protectyournet.blogspot.com
ProtectYourNet: November 2014
http://protectyournet.blogspot.com/2014_11_01_archive.html
Researching cybercrime and malware. Tuesday, November 11, 2014. Torrentlocker (Crytolocker) Ransomware Campaign - Oct/Nov 2014. Is a type of malware which restricts access to the computer system that it infects, and demands a ransom paid to the creator(s) of the malware in order for the restriction to be removed. In mid October, 2014, a ransomware. Campaign using a new variant of CryptoLocker was launched. At the time of this post, the campaign is still active. To criminal clients so they can then run th...
protectyournet.blogspot.com
ProtectYourNet: July 2014
http://protectyournet.blogspot.com/2014_07_01_archive.html
Researching cybercrime and malware. Saturday, July 26, 2014. National Bargaining Council for the Electrical Industry of South Africa. Bargaining councils are formed by registered trade unions and employers’ organisations. They deal with collective agreements, attempt to solve labour disputes, and make proposals on labour policies and laws. As well, they may administer pension funds, sick pay, unemployment and training schemes, and other such benefits for their members. Friday, July 25, 2014. Body{color:#...
protectyournet.blogspot.com
ProtectYourNet: ZeuS / Citadel / KINS
http://protectyournet.blogspot.com/2015/06/zeus-citadel-kins.html
Researching cybercrime and malware. Friday, June 26, 2015. ZeuS / Citadel / KINS. Hacking botnet panels on ZeusTracker. Https:/ zeustracker.abuse.ch/monitor.php? Https:/ zeustracker.abuse.ch/monitor.php? Host=167.88.15.203. Https:/ zeustracker.abuse.ch/monitor.php? Subscribe to: Post Comments (Atom). ZeuS / Citadel / KINS. Email: patrick.patriq [at] gmail.com. Awesome Inc. theme. Powered by Blogger.
protectyournet.blogspot.com
ProtectYourNet: SuperDed
http://protectyournet.blogspot.com/2015/03/superded.html
Researching cybercrime and malware. Sunday, March 29, 2015. This research has been sitting around on my computer for a while, I think its time to share it. Nothing too interesting. SuperDed, 'ded' meaning dedicated server,. Or in this case hacked dedicated server,. Is a black market shop that sells access credentials to hacked servers. This shop is similar to the RDP-Shop. Screenshots of some active accounts:. Belongs to a young man named Parwez Jabarkhil. Labels: hacked server farmer.
protectyournet.blogspot.com
ProtectYourNet: FatherDeal Carding Shop
http://protectyournet.blogspot.com/2015/07/fatherdeal-carding-shop.html
Researching cybercrime and malware. Sunday, July 19, 2015. This site has been on my carding shop list. According to whois records, the site was registered: 27-mar-2012. I recently had the opportunity to revisit the site one last time. While it was still online I gained administrative access to the site and had a look at the internal workings. We sell 100% Dumps, Tools. BankLogins, Paypal verified, Credit Cards. Members Login. Create Account Forget Password. Email Address:. CC (1996 * 2.50 =) $4990. Asmar...
protectyournet.blogspot.com
ProtectYourNet: May 2015
http://protectyournet.blogspot.com/2015_05_01_archive.html
Researching cybercrime and malware. Tuesday, May 12, 2015. Deanonymizing Tor - TCF 2.0. Your Ultimate Source to the Carding and Fraud World. Hidden Address: ba6i2qxajcioadj4.onion. Real Address: 185.10.57.137. Is a strategy in data mining in which anonymous data is cross-referenced with other sources of data to re-identify the anonymous data source.". TCF v2 is more than likely run by spooks. Have fun in jail. Subscribe to: Posts (Atom). Deanonymizing Tor - TCF 2.0.
protectyournet.blogspot.com
ProtectYourNet: Deanonymizing Tor - TCF 2.0
http://protectyournet.blogspot.com/2015/05/deanonymizing-tor-tcf-20.html
Researching cybercrime and malware. Tuesday, May 12, 2015. Deanonymizing Tor - TCF 2.0. Your Ultimate Source to the Carding and Fraud World. Hidden Address: ba6i2qxajcioadj4.onion. Real Address: 185.10.57.137. Is a strategy in data mining in which anonymous data is cross-referenced with other sources of data to re-identify the anonymous data source.". TCF v2 is more than likely run by spooks. Have fun in jail. Subscribe to: Post Comments (Atom). Deanonymizing Tor - TCF 2.0.
protectyournet.blogspot.com
ProtectYourNet: php shells
http://protectyournet.blogspot.com/2015/02/php-shells.html
Researching cybercrime and malware. Thursday, February 19, 2015. Some shells I found along the way. Cmd shell, mysql, passwd brute. RC-SHELL v2.0.2011.1009. Cmd shell, mysql, portscan, mailer, process manager, ftp client. DefaCeR - InDonesiaN - minang.cyber.team. BCA Private Shell - Bangladesh Cyber Army. Cmd shell, file uploader. CiH H@CkErZ CiH99 v8.2 2014. Fuck All System :. Sql Manager (Indonesian word 'masuk' = login). JoJo Levesque - oh you little wanna be whore. X00x Config's Grabber By DamaneDz.
protectyournet.blogspot.com
ProtectYourNet: June 2015
http://protectyournet.blogspot.com/2015_06_01_archive.html
Researching cybercrime and malware. Friday, June 26, 2015. ZeuS / Citadel / KINS. Hacking botnet panels on ZeusTracker. Https:/ zeustracker.abuse.ch/monitor.php? Https:/ zeustracker.abuse.ch/monitor.php? Host=167.88.15.203. Https:/ zeustracker.abuse.ch/monitor.php? Subscribe to: Posts (Atom). ZeuS / Citadel / KINS. Email: patrick.patriq [at] gmail.com. Awesome Inc. theme. Powered by Blogger.
protectyournet.blogspot.com
ProtectYourNet: Perpetrator Profile - Parwez Jabarkhil (Kabul, Afghanistan)
http://protectyournet.blogspot.com/2014/11/perpetrator-profile-parwez-jabarkhil.html
Researching cybercrime and malware. Monday, November 3, 2014. Perpetrator Profile - Parwez Jabarkhil (Kabul, Afghanistan). One of the first 20 members of RDP-Shop.RU. Joined in 2013 and never used according to logs) a shop selling access to hacked servers. He is however a prolific customer of SuperDED.org, another shop selling illegal access to hacked servers for customers to use for shady activities, see below. Inetnum: 175.106.48.0 - 175.106.55.255. Purchased access to hacked servers.
