Announcing Law Enforcement and OSINT Intelligence Operation "Uncle George" - Join Me Today! - Part Two

Dear blog readers,

I wanted to let you know that I've been spending more time doing active Security Industry outreach in terms of the 2019 Cybercrime Forum Data Set and that I've already started working with several vendors in terms of possible OSINT enrichment and actual processing of the data.

Perfect timing to say thanks to Ilya Timchenko and McAfee for actually reaching out and managing to process the following artifacts from the actual Data Set which I've decided to publicly share with everyone who reaches out and expresses interest in working with me on the Data Set with the idea to possibly assist the Security Community and Law Enforcement in terms of tracking down the individuals behind these campaigns and actually shutting them down.

Possible Personally Identifiable Artifacts Found in the Actual Data Set Include:

• Cybercriminal Cryptocurrency Addressess
• Cybercriminal Emails
• Cybercriminal ICQ Numbers
• Cybercriminal Phone Numbers
• Cybercriminal QQ IDs
• Cybercriminal Telegram IDs/Telegram IDs
• Cybercriminal Dark Web Onion Addresses
• Cybercriminal Viber Accounts
• Cybercriminal VK Accounts
• Cybercriminal XMPP Accounts

Including the following massive update courtesy of me including all the publicly obtainable Email Addresses obtained from the 2019 Cybercrime Forum Data Set including all the publicly obtainable IP Addresses obtained from the 2019 Cybercrime Forum Data Set which appear to be mostly Socks4/Socks5 and publicly accessible compromised hosts used for "island-hopping" tactics.

I'll be posting an updated set of analysis and data regarding the currently ongoing Law Enforcement and OSINT Intelligence Operation "Uncle George" anytime soon.

Approach me at ddanchev@cryptogroup.net in case you're interested in working with me on this project or want to obtain access to the actual Data Set for possible OSINT enrichment and research purposes.

Stay tuned! Continue reading →

Announcing New Hacking Security and Hacktivism-Themed Online Forum Community! Join me Today!

 

Dear blog readers,

I've recently launched an extremely popular and comprehensive Hacking and Security possibly Hacktivism-Themed Online Forum Community called "Security is Futile" using the extremely popular PlushForums Platform consisting of over 193 Hacking and Security Topic Categories.

The initial idea behind launching the community is to spread data information and knowledge and to provoke discussion into various hot Hacking and Security topics including to solicit high-profile VIP Hacker and Security Experts to actually join the community and contribute with content.

Official "Security is Futile!" Hacking and Security Forum Community URL:

https://forums.offensive-warfare.com

Stay tuned!

Continue reading →

g0t Bitcoin? - Part Two

Dear blog readers,

I wanted to let you know that I've recently changed to a permanent Dark Web Onion address - for my Cybertronics - Virtual Reality Social Network for Hackers and Security Experts where I'm currently soliciting Bitcoin donations for the purpose of launching the project in January, 2020.

Got Bitcoin? Consider visiting the Dark Web Onion and making a donation today and stay tuned for the upcoming updates and actual launch of the project in January, 2020 - http://lkzihepprlhxtvbutjedoazbsqd4avmifhpjms3zuq7itceiu4qajwad.onion/

Stay tuned!
Continue reading →

Join me on Medium!

Dear blog readers,

I wanted to let everyone know that I've recently joined Medium and that I intend to post a variety of editorial type of articles on a daily basis including the fact that I was recently featured as a Top Writer in Privacy.

Missing the editorial? Consider going through my old ZDNet Zero Day Blog content archive including the following recently published editorial type of articles on Medium:

• Assessing U.S Military Cyber Operational Capabilities to Counter Pro-ISIS Internet Infrastructure
• My Involvement in the Top Secret GCHQ “Lovely Horse” Program and the Existence of the Karma Police
• Kaspersky’s Antivirus Products the NSA and U.S National Security — An Analysis
• Assessment of U.S Intelligence Community Cyber Surveillance Programs and Tradecraft — Part One
• How the NSA utilized Iranian Cyber Proxies To Participate in the BOUNDLESS INFORMANT Program?
• Exposing GCHQ’s Top Secret “GORDIAN KNOT” Cyber Defense Sensor Program — An Analysis
• Exposing GCHQ’s URL-Shortening Service and Its Involvement in Iran’s 2009 Election Protests

Stay tuned! Continue reading →

Dancho Danchev's Twitter Account - 2010 - Direct Download Link - Historical OSINT

Dear blog readers,

Takes you back doesn't it? I've decided to share with you a direct download link of my old Twitter account for you to download and go through and to say big thanks to everyone who's been keeping in touch with me throughout 2008-2013 including actual research work and related research inquiries.

Consider going through the archive and catching up with some of my research circa 2010-2014 and approach me - ddanchev@cryptogroup.net with your feedback or just to say hi in case you remember some of the research which I used to publish back then.

Stay tuned! Continue reading →

Official World Hacker Global Domination Group (WHGDG) Dark Web Onion Launch!

Dear blog readers,

I've been spending more time on the Dark Web these days including the active launching of a second Dark Web Onion and the official launch of the World Hacker Global Domination Group (WHGDG) which is basically a Call for Papers Call for Participation and Call for Innovation request on behalf of me for the purpose of reaching out to the U.S Intelligence Community as an independent contractor for the purpose of presenting and eventually getting funding for a variety of commercial cyber security and hacking including Threat Intelligence and Offensive Cyber Warfare Projects including the active recruitment of new members.

Check out the Official Dark Web Onion:
http://nexvibpe4xszfx4cp2jldkdyhnjnah5qnckoagoiry3vpyv5eheh55id.onion/ and don't forget to visit Cybertronics - Virtual Reality Social Network for Hackers and Cyber Security Experts Bitcoin-accepting Project - http://ca7brwpxmnbssdoh4dfoijyr7zwetob74x3berlvmeekhmkt7zcjdjqd.onion/ and donate today!

How you can participate?

• Visit the Dark Web Onion and go through the Call for Participation Call for Papers and Call for Innovation and approach me at ddanchev@cryptogroup.net in case you believe that you can contribute with knowledge data and expertise including the technical "know-how" to participate in any of the Key Points mentioned in the Dark Web Onion

Stay tuned for a major Web Site update by the end of the week including the production of an extremely popular Security Podcast Security Vlog and an additional set of never-published before possibly classified and sensitive Technical Data and Cyber Security and Hacking resources.

Enjoy! Continue reading →

New Cybertronics - VR for Hackers and Security Experts Dark Web Onion Address

Dear blog readers,

I wanted to let everyone know that I've recently changed the official Dark Web Onion address for my Cybertronics - VR for Hackers and Security Experts Project including the actual Bitcoin donation address.

G0t Bitcoin? Consider going through the project proposal today - http://lkzihepprlhxtvbutjedoazbsqd4avmifhpjms3zuq7itceiu4qajwad.onion/ including to make a possible Bitcoin donation using the following Bitcoin Address: 3J8Jt7XCBGtCL6XRLTWhKfRQBmhhqGs4aP

I wanted to say a big thanks to everyone who approached me in terms of the project including to actually make a donation. The official schedule release is scheduled for January, 2020 and I'll make sure to keep everyone posted on current and future project updates.

Stay tuned! Continue reading →

Exposing Russia's Most Wanted Cybercriminals - An OSINT Analysis

Continue reading →

Dancho Danchev's Primary Contact Points - 2019

Dear blog readers, in this post I'll provide and feature my primary contact points for 2019 in order for you to approach me regarding possible research feedback research requests job career opportunities and possible event presentations.

Users interested in approaching me regarding a possible participation in classified or sensitive projects including possible job career opportunities and Threat Data access requests can approach me at - dancho.danchev@hush.com

Looking forward to hearing from you!

Enjoy! Continue reading →

New Commercial Security Research OSINT Cybercrime Research and Threat Intelligence Gathering Services Portfolio Available On Demand!

Dear blog readers,

I wanted to let everyone know of a currently active commercial portfolio of services that I'm publicly offering for the purpose of reaching out to colleagues and friends including companies vendors and organizations who might be interested in working with me for the purpose of obtaining access to never-published before Security Research analysis reports briefs podcasts and various other commercially obtainable virtual and cyber assets that you and your organization can take advantage of.

Approach me at - dancho.danchev@hush.com today to discuss!

Key Commercial Services that I'm currently offering include:

• Security Services
• OSINT Services
• Hacking Services
• Intelligence Services
• Geopolitical Services

Including the following commercial services available on Patreon Community:

• Real-Time Security Consultation
• Security Newsletter
• Cybercrime Blog Post
• Security Podcast
• Malware Analysis
• Threat Intelligence Analysis
• Security Workshop
• OSINT Analysis
• Geopolitical Analysis
• Threat Actor Profiling
• National Security Analysis
• Cyber Jihad Analysis
• Dark Web Intelligence and OSINT Analysis
• Security Presentation
• Cyber Security Business Development
• Red Team Penetration Testing Assessment
• Blue Team Penetration Testing Assessment
• Target of Opportunity Targeting
• Cybercrime Forum Monitoring
• Underground Chatter Monitoring
• Network Deception Consultation
• Military Scenario Building
• Cyber Warfare Scenario Building
• OSINT Enrichment and Data Mining
• Cyber Warfare Program Estimation
• Weapons System Analysis
• Cyber SIGINT and Cyber Assets Discovery

Stay tuned! Continue reading →

Announcing Law Enforcement and OSINT Intelligence Operation "Uncle George" - Join Me Today!

This summary is not available. Please click here to view the post. Continue reading →

Historical OSINT - Gmail's CAPTCHA Under Fire

http://www.castlecops.com/t192663-http_69_61_99_66_3_php.html
http://www.robtex.com/cnet/208.72.168.html

http://www.secureworks.com/research/threats/ozdok/?threat=ozdok
aaauaa.info - same netblock

faq.890m.com

208.72.168.140 8181
http://threatexpert.com/reports.aspx?find=208.72.168.40

208.72.168.40 on port 533

http://threatexpert.com/reports.aspx?find=208.72.168

208.72.168.40/404.txt
208.72.168.40/cr.dat

Result: 22/28 (78.58%) Trojan.Proxy.Saturn.F
File size: 36864 bytes
MD5: 49e23bdba56e0a52578341181b4faf7b
SHA1: 50fb2726dec1efb15723d93db8dce1a60df676a5

208.72.169.54
208.72.169.55
208.72.169.15
208.72.168.52
208.72.168.97
208.72.169.15
208.72.168.164
208.72.168.76

centerkras-tv.tv
iloveeverybody.kz
iloveeverybody.tj
lansetcommunication.info
lansetcommunication.biz
lanset2007.com
centerkras-tv.name
centerkras-tv.info
centerkras-tv.biz

vaznyjdomen.info
http://vaznyjdomen.info/affcgi/online.fcgi?20199:0
http://vaznyjdomen.info/gallery20199/xpsystem/rxs.ini.php
http://lyalyabum.info/affcgi/online.fcgi?20199:0
http://lyalyabum.info/gallery20199/xpsystem/rxs.ini.php
http://lohotronschik.info/affcgi/online.fcgi?20199:0
http://lohotronschik.info/gallery20199/xpsystem/rxs.ini.php
http://lyalyabum.info/affcgi/try.fcgi?20199
http://vaznyjdomen.info/affiliate/interface3.php?userid=20199
http://vaznyjdomen.info/affiliate/interface3.php?userid=20199
http://vaznyjdomen.info/affcgi/online.fcgi?20199:1
http://vaznyjdomen.info/xxmm.exe
http://lyalyabum.info/affcgi/online.fcgi?20199:1
http://lyalyabum.info/xxmm.exe
http://lohotronschik.info/affcgi/online.fcgi?20199:1
http://lohotronschik.info/xxmm.exe Continue reading →

Historical OSINT - Dancho Danchev's Media and News Coverage - 2008-2013

Dear blog readers I wanted to take the time and effort and summarize all the currently related news media articles referencing me and my research throughout the period - 2008-2013 and wanted to express my gratitude to everyone who approached me seeking my assistance in an upcoming news article including those who participated in the search for me circa 2010 and I wanted to let everyone know that users interested in approaching me regarding potential news stories including conference presentations and possible threat intell requests can approach me at disruptive.individuals@gmail.com

Stay tuned!

Research and News Articles covering my research and referencing me throughout - 2008:

• Russian hacker 'militia' mobilizes to attack Georgia
• Fraudsters Target Facebook With Phishing Scam 
• Fake Microsoft e-mail contains Trojan virus
• Hackers expand massive IFRAME attack to prime sites
• Hackers infiltrate Google searches
• Hackers expand massive IFrame attack to prime sites
• Hackers knocked Comcast.net offline
• Adobe investigates Flash Player attacks
• High-tech bank robbers phone it in
• Attackers booby-trap searches at top Web sites
• Carpet bombing networks in cyberspace
• Storm worm e-mail says U.S. attacked Iran
• India's underground CAPTCHA-breaking economy
• Domain Name Record Altered to Hack Comcast.net
• Google searchers could end up with a new type of bug
• Ongoing IFrame attack proving difficult to kill
• Hackers expand massive IFRAME attack to prime sites
• Danchev: The small pack Web malware exploitation kit
• Danchev: Massive SQL injection the Chinese way
• CAPTCHAs are dead - new research from Dancho Danchev confirms it
• Hackers infiltrate Google searches
• Massive faux-CNN spam blitz uses legit sites to deliver fake Flash
• Faked CNN spam blitz pushes fake Flash
• Danchev: Anti-fraud site DDOS attack
• Sony PlayStation site victim of SQL-injection attack
• Fake CNN Alert Still Spreading Malware
• Look Ma, I'm on CIA.gov

Research and News Articles covering my research and referencing me throughout - 2009:

• Green Dam exploit in the wild
• “In gaz we trust”: a fake Russian energy company facilitating cybercrime
• Don’t pay your ransom via SMS
• NYT scareware scam linked to click fraud botnet
• Danchev: A crimeware developer's to-do list
• Danchev rained on my scareware campaign
• Is “aggregate-and-forget” the future of cyber-extortion?
• NYT scareware scam linked to click fraud botnet
• Microsoft declares war on 'scareware'
• Don’t pay your ransom via SMS
• Twitter warms up malware filter
• What's really the safest Web Browser?
• With Unrest in Iran, Cyber-attacks Begin
• Zeus bot found using Amazon's EC2 as C&C server

Research and News Articles covering my research and referencing me throughout - 2010:

• Firefox add-on encrypts sessions with Facebook, Twitter
• Watch out for malware with those pretty Mac screensavers
• Months-old Skype vulnerability exploited in the wild
• Danchev: Money mule recruiters
• Cybercrime's bulletproof hosting exposed
• Malware Threatens to Sue BitTorrent Downloaders
• Firefox add-on encrypts sessions with Facebook, Twitter
• Chuck Norris Botnet Karate-chops Routers Hard

Research and News Articles covering my research and referencing me throughout - 2011:

• Kaspersky disputes McAfee's Shady Rat report
• Has EV-SSL Growth Been Slow?
• Report: Vishing Attack Targets Skype Users

Research and News Articles covering my research and referencing me throughout - 2012:

• Fake UPS notices deliver malware
• ZeuS/Zbot Trojan Spread Through Rogue US Airways Email
• New Skype malware threat reported: Poison Ivy
• Five Koobface botnet suspects named by New York Times
• Virtual jihad: How real is the threat?
• Is the death knell sounding for traditional antivirus?
• Can the Nuclear exploit kit dethrone Blackhole?
• Experts split over regulation for bounty-hunting bug sniffers
• Spammers Using Fake YouTube Notifications to Peddle Drugs
• Adele Bests Adderall As Affiliate Spammers Offer Music Downloads
• Bulgarian sleuth unveils botnet operators
• Fake PayPal Emails Distributing Malware
• Web Gang Operating in the Open
• ZeuS/Zbot Trojan Spread Through Rogue US Airways Email
• Buy 500 hacked Twitter accounts for less than a pint
• NBC.com Hacked, Infected With Citadel Trojan

Research and News Articles covering my research and referencing me throughout - 2013:

• How Much Does A Botnet Cost?
• Automated YouTube account generator offered to cyber crooks
• Upgraded Modular Malware Platform Released in Black Market
• Deconstructing the Al-Qassam Cyber Fighters Assault on US Banks
• NBC hack infects visitors in 'drive by' cyberattack
• Bitcoins are being traded for hack tools
• New DIY Google Dorks Based Hacking Tool Released
• Hacking The TDoS Attack
• Mass website hacking tool alerts to dangers of Google dorks
• Cybercrime service automates creation of fake scanned IDs
• Spammers unleash DIY phone number slurping web tool
• Spam email contains malware, not Apple gift card
• APT1, that scary cyber-Cold War gang: Not even China's best
• Mass website hacking tool alerts to dangers of Google dorks
• C&C PHP script for staging DDoS attacks sold on underground forums
• Russian Malware-as-a-Service Offers Up Server Rentals for $240 a Pop
• Java exploit kit sells for $40 per day
• Buggy DIY botnet tool leaks in black market
• New DIY Google Dorks Based Hacking Tool Released
• Botnets for rent, criminal services sold in the underground market
• Spam email contains malware, not Apple gift card

Continue reading →

Historical OSINT - Profiling a Currently Circulating Malicious and Fraudulent Spam Campaign

abrie.in
agros.in
alldh.in
alodh.in
anrio.in
antsd.in
aoxtv.in
appsd.in
aquui.in
arrie.in
arsdh.in
balsd.in
barui.in
bikey.in
bkpuo.in
bleui.in
brayx.in
broyx.in
brusd.in
bryhw.in
butui.in
butuo.in
butyx.in
cated.in
cedhw.in
chrie.in
chrio.in
cirui.in
clrio.in
cogoo.in
conuo.in
conyx.in
corie.in
curie.in
cusnv.in
czkey.in
degoo.in
dennv.in
dugoo.in
eagoo.in
eboyx.in
ecrio.in
ectuo.in
edbal.in
edban.in
ederc.in
ederm.in
edger.in
edimp.in
edois.in
elrio.in
enguo.in
eprio.in
eqrio.in
esrie.in
fakey.in
fegoo.in
fibnv.in
foryx.in
franv.in
fraos.in
garie.in
glouo.in
guinv.in
habsd.in
hecuo.in
hekey.in
humos.in
hygos.in
hyrie.in
imbos.in
intsd.in
ionnv.in
jamsd.in
jobos.in
kykey.in
latuo.in
leunv.in
linuo.in
liuyx.in
makey.in
moosd.in
naios.in
nvenc.in
oscog.in
osenc.in
oserr.in
osmac.in
osmot.in
ospor.in
ossce.in
ossio.in
ostab.in
ostac.in
ostio.in
ostom.in
ouned.in
purnv.in
pxdmx.in
ragew.in
rekey.in
relsd.in
retnv.in
saled.in
sated.in
scoos.in
sdali.in
sdall.in
sdayb.in
sdaye.in
sdayo.in
sdene.in
sdich.in
sdome.in
seedw.in
shkey.in
smoed.in
soted.in
spios.in
spkey.in
stteop.in
sunyx.in
sydos.in
teaed.in
thynv.in
ugiyx.in
uinei.in
uinge.in
uiren.in
uirin.in
uisap.in
uisee.in
uisma.in
uitem.in
uithi.in
uityp.in
uityr.in
varyx.in
veged.in
wakey.in
whasd.in
wimed.in
woonv.in
yokey.in
yxiac.in
yxial.in
yxiam.in
anrio.in
antsd.in
appsd.in
arsdh.in
barui.in
bkpuo.in
bleui.in
brayx.in
broyx.in
brusd.in
bryhw.in
butui.in
butuo.in
butyx.in
cirui.in
cogoo.in
conuo.in
conyx.in
cusnv.in
czkey.in
degoo.in
dugoo.in
ecrio.in
ectuo.in
ederm.in
edger.in
edimp.in
edois.in
elrio.in
enguo.in
eqrio.in
fibnv.in
glouo.in
habsd.in
hecuo.in
hekey.in
hygos.in
imbos.in
intsd.in
ionnv.in
jamsd.in
latuo.in
linuo.in
makey.in
oscog.in
oserr.in
osmac.in
osmot.in
ospor.in
ossce.in
ossio.in
ostab.in
ostac.in
ostio.in
ouned.in
purnv.in
pxdmx.in
rekey.in
relsd.in
retnv.in
scoos.in
sdali.in
sdome.in
shkey.in
spkey.in
sydos.in
thynv.in
ugiyx.in
uirin.in
uisap.in
uitem.in
uithi.in
uithi.in
uityp.in
uityr.in
varyx.in
wakey.in
yokey.in
yxiac.in
yxial.in
anrio.in
brayx.in
broyx.in
brusd.in
butuo.in
butyx.in
cogoo.in
conyx.in
eboyx.in
ederm.in
edois.in
foryx.in
liuyx.in
moosd.in
oserr.in
ossce.in
ostom.in
purnv.in
ragew.in
relsd.in
retnv.in
sdali.in
seedw.in
shkey.in
spkey.in
thynv.in
uitem.in
wakey.in
yxial.in Continue reading →