Dancho Danchev

In my most recent analysis on the Conti Ransomware Gang I established a direct connection between a Russia based rap and hip hop recording studio and members of the Conti Ransomware Gang. The following attribution analysis aims to provide an in-depth including an additional set of related comments and elaboration including never-discussed or published beforeRead More

Just came across to this and I decided to elaborate. Primary URL: hxxp://crimemarket.is – 188.114.97.2; 188.114.96.2 Related URLs:hxxp://cm-status.nethxxp://crime.cm – Email: crimecf@protonmail.comhxxp://crime-market.cc Related domain registrations done by individuals related to Crimemarket include: hxxp://skylabs-heidelberg[.]comhxxp://hevostat[.]bizhxxp://inteli-geek[.]comhxxp://freemobilehacks[.]comhxxp://webmonetizing[.]comhxxp://freshteengalleries[.]comhxxp://freshteentubex[.]comhxxp://pzfloor[.]com – Email: heikopetzold82@googlemail.comhxxp://hevostat[.]comhxxp://skylabs-heidelberg[.]nethxxp://cm-status[.]cnhxxp://crimemarket[.]cn hxxp://topnulled[.]com – Email: tn.warez@gmail.com – hxxp://nulledhard[.]com; hxxp://tunistuff[.]com; hxxp://0dayscripts[.]com – MD5: 2fa9723f4dd806d3313e800e2b107a52hxxp://xxxchili[.]comhxxp://upvote-me[.]comhxxp://adult-bunny[.]comhxxp://freshxtube[.]comhxxp://allabouthentai[.]comhxxp://mylittleasiancutie[.]comhxxp://nasty-nuts[.]com hxxp://coregamerz[.]nethxxp://the4s[.]athxxp://nastynetwork[.]nethxxp://nastynut[.]comhxxp://freshteen18[.]comhxxp://tattoo-trend[.]comhxxp://red-fap[.]comhxxp://topvidx[.]com  Related domain registrations using heikopetzold82@googlemail.com include:hxxp://mylittleasiancutie[.]comhxxp://nasty-nuts[.]comhxxp://inteli-geek[.]comhxxp://freemobilehacks[.]comhxxp://webmonetizing[.]comhxxp://freshteengalleries[.]comhxxp://freshteentubex[.]comhxxp://red-fap[.]comhxxp://topvidx[.]comhxxp://topnulled[.]comhxxp://xxxchili[.]com hxxp://upvote-me[.]comhxxp://adult-bunny[.]comhxxp://freshxtube[.]comhxxp://allabouthentai[.]comhxxp://coregamerz[.]nethxxp://nastynetwork[.]nethxxp://nastynut[.]comhxxp://freshteen18[.]comhxxp://tattoo-trend[.]com RelatedRead More

Everything that has to be found has already been found somewhere online. In this analysis I’ll profile FBI’s Most Wanted Ahmad Khatibi and offer an in-depth peek inside his Afkar System company. URL: hxxp://www.afkarsystem.com; hxxp//afkarsystem.ir Mobile +983537254322 Email: khatibi2007[.]yahoo.com Facebook account – hxxp://www.facebook.com/ahmad.khatibi.35 URL: hxxp://afkarsystem.com – Email: khatibi2006[.]yahoo.com; am_taghavi[.]yahoo.com hxxp://nsrmeeting.org; hxxp://rmtomeeting.com – Email: khatibi2006[.]http://yahoo.com hxxp://ircrafts.comRead More

Since 2021 as a part of an in-house research and capability building project I’ve been collecting tons of publicly accessible only cybercrime forum information data where I aimed at building the actual volume for this project which currently amounts to 1.5TB of actionable intelligence on current and historical cybercrime and cybercriminal activity where I aimRead More

Since 2021 as a part of an in-house research and capability building project we’ve been collecting tons of publicly accessible only cybercrime forum information data where we aimed at building the actual volume for this project which currently amounts to 1.5TB of actionable intelligence on current and historical cybercrime and cybercriminal activity where we aimRead More

This just in. Here’s the analysis.        hxxp://www.warzone.ws/ Personal emails: solmyr@warzone.ws; ebase03@hotmail.com XMPP/Jabber ID: solmyr@xmpp.jp Telegram: solwz; sammysamwarzone Skype: vuln.hf Facebook account: https://www.facebook.com/il.meli.5 Sample photos of Warzone RAT (Remote Access Tool): Sample photos of Daniel Meli:

Writing dipshit “poetry” and singing it “all” constitutes illegal and dipshit activity. Guess what? You’re somehow supposed to be master of it.

From the “we’ hate you. “We” don’t want to see you. You don’t exist and we don’t want to see or hear anything about you department. Cheers!

My latest white paper for WhoisXML API. The popular cybercrime-friendly xDedic service was recently shut down and in this analysis we’ll take an in-depth look inside the Internet-connected infrastructure of the xDedic cybercrime-friendly enterprise and will offer practical and relevant technical insights making it easier for fellow researchers vendors and law enforcement to keep trackRead More

I recently came across to another image courtesy of Conti ransomware gang’s internal and publicly accessible leaked communication which I data mined with the idea to come up with a proper analysis and connect the dots which in this case appear that a member of the Conti ransomware gang who’s responsible for their advertising andRead More