Showing posts with label https://www.facebook.com/Ethhicalhacking/. Show all posts
Showing posts with label https://www.facebook.com/Ethhicalhacking/. Show all posts

Monday, June 20, 2022

Authorities Shut Down Russian RSOCKS Botnet That Hacked Millions of Devices

 


The U.S. Department of Justice (DoJ) on Thursday disclosed that it took down the infrastructure associated with a Russian botnet known as RSOCKS in collaboration with law enforcement partners in Germany, the Netherlands, and the U.K.

The botnet, operated by a sophisticated cybercrime organization, is believed to have ensnared millions of internet-connected devices, including Internet of Things (IoT) devices, Android phones, and computers for use as a proxy service.

Botnets, a constantly evolving threat, are networks of hijacked computer devices that are under the control of a single attacking party and are used to facilitate a variety of large-scale cyber intrusions such as distributed denial-of-service (DDoS) attacks, email spam, and cryptojacking.

"The RSOCKS botnet offered its clients access to IP addresses assigned to devices that had been hacked," the DoJ said in a press release. "The owners of these devices did not give the RSOCKS operator(s) authority to access their devices in order to use their IP addresses and route internet traffic."

Besides home businesses and individuals, several large public and private entities, including a university, a hotel, a television studio, and an electronics manufacturer, have been victimized by the botnet to date, the prosecutors said.

Customers wanting to avail proxies from RSOCKS could rent access via a web-based storefront for different time periods at various price points ranging from $30 per day for access to 2,000 proxies to $200 per day for access to 90,000 proxies.

Once purchased, criminal actors could then redirect malicious internet traffic through the IP addresses associated with the compromised victim devices to conceal their true intent, which was to carry out credential stuffing attacks, access compromised social media accounts, and send out phishing messages.

The action is the culmination of an undercover operation mounted by the Federal Bureau of Investigation (FBI) in early 2017, when it made covert purchases from RSOCKS to map out its infrastructure and its victims, allowing it to determine roughly 325,000 infected devices.

"Through analysis of the victim devices, investigators determined that the RSOCKS botnet compromised the victim device by conducting brute force attacks," the DoJ said. "The RSOCKS backend servers maintained a persistent connection to the compromised device."

The disruption of RSOCKS arrives less than two weeks after it seized an illicit online marketplace known as SSNDOB for trafficking personal information such as names, dates of birth, credit card numbers, and Social Security numbers of about 24 million individuals in the U.S.

BRATA Android Malware Gains Advanced Mobile Threat Capabilities

 

The operators behind BRATA have once again added more capabilities to the Android mobile malware in an attempt to make their attacks against financial apps more stealthy.

"In fact, the modus operandi now fits into an Advanced Persistent Threat (APT) activity pattern," Italian cybersecurity firm Cleafy said in a report last week. "This term is used to describe an attack campaign in which criminals establish a long-term presence on a targeted network to steal sensitive information."

An acronym for "Brazilian Remote Access Tool Android," BRATA was first detected in the wild in Brazil in late 2018, before making its first appearance in Europe last April, while masquerading as antivirus software and other common productivity tools to trick users into downloading them.

The change in the attack pattern, which scaled new highs in early April 2022, involves tailoring the malware to strike a specific financial institution at a time, switching to a different bank only after the victim begins implementing countermeasures against the threat.

Also incorporated in the rogue apps are new features that enable it to impersonate the login page of the financial institution to harvest credentials, access SMS messages, and sideload a second-stage payload ("unrar.jar") from a remote server to log events on the compromised device.

"The combination of the phishing page with the possibility to receive and read the victim's sms could be used to perform a complete Account Takeover (ATO) attack," the researchers said.

Additionally, Cleafy said it found a separate Android app package sample ("SMSAppSicura.apk") that used the same command-and-control (C2) infrastructure as BRATA to siphon SMS messages, indicating that the threat actors are testing out different methods to expand their reach.

The SMS stealer app is said to be specifically singling out users in the U.K., Italy, and Spain, its goal being able to intercept and exfiltrate all incoming messages related to one-time passwords sent by banks.

"The first campaigns of malware were distributed through fake antivirus or other common apps, while during the campaigns the malware is taking the turn of an APT attack against the customer of a specific Italian bank," the researchers said.

"They usually focus on delivering malicious applications targeted to a specific bank for a couple of months, and then moving to another target."

Tuesday, February 7, 2017

Deep Web links...

To browse .onion Deep Web links, install Tor Browser from http://torproject.org/

 Image result for deep web

Hidden Service lists and search engines

http://3g2upl4pq6kufc4m.onion/ – DuckDuckGo Search Engine
http://xmh57jrzrnw6insl.onion/ – TORCH – Tor Search Engine
http://32rfckwuorlf4dlv.onion/ – Onion URL Repository
http://2vlqpcqpjlhmd5r2.onion/ – Gateway to Freenet
http://kpvz7ki2v5agwt35.onion – The Hidden Wiki
http://idnxcnkne4qt76tg.onion/ – Tor Project: Anonymity Online
http://jh32yv5zgayyyts3.onion/ – Hidden Wiki .Onion Urls
http://wikitjerrta4qgz4.onion/ – Hidden Wiki – Tor Wiki
http://xdagknwjc7aaytzh.onion/ – Anonet Webproxy
http://3fyb44wdhnd2ghhl.onion/wiki/index.php?title=Main_Page – All You’re Wiki – clone of the clean hidden wiki that went down with freedom hosting
http://3fyb44wdhnd2ghhl.onion/ – All You’re Base
http://j6im4v42ur6dpic3.onion/ – TorProject Archive
http://p3igkncehackjtib.onion/ – TorProject Media
http://cipollatnumrrahd.onion/ – Cipolla 2.0 (Italian)
http://dppmfxaacucguzpc.onion/ – TorDir – One of the oldest link lists on Tor

Marketplace Financial

http://torbrokerge7zxgq.onion/ – TorBroker – Trade securities anonymously with bitcoin, currently supports nearly 1000 stocks and ETFs
http://fogcore5n3ov3tui.onion/ – Bitcoin Fog – Bitcoin Laundry
http://2vx63nyktk4kxbxb.onion/ – AUTOMATED PAYPAL AND CREDIT CARD STORE
http://samsgdtwz6hvjyu4.onion – Safe, Anonymous, Fast, Easy escrow service.
http://easycoinsayj7p5l.onion/ – EasyCoin – Bitcoin Wallet with free Bitcoin Mixer
http://jzn5w5pac26sqef4.onion/ – WeBuyBitcoins – Sell your Bitcoins for Cash (USD), ACH, WU/MG, LR, PayPal and more
http://ow24et3tetp6tvmk.onion/ – OnionWallet – Anonymous Bitcoin Wallet and Bitcoin Laundry
http://qc7ilonwpv77qibm.onion/ – Western Union Exploit
http://y3fpieiezy2sin4a.onion/ – HQER – High Quality Euro Replicas
http://qkj4drtgvpm7eecl.onion/ – Counterfeit USD
http://lw4ipk5choakk5ze.onion/raw/4588/ – High Quality Tutorials

Marketplace Commercial Services

http://6w6vcynl6dumn67c.onion/ – Tor Market Board – Anonymous Marketplace Forums
http://5mvm7cg6bgklfjtp.onion/ – Discounted electronics goods
http://lw4ipk5choakk5ze.onion/raw/evbLewgkDSVkifzv8zAo/ – Unfriendlysolution – Legit hitman service
http://tuu66yxvrnn3of7l.onion/ – UK Guns and Ammo
http://ucx7bkbi2dtia36r.onion/ – Amazon Business
http://hbetshipq5yhhrsd.onion/ – Hidden BetCoin
http://cstoreav7i44h2lr.onion/ – CStore Carded Store
http://tfwdi3izigxllure.onion/ – Apples 4 Bitcoin
http://b4vqxw2j36wf2bqa.onion/ – Advantage Products
http://ybp4oezfhk24hxmb.onion/ – Hitman Network
http://mts7hqqqeogujc5e.onion/ – Marianic Technology Services
http://yth5q7zdmqlycbcz.onion/ – Old Man Fixer’s Fixing Services
http://sheep5u64fi457aw.onion/ – Sheep Marketplace
http://qizriixqwmeq4p5b.onion/ – Tor Web Developer
http://en35tuzqmn4lofbk.onion/ – US Fake ID Store
http://xfnwyig7olypdq5r.onion/ – USA Citizenship
http://uybu3melulmoljnd.onion/ – iLike Help Guy
http://dbmv53j45pcv534x.onion/ – Network Consulting and Software Development
http://lw4ipk5choakk5ze.onion/raw/4585/ – Quick Solution (Hitman)

Marketplace Drugs

http://rso4hutlefirefqp.onion/ – EuCanna – Medical Grade Cannabis Buds, Rick Simpson Oil, Ointments and Creams
http://newpdsuslmzqazvr.onion/ – Peoples Drug Store – The Darkweb’s Best Online Drug Supplier!
http://smoker32pk4qt3mx.onion/ – Smokeables – Finest Organic Cannabis shipped from the USA
http://fzqnrlcvhkgbdwx5.onion/ – CannabisUK – UK Wholesale Cannabis Supplier
http://kbvbh4kdddiha2ht.onion/ – DeDope – German Weed and Hash shop. (Bitcoin)
http://s5q54hfww56ov2xc.onion/ – BitPharma – EU vendor for cocaine, speed, mdma, psychedelics and subscriptions
http://ll6lardicrvrljvq.onion/ – Brainmagic – Best psychedelics on the darknet
http://25ffhnaechrbzwf3.onion/ – NLGrowers – Coffee Shop grade Cannabis from the netherlands
http://fec33nz6mhzd54zj.onion/index.php – Black Market Reloaded Forums
http://atlmlxbk2mbupwgr.onion/ – Atlantis Marketplace Forums
http://atlantisrky4es5q.onion/ – Atlantis Marketplace
http://dkn255hz262ypmii.onion/ – Silk Road Forums
http://k4btcoezc5tlxyaf.onion/ – Kamagra for BitCoins
http://5onwnspjvuk7cwvk.onion/ – Black Market Reloaded

Hosting

http://matrixtxri745dfw.onion/ – Image Uploader
http://lw4ipk5choakk5ze.onion/ – PasteThis – Tor based Pastebin
http://tklxxs3rdzdjppnl.onion/ – Liberty’s Hackers Hosting Service
http://matrixtxri745dfw.onion/ – Matrix Trilogy

Blogs

http://74ypjqjwf6oejmax.onion/ – Beneath VT – Exploring Virginia Tech’s Steam Tunnels and Beyond
http://76qugh5bey5gum7l.onion/ – Deep Web Radio
http://edramalpl7oq5npk.onion/Main_Page – Encyclopedia Dramatica
http://ad52wtwp2goynr3a.onion/# – Dark Like My Soul
http://gdkez5whqhpthb4d.onion/ – Scientology Archive
http://newsiiwanaduqpre.onion/ – All the latest news for tor
http://5vppavyzjkfs45r4.onion/ – Michael Blizek
http://7hk64iz2vn2ewi7h.onion/ – Blog about Stories
http://7w2rtz7rgfwj5zuv.onion/ – An Open Letter to Revolutionaries
http://4fvfamdpoulu2nms.onion/ – Lucky Eddie’s Home
http://nwycvryrozllb42g.onion/searchlores/index.htm – Fravia’s Web Searching Lore
http://newsiiwanaduqpre.onion/ – OnionNews – Blog about the onionland

Forums and Chans

http://jv7aqstbyhd5hqki.onion – HackBB – Hacking & cracking forum
http://xdagknwjc7aaytzh.onion/20/http/1.4.7.9/forummain.htm – Read only access to the Freenet FMS forums via the Anonet Webproxy
http://hbjw7wjeoltskhol.onion – The BEST tor social network! File sharing, messaging and much more. Use a fake email to register.
http://t4is3dhdc2jd4yhw.onion/ – OnionForum 3.0 – New Onionforum for general talk, now with marketplace
http://zw3crggtadila2sg.onion/imageboard/ – TorChan – One of the oldest chans on Tor

Email and Messaging

http://365u4txyqfy72nul.onion/ – Anonymous E-mail sevice. You can only communicate with other users currently using this service. So tell all your friends about it!
http://sms4tor3vcr2geip.onion/ – SMS4TOR – Self destructing messages
http://notestjxctkwbk6z.onion/ – NoteBin – Create encrypted self-destructing notes
http://torbox3uiot6wchz.onion/ – [TorBox] The Tor Mail Box
http://u6lyst27lmelm6oy.onion/index.php – Blue matrix chat NOT UP ALL THE TIME so chek often to see when it is
http://wi7qkxyrdpu5cmvr.onion/ – Autistici/Inventati

Political

http://faerieuaahqvzgby.onion/ – Fairie Underground
http://tnysbtbxsf356hiy.onion/ – The New Yorker Strongbox
http://duskgytldkxiuqc6.onion/ – Example rendezvous points page
http://rrcc5uuudhh4oz3c.onion/ – The Intel Exchange Forum :: Information and discussion on various topics, ranging from Illegal Activities and Alternative Energy, to Conspiracy Theories and Hacking. Same people from SnapBBS on a fully secure, moderated and categorized forum.
http://opnju4nyz7wbypme.onion/weblog/index.html – A7B blog :: a blog dedicated to the restoration of a limited constitutional republic in the USA
http://assmkedzgorodn7o.onion/ – Anonymous, safe, secure, crowdfunded assassinations.
http://duskgytldkxiuqc6.onion/comsense.html – Commo Sense by Thomas Paine
http://nwycvryrozllb42g.onion/ – Destination Unknown

Warez

http://2gxxzwnj52jutais.onion/ – The Nowhere Server (restored from backup after FH)
http://jntlesnev5o7zysa.onion/ – The Pirate Bay – Torrents
http://am4wuhz3zifexz5u.onion/ – Tor Library – library of books and other media files
http://uj3wazyk5u4hnvtk.onion/ – The Pirate Bay – Torrents (official .onion)
http://wuvdsbmbwyjzsgei.onion/ – Music Downloads
http://lolicore75rq3tm5.onion/ – Lolicore and Speedcore Music
http://vt27twhtksyvjrky.onion/ – lol 20th Century Western Music Recordings and Scores
http://2ygbaoezjdmacnro.onion/ – Pony at Noisebridge
http://xfmro77i3lixucja.onion/ – Imperial Library of Trantor
http://c3jemx2ube5v5zpg.onion/ – Jotunbane’s Reading Club

Drugs Non-commercial

No links found.

Erotic 18+

http://tklxxs3rdzdjppnl.onion/sharepass/ – SharePass – Password sharing community
http://k4jmdeccpnsfe43c.onion/ – Girls Released – Some nice model pics
http://54dgeda4ik6iypui.onion/ – Gallery – Met-Art, FTVX etc sets
http://pinkmethuylnenlz.onion/ – The Pink Meth (mirror)
http://orsxvca7glswueo7.onion/ – EroDir – Lots and lots of Hentai

Erotic Hard Candy

http://lovezspamopfiqul.onion/ – TLZ discussion board
http://iqlnc7cbykhhurfo.onion/ – LLL – Image and Video down- & upload
http://oglbv4c4kpoobkid.onion/oglb/ – Onion Girl Love Board – Private Board
http://girlbmayme6evpwv.onion/ – Girls and Boys
http://7haz75ietrhjds3j.onion/ – All Natural Spanking
http://spofoh4ucwlc7zr6.onion/ – Safe Port Forum
http://ftwwebt6e3nb3lmw.onion/ – FTW Image Boards
http://tlz3gig7k46s4r66.onion/ – TLZ private forums
http://vkq6wz4ozmldscii.onion/ – Topic Links – A CP sites link list

Erotic Jailbait

http://66m4z7ygkqghb4tc.onion/ – Some paradisebirds casey videos

Non-English

http://germanyhusicaysx.onion – Deutschland im Deep Web – German forum
http://ffi5v46ttwgx3fby.onion/ – Das ist Deutschland hier 2.0 – German Board
http://runionv62ul3roit.onion/ – Russian Onion Union
http://5xki35vc4g5ts6gc.onion – GTF Greek Tor Forum . For greek speaking users
http://cipollatnumrrahd.onion/index.php – Cipolla 2.0 – Italian Community
http://runionv62ul3roit.onion – Russian community: market and anonymous talks about security, guns etc.
http://ptrackcp2noqu5fh.onion/ – PoliceTrack – Ne vous faites plus suivre par la police.
http://amberoadychffmyw.onion – Amberoad – russian anonymous market
http://r2d2akbw3jpt4zbf.onion – R2D2 – russian anonymous market
http://ramp2bombkadwvgz.onion – RAMP – biggest russian market (drugs only)
http://szmyt4v4vjbnxpg3.onion/ – Славянский
http://o2tu5zjxjlibrary.onion/ – Bibliotheca Alexandrina
http://ocbh4hoqs37unvv6.onion – French Deep Web

Deep Web Links

Evil Twin attack

Evil Twin Attack is attack is frequently carried upon wireless access points with malicious intentions. This attack happens when...