![]() Warning: Menacing BlackHole Exploit Kit Targeting Windows. While most malware not only exploits cracks in software and. I’ve got the black hole thing. Black Market Cost. The license includes free software updates for the duration of the contract. Microsoft Won't Patch a Severe Skype Vulnerability Anytime Soon. STARRESOFT - Black Hole Organizer Software - A free-form, web enabled information and document manager - Free 30 day Trial Download Available - See for yourself. In early August 2017, FBI agents in Las Vegas arrested 23-year-old British security researcher Marcus Hutchins on suspicion of authoring and/or selling “ Kronos,” a strain of malware designed to steal online banking credentials. Hutchins was virtually unknown to most in the security community until May 2017 when the U.K. Media revealed him as the “accidental hero” who inadvertently halted the global spread of, a ransomware contagion that had taken the world by storm just days before. Relatively few knew it before his arrest, but Hutchins has for many years authored the popular cybersecurity blog. When this fact became more widely known — combined with his hero status for halting Wannacry — a great many MalwareTech readers quickly leapt to his defense to denounce his arrest. Software Vulnerability Scanner![]() Software Vulnerability DefinitionThey reasoned that the government’s case was built on flimsy and scant evidence, noting that Hutchins has worked tirelessly to expose cybercriminals and their malicious tools. To date, some 226 supporters have to his defense fund. Marcus Hutchins, just after he was revealed as the security expert who stopped the WannaCry worm. Image: twitter.com/malwaretechblog At first, I did not believe the charges against Hutchins would hold up under scrutiny. Asme boiler and pressure vessel pdf. But as I began to dig deeper into the history tied to dozens of hacker forum pseudonyms, email addresses and domains he apparently used over the past decade, a very different picture began to emerge. In this post, I will attempt to describe and illustrate more than three weeks’ worth of connecting the dots from what appear to be Hutchins’ earliest hacker forum accounts to his real-life identity. The clues suggest that Hutchins began developing and selling malware in his mid-teens — only to later develop a change of heart and earnestly endeavor to leave that part of his life squarely in the rearview mirror. GH0STHOSTING/IARKEY I began this investigation with a simple search of domain name registration records at domaintools.com [full disclosure: Domain Tools recently was an advertiser on this site]. A search for “Marcus Hutchins” turned up a half dozen domains registered to a U.K. Resident by the same name who supplied the email address “ [email protected].” One of those domains — Gh0sthosting[dot]com (the third character in that domain is a zero) — corresponds to a hosting service that was advertised and sold circa 2009-2010 on, a massively popular forum overrun with young, impressionable men who desperately wish to be elite coders or hackers (or at least recognized as such by their peers). The [email protected] address tied to Gh0sthosting’s initial domain registration records also was used to named Iarkey that listed its alias as “Marcus.” A registered in 2009 under the nickname “Iarkey” points to Gh0sthosting[dot]com. Gh0sthosting was sold by a Hackforums user who used the same Iarkey nickname, and in 2009 Iarkey told fellow Hackforums users in a sales thread for his business that Gh0sthosting was “mainly for blackhats wanting to phish.” In a separate post just a few days apart from that sales thread, Iarkey, and in another he confirms that his email address is [email protected]. A review of the historic reputation tied to the Gh0sthosting domain suggests that at least some customers took Iarkey up on his offer: Malwaredomainlist.com, for example, that around this same time in 2009 Gh0sthosting was observed hosting plenty of malware, including trojan horse programs, phishing pages and malware exploits. A “reverse WHOIS” search at Domaintools.com shows that Iarkey’s surfallday2day email address was used initially to register several other domains, including uploadwith[dot]us and thecodebases[dot]com. Shortly after registering Gh0sthosting and other domains tied to his [email protected] address, Iarkey evidently thought better of including his real name and email address in his domain name registration records. Thecodebases[dot]com, for example, changed its WHOIS ownership to a “James Green” in the U.K., and switched the email to “ [email protected].” A reverse WHOIS lookup at domaintools.com for that email address shows it was used to register a Hackforums parody (or phishing?) site called Heckforums[dot]net. The domain records showed this address was tied to a Hackforums clique called “ Atthackers.” The records also listed a Michael Chanata from Florida as the owner. We’ll come back to Michael Chanata and Atthackers at the end of this post. Paunch, the accused creator of the Blackhole Exploit Kit, stands in front of his Porsche Cayenne.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |