxxp://xajwawov.cn
hxxp://rejcoyov.cn
hxxp://jogsuduv.cn
hxxp://lamfoguv.cn
hxxp://daxtohuv.cn
hxxp://mihwuxuv.cn
hxxp://hiwjuhaw.cn
hxxp://gohkijaw.cn
hxxp://tuwqetaw.cn
hxxp://lacjebew.cn
hxxp://vodrubew.cn
hxxp://pehwitew.cn
hxxp://yezxewew.cn
hxxp://yuvsobow.cn
hxxp://yodmapow.cn
hxxp://qotpobuw.cn
hxxp://megrafuw.cn
hxxp://zamponuw.cn
hxxp://kotzequw.cn
hxxp://yudmaruw.cn
hxxp://hamqiruw.cn
hxxp://siwwawuw.cn
hxxp://veqniwuw.cn
hxxp://bepnudax.cn
hxxp://jehfefax.cn
hxxp://boxjokex.cn
hxxp://yoclerex.cn
hxxp://guzjacix.cn
hxxp://mexcekix.cn
hxxp://kibtixix.cn
hxxp://conyixix.cn
hxxp://famlojox.cn
hxxp://jizwalox.cn
hxxp://dahhowox.cn
hxxp://zicquvtx.cn
hxxp://cavxujux.cn
hxxp://voqnolux.cn

Known to have responded to the same malicious IP (60.191.221.123) are also the following malicious domains:
hxxp://vitsulob.cn
hxxp://jahnivub.cn
hxxp://wipviyub.cn
hxxp://gokbulac.cn
hxxp://bedqaqac.cn
hxxp://suvnuqac.cn
hxxp://wukcilec.cn
hxxp://lukbolec.cn
hxxp://juhfaqic.cn
hxxp://mixwiqic.cn
hxxp://qikloric.cn
hxxp://halgiyic.cn
hxxp://jocvoloc.cn
hxxp://gugmikad.cn
hxxp://zoqvulad.cn
hxxp://zokdoled.cn
hxxp://daxlated.cn
hxxp://cahnubid.cn
hxxp://cufxuhod.cn
hxxp://libsorod.cn
hxxp://vopqatod.cn
hxxp://cebvoyod.cn
hxxp://lansocud.cn
hxxp://zohpakud.cn
hxxp://hekwasud.cn
hxxp://niknuvud.cn
hxxp://meymuhaf.cn
hxxp://nigkojef.cn
hxxp://bazmoyef.cn
hxxp://roszadif.cn
hxxp://sapmofif.cn
hxxp://kudxodof.cn
hxxp://pefkipof.cn
hxxp://xoqresof.cn
hxxp://fipxevof.cn
hxxp://quyzeluf.cn
hxxp://xujyeruf.cn
hxxp://xenpikeg.cn
hxxp://tafwohig.cn
hxxp://kowtuhig.cn
hxxp://dinpisig.cn
hxxp://teryuvig.cn
hxxp://funcizig.cn
hxxp://ciytamog.cn
hxxp://jemsowog.cn 
hxxp://kiqzijug.cn
hxxp://pulfaxug.cn
hxxp://wojlabah.cn
hxxp://belzejah.cn
hxxp://pefdovah.cn
hxxp://xijsameh.cn
hxxp://racridih.cn
hxxp://rewfahih.cn
hxxp://vihxujih.cn
hxxp://qujvosih.cn
hxxp://figqacuh.cn
hxxp://xohmoluh.cn
hxxp://jicniwuh.cn
hxxp://kapxuraj.cn
hxxp://jubjavaj.cn
hxxp://bidkuqej.cn
hxxp://jarvixej.cn
hxxp://qinzidij.cn
hxxp://zagzafij.cn
hxxp://merjuwij.cn
hxxp://weqbujuj.cn
hxxp://gucdaluj.cn
hxxp://modxowuj.cn
hxxp://tobponak.cn
hxxp://tacjujek.cn
hxxp://fumliqek.cn
hxxp://wavfebik.cn
hxxp://xizqibik.cn
hxxp://focnigik.cn
hxxp://biqmipik.cn
hxxp://zowcoqik.cn
hxxp://fexsitik.cn
hxxp://qebdevik.cn
hxxp://xolkisok.cn
hxxp://kuqwuwok.cn
hxxp://gunwonuk.cn
hxxp://hewquvuk.cn
hxxp://gunbaqal.cn
hxxp://seysixal.cn
hxxp://zaymamel.cn
hxxp://weznohil.cn
hxxp://keczakil.cn
hxxp://wawberol.cn
hxxp://naftemul.cn
hxxp://sedbonam.cn
hxxp://velwapam.cn
hxxp://zinzutam.cn
hxxp://nudgixam.cn 
hxxp://mibpabem.cn
hxxp://yolbaqem.cn
hxxp://fogduqem.cn
hxxp://qawtotem.cn
hxxp://qalfusim.cn
hxxp://kocguwim.cn
hxxp://zishikom.cn
hxxp://kozpipom.cn
hxxp://loblahum.cn
hxxp://winbomum.cn
hxxp://jakmezum.cn
hxxp://taglolan.cn
hxxp://suznuwan.cn
hxxp://jekwazan.cn
hxxp://toxmijen.cn
hxxp://nikguzen.cn
hxxp://dedmewin.cn
hxxp://jebvuwun.cn
hxxp://tupsikap.cn
hxxp://dudsuzap.cn
hxxp://yessafep.cn
hxxp://danxenep.cn
hxxp://leklidip.cn
hxxp://duklimip.cn
hxxp://yevnurip.cn
hxxp://virrotip.cn
hxxp://lalyezop.cn
hxxp://jaztecup.cn
hxxp://gokbehup.cn
hxxp://cuqyirup.cn
hxxp://gajvizup.cn
hxxp://cahwikaq.cn
hxxp://xeqbelaq.cn
hxxp://xicbamaq.cn
hxxp://qofqoneq.cn
hxxp://givxuyeq.cn
hxxp://gonganiq.cn
hxxp://vijsoziq.cn
hxxp://bignijoq.cn
hxxp://jejroxoq.cn
hxxp://culfunuq.cn
hxxp://qevxayuq.cn
hxxp://merwosar.cn
hxxp://loxvafer.cn
hxxp://cawnamir.cn
hxxp://wocyorir.cn
hxxp://tokhador.cn
hxxp://yuznisor.cn
hxxp://vamtator.cn
hxxp://gojligur.cn
hxxp://vukqejur.cn
hxxp://fewxopur.cn
hxxp://wukwoxur.cn
hxxp://bavyoxur.cn
hxxp://jegdufas.cn
hxxp://rillefes.cn
hxxp://niwwages.cn
hxxp://comrames.cn
hxxp://rohfapes.cn
hxxp://lehredis.cn
hxxp://jepniwos.cn
hxxp://lexxedus.cn
hxxp://xuljuhus.cn
hxxp://levgepat.cn
hxxp://modhewet.cn
hxxp://kawlozet.cn
hxxp://bufsofit.cn
hxxp://gekloyit.cn
hxxp://tercifot.cn
hxxp://yughaqut.cn
hxxp://surfabav.cn
hxxp://yutbevav.cn
hxxp://mowvahev.cn
hxxp://tuwcexev.cn
hxxp://liqfimiv.cn
hxxp://pefxamuv.cn
hxxp://goqdexuv.cn
hxxp://fozlubaw.cn
hxxp://yuxcizaw.cn
hxxp://mevvubew.cn
hxxp://nuzzuhew.cn
hxxp://dibkicow.cn
hxxp://lobrakow.cn
hxxp://vuksirow.cn
hxxp://samnuvow.cn
hxxp://jizlotuw.cn
hxxp://buzgikax.cn
hxxp://jawcesax.cn
hxxp://qatvegex.cn
hxxp://gegfejex.cn
hxxp://cigxekex.cn
hxxp://kejjobox.cn
hxxp://yosbucox.cn
hxxp://kelmogox.cn
hxxp://jeqyuzox.cn
hxxp://jocxebux.cn
hxxp://tawcizux.cn
hxxp://kittokay.cn
hxxp://seryusay.cn
hxxp://nocbusey.cn
hxxp://semfihiy.cn
hxxp://xotgajiy.cn
hxxp://sarvujiy.cn
hxxp://gicmosiy.cn
hxxp://fulpaziy.cn
hxxp://cunzumoy.cn

Related malicious name servers known to have participated in the campaign:
hxxp://ns2.boostaroma.com - 110.52.6.252
hxxp://ns2.okultra.com
hxxp://ns2.swellfab.com
hxxp://ns2.shehead.com
hxxp://ns2.atbread.com
hxxp://ns2.treatglad.com
hxxp://ns2.plumbold.com
hxxp://ns2.callold.com
hxxp://up2.thicksend.com
hxxp://ns6.zestkind.com
hxxp://ns2.burnround.com
hxxp://ns2.witproud.com
hxxp://ns2.fizznice.com
hxxp://ns6.plusspice.com
hxxp://up2.humaneagree.com
hxxp://ns2.adorewee.com
hxxp://ns4.kindable.com
hxxp://ns2.prideable.com
hxxp://ns2.cuddlyhumble.com
hxxp://ns2.ablewhole.com
hxxp://ns2.quickwhole.com
hxxp://ns2.plumpwhole.com
hxxp://up2.begancome.com
hxxp://up2.sizeplane.com
hxxp://up2.colonytype.com
hxxp://ns6.prizeaware.com
hxxp://ns2.pridesure.com
hxxp://ns2.toophrase.com
hxxp://ns2.loyalrise.com
hxxp://up2.pathuse.com
hxxp://ns2.dimplechaste.com
hxxp://ns2.welltrue.com
hxxp://ns2.ziptrue.com
hxxp://ns2.silverwe.com
hxxp://ns2.calmprize.com
hxxp://ns2.firmrich.com
hxxp://ns2.activeinch.com
hxxp://ns2.cookmulti.com
hxxp://ns2.wellmoral.com
hxxp://ns2.peakswell.com
hxxp://ns2.posewill.com
hxxp://ns2.droolcool.com
hxxp://up2.cuddlypoem.com
hxxp://ns2.loyalcalm.com
hxxp://ns2.extolcalm.com
hxxp://ns2.radiothan.com
hxxp://up2.persontrain.com
hxxp://ns2.awardfun.com
hxxp://ns4.zealreap.com
hxxp://ns2.piousreap.com
hxxp://ns2.firstreap.com
hxxp://ns2.grandzap.com
hxxp://ns2.royalzap.com
hxxp://ns6.ablezip.com
hxxp://ns2.zapeager.com
hxxp://up2.blockfather.com
hxxp://ns2.breezycorner.com
hxxp://ns2.donewater.com
hxxp://ns2.listenflower.com
hxxp://ns2.dimplechair.com
hxxp://up2.yardcolor.com
hxxp://ns4.fizzleads.com
hxxp://up2.finestgrass.com
hxxp://ns2.prizebeats.com
hxxp://ns4.maxigreat.com
hxxp://ns2.flairtreat.com
hxxp://up2.tingleflat.com
hxxp://ns6.proudquiet.com
hxxp://ns2.morequiet.com
hxxp://ns2.droolplanet.com
hxxp://up2.giftedunit.com
hxxp://ns2.solarwit.com
hxxp://ns2.ropemeant.com
hxxp://ns2.paradiseobedient.com
hxxp://ns4.paradiseobedient.com
hxxp://up2.minealert.com
hxxp://ns4.spicyrest.com
hxxp://ns4.alertjust.com
hxxp://ns2.resttrust.com
hxxp://ns2.pagefew.com
hxxp://ns2.multiaglow.com
hxxp://ns2.objectallow.com
hxxp://ns2.alertwow.com
hxxp://ns2.alivejuicy.com
hxxp://ns2.restjuicy.com
hxxp://ns2.funcomfy.com
hxxp://ns2.solarcomfy.com
hxxp://ns2.prizetangy.com
hxxp://ns2.wholehappy.com
hxxp://ns2.prideeasy.com
hxxp://ns2.suddeneasy.com
hxxp://ns2.treatrosy.com
hxxp://ns2.earlytwenty.com

Related malicious domains known to have participated in the campaign:
hxxp://xiskizop.cn - 58.17.3.44; 60.191.239.189; 203.93.208.86 - hxxp://ns5.prizeaware.com; hxxp://ns1.grandzap.com; hxxp://ns3.alertjust.com

Related malicious domains known to have participated in the campaigns:
hxxp://xancefab.cn
hxxp://busgihab.cn
hxxp://putcojab.cn
hxxp://nizvonab.cn
hxxp://bulpapab.cn
hxxp://laztoqab.cn
hxxp://varsesab.cn
hxxp://pahdeheb.cn
hxxp://wiqponeb.cn
hxxp://rutfuseb.cn
hxxp://zacniyeb.cn
hxxp://beblelib.cn
hxxp://gahvosib.cn
hxxp://rigzowib.cn
hxxp://bacnaxib.cn
hxxp://pexyufob.cn
hxxp://sowgugob.cn
hxxp://buhbulob.cn
hxxp://ciybufub.cn
hxxp://xoddimub.cn
hxxp://nugtaqub.cn
hxxp://buvkuzub.cn
hxxp://fikqebac.cn
hxxp://pevremac.cn
hxxp://qokbasac.cn
hxxp://patmebec.cn
hxxp://kuntigec.cn
hxxp://jolcekec.cn
hxxp://wihjorec.cn
hxxp://fixruyec.cn
hxxp://gospozec.cn
hxxp://batrijic.cn
hxxp://rebzomic.cn
hxxp://loqrupic.cn
hxxp://diqhaqic.cn
hxxp://bohkoqic.cn
hxxp://beszesic.cn
hxxp://tuzhovic.cn
hxxp://hesyuvic.cn
hxxp://kovhewic.cn
hxxp://lufreyic.cn
hxxp://noxrazic.cn
hxxp://lefviboc.cn
hxxp://fodcuboc.cn
hxxp://pevhihoc.cn
hxxp://widlajoc.cn
hxxp://zocwoloc.cn
hxxp://janpupoc.cn
hxxp://mefbuqoc.cn
hxxp://hujqezoc.cn
hxxp://capjebuc.cn
hxxp://befqacuc.cn
hxxp://socjujuc.cn
hxxp://qivbiruc.cn
hxxp://tuxbaxuc.cn
hxxp://tidsuyuc.cn
hxxp://kapdacad.cn
hxxp://lagfagad.cn
hxxp://japtugad.cn
hxxp://bechumad.cn
hxxp://holceqad.cn
hxxp://bectusad.cn
hxxp://tabzuwad.cn
hxxp://rednezad.cn
hxxp://megzizad.cn
hxxp://forvafed.cn
hxxp://hojliged.cn
hxxp://fuxcexed.cn
hxxp://baxpuxed.cn
hxxp://lugjized.cn
hxxp://lewdozed.cn
hxxp://hiszedid.cn
hxxp://buyquhid.cn
hxxp://wovyokid.cn
hxxp://yojvimid.cn
hxxp://widxixid.cn
hxxp://yovxoxid.cn
hxxp://reywufod.cn
hxxp://hubzahod.cn
hxxp://qapzekod.cn
hxxp://falxalod.cn
hxxp://yiznunod.cn
hxxp://towqotod.cn
hxxp://loxlayod.cn
hxxp://rockozod.cn
hxxp://johmabud.cn
hxxp://muvyucud.cn
hxxp://vattehud.cn
hxxp://fuytejud.cn
hxxp://kenyilud.cn
hxxp://cibsarud.cn
hxxp://najsatud.cn
hxxp://xibwazud.cn
hxxp://laztafaf.cn
hxxp://piynosaf.cn
hxxp://yelpidef.cn
hxxp://yagtudef.cn
hxxp://levxifef.cn
hxxp://povxajef.cn
hxxp://hetbetef.cn
hxxp://hudvotef.cn
hxxp://hemfowef.cn
hxxp://coqvazef.cn
hxxp://yawhojif.cn
hxxp://muvcewif.cn
hxxp://xadgobof.cn
hxxp://baxwuhof.cn
hxxp://wijtekof.cn
hxxp://sknqikof.cn
hxxp://mussiqof.cn
hxxp://gegwasof.cn
hxxp://xangesof.cn
hxxp://wumdewof.cn
hxxp://hoqtayof.cn
hxxp://kiyvayof.cn
hxxp://cufdicuf.cn
hxxp://gotbucuf.cn
hxxp://gexzehuf.cn
hxxp://cepceluf.cn
hxxp://gepleluf.cn
hxxp://tefhosuf.cn
hxxp://xaqqivuf.cn
hxxp://wubfezuf.cn
hxxp://panrozuf.cn
hxxp://nadvofag.cn
hxxp://yawjehag.cn
hxxp://zeltimag.cn
hxxp://misgaqag.cn
hxxp://noxyaxag.cn
hxxp://sunluxag.cn
hxxp://bozhoceg.cn
hxxp://dawqefeg.cn
hxxp://locfemeg.cn
hxxp://mivlaneg.cn
hxxp://vaqxiseg.cn
hxxp://gesyateg.cn
hxxp://kumweteg.cn
hxxp://jefpaveg.cn
hxxp://lilyegig.cn
hxxp://janweqig.cn
hxxp://diwjusig.cn
hxxp://sohmiwig.cn
hxxp://rimmazig.cn
hxxp://tirpedog.cn
hxxp://jamguhog.cn
hxxp://bejfakog.cn
hxxp://bebyolog.cn
hxxp://kixmamog.cn
hxxp://tofyeqog.cn
hxxp://kojxuqog.cn
hxxp://puqtabug.cn
hxxp://suszibug.cn
hxxp://ciwracug.cn
hxxp://nahbugug.cn
hxxp://gaygokug.cn
hxxp://seygoqug.cn
hxxp://helqasug.cn
hxxp://tockesug.cn
hxxp://jipqevug.cn
hxxp://rewnowug.cn
hxxp://nazxefah.cn
hxxp://hofkagah.cn
hxxp://coszegah.cn
hxxp://vojyojah.cn
hxxp://nihwalah.cn
hxxp://yojzatah.cn
hxxp://buvsutah.cn
hxxp://hulgadeh.cn
hxxp://nibzofeh.cn
hxxp://xickeqeh.cn
hxxp://kapmereh.cn
hxxp://regyaveh.cn
hxxp://lizpazeh.cn
hxxp://lujpobih.cn
hxxp://xozyecih.cn
hxxp://telhetih.cn
hxxp://dussadoh.cn
hxxp://lerbenoh.cn
hxxp://yokveqoh.cn
hxxp://hafgoqoh.cn
hxxp://gagkiroh.cn
hxxp://teftebuh.cn
hxxp://fitsofuh.cn
hxxp://ziwvomuh.cn
hxxp://fazlenuh.cn
hxxp://gazkinuh.cn
hxxp://dutmivuh.cn
hxxp://zukdayuh.cn
hxxp://busgayuh.cn
hxxp://nohpobaj.cn
hxxp://qusdumaj.cn
hxxp://wizdaqaj.cn
hxxp://wuwbeqaj.cn
hxxp://girzidej.cn
hxxp://vespifej.cn
hxxp://ceszegej.cn
hxxp://juqbumej.cn
hxxp://xuxmanej.cn

Related malicious name servers known to have participated in the campaign:
hxxp://ns1.quvzipda.com - 193.165.209.3
hxxp://ns1.syquskezaja.com
hxxp://ns1.mnysiwugpa.com
hxxp://ns1.uzfayxlob.com
hxxp://ns1.umkeihfub.com
hxxp://ns1.diethealthworld.com
hxxp://ns2.diethealthworld.com
hxxp://ns1.pillshopstore.com
hxxp://ns2.pillshopstore.com
hxxp://ns1.ixcopvudeg.com
hxxp://ns1.cuzatpih.com
hxxp://ns1.fondukoiwi.com
hxxp://ns1.zevmyxhyhl.com
hxxp://ns1.pecsletoil.com
hxxp://ns1.havputviwl.com
hxxp://ns1.icuhzapyl.com
hxxp://ns1.ollectimon.com
hxxp://ns1.calpuwhup.com
hxxp://ns1.miacohder.com
hxxp://ns1.rjycbaswes.com
hxxp://ns1.tlyldihkis.com
hxxp://ns2.bestfreepills.com
hxxp://ns2.storehealthpills.com
hxxp://ns1.medspillsdiscounts.com
hxxp://ns1.ribormolu.com
hxxp://ns1.sluxjagvyw.com
hxxp://ns1.marttabletsrx.com
hxxp://ns1.zirremeaby.com
hxxp://ns1.xioduvvejy.com
hxxp://ns1.tmypheatvy.com
hxxp://ns1.zurmeigguz.com
hxxp://ns1.pendyxconvam.net
hxxp://ns1.mevkybmomu.net
hxxp://ns1.wutvymnu.net
hxxp://ns1.atquackephix.net
hxxp://ns1.gneqwyapuz.net
hxxp://ns1.az6.ru
hxxp://ns1.compmegastore.ru
hxxp://ns1.wearcompstore.ru
hxxp://ns1.compnetstore.ru
hxxp://ns1.seaportative.ru
hxxp://ns1.webshopmag.ru
hxxp://ns2.webshopmag.ru
hxxp://ns1.markettradersmag.ru
hxxp://ns1.storeonlinecomp.ru
hxxp://ns1.livingmagcomp.ru
hxxp://ns1.magcompdirect.ru
hxxp://ns1.storemycompdirect.ru

Related malicious domains known to have participated in the campaigns:
hxxp://hyuljavmyca.com - 212.174.200.111
hxxp://rjiofnida.com
hxxp://lubetokbufa.com
hxxp://homhylvega.com
hxxp://syquskezaja.com
hxxp://kriwmikib.com
hxxp://rhuwcugniob.com
hxxp://fonrasetlid.com
hxxp://rycnyrfikre.com
hxxp://tonlijwe.com
hxxp://mefcyqwef.com
hxxp://lorcowurayf.com
hxxp://ubeuhroqug.com
hxxp://fadjybzih.com
hxxp://ghaknikfehi.com
hxxp://ksoknadsi.com
hxxp://fondukoiwi.com
hxxp://reixvyklick.com
hxxp://qworjulnenk.com
hxxp://svozquzrel.com
hxxp://pecsletoil.com
hxxp://havputviwl.com
hxxp://pendyxconvam.com
hxxp://whapzintaon.com
hxxp://ollectimon.com
hxxp://japyebawn.com
hxxp://xovtemfajo.com
hxxp://shymumoufjo.com
hxxp://calpuwhup.com
hxxp://iescehqucr.com
hxxp://thepillcorner.com
hxxp://kvirincyofr.com
hxxp://iecoqwecs.com

hxxp://syquskezaja.com - 200.204.57.187
hxxp://cuzatpih.com
hxxp://ollectimon.com
hxxp://sluxjagvyw.com
hxxp://xioduvvejy.com
hxxp://nravsaelvi.net
hxxp://pendyxconvam.net
hxxp://mevkybmomu.net
hxxp://atquackephix.net
hxxp://gneqwyapuz.net

Related malicious domains known to have participated in the campaign:
hxxp://tovpuveb.cn
hxxp://risregib.cn
hxxp://sapwopub.cn
hxxp://kutwuzub.cn
hxxp://dijmigac.cn
hxxp://davzunic.cn
hxxp://cuwlicoc.cn
hxxp://hinkizad.cn
hxxp://tiwkicid.cn
hxxp://giddehid.cn
hxxp://qehmujid.cn
hxxp://jadyoxid.cn
hxxp://yipxakud.cn
hxxp://qophepud.cn
hxxp://nawfusud.cn
hxxp://xohpebaf.cn
hxxp://yilqobaf.cn
hxxp://gelkinef.cn
hxxp://zigconef.cn
hxxp://vasgotef.cn
hxxp://gitmufif.cn
hxxp://pujxatof.cn
hxxp://tagcafuf.cn
hxxp://joywehuf.cn
hxxp://xoggunuf.cn
hxxp://pezpipuf.cn
hxxp://gugfequf.cn
hxxp://kattowuf.cn
hxxp://rosmicag.cn
hxxp://nagnuteg.cn
hxxp://fohjedig.cn
hxxp://hijderig.cn
hxxp://dittomog.cn
hxxp://zubwefah.cn
hxxp://fodpohah.cn
hxxp://sehviwah.cn
hxxp://hifkuneh.cn
hxxp://bidfecih.cn
hxxp://wuxmulih.cn
hxxp://beqwacoh.cn
hxxp://qukvimoh.cn
hxxp://vasxavoh.cn
hxxp://salxaxoh.cn
hxxp://labyocaj.cn
hxxp://zigxadij.cn
hxxp://hixkanij.cn
hxxp://zixkitoj.cn
hxxp://zijzoguj.cn
hxxp://yiwzuluj.cn
hxxp://survuruj.cn
hxxp://feftuqak.cn
hxxp://ziscawak.cn
hxxp://wacpowek.cn
hxxp://segjinuk.cn
hxxp://viqfizuk.cn
hxxp://qawgegal.cn
hxxp://loqfogal.cn
hxxp://sihwohal.cn
hxxp://babtakal.cn
hxxp://nagnemel.cn
hxxp://ribwegil.cn
hxxp://watpiyil.cn
hxxp://goxmabul.cn
hxxp://siwkecul.cn
hxxp://selzimul.cn
hxxp://qakwivul.cn
hxxp://bedvuyul.cn
hxxp://fiddozul.cn
hxxp://joldokim.cn
hxxp://foztokim.cn
hxxp://woklahum.cn
hxxp://gavsanum.cn
hxxp://kejrupum.cn
hxxp://hagjatum.cn
hxxp://xumfuzum.cn
hxxp://mafcocan.cn
hxxp://geqkedan.cn
hxxp://fumhasan.cn
hxxp://zosqinen.cn
hxxp://nonzinen.cn
hxxp://tahyedin.cn
hxxp://niyyurin.cn
hxxp://wokmison.cn
hxxp://nekmerun.cn
hxxp://gebzevun.cn
hxxp://dizxohap.cn
hxxp://wirzovap.cn
hxxp://cobyizip.cn
hxxp://sokwimop.cn
hxxp://digjipop.cn
hxxp://qagtohup.cn
hxxp://wodkepaq.cn
hxxp://kuqqavaq.cn
hxxp://vogyafeq.cn
hxxp://qokyaziq.cn
hxxp://gelmaloq.cn
hxxp://rikxeduq.cn
hxxp://mifzoyuq.cn
hxxp://jitmekar.cn
hxxp://zedbeper.cn
hxxp://qoyrifir.cn
hxxp://rerbogir.cn
hxxp://nexyutir.cn
hxxp://yuvwobor.cn
hxxp://raddijor.cn
hxxp://rehciror.cn
hxxp://jowqasor.cn
hxxp://wotrisor.cn
hxxp://tinselur.cn
hxxp://sacvakes.cn
hxxp://xonlefis.cn
hxxp://sehwukos.cn
hxxp://torxupos.cn
hxxp://yujzidus.cn
hxxp://dejzezat.cn
hxxp://gunjivet.cn
hxxp://hecfocav.cn
hxxp://yuxdiqav.cn
hxxp://guysogiv.cn
hxxp://tebziniv.cn
hxxp://dedsupov.cn
hxxp://genwsxov.cn
hxxp://xaycozuv.cn
hxxp://fojgoraw.cn
hxxp://suwsozaw.cn
hxxp://hudwuhew.cn
hxxp://momzuhew.cn
hxxp://pibwokiw.cn
hxxp://lacfimiw.cn
hxxp://jubduriw.cn
hxxp://talcuviw.cn
hxxp://xavgubow.cn
hxxp://zovcofow.cn
hxxp://qopzubax.cn
hxxp://dogqodax.cn
hxxp://jimjakax.cn
hxxp://ricnafex.cn
hxxp://nadlewex.cn
hxxp://mokcegox.cn
hxxp://getkixox.cn
hxxp://wucpulux.cn
hxxp://dalpobay.cn
hxxp://refhagay.cn
hxxp://jusyadey.cn
hxxp://reqpijey.cn
hxxp://vebzaqiy.cn
hxxp://sejtogoy.cn
hxxp://yecnaquy.cn
hxxp://xufguyuy.cn
hxxp://puktunaz.cn
hxxp://zaztuvaz.cn
hxxp://sixbufiz.cn
hxxp://nofdowiz.cn
hxxp://cuvxoqoz.cn
hxxp://yugkiwuz.cn

Related malicious domains known to have participated in the campaign:
hxxp://columnultra.com - 58.17.3.41
hxxp://milkhold.com
hxxp://eagerboard.com
hxxp://yesonlynoun.com
hxxp://differdo.com
hxxp://seemlykeep.com
hxxp://seemnear.com
hxxp://modernbut.com

Related malicious domains known to have participated in the campaign:
hxxp://litgukab.cn
hxxp://xojyupab.cn
hxxp://ritlarab.cn
hxxp://qeqyukeb.cn
hxxp://fedpijib.cn
hxxp://xumlodob.cn
hxxp://kozgewob.cn
hxxp://fajnahec.cn
hxxp://nedsicic.cn
hxxp://hertuqic.cn
hxxp://linrudoc.cn
hxxp://gilqufuc.cn
hxxp://lijwituc.cn
hxxp://loqbaxuc.cn
hxxp://camxezuc.cn
hxxp://foyxolad.cn
hxxp://bapvusad.cn
hxxp://wokmeyad.cn
hxxp://yizqosed.cn
hxxp://vivwiwef.cn
hxxp://percaqof.cn
hxxp://cepceluf.cn
hxxp://paqhizuf.cn
hxxp://vorvivag.cn
hxxp://maynixeg.cn
hxxp://mujyumig.cn
hxxp://coyrekog.cn
hxxp://xetvetih.cn
hxxp://mugyujuh.cn
hxxp://supsizuh.cn
hxxp://bixtakaj.cn
hxxp://lanmixej.cn
hxxp://worxezej.cn
hxxp://tikgepij.cn
hxxp://yatsanak.cn
hxxp://tucgosak.cn
hxxp://hihnuwak.cn
hxxp://qilfadek.cn
hxxp://zibsitik.cn
hxxp://xetmojok.cn
hxxp://yelsecuk.cn
hxxp://confowuk.cn
hxxp://pozzoxuk.cn
hxxp://savhixal.cn
hxxp://nudtaqel.cn
hxxp://keptavol.cn
hxxp://berqufam.cn
hxxp://wuqrulam.cn
hxxp://goftiwam.cn
hxxp://vowcajem.cn
hxxp://rizfinim.cn
hxxp://jetgekom.cn
hxxp://letjucun.cn
hxxp://wivwiqap.cn
hxxp://duccesap.cn
hxxp://zamyisap.cn
hxxp://ranpovep.cn
hxxp://kucdawep.cn
hxxp://limjapip.cn
hxxp://ciggecop.cn
hxxp://ziybelop.cn
hxxp://yakquyeq.cn
hxxp://borremiq.cn
hxxp://vuzwesuq.cn
hxxp://rosvocor.cn
hxxp://hakdugas.cn
hxxp://kabmebes.cn
hxxp://purhuves.cn
hxxp://gopmocis.cn
hxxp://cabziqis.cn
hxxp://pomzonos.cn
hxxp://zojvapus.cn
hxxp://nobfemat.cn
hxxp://ritcubav.cn
hxxp://bibbikev.cn
hxxp://daslulev.cn
hxxp://naczoduv.cn
hxxp://betjoqiw.cn
hxxp://yoqlamow.cn
hxxp://jawjeqow.cn
hxxp://zijmivuw.cn
hxxp://dupqozuw.cn
hxxp://fatnudax.cn
hxxp://defrogax.cn
hxxp://kalyahax.cn
hxxp://toztipax.cn
hxxp://gecfopax.cn
hxxp://wuqzubex.cn
hxxp://hexpadix.cn
hxxp://luhnukox.cn
hxxp://vecbibey.cn
hxxp://dimgecey.cn
hxxp://fammuvey.cn
hxxp://zepfabiy.cn
hxxp://gewvamiy.cn
hxxp://pekzariy.cn
hxxp://pixkinaz.cn
hxxp://mecqulez.cn
hxxp://yubreliz.cn
hxxp://juvmeriz.cn
hxxp://mafcixiz.cn
hxxp://butlezoz.cn
hxxp://xisqapuz.cn
hxxp://jihkohab.cn
hxxp://litgukab.cn
hxxp://xojyupab.cn
hxxp://ritlarab.cn
hxxp://qancabeb.cn
hxxp://xaqkabeb.cn
hxxp://qeqyukeb.cn
hxxp://bobhoneb.cn
hxxp://fedpijib.cn
hxxp://kozgewob.cn
hxxp://mirlacub.cn
hxxp://jokrogub.cn
hxxp://qupbihac.cn
hxxp://viqnijac.cn
hxxp://bucdawac.cn
hxxp://latzoyac.cn
hxxp://ferkogec.cn
hxxp://qujqugec.cn
hxxp://fajnahec.cn
hxxp://saybilec.cn
hxxp://yaxxosec.cn
hxxp://nedsicic.cn
hxxp://cimhijic.cn
hxxp://hertuqic.cn
hxxp://linrudoc.cn
hxxp://mahhekoc.cn
hxxp://pegvijuc.cn
hxxp://camxezuc.cn
hxxp://kossehad.cn
hxxp://bapvusad.cn
hxxp://coffebed.cn
hxxp://xadjeqid.cn
hxxp://pehxarid.cn
hxxp://maknohod.cn
hxxp://yujhaqod.cn
hxxp://vevteyod.cn
hxxp://rinmumud.cn
hxxp://xuldeyud.cn
hxxp://fedrujaf.cn
hxxp://nugnosaf.cn
hxxp://koxpelef.cn
hxxp://tecyatef.cn
hxxp://hemfowef.cn
hxxp://pavlegif.cn
hxxp://percaqof.cn
hxxp://sizkeyof.cn
hxxp://zugkucuf.cn
hxxp://rijhuhuf.cn
hxxp://cepceluf.cn
hxxp://paqhizuf.cn
hxxp://xowjicag.cn
hxxp://dofpalag.cn
hxxp://hujrulag.cn
hxxp://maxtayag.cn
hxxp://qekvoceg.cn
hxxp://vazwureg.cn
hxxp://pilpuweg.cn
hxxp://wedruweg.cn
hxxp://cexkezeg.cn
hxxp://mujyumig.cn
hxxp://wintabog.cn
hxxp://nuzmohog.cn
hxxp://coyrekog.cn
hxxp://tubvuxog.cn
hxxp://zavdahug.cn
hxxp://yukpikug.cn
hxxp://muwsikeh.cn
hxxp://pecculeh.cn
hxxp://rafniteh.cn
hxxp://nukfijih.cn
hxxp://xetvetih.cn
hxxp://tikbacoh.cn
hxxp://zikwufuh.cn
hxxp://mugyujuh.cn
hxxp://hijbumuh.cn
hxxp://wubxayuh.cn
hxxp://quntoyuh.cn
hxxp://supsizuh.cn
hxxp://techegaj.cn
hxxp://bixtakaj.cn
hxxp://wuwbeqaj.cn
hxxp://caqhiqaj.cn
hxxp://lijzarej.cn
hxxp://lanmixej.cn
hxxp://jutzuzej.cn
hxxp://betkawij.cn
hxxp://mumrojoj.cn
hxxp://wulkukoj.cn
hxxp://selqetuj.cn
hxxp://zuvbowuj.cn
hxxp://sevpohak.cn
hxxp://qusvilak.cn
hxxp://qowrirak.cn
hxxp://tucgosak.cn
hxxp://bajhukek.cn
hxxp://qeyzecik.cn
hxxp://pijridik.cn
hxxp://yecgajik.cn
hxxp://tovboqik.cn
hxxp://sirrotik.cn
hxxp://pomzexik.cn
hxxp://nopvafok.cn
hxxp://xetmojok.cn
hxxp://fuqzuxok.cn
hxxp://xajkimuk.cn
hxxp://confowuk.cn
hxxp://pozzoxuk.cn
hxxp://vufmikal.cn
hxxp://korkusal.cn
hxxp://yasdaxal.cn
hxxp://nibnupel.cn
hxxp://nudtaqel.cn
hxxp://zivwirel.cn
hxxp://facjacil.cn
hxxp://qaqdidil.cn
hxxp://zirmidil.cn
hxxp://pivteqil.cn
hxxp://mutzomol.cn
hxxp://bahfosol.cn
hxxp://kajvatol.cn
hxxp://keptavol.cn
hxxp://mevvuqul.cn
hxxp://berqufam.cn
hxxp://zihwujam.cn
hxxp://jormofem.cn
hxxp://vowcajem.cn
hxxp://yawyibim.cn
hxxp://mibyumim.cn
hxxp://pabfakom.cn
hxxp://jetgekom.cn
hxxp://xolkizom.cn
hxxp://mujsikum.cn
hxxp://moynukan.cn
hxxp://ranfelan.cn
hxxp://kayjamen.cn
hxxp://kudcedon.cn
hxxp://getwison.cn
hxxp://givjivon.cn
hxxp://faykirun.cn
hxxp://zebxaxun.cn
hxxp://coclecap.cn
hxxp://texnipap.cn
hxxp://humyipap.cn
hxxp://duccesap.cn
hxxp://zamyisap.cn
hxxp://lunyicep.cn
hxxp://ranpovep.cn
hxxp://yifkebip.cn
hxxp://yiryemip.cn
hxxp://mowmoqip.cn
hxxp://wozhihop.cn
hxxp://mefrexop.cn
hxxp://qidyubup.cn
hxxp://qidjohup.cn
hxxp://lotjolup.cn
hxxp://dirdotup.cn
hxxp://memqowaq.cn
hxxp://civvufeq.cn
hxxp://bobfiliq.cn
hxxp://borremiq.cn
hxxp://singuroq.cn
hxxp://qudjuvoq.cn
hxxp://vuzwesuq.cn
hxxp://nuvmotuq.cn
hxxp://zohcidar.cn
hxxp://rentumar.cn
hxxp://fipzaqar.cn
hxxp://siqcatar.cn
hxxp://sagvitar.cn
hxxp://luqsiger.cn
hxxp://zuyxewer.cn
hxxp://jagnuyer.cn
hxxp://ruhbulir.cn
hxxp://sityeyir.cn
hxxp://rosvocor.cn
hxxp://julxapor.cn
hxxp://rixlupur.cn
hxxp://jutfisur.cn
hxxp://fabmotur.cn
hxxp://bukpuzur.cn
hxxp://pozsigas.cn
hxxp://hakdugas.cn
hxxp://lokzihas.cn
hxxp://mukkebes.cn
hxxp://mijpedes.cn
hxxp://conzakes.cn
hxxp://fodbemes.cn
hxxp://maqpumes.cn
hxxp://purhuves.cn
hxxp://hohgibis.cn
hxxp://kezyubis.cn
hxxp://gopmocis.cn
hxxp://soqsedis.cn
hxxp://defdoris.cn
hxxp://pomzonos.cn
hxxp://lanhovus.cn

We'll continue monitoring the campaign and post updates as soon as new developments take place. Continue reading →

Historical OSINT - Yet Another Massive Blackhat SEO Campaign Spotted in the Wild Drops Scareware

It's 2010 and I've recently came across to a currently active malicious and fraudulent blackhat SEO campaign successfully enticing users into interacting with rogue and fraudulent scareware-serving malicious and fraudulent campaigns.

In this post I'll provide actionable intelligence on the infrastructure behind the campaign.

Related malicious domains known to have participated in the campaign:
hxxp://globals-advers.com
hxxp://alldiskscheck300.com
hxxp://multisearch1.com
hxxp://myfreespace3.com
hxxp://hottystars.com
hxxp://multilang1.com
hxxp://3gigabytes.com
hxxp://drivemedirect.com
hxxp://globala2.com
hxxp://teledisons.com
hxxp://theworldnews5.com
hxxp://virtualblog5.com
hxxp://grander5.com
hxxp://5starsblog.com
hxxp://globalreds.com
hxxp://global-advers.com
hxxp://ratemyblog1.com
hxxp://greatvideo3.com
hxxp://beginner2009.com
hxxp://fastwebway.com
hxxp://blazervips.com
hxxp://begin2009.com
hxxp://megatradetds0.com
hxxp://securedonlinewebspace.com
hxxp://proweb-info.com
hxxp://security-www-clicks.com
hxxp://updatedownloadlists.com
hxxp://styleonlyclicks.cn
hxxp://informationgohere.com
hxxp://world-click-service.com
hxxp://secutitypowerclicks.cn
hxxp://securedclickuser.cn/
hxxp://slickoverview.com
hxxp://viewyourclicks.com
hxxp://clickwww2.com
hxxp://clickadsystem.com
hxxp://becomepoweruser.cn
hxxp://clickoverridesystem.cn

Related malicious domains known to have participated in the campaign:
hxxp://protecteduser.cn
hxxp://internetprotectedweb.com/
hxxp://clicksadssystems.com
hxxp://whereismyclick.cn
hxxp://trustourclicks.cn
hxxp://goldenstarclick.cn
hxxp://defendedsystemuser.cn

Related malicious domains known to have participated in the campaign:
hxxp://drivemedirect.com
hxxp://virtualblog5.com
hxxp://fastwebway.com

We'll continue monitoring the campaign and post updates as soon as new developments take place. Continue reading →