Exposing Russia's Most Wanted Cybercriminals - An OSINT Analysis

Dancho Danchev's Primary Contact Points - 2019

Dear blog readers, in this post I'll provide and feature my primary contact points for 2019 in order for you to approach me regarding possible research feedback research requests job career opportunities and possible event presentations.

Users interested in approaching me regarding a possible participation in classified or sensitive projects including possible job career opportunities and Threat Data access requests can approach me at - dancho.danchev@hush.com

Looking forward to hearing from you!

Enjoy!

New Commercial Security Research OSINT Cybercrime Research and Threat Intelligence Gathering Services Portfolio Available On Demand!

Dear blog readers,

I wanted to let everyone know of a currently active commercial portfolio of services that I'm publicly offering for the purpose of reaching out to colleagues and friends including companies vendors and organizations who might be interested in working with me for the purpose of obtaining access to never-published before Security Research analysis reports briefs podcasts and various other commercially obtainable virtual and cyber assets that you and your organization can take advantage of.

Approach me at - dancho.danchev@hush.com today to discuss!

Key Commercial Services that I'm currently offering include:

• Security Services
• OSINT Services
• Hacking Services
• Intelligence Services
• Geopolitical Services

Including the following commercial services available on Patreon Community:

• Real-Time Security Consultation
• Security Newsletter
• Cybercrime Blog Post
• Security Podcast
• Malware Analysis
• Threat Intelligence Analysis
• Security Workshop
• OSINT Analysis
• Geopolitical Analysis
• Threat Actor Profiling
• National Security Analysis
• Cyber Jihad Analysis
• Dark Web Intelligence and OSINT Analysis
• Security Presentation
• Cyber Security Business Development
• Red Team Penetration Testing Assessment
• Blue Team Penetration Testing Assessment
• Target of Opportunity Targeting
• Cybercrime Forum Monitoring
• Underground Chatter Monitoring
• Network Deception Consultation
• Military Scenario Building
• Cyber Warfare Scenario Building
• OSINT Enrichment and Data Mining
• Cyber Warfare Program Estimation
• Weapons System Analysis
• Cyber SIGINT and Cyber Assets Discovery

Stay tuned!

Announcing Law Enforcement and OSINT Intelligence Operation "Uncle George" - Join Me Today!

This summary is not available. Please click here to view the post.

Historical OSINT - Gmail's CAPTCHA Under Fire

http://www.castlecops.com/t192663-http_69_61_99_66_3_php.html
http://www.robtex.com/cnet/208.72.168.html

http://www.secureworks.com/research/threats/ozdok/?threat=ozdok
aaauaa.info - same netblock

faq.890m.com

208.72.168.140 8181
http://threatexpert.com/reports.aspx?find=208.72.168.40

208.72.168.40 on port 533

http://threatexpert.com/reports.aspx?find=208.72.168

208.72.168.40/404.txt
208.72.168.40/cr.dat

Result: 22/28 (78.58%) Trojan.Proxy.Saturn.F
File size: 36864 bytes
MD5: 49e23bdba56e0a52578341181b4faf7b
SHA1: 50fb2726dec1efb15723d93db8dce1a60df676a5

208.72.169.54
208.72.169.55
208.72.169.15
208.72.168.52
208.72.168.97
208.72.169.15
208.72.168.164
208.72.168.76

centerkras-tv.tv
iloveeverybody.kz
iloveeverybody.tj
lansetcommunication.info
lansetcommunication.biz
lanset2007.com
centerkras-tv.name
centerkras-tv.info
centerkras-tv.biz

vaznyjdomen.info
http://vaznyjdomen.info/affcgi/online.fcgi?20199:0
http://vaznyjdomen.info/gallery20199/xpsystem/rxs.ini.php
http://lyalyabum.info/affcgi/online.fcgi?20199:0
http://lyalyabum.info/gallery20199/xpsystem/rxs.ini.php
http://lohotronschik.info/affcgi/online.fcgi?20199:0
http://lohotronschik.info/gallery20199/xpsystem/rxs.ini.php
http://lyalyabum.info/affcgi/try.fcgi?20199
http://vaznyjdomen.info/affiliate/interface3.php?userid=20199
http://vaznyjdomen.info/affiliate/interface3.php?userid=20199
http://vaznyjdomen.info/affcgi/online.fcgi?20199:1
http://vaznyjdomen.info/xxmm.exe
http://lyalyabum.info/affcgi/online.fcgi?20199:1
http://lyalyabum.info/xxmm.exe
http://lohotronschik.info/affcgi/online.fcgi?20199:1
http://lohotronschik.info/xxmm.exe

Historical OSINT - Dancho Danchev's Media and News Coverage - 2008-2013

Dear blog readers I wanted to take the time and effort and summarize all the currently related news media articles referencing me and my research throughout the period - 2008-2013 and wanted to express my gratitude to everyone who approached me seeking my assistance in an upcoming news article including those who participated in the search for me circa 2010 and I wanted to let everyone know that users interested in approaching me regarding potential news stories including conference presentations and possible threat intell requests can approach me at disruptive.individuals@gmail.com

Stay tuned!

Research and News Articles covering my research and referencing me throughout - 2008:

• Russian hacker 'militia' mobilizes to attack Georgia
• Fraudsters Target Facebook With Phishing Scam 
• Fake Microsoft e-mail contains Trojan virus
• Hackers expand massive IFRAME attack to prime sites
• Hackers infiltrate Google searches
• Hackers expand massive IFrame attack to prime sites
• Hackers knocked Comcast.net offline
• Adobe investigates Flash Player attacks
• High-tech bank robbers phone it in
• Attackers booby-trap searches at top Web sites
• Carpet bombing networks in cyberspace
• Storm worm e-mail says U.S. attacked Iran
• India's underground CAPTCHA-breaking economy
• Domain Name Record Altered to Hack Comcast.net
• Google searchers could end up with a new type of bug
• Ongoing IFrame attack proving difficult to kill
• Hackers expand massive IFRAME attack to prime sites
• Danchev: The small pack Web malware exploitation kit
• Danchev: Massive SQL injection the Chinese way
• CAPTCHAs are dead - new research from Dancho Danchev confirms it
• Hackers infiltrate Google searches
• Massive faux-CNN spam blitz uses legit sites to deliver fake Flash
• Faked CNN spam blitz pushes fake Flash
• Danchev: Anti-fraud site DDOS attack
• Sony PlayStation site victim of SQL-injection attack
• Fake CNN Alert Still Spreading Malware
• Look Ma, I'm on CIA.gov

Research and News Articles covering my research and referencing me throughout - 2009:

• Green Dam exploit in the wild
• “In gaz we trust”: a fake Russian energy company facilitating cybercrime
• Don’t pay your ransom via SMS
• NYT scareware scam linked to click fraud botnet
• Danchev: A crimeware developer's to-do list
• Danchev rained on my scareware campaign
• Is “aggregate-and-forget” the future of cyber-extortion?
• NYT scareware scam linked to click fraud botnet
• Microsoft declares war on 'scareware'
• Don’t pay your ransom via SMS
• Twitter warms up malware filter
• What's really the safest Web Browser?
• With Unrest in Iran, Cyber-attacks Begin
• Zeus bot found using Amazon's EC2 as C&C server

Research and News Articles covering my research and referencing me throughout - 2010:

• Firefox add-on encrypts sessions with Facebook, Twitter
• Watch out for malware with those pretty Mac screensavers
• Months-old Skype vulnerability exploited in the wild
• Danchev: Money mule recruiters
• Cybercrime's bulletproof hosting exposed
• Malware Threatens to Sue BitTorrent Downloaders
• Firefox add-on encrypts sessions with Facebook, Twitter
• Chuck Norris Botnet Karate-chops Routers Hard

Research and News Articles covering my research and referencing me throughout - 2011:

• Kaspersky disputes McAfee's Shady Rat report
• Has EV-SSL Growth Been Slow?
• Report: Vishing Attack Targets Skype Users

Research and News Articles covering my research and referencing me throughout - 2012:

• Fake UPS notices deliver malware
• ZeuS/Zbot Trojan Spread Through Rogue US Airways Email
• New Skype malware threat reported: Poison Ivy
• Five Koobface botnet suspects named by New York Times
• Virtual jihad: How real is the threat?
• Is the death knell sounding for traditional antivirus?
• Can the Nuclear exploit kit dethrone Blackhole?
• Experts split over regulation for bounty-hunting bug sniffers
• Spammers Using Fake YouTube Notifications to Peddle Drugs
• Adele Bests Adderall As Affiliate Spammers Offer Music Downloads
• Bulgarian sleuth unveils botnet operators
• Fake PayPal Emails Distributing Malware
• Web Gang Operating in the Open
• ZeuS/Zbot Trojan Spread Through Rogue US Airways Email
• Buy 500 hacked Twitter accounts for less than a pint
• NBC.com Hacked, Infected With Citadel Trojan

Research and News Articles covering my research and referencing me throughout - 2013:

• How Much Does A Botnet Cost?
• Automated YouTube account generator offered to cyber crooks
• Upgraded Modular Malware Platform Released in Black Market
• Deconstructing the Al-Qassam Cyber Fighters Assault on US Banks
• NBC hack infects visitors in 'drive by' cyberattack
• Bitcoins are being traded for hack tools
• New DIY Google Dorks Based Hacking Tool Released
• Hacking The TDoS Attack
• Mass website hacking tool alerts to dangers of Google dorks
• Cybercrime service automates creation of fake scanned IDs
• Spammers unleash DIY phone number slurping web tool
• Spam email contains malware, not Apple gift card
• APT1, that scary cyber-Cold War gang: Not even China's best
• Mass website hacking tool alerts to dangers of Google dorks
• C&C PHP script for staging DDoS attacks sold on underground forums
• Russian Malware-as-a-Service Offers Up Server Rentals for $240 a Pop
• Java exploit kit sells for $40 per day
• Buggy DIY botnet tool leaks in black market
• New DIY Google Dorks Based Hacking Tool Released
• Botnets for rent, criminal services sold in the underground market
• Spam email contains malware, not Apple gift card