Author Archives: Dancho Danchev

Dear blog readers,In this post I’ll provide actionable intelligence based on the research and analysis which I posted in my previous “Dissecting the RAMP (Russian Anonymous Marketplace) Ransomware Forum – An Analysis” blog post and will provide actiona… Continue reading A Domains Portfolio Belonging to RAMP (Russian Anonymous Marketplace) Forum Members – A Compilation→

Dear blog readers,In this post I’ll provide actionable intelligence on all the BitCoin wallet addresses from the RAMP (Russian Anonymous Marketplace) forum members with the idea to assist the security community fellow researchers and U.S Law Enforcemen… Continue reading A Compilation of BitCoin Wallet Addresses from the RAMP (Russian Anonymous Marketplace) Forum Members – A Compilation→

Dear blog readers,Continuing my previous post “Dissecting the RAMP (Russian Anonymous Marketplace) Ransomware Forum – An Analysis” I this post I’ll provide actionable cyber threat actor attribution intelligence and personally identifiable information o… Continue reading A Compilation of Personally Identifiable Email Address Accounts Belonging to RAMP (Russian Anonymous Marketplace) Forum – A Compilation→

Dear blog readers, Continuing the “When Data Mining Conti Leaks Leads to Actual Binaries and to a Hardcoded C2 With an Encryption Key on Tripod.com – Part Two” blog post series in this post I’ll continue analyzing the next malicious software binar… Continue reading When Data Mining Conti Leaks Leads to Actual Binaries and to a Hardcoded C2 With an Encryption Key on Tripod.com – Part Three→

Dear blog readers,I recently took the time and effort and do some research on the recently made public Coruna iOS iPhone client-side exploits serving web malware exploitation kits.Here are the details.Related MD5s for the javascript detected payload:MD… Continue reading IoCs (Indicators of Compromise) for the Coruna iOS iPhone Web Malware Client Side Exploits Serving Web Malware Exploitation Kit→

Dear blog readers,Continuing the second part of my original “When Data Mining Conti Leaks Leads to Actual Binaries and to a Hardcoded C2 With an Encryption Key on Tripod.com – Part Two” post in this second post I’ll proceed and move on with the next Co… Continue reading When Data Mining Conti Leaks Leads to Actual Binaries and to a Hardcoded C2 With an Encryption Key on Tripod.com – Part Two→

Dear blog readers,I just did the impossible but I’ll leave a set of photos and personally identifiable information about RAMP (Russian Anonymous Marketplace) Ransomware Forum to speak for itself.     Sample screenshots from my … Continue reading Dissecting the RAMP (Russian Anonymous Marketplace) Ransomware Forum – An Analysis→

Dear blog readers,This is Dancho.I’ve spent the past week working on a very important personal project where I’m using 100% Google Gemini Python generated code to achieve my objectives with a lot of success.However the time has come to seek a professio… Continue reading Looking for a Python Developer or a Team of Python Developers→

Dear blog readers,Do you remember the Koobface botnet? And did you know that the Koobface botnet master KrotReal used to maintain a legitimate Facebook account back in 2011 at the peak of the Koobface botnet that no one has ever referenced or possibly … Continue reading Where Is Anton Nikolaevich Korotchenko (Антон Николаевич Коротченко) Also Known as Koobface Botnet Master KrotReal? – Part Five→

In this just obtained video in my line of inspiration and work you can basically see everything you ever wanted to see about the Yekaterinburg’s based Plastika Recording Studio and Linkvil (Евгений Самсонов) and basically get a better picture of the in… Continue reading Inside the Yekaterinburg’s Based Plastika Recording Studio – The Primary Producer of Conti Ransomware Gang’s Marketing and Advertising Creative→