Microsoft Releases Its MSRC Researcher Recognition Program Award Winners - An Analysis

Microsoft has recently released its MSRC Researcher Recognition Program Award Winners that basically covers several key areas of vulnerability research categories that are basically targeting a variety of Microsoft-based online platforms products and services where the researchers directly contribute with their knowledge and know-how for the purpose of sharing actionable intelligence and actual PoC (Proof of  Concept) code that's basically capable of exploiting various vulnerabilities in various Microsoft products and services and actually earn a reward.

 

These internal bug-bounty and actual public and private sector including crowd-sourced vulnerability and research based programs actually help Microsoft on its way to secure its products and services while the company publicly offers researcher and contributor recognition which can greatly contribute to a researcher's portfolio of research services and actually help the company secure its products and services.

 

The company is prone to make an additional impact by publicly promoting the MSRC Researcher Recognition Program Award Winners including its active collaboration with TrendMicro's Zero Day Initiative.

 

The more the marrier.

 

Continue reading →

A Profile of a Bulgarian Kidnapper – Pavlin Georgiev (Павлин Георгиев/Васил Моев Гачевски/Явор Колев) – An Elaboration on Dancho Danchev’s Disappearance circa 2010 – An Analysis

Dear blog readers,

I've decided to let everyone know that following a successful kidnapping attempt and home molestation attempt which was successful using doctors and local police officers from the Bulgaria city of Troyan using corruption where I've lost approximately $85,000 due to home molestation and illegal doctor interference I'm about to submit an official complaint to Bulgaria's Ministry of Interior citing possible police officer crime and home molestation and illegal kidnapping attempt which was illegal and was using my stolen ID from my place where I was dragged out of my place with force by three local police officers from the Bulgaria town of Troyan following a visit and a knock on my door by two unknown people the previous day where one on them showed me a copy of his ID and the other was waiting for him in my a place.

 

Sample personally identifiable information regarding these individuals including primary contact points in case someone is concerned about my whereabouts include:

hxxp://troyan-police.com
hxxp://mbal-troyan.com
hxxp://central-hotel.com/en
hxxp://universalstroi.com

 

Personal names of Local Law Enforcement Officers from the town of Troyan, Bulgaria responsible for my illegal arrest home molestation stolen ID and holding me hostage including the loss of $85,000 five years later due to home molestation include:

 

Марин Моев Маринов
Павлин Стоянов Георгиев
Красимир Михов Колев
Тихомир Найденов Славков
Стефан Иванов Милев
Анатоли Пламенов Трифонов
Станимир Цочев Инковски
Иван Недялков Иванов
Мирослав Стойков Михайлов
Васил Моев Гачевски
Божидар Банков Петров
Веско Цветанов Минков
Момчил Стефанов Цочев
Минко Стоянов Минков
Георги Митков Илиев

Sample personally identifiable information regarding these individuals including primary contact points in case someone is concerned about my whereabouts include:

 

https://www.facebook.com/nesho.sheygunov
hxxp://www.facebook.com/hristo.radionov
hxxp://www.facebook.com/ivodivo
hxxp://www.facebook.com/dobrin.danchev
hxxp://www.sibir.bg/parachut
http://otkrovenia.com/bg/profile/innadancheva

 

Primary contact points in case someone is concerned about my well being and whereabouts include:

Troyan Police - Email: police_troyan@abv.bg
Troyan Hospital - Email: mbal_troyan@abv.bg
Lovech Psychiatry Clinic - Email: dpblovech@abv.bg
Troyan Municipality - Email: mail@troyan.bg

Primary contact points in case someone is concerned about my well being and whereabouts include:

Email: dans@dans.bg
Telefon za korupciq na slujiteli na MVR - 02 / 982 22 22
GDBOP - Signal za korupciq i izpirane na pari - gdbop@mvr.bg
Nachalnik RPU Troyan - rutr.lo@mvr.bg
Troyan Police - Email: police_troyan@abv.bg
Troyan Hospital - Email: mbal_troyan@abv.bg
Lovech Psychiatry Clinic - Email: dpblovech@abv.bg
Troyan Municipality - Email: mail@troyan.bg

Personal names of Local Law Enforcement Officers from the town of Troyan, Bulgaria responsible for my illegal arrest home molestation stolen ID and holding me hostage including the loss of $85,000 five years later due to home molestation include:

Радостина Петкова
Милен Мешевоян
Петър Банчев
Стела Севданскан
Полина Стойкова
Гадьо Миревски
Галя Иванова
Валентин Петков
Иво Божинов
Петко Колев
Александър Костов

Венцислав Дочев
Димитър Банчев
Деян Димитров
Милен Бочев
Веско Минков
Васил Гачевски
Милко Стайков

Момчил Цочев
Иван Бочев
Симеон Чавдаров

Илиян Миревски
Павлин Георгиев
Станимир Пенков
Петко Петров
Владислав Краев

Петранка Марковска

 Stay tuned!

Continue reading →

Israel's Spyware Vendor NSO Group Restrics Spyware Exports List to 37 Countries Only - An Analysis

Taking into consideration the recent U.S Sanctions against the infamous Israel-based Spyware vendor NSO Group the company has recently shortened the list of countries allowed to purchase its spyware products which currently include the following countries:

The current NSO Group Spyware vendor list of countries where it's allowed to sale its products in 2021 include:

 

"Australia, Austria, Belgium, Bulgaria, Canada, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Iceland, India, Ireland, Italy, Japan, Latvia, Liechtenstein, Lithuania, Luxembourg, Malta, New Zealand, Norway, Portugal, Romania, Slovakia, Slovenia, South Korea, Spain, Sweden, Switzerland, the Netherlands, the UK, and the US."

 

What should be kept into consideration about the infamous NSO Group Spyware vendor is that it's just the tip of the iceberg in terms of commercially obtainable or proprietary available spyware aiming to affect dissidents and political activists globally and that the market share shouldn't be necessarily taken into consideration when profiling one of the market leading commercial vendors of spyware targeting various restrictive governments across the globe.

 

The following are publicly accessible NSO Group Spyware vendor C&C (Command and Control) server IPs which you should definitely consider blocking in terms of protecting from yet another spyware vendor out there in terms of keeping in mind that the NSO Group Spyware vendor is just the tip of the iceberg when it comes to commercial or proprietary spyware vendors:

 

14-tracking.com
1minto-start.com
24-7clinic.com
301-redirecting.com
365redirect.co
3driving.com
456h612i458g.com
7style.org
800health.net
911hig11carcay959454.com
aalaan.tv
accomodation-tastes.net
accountant-audio.com
accountcanceled.com
accountnotify.com
accountsections.com
accounts.mx
activate-discount.com
active-folders.com
actorsshop.net
actu24.online
add-client.com
additional-costs.com
addmyid.net
addresstimeframe.com
adeal4u.co
ad-generator.net
adjust-local-settings.com
adjustlocalsettings.net
adscreator.net
adsload.co
ad-switcher.com
advert-time.com
advert-track.com
afriquenouvelle.com
agilityprocessing.net
aircraftsxhibition.com
ajelnews.net
akhbara-aalawsat.com
akhbar-aliqtisad.com
akhbar-arabia.com
alawaeltech.com
albumphotopro.biz
alignmentdisabled.net
alive2plunge.com
allafricaninfo.com
allbeautifularts.com
alldaycooking.co
allergiesandcooking.com
allfadiha.co
alljazeera.co
allladiesloveme.com
all-sales.info
allthecolorsyoulike.com
allthegamesyouneed.com
allthemakeupyouneed.com
allthesongsyoulike.com
alluneed4home.net
alpharythme.com
android-core.org
android-updates.net
apiapple.com
apigraphs.net
apiwacdn.com
appleleaveit.co
applicationcreation.net
appointments-online.com
appsgratis.com.mx
appsjuegos.com.mx
arabnews365.com
arab-share.com
arabworld.biz
arabworldnews.info
a-redirect.com
a-resolver.com
around-theglobe.co
arrowowner.com
ar-tweets.com
asrararabiya.co
asrararablya.com
asrarrarabiya.com
assembled-battery.com
atlaslions.info
audienceflake.com
auditorcast.com
authenticangry.com
authenticated-origin.com
authlovebirth.com
autodiscount.info
autoredirect.net
avocadofight.com
av-scanner.com
awardpractice.com
axis-indication.net
babies-bottles.com
bahrainsms.co
balancewreckpoint.com
banca-movil.com
bankportal.net
baramije.net
bargainservice.online
bbc-africa.com
bdaynotes.com
beanbounce.net
beautifulhousesaroundme.com
becomeiguana.com
beethoventopsymphonies.com
behindaquarium.com
benjamin-taganga.info
bestadventures4u.com
bestcandyever.com
bestday-sales.com
bestfoods.co
bestfriendneedshelp.com
bestheadphones4u.com
besthotelsaroundme.com
bestperfumesnow.com
bestpresents4all.net
bestsalesaroundme.com
beststores4u.com
bestsushiever.com
betterapplesearch.com
better-deal.info
betterhandsblack.com
bicyclerentalnow.com
biggunsarefun.com
bigseatsout.net
billednorth.com
birdbathmorning.com
biscuit-taste.net
bitanalysis.net
bitfadepens.com
bitforeat.net
bl33pon6373.com
blackberry.org.mx
black-bricks.net
blackwhitebags.com
blindlydivision.com
blockedsituation.net
blogreseller.net
boldconclusion.com
booking-tables.com
bottlehere.com
boxes-mix.net
boysrbabies.co
brand-tech.net
breakfastisgood.com
breaking-extranews.online
breakingnewsasia.com
breaking-news.co
breakthenews.net
br-hashtags.com
brighttooth.net
brownandblueeyes.com
browser-update.online
br-travels.com
bubblesmoke.net
bubblesweetcake.com
buildingcarpet.com
buildurlife.net
buildyourdata.com
bulbazaur.com
bulksender.info
bulktheft.com
bulk-theft.net
bullgame.net
bunchi.club
bundlestofear.com
businesssupportme.com
business-today.info
bussybeesallover.com
bustimer.net
butterdogchange.com
buymanuel.co
buypresent4me.net
bytlo.com
cablegirls.net
calculatesymbols.com
calendarsapp.com
candlealbum.com
carpetdignity.com
carrefour-des-affaires.com
cars-to-buy.com
cartsafer.com
cashandlife.com
cashtowebmail.com
casia-news.info
catbrushcable.com
catfoodstorage.net
catsndogsproducts.com
cdnupdateweb.com
cdnwa.com
celebrateyourdaynow.com
cell-abonnes.com
cell-mcel.info
cellphone-inside.org
cellphonesprices.com
cellular-updates.com
cellularupdates.info
cellular-updates.online
centersession.com
centrasia-news.com
changesstarted.net
chatresponses.com
cheapapartmentsaroundme.com
cheapcardonline.com
cheaphostingtoday.com
cheapmotelz.net
cheapsolutions4u.com
cheaptransporting.net
checkboxcart.com
checkboxfee.com
checkinonlinehere.com
check-my-internetspeed.com
chickenwaves.com
chistedeldia.mx
chocolateicecreamlovers.com
chocollife.me
chormnet3.com
chubaka.org
classic-furnitures.com
classstylemap.com
cleanmiddle.com
clickrighthere.online
clicktrack247.com
clients-access.com
clockmarkcoffee.com
closefly.com
cloudads.net
cloudbiggest.com
clubloading.net
clubmovistar.com
clubsforus.net
cnn-africa.co
coffecups.online
coffee2go.org
colorfulnotebooks.com
colorsoflife.online
columbus-parking.com
companybreakfast.net
computer-set.com
com-reports.net
conditionalcell.com
conference-ballroom.com
confusedmachine.com
connecting-to.com
contacting-customer.com
content-blocking.net
contentsbycase.com
convertedversion.com
cookiescom.com
cookiesoutthere.com
coolasiankitchen.com
coolbbqtools.net
coolmath4us.net
cool-smartphone-apps.com
cornclean.com
cottondecay.com
countrytrips.net
coupedumondepro.com
couponshops.info
cpr-appointments.com
crimebackfire.com
crosslocated.net
crowndecoration.net
crownsafe.net
cryptocurrecny.com
cryptokoinz.com
cryptopcoinz.com
csomagodjott.com
cssgraphics.net
cupscars.net
curiousrabbitgame.com
currentscan.net
currentwestpeople.com
daily-sport.news
damanhealth.online
dancersing.net
dancinglife.co
dashboardprompt.com
databasemeans.net
data-formula.com
deadwordsstory.com
deal4unow.com
dearlegendseed.com
delivery-24-7.com
dental-care-spa.net
deportesinfo.com
designednetwork.com
destinytool.net
detailrush.net
deter-individuals.com
devicer.co
dhcpserver.net
diagram-shape.com
diaspora-news.com
diningip.com
dinneraroundyou.com
directbegins.com
directlyforuse.com
directurl-loading.com
discountads.net
discountmarkets.info
discountstores.info
discoveredworld-news.com
displaytag.net
dns-1.co
dns-analytics.com
dnsclocknow.com
dns-direct.net
dnslogs.net
dnsmachinefork.com
dnsprotector.net
dnsroof.com
dns-upload.com
documentpro.org
dogfoodstorage.net
dogopics.com
doitformom.com
doitforthefame-now.com
do-itonyour-own.com
domain-control.net
domainloading.net
domainport.net
domain-redirect.com
domain-resolver.net
domain-routing.com
domainsearching.net
domain-security.org
domains-resolver.net
domesticwindow.com
donateabox.co
donateaflower.com
donateyouroldclothes.net
done.events
donefordeal.com
doorcoffeebrown.com
dotroomeight.com
dowhatyouneed.com
downgradeproduct.com
dramatic-challenge.com
driventicket.com
eardooraround.com
earsstrawsfive.com
easybett.online
easy-pay.info
ecommerce-ads.org
economic-news.co
editorscolumn.net
effectivespeech.net
egov-online.com
egov-segek.info
egov-sergek.info
ehistorybooks.com
elementscart.com
eliminateadjust.com
elitecarz.net
e-loading.biz
eltiempo-news.com
email-plans.com
emiratesfoundation.net
emonitoring-paczki.pl
energy-dispatch.net
enoughtoday.org
entertainmentinat.com
entire-cases.com
e-prokuror.info
equal-gravity.com
erty.online
estatearea.net
e-sveiciens.com
eura-cell.com
eurasianupdate.com
eurosportnews.info
event-reg.info
everycolor-inside.com
everyuse.org
exchangenames.net
exchangenerate.com
ex-forexlive.com
existingpass.com
exoticsendurance.com
expired-getway.net
expiredsession.com
expiringdate.com
exploreemail.net
extend-list.net
externalprivacy.com
externaltransfers.com
extractsight.com
extrahoney.net
eyestoip.com
eyesunderspray.com
ezdropshipping.net
fabric-shops.com
facebook-accounts.com.mx
face-image.com
fadewallwine.com
fadi7apress.com
fallround.com
fallsjuice.com
familyabroad.net
fantastic-gardens.com
fashioncontainer.net
fashion-live.net
fashion-online.net
fashionpark.info
fastdirect.net
fastfixs.net
fatpop.net
fb-accounts.com
fbsecurity.co
feature-publish.net
feelbonesbag.com
feeltrail.com
femmedaffaire.com
fetchlink.net
fiestamaghreb.com
files-downloads.com
filingwarranty.com
financecomments.net
findavoucher.online
findgoodfood.co
findgroupon.com
finditout-now.com
findmyass.org
findmyfriendsnow.com
findmylunch.org
findmymind.co
findmyplants.com
findouthere.org
firebulletfan.com
fishingtrickz.com
fitness-for-ever.com
flashobligation.com
flashtraininggoal.com
flights-report.com
flights-todays.com
flying-free.online
flynewfries.com
fofopiko.org
foodeveryhour.com
foodforyou.info
foodiez.online
forgetjustit.com
formatpainter.net
formattingcells.com
forward5costume.com
forward-page.com
foto-top.info
foudefoot.live
free247downloads.com
freedominfo.net
freelancers-team.org
free-local-events.info
freeshoemoon.com
freshandsoftbread.com
freshsaladtoday.com
functionalcover.com
fundum8430.com
funinat.com
funinthesun4u.com
funintheuk.com
funnytvclips.com
fwupdating.com
gadgetproof.net
gadgetsshop.info
gate-sync.net
gdfr.online
gearstereotype.com
getagift.info
getoutofyourmind.com
getphotosinstant.net
getpoints.net
getspeednows.com
gettingchances.com
gettingurl.com
girlimstill.com
girlsyoulike.com
glassesofwine.com
glasstaken.com
glittercases.net
globalcoverage.co
globalnews247.net
global-redirect.net
globalsupporteam.com
golf-news.live
goodcookingonline.com
goodflowersinside.com
good-games.org
goodthoughts4u.com
googleplay-store.com
goroskop.co
gossipsbollywoods.com
gostatspro.com
go-trip.online
greatcitymore.com
greenbusnoise.com
greensmallcanvas.com
greenwatermovement.com
growstart.net
guardnotes.com
gulfca.net
gulf-financials.com
gulf-news.info
gumclockberry.com
hairdresseraroundme.com
halal-place.com
handcraftedformat.com
handcreamforyou.com
handymanwood.com
happiness4us.com
hardthinmetal.com
hatsampledc.com
hdsoccerstream.com
health-club.online
healthyguess.com
healthykids-food.com
hearsmugglergarden.com
heavy-flood.com
hellomydaddy.com
hellomymommy.com
highclassdining.net
hillsaround.com
hitrafficip.com
hmizat.co
holdingspider.com
holdmydoor.com
holdstory.com
holecatorange.com
holiday4u.work
homeishere.co
homemadecandies.net
horsefingercoffee.com
host-one-more.com
host-redirect.net
hotelsauto.co
hotels-review.org
hotelstax.co
hotelsurvey.info
hothdwallpaperz.com
hotinfosource.com
hot-motors.com
housesfurniture.com
housing-update.com
howisurday.com
howtoexplorebirds.com
howtomakeavocadotoastandegg.com
hracingtips.com
htmlmetrics.com
htmlstats.net
httpaccess.com
humandiven.com
humblebenefit.com
hundredsofdesigns.net
icecreamlovesme.com
icloudcacher.com
icrcworld.com
ideas-telcel.com.mx
igiheonline.com
ikomek.info
ilovemybeatifulnails.com
ilovemymilf.com
in2date.com
inbox-messages.net
income-tax.online
indrive.info
industry-specialist.com
ineediscounts.com
info24.live
infospotpro.com
infospress.com
insertfilters.net
insta-foto.net
instangram.com.mx
internetmobilespeed.com
intim-media.net
investigationews.com
investormanage.net
in-weather.com
ipjackets.com
ipurlredirect.com
islamic-news-today.com
islamiyaat.com
islam-today.info
islam-world.net
istgr-foto.com
itsthebrowser.com
iusacell-movil.com.mx
iwantitallnow.com
jaimelire.net
jeeyarworld.com
judgeauthority.com
just-one-left.com
kaidee.info
karbalaeyat.com
kaspi-payment.com
keepiptext.com
keepthiseasy.com
kenyasms.org
keyindoors.com
keynotepalm.com
khaleejtimes.online
kingdom-deals.com
kingdom-news.com
klientuserviss.com
knowingfun.com
knowseminar.com
koramaghreb.com
kra.center
kurjerserviss.com
labonneforme.net
landflatheart.com
landstofree.com
laptop-parts.org
last-chainleash.net
latest-songs.com
lawlowvat.net
layerprotect.com
layoutfill.com
leadersnews.org
leavehomego.com
leggingsjustforyou.com
legsfriesears.com
legyelvodas.com
legyelvodas.net
leleader.org
leprotestant.com
lesbonnesaffaires.online
lesportail.biz
letyoufall.com
levelsteelwhite.com
liam-ryan.co
license-updater.com
lifedonor.net
lifenoonkid.com
like-the-rest.com
limitedfeature.com
link-crawler.com
linking-page.com
link-scan.net
linksnew.info
littlefrogalarm.com
live-once.net
lizzardsnail.com
loading-ads.net
loading-domain.com
loading-images.com
loadingpage1.net
loadingpage4.net
loading-page.net
loading-pag.net
loading-url.net
loadingurl.net
loadthatpage.com
localgreenflowers.com
loisiragogo.com
lonely-place.com
looking-for-two.com
lookitupnow.website
looklifewhite.com
look-outsidenow.com
loschismescalientes.com
losnegocios.biz
lost-n-found.net
loveandhatenow.com
lowervalues.com
maghrebfoot.com
maghrebfunny.biz
magicalipone.com
mailappzone.com
maingreatessay.com
mainredirecter.com
mamba-live.com
managedsnap.com
management-help.com
managingincluded.com
manoraonline.net
manydnsnow.com
maphonortea.com
mapupdatezone.com
martinipicnic.com
massagetax.co
maymknch2026.co
mcel.info
mcel-update.com
mealrentyard.com
meanspursuit.com
medicalcircle.net
medical-updates.com
megacenter.info
megaticket.info
mercedesbenz-vip.com
merchant-businesses.com
mergeandcenter.com
methodslocal.com
mgifweb.com
mideast-today.com
miles-club.com
miralo-rapidamente.com
mirrorgossip.com
mixershake.net
mixsinger.com
mobilebrowsing.net
mobilephonesme.com
mobile-softs.com
mobile-update.online
mobile-updates.info
mobileweatherweb.com
mobi-up.net
modifytimezone.net
moh-followup.com
moh-online.com
monawa3ate.org
mondaymornings.co
moneycheesecolor.com
moneycoincurrency.com
moneydigitalcurrency.com
moneyxchanges.com
moregatesthere.com
morning-maps.com
mosque-salah.com
mosque-salah.net
mosquesfinder.com
motiontastebad.com
motivation-go.com
motordeal.info
movie-tickets.online
moyfoto.net
mozillaname.com
moz-noticias.com
mozsafety.com
m-resume.com
muftyat.com
multiplecurrencies.com
music-electric.org
music-headphones.org
muslim-world.info
muzicclips.com
muziclovers.org
mybrightidea.co
mydailycooking.net
mydarkarms.com
myfiles.photos
myfreecharge.online
myfundsdns.com
mygreathat.com
mygummyjelly.com
myheartbuild.com
mykaspi.com
mylogfrog.com
mylovelypet.net
mymanagement-service.com
mymensaje-sms.com
mymobile-cell.com
mynewbesttime.com
mypostservice.online
my-privacy.co
mysadaga.com
myseesea.com
myself-dns.com
myshoesforever.com
myshop4u.net
mystulchik.com
mysuperheadphones.co
myukadventures.com
mz-vodacom.info
nation24.info
nationalleagues.net
nation-news.com
natural-ice.com
navywalls.com
nbrowser.org
nerdtvfan.com
net-protector.com
netstatistics.net
netvisualizer.com
network190.com
network-bots.com
networkinfo.org
networkingloading.com
networkingproperty.com
neutralpages.com
neverwayneck.com
newandfresh.com
newandroidapps.net
newarrivals.club
newcooking.org
newdailycoupons.com
newenvelope.net
newipconfig.com
newip-info.com
newmodel.online
newnhotapps.com
newredirect.net
news-alert.org
newscurrent.info
newsdirect.online
news-flash.net
news-gazette.info
news-news.co
newsofficial.info
newsofgames.com
newsofthemoment.net
newtarrifs.net
newworld-news.com
nicevibezaction.net
nightevents.info
nightscloudwant.com
noextramoney.com
noloveforyou.com
nomorewarnow.com
noodlegray.com
noonstore.sale
noor-alhedaya.com
normal-brain.com
normalseason.com
normal-strength.com
nosalternatives.com
nosemorningnine.com
nothernkivu.com
notificationsneeded.com
noti-global.com
noti-hot.com
noti-hoy.co
notisms.net
notresante-infos.com
nouveau-president.com
nouvelles247.com
noveletters.com
novoicenoprob.net
novosti247.com
now-online.net
nsoqa.com
nuevaidea.co
objectreduction.com
odnoklass-profile.com
offresimmobilier.com
offspringperform.net
ok-group.org
old-glasses.net
oldmywater.com
one-isnot-enough.com
oneleadingchat.com
onetreeinheaven.com
online-dailynews.com
onlinefreework.com
online-loading.com
onlineshopzm.com
onlycart.net
onlygossip.info
only-news.net
onlytoday.biz
onlywebsite.org
onthegoodtime.com
ooredoodeals.com
openingquestion.org
operatingnews.com
operations-delivery.com
operations-shifts.com
opera-van.com
oplata-shtraf.info
opposedarrangement.net
optionalshift.online
optionstoreplace.com
orange-updates.com
organicdiamonds.net
ourorder.info
ourperfume.net
outgoingurl.com
outletsaroundme.com
outletstore.tech
page-host.net
page-info.com
pageisloading.net
pageredirect.co
pageupdate.co
painruncart.com
painting-walls.com
panelbreed.com
papers2go.co
papervoice.net
park4free.info
particularmechanic.net
parties-fun.com
pastesbin.com
pathtogo.net
pay-city.com
paynfly.info
pay-penalty.info
paywithcrytpo.com
pc-views.net
performinghost.com
permalinking.com
phonemetrics.co
phonering4you.com
phonestats.net
photo-afisha.net
photo-my.net
physicalcheetah.com
pickcard.info
pickuchu.com
picture4us.com
pincattape.com
pine-sales.com
pizzatoyourplace.com
planeocean.com
playfantasticsplastic.com
playwithusonline.com
pleaseusenew.com
pleaseusenew.net
pochta-info.com
politica504.com
politicalpress.org
politiques-infos.info
popagency.net
popularmessages.net
port-connection.com
portredirect.net
possibilitytotransfer.com
postainf.net
posta.news
pourcentfilers.com
poweredbycpanel.com
poweredlock.com
ppcisdead.com
pprocessor.net
practical-basis.net
practicehazard.com
preferenceviews.com
preferring.org
presidentialagent.com
preventadmission.com
preventsusing.com
pride-industry.com
pride-industry.net
pridetomyself.net
prikol-girls.com
primarystrike.net
prioritytrail.net
privo7799add.net
productsall.net
productsview.co
projectgoals.net
promosdereve.com
promotionlove.co
proudmorale.com
pub-dns.com
publishbig.net
puffyteddybear.com
purchaseusingcoins.com
purple-enveloppe.com
puttylearning.com
qaintqa.com
qaoffers.net
qualityfeeling.net
quitmyjob.xyz
quota-reader.net
quran-quote.com
rainingcats.net
raininscreen.com
randomlane.net
rapidredirecting.com
raresound.org
raw-console.com
reachcomputer.com
readingbooksnow.com
readirectly.com
realmythtrend.com
receiptpending.net
reception-desk.net
recordinglamping.com
redcrossworld.com
redemptionphrase.com
redirect2url.net
redirectchannel.net
redirectcheck.net
redirect-connection.com
redirectconnection.net
redirectdoor.com
redirecteur.net
redirectgate.com
redirectingpage.net
redirecting-url.com
redirectingurl.net
redirectingurl.org
redirection-url.net
redirectit.net
redirectking.net
redirect-link.com
redirectload.com
redirectmotion.org
redirect-net.com
redirectnet.net
redirectool.com
redirect-protocol.com
redirectprotocol.net
redirect-service.net
redirectshare.com
redirect-systems.com
redirect-traffic.net
redirect-tunnel.net
redirect-webpage.net
redirectweburl.com
redirigir.net
redstarnews.net
reflectextension.net
regionews.net
regularhours.net
reklamas.info
related-ads.com
relatedspams.net
reloading-page1.com
reloadinput.com
reloadpage.net
reload-url.com
reload-url.net
remove-client.com
remove-from-mailing-list.com
remove-from-mailinglist.com
remove-subscription.com
renewal-control.net
rentalindustries.com
rentmotors.net
research-archive.com
reseausocialsolutions.co
reservationszone.com
reseufun.com
resolutionsbox.com
restaurantsstar.com
results-house.net
revoke-dashboard.com
revolution-news.co
rewards-club.info
rhymeshey.com
righttriangle.net
roadwide.net
robotscan.net
rockbreakdown.com
rockmusic4u.com
rockstarpony.com
rosegoldjewerly.com
rosesforus.com
russian4u.net
sabafon.info
safecrusade.com
safe-mondays.net
saladsaroundme.com
saltyapplepie.com
same-old.net
savemoretime.co
saveurday.net
scannerservices.net
scaryaudience.com
scriptincluded.com
scriptsinstallers.com
searchjustdont.net
searchunit.net
sec-checker.com
secretgirlfriend.net
secure-access10.mx
securedloading.com
securedlogin.org
secured-url.net
securesmsing.com
secureyouradd.com
securisurf.com
securlaw.com
select-edition.net
send2url.com
sendhtml.net
sendingurl.com
sendingurl.net
sergek.info
seriousprotection.net
services-sync.com
service-update.online
servingshade.com
severalheroes.com
sharepassageset.com
shia-voice.com
shipment-status.org
shoppingdailydeals.net
short-address.com
shortfb.com
shortredirect.com
shtraf.info
shuturl.com
signpetition.co
silverodgone.com
simplycode.co
site-lock.net
site-redirecting.com
skillsforest.net
smallperfumerain.com
smallridebar.com
smarttarfi.com
smokeshowshoe.com
smoothurl.com
sms-center.info
smscentro.com
smser.net
smsmensaje.mx
sms-sending.net
sms-zone.org
snoweverywhere.com
soccerstreamingstars.com
social-artist.net
social-exercise.com
social-life.info
social-rights.com
sockstubename.com
somewarmremember.com
somuchrain.com
so-this-is.com
sparepresence.com
specialgifts4all.com
speechenforce.com
speedservicenow.com
spiritualbrakes.com
sportssaint.net
sportupdates.info
sportupdates.online
sputnik-news.info
squaretables.net
sslbind.com
standartsheet.com
standstock.net
starbuckscoffeeweb.com
starreturned.com
stars4sale.co
start2playnow.com
starting-from0.com
startupsservices.net
stationfunds.net
statisticsdb.net
staysystem.net
stopmysms.com
stopsms.biz
storageseminar.net
storelive.co
strangegloom.net
strategyroles.com
suitcasesmellnice.com
summermover.com
sunday-deals.com
sunnydaylight.com
sunrise-brink.net
sunsetdnsnow.com
superlinks4u.com
supportonline4me.com
surprising-sites.com
sweetcup.co
sweet-water.org
sync-cdn.com
syncingprocess.com
syncmap.org
systemtrees.com
tablereservation.info
tahmilmilafate.com
tahmilmilafate.info
takecarhomes.com
takemallelectric.com
takethat.co
tastyteaflavors.com
teachskate.com
techhelping.net
telangana-news24.com
telecom-info.com
telephonequality.com
template-iso.net
tengrinews.co
tentrosegain.com
thainews.asia
thankstossl.com
theappanalytics.com
theastafrican.com
thebestclassicalmusic.net
thecoffeeilove.com
thefuturearticle.net
thehighesttemple.com
thehoteloffers.com
the-only-way-out.com
theredirect.net
theshopclub.org
thesimplestairs.com
thespaclub.net
theway2get.com
thoughtfulbundle.com
tibetnews365.net
ticket-aviata.info
ticket-selections.com
tiketon.info
timelesscelebrity.com
timeofflife.com
tinyurler.com
tlgr-me.org
tobepure.com
todaysdeals4u.com
todoinfonet.com
toggletools.com
tommyfame.com
tomorrowpastno.com
tookcheckout.com
top100vidz.com
top10gifts4men.com
top10leadsgen.com
topadblocker.net
topbraingames4u.com
topcontactco.com
topoems.com
topten-news.info
touristvaca.com
towebsite.net
track-your-fedex-package.com
trackyourfedexpackage.net
track-your-fedex-package.org
trade-agreement.com
tradeexchanging.com
traffic-pay.com
traffic-updates.info
transferbase.co
transferkeep.com
transferlights.com
transfer-rate.com
travel-foryou.online
travelight.online
traveltogether.link
trendsymbol.net
trialvariable.net
trianglerank.net
tricksinswiss.com
trililihihi.com
tripleclickpays.com
t-support.net
tunnelprotocol.net
turismo-aqui.com
turkeynewsupdates.com
turkishairines.info
tvshowcusting.com
twiitter.com.mx
uaenews.online
uidebol.info
umbrellacover.net
unavailableentry.com
unionofteenagers.com
uniquesite.co
univision.click
un-limitededitions.com
unlockaccount.net
unonoticias.net
unsubscribed.co
unsubscribeinhere.com
untoldinfo.net
unusualneighbor.com
updateapps.net
updatedchargers.com
updatedcharges.net
updating-link.com
updatingpage.com
updating-url.com
updating-url.net
updatingwebpage.com
upgrade-sim-card.com
upkeepno.com
upload-now.net
uptownfun.co
urbestfriends.com
url2all.net
urlconfig.net
url-configure.com
urlconnection.net
urldefender.net
url-direct.com
url-hoster.com
url-loading.com
urlpage-redirect.com
urlpush.net
url-redirect.com
url-redirect.net
urlredirect.net
urlregistrar.net
urlreload.net
urlscanner.net
urlsync.com
urlupdates.com
urlviaweb.com
urspanishteacher.net
user-registration.com
utensils.pro
vamizi.info
vanillaandcream.com
varietyjobspaid.org
varietyregistrar.com
vastdealsnow.com
vault-encryption.com
verify-app.online
videosdownload.co
videotubbe.net
vider-image.com
viedechretien.org
vie-en-islam.com
viewhdvideos.com
viewstracker.com
vipmasajes.com
viva-droid.com
vivrechezsoi.info
vkan-profile.com
volcanodistance.com
volcanosregion.com
waffleswithnutella.com
waitingtoload.com
walkerpost.net
walkhatclock.com
wallagainsthall.com
walltome.com
wasted-nights.com
waterforplants.net
watersport4u.net
weakdistance.com
weather4free.com
weatherapi.co
webadv.co
web-check.co
web-config.org
web-developper.net
web-domain.net
webexaminer.net
web-hoster.co
web-loading.com
web-loading.net
web-only.net
web-page.co
webpageupdate.co
webprotector.co
webprotocol.net
webresourcer.com
web-scanner.co
websconnector.co
websiteconnecting.com
websiteeco.com
websitereconnecting.com
websites4yourhost.com
websitetosubmit.com
web-spider.net
webstrings.net
websupporter.co
webtunnels.net
webupdater.net
web-url.net
web-viewer.online
webview-redirect.com
weddingbandsoft.com
wedding-strategy.com
welcomehosting.net
welovebigcakes.com
welovelollipops.com
welovemorningcoffees.com
wewantflowersnow.com
whatcanidowithbirds.com
whatsapp-app.com
whatsappsupport.net
whats-new.org
whereismybonus.com
whereismyhand.com
whereismytree.net
whereisthehat.com
whynotyesterday.com
whypillyellow.com
willpurpleshe.com
windyone.net
winfoxflip.com
winter-balance.com
wintertimes.co
wishdownget.com
without-additional.com
witness-delay.com
wonderfulinsights.com
woodhome4u.com
wordstore.net
working-online.net
workshopmanager.net
wraptext.net
xchange4u.net
xchangerates247.net
xn--nissn-3jc.com
xn--noki-t5b.com
xn--telegrm-qbd.com
xtremelivesupport.com
y0utube.com.mx
youaresostupid.net
youcantpass.com
youintelligence.com
youliehow.com
yourbestclothes.com
yourbestefforts.com
yourbestvaca.com
yourgreatestsmartphone.com
yourhotelreservation.info
yourlastchance.net
yousunhard.com
yummyfoodallover.com
zednewszm.com
zm-banks.com
zm-weather.com
zsports-info.com

Continue reading →

Avast Joins the Stalkerware Coalition - An Analysis

  

According to a blog post on Avast's blog the company is among the latest information security and antivirus companies to join the Stalkerware coalition in an attempt to prevent the mass distribution and possible widespread campaigns caused by boutique stalkerware applications which are often used by end users to spy on their friends and colleagues including family and relatives.

 

According to a recently released research and presented at the Virus Bulletin conference by ESET's Lukas Štefanko the company managed to find out that on the majority of occasions stalkerware applications are poorly coded and often represent a security and privacy risk for the actual stalker and user of the application and that they fall victim to a variety of security flaws and vulnerabilities which often include the actual compromise of  already collected and gathered information by third-parties.

 

Sample actionable intelligence on some of the currently active stalkerware variants spotted in the wild by ESET's Lukas Štefanko include:

 

hxxp://aispyer.com
hxxp://alltracker.org
hxxp://androidmonitor.com
hxxp://antifurtodroid.com
hxxp://appmia.com
hxxp://appspyfree.com
hxxp://a-spy.com
hxxp://blurspy.com
hxxp://catwatchful.com
hxxp://cerberusapp.com
hxxp://clevguard.com
hxxp://cocospy.com
hxxp://copy9.com
hxxp://coupletracker.com
hxxp://ddiutilities.com
hxxp://easemon.com
hxxp://logger.mobi
hxxp://easyphonetrack.com
hxxp://flexispy.com
hxxp://fonetracker.com
hxxp://myfonemate.com
hxxp://fonemonitor.co
hxxp://foreverspy.com
hxxp://freeandroidspy.com
hxxp://guestspy.com
hxxp://highstermobile.com
hxxp://hoverwatch.com
hxxp://ikeymonitor.com
hxxp://imonitorke.com
hxxp://109.235.66.53
hxxp://ispyoo.com
hxxp://theispyoo.com
hxxp://jjspy.com
hxxp://trackmyphones.com
hxxp://letmespy.com
hxxp://androidlost.com
hxxp://callsmstracker.com
hxxp://meuspy.com
hxxp://minspy.com
hxxp://mtoolapp.net
hxxp://mobiletool.ru
hxxp://mtoolapp.biz
hxxp://mobile-tracker-free.com
hxxp://mobilespy.at
hxxp://mobistealth.com
hxxp://mspy.com
hxxp://mxspy.com
hxxp://neatspy.com
hxxp://neospy.net
hxxp://neospy.pro
hxxp://neospy.tech
hxxp://netspy.net
hxxp://en.ownspy.com
hxxp://phonesheriff.com
hxxp://phonespying.com
hxxp://trackmyphones.com
hxxp://reptilicus.net
hxxp://shadow-spy.com
hxxp://sap4mobile.com
hxxp://snoopza.com
hxxp://spappmonitoring.com
hxxp://spytomobile.com
hxxp://spycell.net
hxxp://spyhuman.com
hxxp://spyic.com
hxxp://spyier.com
hxxp://spyine.com
hxxp://spylive360.com
hxxp://spyfone.com
hxxp://spyphone.com
hxxp://phonetracker.com
hxxp://spytoapp.com
hxxp://spyzee.com
hxxp://spyzie.io
hxxp://trackview.net
hxxp://89.47.91.131
hxxp://wt-spy.com
hxxp://xnore.com
hxxp://talklog.tools
hxxp://teensafe.net
hxxp://thetruthspy.com
hxxp://tispy.net
hxxp://trackmyphones.com
hxxp://spyequipmentuk.co.uk
hxxp://usafe.ru

Sample personally identifiable information on the actual stalkerware domains which could assist in possible cyber attack attribution and cyber attribution campaigns:

 

5LLIQUIDATION@GMAIL.COM
ad20nikunj@gmail.com
bytepioneers@gmail.com
ciucaandrei@yahoo.com
dalyjohns@yahoo.com
de.russcity@gmail.com
e.tabunow@gmail.com
ernesto2020@yandex.com
gad2005@bk.ru
gooveg@gmail.com
immobilespy@yahoo.com
ispyoo@yahoo.com
itix.llc@gmail.com
jacksrow1980@gmail.com
jerry-howard@hotmail.com
jjmomanyis@gmail.com
jordanlevexier@gmail.com
karanthsrihari@gmail.com
m2mstat@gmail.com
micro.freetracker@gmail.com
mobileinnova@gmail.com
mspycotherg@gmail.com
pavel_mikhailov@mail.ru
pub144@hotmail.com
puja2rani@gmail.com
reshamkdk@gmail.com
ronaldoblumenthal@gmail.com
sqlove@gmail.com
sriharikaranth@gmail.com
theisborg@gmail.com
twhanna13@yahoo.com
wirelessha@yahoo.com
zee.zaragoza@gmail.com

Continue reading →

U.K and Australia Launch "Think Before You Link" Counter Espionage Using Social Media Awareness Campaign - An Analysis

The U.K and Australia have recently launched an extremely popular and relevant "Think Before You Link" counter-intelligence social media link sharing security awareness building campaign that aims to spread awareness on the use of "foreign information seeking" foreign third-parties who will somehow benefit and expose sensitive national security information to third-parties.

Sample video from the "Think Before You Link" security awareness raising campaign:

 

 

Users are advised to report suspicious activity using the following portal.

Continue reading →

Dancho Danchev Speaks! - Introduction to my New Daily YouTube Vlog!

Dear blog readers,

I've just launched a daily Vlog and I wanted to share the news.

Subscribe here.

Here's the first episode.

Stay tuned!

Continue reading →

Exposing the Darkode Forum Bust and the Associated Individuals Behind It - Or How I Almost Got Kidnapped? - An OSINT Analysis

I've decided to share with everyone an in-depth analysis and assessment using public sources that basically exposes key members of the Darkode forum community who actually ordered a hitman for me for the price of $10,000 back in 2010 prior to my illegal arrest and kidnapping attempt.

In this post I'll provide actionable intelligence on their online whereabouts with the idea to assist U.S Law Enforcement on its way to track down monitor and prosecute the cybercriminals behind these campaigns.

Sample Darkode forum domains active at the time:

hxxp://darkode.com - briankrebson@gmail.com

hxxp://darkode.pro

hxxp://darkode.com

hxxp://darkode.me

hxxp://darkode.cc

hxxp://darkode.su - Email: ctouma2@gmail.com

Sample names of key members of the Darkode forum community:

Johan Anders Gudmunds

Morgan C Culbertson

Eric L Crocker

Naveed Ahmed

Phillip R Fleitz

Dewayne Watts

Murtaza Saifuddin

Daniel Placek

Matjaz Skorjanc

Florencio Carro Ruiz

Mentor Leniqi

Rory Stephen Guidry - k@exploit.im

Sample personally identifiable information on key members of the Darkode forum community:

hotcoffeecup@jaim.at

s3x@neko.im

Arcore@jabber.org

sana@thesecure.biz

silic0n@jabber.org

split@thesecure.biz

ihack@thesecure.biz

systro@jabber.org

mafioso@xmpp.jp

zer0day@xmpp.jp

c4rl0s@jabber.ru

ipwn@cih.ms

h0tsh0t@jodo.im

jumbie@jabber.ru

off-sho.re@jabber.vc

x0x@jabba.biz

bestkrypt@rkquery.de bestkrypt - Email: annabellablibgs@hotmail.com - Email: apetrovskiy@evermail.org

elzig@exploit.im

na@exploit.im

m3gatr0n@jabber.ru

nassef@thesecure.biz

teardrop@swissjabber.ch

gamoonty@xmpp.jp

mojitka@jabber.org

the_bond@jabber.org

rzor@jabber.org

x47@xmpp.jp

mrborisb@xmpp.jp borisb

RG.JR9@thesecure.biz

zigma@jabber.org

propack@neko.im

dilibau@qip.ru

r3vproxy@jabber.org

synthetic@exploit.im

ling0@jabber.ru

Including the following C&C domains that were registered at the time:

upaskitv1.org - Email: jgou.veia@gmail.com

xylibox.biz

krebsonsecurity.biz

upaskitversion1.biz

stevenk.biz

briankrebs.biz

upaskit1.biz

researchsecurity.biz

securityresearch.biz

amatrosov.biz

Related C&C server domains that are known to have been registered at the time:

upasdomination.ru

exposedbotnets.ru

researchsecurity.biz

Related C&C server domains known to have been registered at the time:

hfgfr56745fg.com - 80.82.66.204

Sample personal photos of key members of the Darkode forum community that were basically responsible for ordering a hitman to look for me for the price of $10,000 and actively communicated between each other during my disappearance and kidnapping attempt: 

 

Stay tuned!

Continue reading →

My Official Dark Web Onion Web Site - Now Publicly Accessible!

Dear blog readers,

I've decided to make my official Dark Web Onion - http://aklw6fojficmu3zqsdsffprbas3kqrheej4ntvynfl5xkrjpqhlq55yd.onion/ publicly accessible using a clearnet URL which means that now you can access my daily updated Dark Web Onion using a clearnet URL - https://ddanchev-darkweb-onion.eu.ngrok.io

Stay tuned! 

Continue reading →

Deep from the Trenches in Bulgaria! - Part Five

define:moronic

Thanks, but, no thanks.

Sample document courtesy of my homeland Bulgaria courtesy of Bulgarian Law Enforcement who kidnapped and home molested me and basically robbed me of $85,000 five years later after my illegal arrest and kidnapping attempt circa 2010:

Stay tuned!

Continue reading →

Profiling a Currently Active Brian Krebs Themed Online E-Shop for Stolen Credit Cards - An OSINT Analysis

I've recently came across to a pretty interesting Brian Krebs themed E-Shop for stolen credit cards information and I've decided to share with everyone actionable intelligence with the idea to assist everyone with their cyber attack attribution campaigns.

Sample related malicious domains known to have been involved in the campaign: 

hxxp://briankrebs.at

hxxp://briankrebs.cm

Stay tuned!

Continue reading →

Profiling the Omerta Cybercrime-Friendly Forum Community - An OSINT Analysis

In this post I've decided to share with everyone actionable intelligence regarding the infamous cybercrime-friendly forum community known as Omerta with the idea to assist everyone with their cyber attack attribution campaigns. 

Related personal emails known to have been involved in the campaign:

omerta.sup@gmail.com

suppa.sale@gmail.com

Sample related Omerta cybercrime-friendly forum domains known to have participated in the campaign:

hxxp://omerta.cc

hxxp://omerta.wf

hxxp://omerta.ws

hxxp://omerta.mn

hxxp://omerta.cx

hxxp://omerta.ms

hxxp://omerta.vc

hxxp://omertadns.biz

hxxp://cc101.biz

hxxp://omerta.vc

hxxp://omerta.mn

hxxp://monodsp.xyz

hxxp://gipertorrent.com

hxxp://securetheborder.us

hxxp://autorsite.com

hxxp://rtk.expert

hxxp://seoptex.com

hxxp://buybestdumps.biz

hxxp://buy-dumps-online.com

hxxp://7ap.biz

hxxp://buy-dumps-online.com

hxxp://mediation-plus-coaching.com

hxxp://2tracks.biz

hxxp://bestdumps.biz

Stay tuned!

Continue reading →

Exposing "Moses Staff" Data Leaks Gang - An OSINT Analysis

I've recently came across to a currently active data leaks campaign launched by a newly formed hacking and data leaks group and I've decided to share with everyone an in-depth technical and relevant OSINT analysis with the idea to assist everyone with their cyber attack attribution campaigns.

Sample related domains known to have been involved in the campaign:

https://moses-staff.se

http://mosesstaffm7hptp.onion

https://t.me/Moses_staff_se

https://twitter.com/moses_staff_se

Sample related IPs known to have been involved in the campaign:

185.206.180.138

95.169.196.52

Stay tuned!

Continue reading →

Massive "Facebook Appeal" Themed Phishing Campaign Uses Google's Firebase Spotted in the Wild - An OSINT Analysis

I just came across to a currently active phishing campaign that's using Google's Firebase as a hosting infrastructure for the purpose of enticing users into falling victim into a rogue and fake "Facebook Appeal" themed phishing campaign.

You can check out my initial analysis at my official Dark Web Onion here as my initial post got censored by Google as it violates its Terms of Service.

Sample malicious and rogue phishing domains known to have been involved in the campaign:

hxxp://publicaccount-facebook-46956.web.app

hxxp://publicappeal-348239237392.web.app

hxxp://publicappeal-9344858302239.web.app

hxxp://publicappeal-facebook.web.app

hxxp://publicappeal-form-fb-copyright102872.web.app

hxxp://publicappeal-form-fb-copyright104352.web.app

hxxp://publicappeal-form-fb-copyright119275.web.app

hxxp://publicappeal-form-fb-copyright126776.web.app

hxxp://publicappeal-form-fb-copyright171651.web.app

hxxp://publicappeal-form-fb-copyright18251.web.app

hxxp://publicappeal-form-fb-copyright18258.web.app

hxxp://publicappeal-form-fb-copyright18274.web.app

hxxp://publicappeal-form-fb-copyright18275.web.app

hxxp://publicappeal-form-fb-copyright182755.web.app

hxxp://publicappeal-form-fb-copyright18721.web.app

hxxp://publicappeal-form-fb-copyright187265.web.app

hxxp://publicappeal-form-fb-copyright187285.web.app

hxxp://publicappeal-form-fb-copyright18762.web.app

hxxp://publicappeal-form-fb-copyright19285.web.app

hxxp://publicappeal-form-fb-copyright19827.web.app

hxxp://publicappeal-form-fb-copyright981725.web.app

hxxp://publicappeal-form-page-unpublish1897.web.app

hxxp://publicappeal-from-fb-copyright12352.web.app

hxxp://publicappeal-from-fb-copyright12857.web.app

hxxp://publicappeal-page-unpublish-1827589.web.app

hxxp://publicappeal-page-unpublish1107276.web.app

hxxp://publicappeal-page-unpublish118172861.web.app

hxxp://publicappeal-page-unpublish18275.web.app

hxxp://publicappeal-page-unpublish182758.web.app

hxxp://publicappeal-page-unpublish1827586.web.app

hxxp://publicappeal-page-unpublish1827588.web.app

hxxp://publicappeal-page-unpublish182759.web.app

hxxp://publicappeal-page-unpublish18278652.web.app

hxxp://publicappeal-page-unpublish1827890.web.app

hxxp://publicappeal-page-unpublish187-36ac4.web.app

hxxp://publicappeal-page-unpublish187265.web.app

hxxp://publicappeal-page-unpublish18769.web.app

hxxp://publicappeal-page-unpublish1906392.web.app

hxxp://publicbusiness-appeal-form-129862.web.app

hxxp://publicbusiness-appeal-form125921.web.app

hxxp://publicfacebookappeal110631.web.app

hxxp://publicfb-appeal-form-29997.web.app

hxxp://publicfb-appeal-form-70f46.web.app

hxxp://publicfb-appeal-form-791bd.web.app

hxxp://publicfb-appeal-form-8276f.web.app

hxxp://publichouse-h3.web.app

hxxp://publicpage-appeal-unpublish1253631.web.app

hxxp://publicproject-8595314475285305009.web.app

hxxp://publicrestriction-appeal-business128.web.app

hxxp://publicreview2024545897534.web.app

Stay tuned!

Continue reading →

From China With "Love" - Exposing the HKLeaks Propaganda Campaign - An OSINT Analysis

I've recently came across to a currently active information warfare operation propaganda campaign courtesy of China that somehow aims to successfully identify protesters using a variety of "leak" based Web sites.

In this analysis I'll provide actionable intelligence on the whereabouts of the individuals behind these campaigns and offer an in-depth technical discussion on their online whereabouts.

Based on a variety of publicly accessible sources including the use of  WhoisXML API's WHOIS database I've managed to find the following domains which are known to have been involved in the campaign including one personally identifiable email address which could lead to possible cyber campaign attribution campaigns.

Sample domains known to have been involved in the HKLeaks information warfare propaganda campaign:

hxxp://hkleaks.pk

hxxp://hkleaks.ru

hxxp://hkleaks.pk

hxxp://hkleaks.tj

hxxp://hkleaks.ml - Email: spiker@elude.in

hxxp://hkleaks.af

hxxp://hkleaks.cc

hxxp://hkleaks.pw

hxxp://hkleaks.kz

hxxp://hkleaks.kg

Sample email address accounts known to have been involved in the campaign:

hkleaks@yandex.com

hongkongmob@163.com

Hongkongmob@protonmail.com

hongkongmob@yandex.com

Sample responding IPs known to have been involved in the campaign:

185.178.208.132

185.178.208.152

96.126.123.244

194.58.112.174

45.33.18.44

45.33.23.183

72.14.178.174

186.2.163.203

45.33.20.235

72.14.185.43

173.255.194.134

45.79.19.196

186.2.163.140

45.56.79.23

186.2.163.60

186.2.163.7

45.33.2.79

186.2.163.210

198.58.118.167

185.53.177.31

45.33.30.197

186.2.163.216

Sample related photos from the HKLeaks information warfare online propaganda campaign:

Stay tuned!

Continue reading →

Introducing Dancho Danchev's "Intelligence Community" 2.0 Dark Web Onion - Exclusive Content Available!

 

Dear blog readers,

It's been approximately 12 years since I've originally launched my Dancho Danchev's Blog - Mind Streams of Information Security Knowledge blog which quickly became one of the security industry's leading publications and since I've recently received quite a few censorship attempts that basically say that some of my research violates Google's Terms of Service I've decided to migrate my personal blog including to resume my research at the official Dark Web Onion for this blog which is:

• http://aklw6fojficmu3zqsdsffprbas3kqrheej4ntvynfl5xkrjpqhlq55yd.onion

and therefore I've decided that this is my last post on my personal Dancho Danchev's Blog.

Users and readers interested in continuing to follow my research can grab the Tor browser and visit - http://aklw6fojficmu3zqsdsffprbas3kqrheej4ntvynfl5xkrjpqhlq55yd.onion where I'll ensure that I'll be posting high-quality and never-published and discussed before research and OSINT type of analysis.

Sample screenshots from my "Intelligence Community" 2.0 Dark Web Onion blog:

Sample content which you can find at the Dark Web Onion:

• A Compilation of Currently Active and Related Scams Scammer Email Addresses – An OSINT Analysis
• A Compilation of Currently Active Cyber Jihad Themed Personal Email Addresses – An OSINT Analysis
• A Compilation of Currently Active Full Offline Copies of Cybercrime-Friendly Forum Communities – Direct Technical Collection Download -[RAR]
• A Compilation of Personally Identifiable Information on Various Iran-based Hacker Groups and Lone Hacker Teams – Direct Technical Collection Download – [RAR]
• A Koobface Botnet Themed Infographic Courtesy of my Keynote at CyberCamp – A Photo
• Advanced Bulletproof Malicious Infrastructure Investigation – WhoisXML API Analysis
• Advanced Mapping and Reconnaissance of Botnet Command and Control Infrastructure using Hostinger’s Legitimate Infrastructure – WhoisXML API Analysis
• Advanced Mapping and Reconnaissance of the Emotet Botnet – WhoisXML API Analysis
• Assessing The Computer Network Operation (CNO) Capabilities of the Islamic Republic of Iran – Free Research Report
• Astalavista Security Newsletter - 2003-2006 - Full Offline Reading Copy
• Compilations of Personally Identifiable Information Including XMPP/Jabber and Personal Emails Belonging to Cybercriminals and Malicious Threat Actors Internationally – An OSINT Analysis
• Cyber Intelligence – Personal Memoir – Dancho Danchev – – Download Free Copy Today!
• Cybercriminals Impersonate Legitimate Security Researcher Launch a Typosquatting C&C Server Campaign – WhoisXML API Analysis
• Dancho Danchev – Cyber Intelligence – Personal Memoir – Direct Download Copy Available
• Dancho Danchev’s “A Qualitative and Technical Collection OSINT-Enriched Analysis of the Iranian Hacking Scene Through the Prism of the Infamous Ashiyane Digital Security Team” Report – [PDF]
• Dancho Danchev’s “Assessing The Computer Network Operation (CNO) Capabilities of the Islamic Republic of Iran” Report – [PDF]
• Dancho Danchev’s “Astalavista Security Group – Investment Proposal” Presentation – A Photos Compilation
• Dancho Danchev’s “Building and Implementing a Successful Information Security Policy” White Paper – [PDF]
• Dancho Danchev’s “Cyber Jihad vs Cyberterrorim – Separating Hype from Reality” Presentation – [PDF]
• Dancho Danchev’s “Cyber Jihad vs Cyberterrorism – Separating Hype from Reality – A Photos Compilation
• Dancho Danchev’s “Exposing Koobface – The World’s Largest Botnet” Presentation – A Photos Compilation
• Dancho Danchev’s “Exposing Koobface – The World’s Largest Botnet” Presentation – [PDF]
• Dancho Danchev’s “Exposing the Dynamic Money Mule Recruitment Ecosystem” Presentation – A Photos Compilation
• Dancho Danchev’s “Exposing the Dynamic Money Mule Recruitment Ecosystem” Presentation – [PDF]
• Dancho Danchev’s “Intell on the Criminal Underground – Who’s Who in Cybercrime for ” Presentation – [PDF]
• Dancho Danchev’s “Intell on the Criminal Underground – Who’s Who in Cybercrime for ?” – A Photos Compilation
• Dancho Danchev’s – Cybercrime Forum Data Set – Free Direct Technical Collection Download Available – GB – [RAR]
• Dancho Danchev’s Blog – Full Offline Copy Available – Volume – [PDF]
• Dancho Danchev’s Blog – Full Offline Copy Available – Volume – [PDF]
• Dancho Danchev’s Blog – Full Offline Copy Available – Volume – [PDF]
• Dancho Danchev’s Blog – Full Offline Copy Available – Volume – [PDF]
• Dancho Danchev’s Blog – Full Offline Copy Available – Volume – [PDF]
• Dancho Danchev’s Blog – Full Offline Copy Available – Volume – [PDF]
• Dancho Danchev’s Blog – Full Offline Copy Available – Volume – [PDF]
• Dancho Danchev’s Blog – Full Offline Copy Available – Volume – [PDF]
• Dancho Danchev’s Blog – Full Offline Copy Available – Volume – [PDF]
• Dancho Danchev’s Blog – Full Offline Copy Available – Volume – [PDF]
• Dancho Danchev’s Blog – Full Offline Copy Available – Volume – [PDF]
• Dancho Danchev’s Blog – Full Offline Copy Available – Volume – [PDF]
• Dancho Danchev’s Blog – Full Offline Copy Available – Volume – [PDF]
• Dancho Danchev’s Blog – Full Offline Copy Available – Volume – [PDF]
• Dancho Danchev’s Comeback Livestream Today – Join me on Facebook Live!
• Dancho Danchev’s CV – Direct Download Copy Available
• Dancho Danchev’s Cybercrime Forum Data Set for – Upcoming Direct Technical Collection Download Available
• Dancho Danchev’s Primary Contact Points for this Project – Email/XMPP/Jabber/OMEMO and PGP Key Accounts
• Dancho Danchev’s Privacy and Security Research Compilation – Medium Account Research Compilation – [PDF]
• Dancho Danchev’s Private Party Videos – Direct Video Download Available
• Dancho Danchev’s Private Party Videos – Part Three – Direct Video Download Available
• Dancho Danchev’s Private Party Videos – Part Two – Direct Video Download Available
• Dancho Danchev’s Random Conference and Event Photos – A Compilation
• Dancho Danchev’s Random Personal Photos and Research Photos Compilation – A Compilation
• Dancho Danchev’s Research for Unit-.org – Direct Download Copy Available
• Dancho Danchev’s Research for Webroot – Direct Download Copy Available
• Dancho Danchev’s RSA Europe Conference Event Photos – A Photos Compilation
• Dancho Danchev’s Security Articles and Research for ZDNet’s Zero Day Blog – Full Offline Copy Available – [PDF]
• Dancho Danchev’s Security/OSINT/Cybercrime Research and Threat Intelligence Gathering Research Compilations – [PDF]
• Dancho Danchev’s Twitter Archive – Direct Download – [ZIP]
• Dancho Danchev’s Upcoming Cybercrime Research OSINT and Threat Intelligence Gathering E-Book Titles – Sample E-Book Covers
• Dancho Danchev’s Video Keynote Presentation – “Exposing Koobface – The World’s Largest Botnet” – Video Download Available
• Dancho Danchev’s Random Personal Photos and Research Photos Compilation – Part Three – A Compilation
• Dancho Danchev’s Random Personal Photos and Research Photos Compilation – Part Two – A Compilation
• Exposing A Virus Coding Group – An OSINT Analysis
• Exposing a Boutique Fraudulent and Rogue Cybercrime-Friendly Forum Community – WhoisXML API Analysis
• Exposing a Currently Active “Jabber ZeuS” also known as “Aqua ZeuS” Gang Personal Email Portfolio – An OSINT Analysis
• Exposing a Currently Active CoolWebSearch Rogue and Malicious Domains Portfolio – An OSINT Analysis
• Exposing a Currently Active CoolWebSearch Rogue and Malicious Domains Portfolio – Part Two – An OSINT Analysis
• Exposing a Currently Active CoolWebSearch Rogue and Malicious Domains Portfolio – Part Four – An OSINT Analysis
• Exposing a Currently Active CoolWebSearch Rogue and Malicious Domains Portfolio – Part Three – An OSINT Analysis
• Exposing a Currently Active CoolWebSearch Rogue and Malicious IPs Portfolio – An OSINT Analysis
• Exposing a Currently Active CoolWebSearch Rogue and Malicious IPs Portfolio – Part Two – An OSINT Analysis
• Exposing a Currently Active Cyber Jihad Domain Portfolio – An OSINT Analysis
• Exposing a Currently Active Cyber Jihad Domains Portfolio – WhoisXML API Analysis
• Exposing a Currently Active Cyber Jihad Social Media Twitter Accounts – An OSINT Analysis
• Exposing a Currently Active Domain Portfolio Belonging to Iran’s Mabna Hackers – An OSINT Analysis
• Exposing a Currently Active Domain Portfolio Managed and Operated by Members of the Ashiyane Digital Security Team – WhoisXML API Analysis
• Exposing a Currently Active Domain Portfolio of Currently Active High-Profile Cybercriminals Internationally – WhoisXML API Analysis
• Exposing A Currently Active Domain Portfolio of Cybercrime Friendly Forum Communities – An OSINT Analysis
• Exposing A Currently Active Domain Portfolio of Cybercrime Friendly Forum Communities – Part Two – An 
• OSINT Analysis
• Exposing A Currently Active Domain Portfolio of Cybercrime Friendly Forum Communities – Part Three – An 
• OSINT Analysis
• Exposing a Currently Active Domain Portfolio of Tech Support Scam Domains – An OSINT Analysis
• Exposing a Currently Active Free Rogue VPN Domains Portfolio Courtesy of the NSA – WhoisXML API Analysis
• Exposing a Currently Active Iran-Based Lone Hacker and Hacker Group’s Personal Web Sites Full Offline Copies – Direct Technical Collection Download – [RAR]
• Exposing a Currently Active Kaseya Ransomware Domains Portfolio – WhoisXML API Analysis
• Exposing a Currently Active Koobface Botnet C&C Server Domains Portfolio – Historical OSINT
• Exposing a Currently Active List of Iran-Based Hacker and Hacker Team’s Handles – An OSINT Analysis
• Exposing a Currently Active List of Iran-Based Hacker and Hacker Team’s Handles – Part Two – An OSINT Analysis
• Exposing a Currently Active List of Iran-Based Hacker and Hacker Team’s Handles – Part Three – An OSINT Analysis
• Exposing a Currently Active List of Iran-Based Hacker and Hacker Team’s Handles – Part Two – An OSINT Analysis
• Exposing a Currently Active Money Mule Recruitment Domain Registrant Portfolio – Historical OSINT
• Exposing a Currently Active NSO Spyware Group’s Domain Portfolio – WhoisXML API Analysis
• Exposing a Currently Active Portfolio of Personal Web Sites Belonging to Iran-Based Hackers and Hacking Teams and Groups – An OSINT Analysis
• Exposing a Currently Active Portfolio of Personal Web Sites Belonging to Iran-Based Hackers and Hacking Teams and Groups – Part Two – An OSINT Analysis
• Exposing a Currently Active Portfolio of Ransomware-Themed Protonmail Personal Email Address Accounts – An OSINT Analysis
• Exposing a Currently Active Portfolio of RAT (Remote Access Tool) C&C Server IPs and Domains – An OSINT Analysis
• Exposing a Currently Active Rock Phish Domain Portfolio – Historical OSINT
• Exposing a Currently Active SolarWinds Rogue and Malicious C&C Domains Portfolio – An OSINT Analysis
• Exposing a Currently Active WannaCry Ransomware Domains Portfolio – WhoisXML API Analysis
• Exposing a Personal Photo Portfolio of Iran Hack Security Team – An OSINT Analysis
• Exposing A Personal Photos Portfolio of Ashiyane Digital Security Group Team Members – An OSINT Analysis
• Exposing a Personal Ransomware-Themed Email Address Portfolio – An OSINT Analysis
• Exposing a Personal Ransomware-Themed Email Address Portfolio – Part Two – An OSINT Analysis
• Exposing a Portfolio of Ashiyane Digital Security Team Hacking Tools – Direct Technical Collection Download – [RAR]
• Exposing a Portfolio of Personal Photos of Iran-Based Hacker and Hacker Teams and Groups – An OSINT Analysis
• Exposing a Rogue Domain Portfolio of Fake News Sites – WhoisXML API Analysis
• Exposing Bulgarian Cyber Army Hacking Group – An OSINT Analysis
• Exposing HackPhreak Hacking Group – An OSINT Analysis
• Exposing Personally Identifiable Information on Ashiyane Digital Security Group Team Members – An OSINT Analysis
• Exposing Random Koobface Botnet Related Screenshots – An OSINT Analysis
• Exposing Team Code Zero Hacking Group – An OSINT Analysis
• From the “Definitely Busted” Department – A Compilation of Personally Identifiable Information on Various Cyber Threat Actors Internationally – An OSINT Analysis – [PDF]
• Introducing Astalavista.box.sk’s “Threat Crawler” Project – Earn Cryptocurrency for Catching the Bad Guys – Hardware Version Available
• Introducing Dancho Danchevs’s “Blog” Android Mobile Application – Google Play Version Available
• Malware – Future Trends – Research Paper – Copy
• Person on the U.S Secret Service Most Wanted Cybercriminals Identified Runs a Black Energy DDoS Botnet – 
• WhoisXML API
• Profiling a Currently Active CoolWebSearch Domains Portfolio – WhoisXML API Analysis
• Profiling a Currently Active Domain Portfolio of Fake Job Proposition and Pharmaceutical Scam Domains – An OSINT Analysis
• Profiling a Currently Active Domain Portfolio of Pay-Per-Install Rogue and Fraudulent Affiliate Network Domains – An OSINT Analysis
• Profiling a Currently Active Personal Email Address Portfolio of Members of Iran’s Ashiyane Digital Security Team – An OSINT Analysis
• Profiling a Currently Active Personal Email Addresses Portfolio Operated by Cybercriminals Internationally – An OSINT Analysis
• Profiling a Currently Active Portfolio of Rogue and Malicious Domains – An OSINT Analysis
• Profiling a Currently Active Portfolio of Scareware and Malicious Domain Registrants – Historical OSINT
• Profiling a Currently Active Portfolio of Scareware Domains – Historical OSINT
• Profiling a Currently Active Portfolio of Spam Domains that Hit ZDNet.com Circa – An OSINT Analysis
• Profiling a Currently Active Scareware Domains Portfolio – An OSINT Analysis
• Profiling a Money Mule Recruitment Registrant Emails Portfolio – WhoisXML API Analysis
• Profiling a Portfolio of Cybercriminal Email Addresses – WhoisXML API Analysis
• Profiling a Portfolio of Personal Photos Courtesy of Koobface Botnet Master Anton Korotchenko – An OSINT Analysis
• Profiling a Portfolio of Personal Photos of Behrooz Kamalian Team Member of Ashiyane Digital Security Team – An OSINT Analysis
• Profiling a Portfolio of Personally Identifiable OSINT Artifacts from Law Enforcement and OSINT Operation “Uncle George” – An OSINT Analysis
• Profiling a Rogue Fast-Flux Botnet Infrastructure Currently Hosting Multiple Online Cybercrime Enterprises – WhoisXML API Analysis
• Profiling Iran’s Hacking Scene Using Maltego – A Practical Case Study and a Qualitative Approach – An Analysis
• Profiling Russia’s U.S Election Interference – WhoisXML API Analysis
• Profiling the “Jabber ZeuS” Rogue Botnet Enterprise – WhoisXML API Analysis
• Profiling the Emotet Botnet C&C Infrastructure – An OSINT Analysis
• Profiling the Internet Connected Infrastructure of the Individuals on the U.S Sanctions List –WhoisXML API Analysis
• Profiling the Liberty Front Press Network Online – WhoisXML API Analysis
• Profiling the U.S Election Interference – An OSINT Analysis
• Random Photos from the “Lab” Circa up to Present Day – A Compilation
• Sample Random Cybercrime Ecosystem Screenshots – A Compilation of Images – Direct Technical Collection Download – An Analysis
• Sample Random Cybercrime Ecosystem Screenshots – A Compilation of , Images – An Analysis
• Sample Random Cybercrime Ecosystem Screenshots – A Compilation of , Images – An Analysis
• Sample Random Cybercrime Ecosystem Screenshots – A Compilation of Images – An Analysis
• Security Researchers Targeted in Spear Phishing Campaign – WhoisXML API Analysis
• Shots from the Wild West – Random Cybercrime Ecosystem Screenshots – An OSINT Analysis – Part Three
• The Pareto Botnet – Advanced Cross-Platform Android Malware Using Amazon AWS Spotted in the Wild – WhoisXML API Analysis
• Who’s Behind the Conficker Botnet? – WhoisXML API Analysis
• Who’s on Twitter?

Stay tuned!

Continue reading →