Author Archives: Dancho Danchev

Dear blog readers,Today marks our Astalavista.com Second Official Re-Launch. Visit the infamous cybersecurity forum community grab an account and become a subscriber. We’re looking forward to seeing you there. Our official relaunch video:Our official 2… Continue reading Astalavista.com – Second Official Re-Launch→

Dear blog readers,In this post I’ll provide related actionable intelligence based on the recent LockBit compromise in terms of all of their Dark Web Onion URLs based on their publicly accessible and leaked internal communication.Related:Exposing the Bl… Continue reading A Full List of Dark Web Onion URLs from the recent LockBit Compromise→

Dear blog readers,The following is a full list of all the LockBit BitCoin addresses found based on publicly accessible information based on the recent LockBit Compromise.Full list of LockBit BitCoin addresses:bc1q0004tm3jp5hrzhykry9wrte494lh7yshn4t9rkb… Continue reading A Full List of BitCoin Addresses from the Recent Lockbit Compromise→

Based on the recently released Bybit Investigation documents I was able to obtain the malicious javascript in question and I decided to dig a little bit deeper into its inner workings and try to provide actionable intelligence on the topic and who the … Continue reading Dissecting the Bybit Cryptocurrency Exchange Malicious UI Spoofing Javascript→

UPDATED:Exposing the Black Basta Ransomware GroupExposing the Black Basta Ransomware Group – Part TwoExposing the Black Basta Ransomware Group – Part Three Dear blog readers,The following are all of Black Basta’s BitCoin addresses and BitCoin transacti… Continue reading Exposing the Black Basta Ransomware Group – Part Four→

UPDATED:Exposing the Black Basta Ransomware GroupExposing the Black Basta Ransomware Group – Part TwoDear blog readers,I’ve decided to post yet another post elaboration on the recently leaked Black Basta ransomware group’s internal leaked communication… Continue reading Exposing the Black Basta Ransomware Group – Part Three→

UPDATED:Exposing the Black Basta Ransomware GroupExposing the Black Basta Ransomware Group – Part Three Dear blog readers,I just picked up the Black Basta Ransomware group’s internal leaked communication which is now publicly accessible and available f… Continue reading Exposing the Black Basta Ransowmare Group – Part Two→

UPDATED:Exposing the Black Basta Ransomware Group – Part TwoExposing the Black Basta Ransomware Group – Part ThreeAn image is worth a thousand words.Sample photos: Continue reading Exposing the Black Basta Ransomware Group→

Dear blog readers,In this post I decided to take a look at the hxxp://ispoof.cc cybercrime enterprise in terms of providing actionable intelligence on its Internet connected infrastructure.Sample known responding IPs:116.203.61.96104.26.14.153172.67.75… Continue reading Profiling the iSpoof Cybercrime Enterprise→

Dear blog readers,In this post I’ll provide some actionable intelligence on the current state of active BitCoin Mixers landscape with the idea to assist everyone on their way to properly attribute a fraudulent or malicious transaction or to dig a littl… Continue reading A Peek Inside the Current State of BitCoin Mixers→