Who's Behind the Koobface Botnet? - An OSINT Analysis

In this forum you'll find the latest scumbags who got busted for online related criminal activity.

Moderators: Admin Team, Moderators

User avatar
TeMerc
Site Admin
Site Admin
Posts: 15995
Joined: Fri Jan 28, 2005 5:16 pm
Area Of Expertise: Security
experience: I know the functions, OS settings, registry tweaks and more
PC time: What else is there in life?
Location: PHX, AZ
Contact:

Who's Behind the Koobface Botnet? - An OSINT Analysis

Postby TeMerc » Sat Jan 14, 2012 12:07 am

In this post, I will perform an OSINT analysis, exposing one of the key botnet masters behind the infamous Koobface botnet, that I have been extensively profiling and infiltrating since day one. I will include photos of the botnet master, his telephone numbers, multiple email addresses, license plate for a BMW, and directly connect him with the infrastructure -- now offline or migrated to a different place -- of Koobface 1.0.
nwz Continued @ DDanchev Blog
Image

User avatar
wildman424
Countermeasures Team
Countermeasures Team
Posts: 36
Joined: Fri Dec 10, 2010 12:59 am
experience: I know the functions, OS settings, registry tweaks and more
PC time: Alot more than I should
Contact:

Re: Who's Behind the Koobface Botnet? - An OSINT Analysis

Postby wildman424 » Thu Jan 19, 2012 8:45 am

Sophos had a rather long blog post on the bust

The Koobface malware gang - exposed!

Page: 1 2 3 4 5 6 7 Next →

An investigation by Jan Drömer, independent researcher,
and Dirk Kollberg, SophosLabs.

On 17 January 2012, The New York Times revealed that Facebook plans to name five men as being involved in the Koobface gang. As a result of the announcement, we have decided to publish the following research, which explains how we uncovered the same names.

Introduction: there ain't no perfect (cyber)crime

The Koobface botnet - a product of the self proclaimed "Ali Baba & 4" or "Koobface Gang" - has been terrorizing millions of internet users since mid 2008 and continues to do so up to the present day, despite multiple takedown efforts.

The research below, conducted by independent researcher Jan Drömer and Dirk Kollberg of SophosLabs, is focused on the suspects behind one of the largest cybercrime threats in recent years and the process of their identification.

Research into the suspects was mainly conducted from early October 2009 until February 2010 and has since been made available to various international law enforcement agencies.


Naked Security
Wildman424
Malware Fighter in training
"A wonderful fact to reflect upon, that every human creature is constituted
to be that profound secret and mystery to every other."
-Charles Dickens


Return to “BUSTED!”

Who is online

Users browsing this forum: No registered users and 2 guests