(833) 317-6278
Book a Demo
Dancho Danchev
Gray shield icon
Is this you?
Claim your profile.

Dancho Danchev

AS SEEN ON
Security Boulevard

Preston's Summary

Dancho Danchev is a journalist specializing in cybersecurity and cybercrime. He writes for Security Boulevard and focuses on exposing cyber threats, analyzing high-profile cybercriminals, and providing insights into the latest developments in the field of cybersecurity. His articles cover a wide range of topics, including ransomware, data breaches, and the activities of various cyber threat actors.

Preston is the artificial intelligence that powers the Intelligent Relations PR platform. Meet Preston

Geo Focus

Coverage Attributes:

Beta
Press Release: 47 %
Announcement: 17 %
Industry Specific: 13 %
Expert Commentary: 8 %
Private Sector Announcements: 8 %

Themes Covered:

Not enough data icon

Not enough data

Most Recent Topics:

  • InfoSec Compliance & Regulations
  • InfoSec Strategies & Protocols

Pitching Insights

Dancho Danchev's coverage is focused on cybersecurity, hacking, and hacker groups. His articles include a significant amount of expert commentary and announcements related to privacy & cybersecurity. Given his focus on exposing cyber threats and identifying malicious actors, he would likely be interested in pitches from experts who can provide insights into emerging cybersecurity threats, new hacking techniques or trends in hacker groups.

Given the nature of his articles which often expose cybercriminal activities or highlight industry-specific issues, he may be receptive to sources with direct knowledge of these topics or those who can provide unique perspectives based on their experience in the field.

He does not appear to have a specific geographic focus but rather covers global cyber threats and security issues.

This information evolves through artificial intelligence and human feedback. Improve this profile .

Journalists With Similar Coverage:

Based on similarity of content.
Teri Robinson

Teri Robinson

Executive Editor
*******on@*****************.com
Publications
Security Boulevard
Most recent topics
Not enough data
AJ Vicens

AJ Vicens

Reporter
*******ns@***********com
Publications
Newsmax Media, Inc., CyberScoop, Newcastle Herald
Most recent topics
Not enough data
Laura French

Laura French

National award winning investigative journalist
**********ch@******om
Publications
scworld.com, WTVR-TV, MSSP Alert, ChannelE2E, NewsBreak
Most recent topics
Not enough data
Kelly Springer

Kelly Springer

Technical Writer
Publications
n-cryptech.com
Most recent topics
Not enough data
Ashish Khaitan

Ashish Khaitan

Publications
The Cyber Express by Cyble
Most recent topics
Not enough data
Deeba Ahmed

Deeba Ahmed

Publications
HackRead Media
Most recent topics
Not enough data

Articles

Security Boulevard

International Embassies Web Malware Exploitation Serving Domain Properties

International Embassies Web Malware Exploitation Serving Domain Properties

By: Dancho Danchev

Folks,Do you remember the international embassies web malware exploitation spree using client-side exploits that took place back in 2009 with the Russian Business Network the hosting provider of choice for these campaigns?I recently took the effort to look at my original data set here and tried to enrich it and provide additional analysis with more details and context.Sample domains known to have been operated by the same individuals behind these campaigns include:hxxp://beert54xyzhxxp://aaepgpcomhxxp://brightstonepharmacomhxxp://ksfcradiocomhxxp://ksfcnewscomhxxp://kklfnewscomhxxp://arabiandemographicscomhxxp://sig4forumcomhxxp://pornokmancomhxxp://pinalbalcomhxxp://bodinzonecomhxxp://123124comhxxp://pixfbizhxxp://frmimginfohxxp://us-shopsonlinehxxp://hornybabeslivecomhxxp://pharmacyitnethxxp://deapothekecomhxxp://cplplywoodcomhxxp://us-electroonlinehxxp://omiardocomhxxp://frmimginfohxxp://ramualdocomhxxp://pixfbizhxxp://ksfcnewscomhxxp://ksfcradiocomhxxp://kklfnewscomhxxp://odmarcocomhxxp://us-electroonlinehxxp://123124comhxxp://sig4forumcomhxxp://brightstonepharmacomhxxp://bodinzonecomhxxp://aaepgpcomhxxp://pinalbalcomhxxp://cplplywoodcomhxxp://pornokmancomhxxp://hornybabeslivecomhxxp://beert54xyzhxxp://us-shopsonlinehxxp://deapothekecomhxxp://pharmacyitnetSample personally identifiable email address accounts known to have been involved in these campaigns:nepishite555sudagmailabusecentregmailbelyaev_andreyinbox.rusrvs4yougmailmigejoshyahookseninkopetrnm.rupalfreycrossvwgmailredemptionsnapnamesmogensenfontdriftxix.x12345yahoojohnvernetgmail4ykakabragmailmironbotgmailfuadrenalraygmailincrementallist.rutraffongmailauctionr01.ruadminbrut.cnbobby10mail.zp.uaipspecgmailOdileMarcottegmailsflgjlkj45yahooSample MD5s:MD5: ca9c64945425741f21ba029568e85d29MD5: b252c210eeed931ee82d0bd0f39c4f1dMD5: 787ed25000752b1c298b8182f2ea4faaMD5: fcbd2777c8352f8611077c084f41be8cMD5: ce02bed90fd08c3586498e0d877ff513MD5: 97ff606094de24336c3e91eaa1b2d4f0MD5: a0caae81c322c03bd6b02486319a7f40MD5: 5733030dcd96cec73e0a86da468a101cMD5: 5d8398070fa8888275742db5b8bbcebf

Security Boulevard

Dynamic DNS Service Providers for APT Command and Control (C&C) - An Analysis

Dynamic DNS Service Providers for APT Command and Control (C&C) - An Analysis

By: Dancho Danchev

Dear blog readers,The following is a compilation of dynamic DNS providers in specific ones used by APTs and various other targeted campaign obtained using public sources. Sample dynamic DNS service provider domains known to have been involved in various malicious software spreading campaigns include:07726657423zaionno-ipbiz100009755836320no-ipbiz123456789123456789myftpbiz1337aceddnsnet1349874791gnwaycc1488sytesnet14lcolomboddnsnet159asdduckdnsorg1756mostaccddnsnet1987omidddnsnet1fon1ddnsnet1m4962f897iokla22134520ddnsnet2715729vicpnet45df36dyndnsinfo4youddnsnet5107b712all123net5551520no-ipbiz5701c196123natcom6ghnoipme726627duckdnsorg79649759ddnsnet7dayskyin3322org96750513ddnsnet9949291099hoptoorga1b2c3hoptoorga302a85angrokioaaaacomaaaaaaaaaabbbbbhoptoorgaagaroddnsnetaasxzxdsc12324no-ipbizabarouterddnsnetabbaass313hoptoorgabbaass3132hoptoorgabcccabccabddnsnetabderrahmane16hoptoorgabdo099ddnsnetabdobacha05ddnsnetabdou16hoptoorgabdouoahmedddnsnetabduls0821myddnsmeabedjaradat1177no-iporgabinovaddnsnetabosaoys881duiausabs3ntddnsnetabusakono-ipbizachrafzouinazaptoorgad15hoptoorgadelxxbxno-ipbizadesja1337no-ipbizadlinduckdnsorgadobflashhoptoorgaerrorno-ipbizahag3ld1ddnsnetahmdiand-wj3ddnsnetahmed12345hoptporgahmed2012dynucomahmed90011912ddnsnetahmedmidoegypthoptoorgahomdalhomd42hoptoorgala6ano-ipbizalaa-1982no-ipbizalaajbzaptoorgalaauyddnsnetalabama192837no-iporgalanbkeyno-iporgalarr2012abmyftpbizalbash2222ddnsnetaldnkoich11111111no-iporgalfazaai99ddnsnetali2627ddnsnetali7070ddnsnetaliboxboxboxhoptoorgalihoseinino-ipbizaliyusef6no-ipbizalkingahmed555ddnsnetalldebridduckdnsorgallforfreegame-hostorgalpheronduckdnsorgalzintaniddnsnetamarok58no-ipbizamelwafawddnsnetaminamadani16hoptoorgaminbatna31ddnsnetaminecityddnsnetaminrahimzadehno-iporgamiraliamddnsnetamirhosein0074ddnsnetammaar938ddnsnetampaladdnsnetamran-pcno-ipbizamrozamrozamrozhoptoorgamrsamy222ddnsnetamsdjhoptoorgamujeeb1990ddnsnetandroidsupersuanaglizddnsnetanawebsddnsnetandqipddnsnetandr01dzaptoorgandrew999ipnodnsruandriod91ddnsnetandrono-ipbizandro0161no-ipinfoandro123duckdnsorgandroduckduckdnsorgandroidno-iporgandroid1ddnsnetandroid1385ddnsnetandroidalbumsddnsnetandroidanddnsnetandroidbraduckdnsorgandroidfdlddnsnetandroidplayddnsnetandroidrat21ddnsnetandroidsafeddnsnetandroidtest0ddnsnetandroidtoolddnsnetandroidupdateddnsnetandrojakmyftporgandrojanddnsnetandrokhan3100ddnsnetandrooidddnsnetandroratservegamecomandroratzaptoorgandrorat1no-ipbizandrorat1226ddnsnetandrorat143no-ipbizandrorat22ddnsnetandroratbtasno-ipinfoandrorattttno-iporgandroratvirginduckdnsorgandrotormaddnsnetandver18no-ipbizanishmishra66ddnsnetanitoddnsnetanon008ddnsnetanondz97ddnsnetanonfoxno-iporganonimousdre180ddnsnetanonsaddnsnetanonvirusddnsnetanonymo9sddnsnetanonymous666zaptoorganonymousipddnsnetanonymousipno-iporgapkhamzaddnsnetapolo30no-iporgapplecenikosmoshldnsruappmarketservehttpcomappsystemddnsnetaqwkdo1no-ipbizariaaalikazmddnsnetarmanno-ipbizarondograuddnsnetasadhashmiddnsnetasasasas22ddnsnetasdbh11ddnsnetasdqqqbouncemenetaskinderhoptoorgasosha4edno-ipbizastro3hoptoorgatinddnsnetatsizinogluduckdnsorgaucdlinkddnscomaudreysaradinno-iporgauthdddnsnetawir-fbsytesnetaxxz2017ddnsnetayadd19no-iporgayadd99ddnsnetayham11hoptoorgaymen1852ddnsnetaymencossassiddnsnetazerboyshoptoorgazert123ddnsnetazertyhoptoorgazizasytesnetbabywebhopmebadguymyq-seecombahar2017no-iporgbahoomno-ipbizbambino-ipbizbanishoptoorgbanndingddnsnetbapforallddnsnetbarbariddnsnetbarish121no-iporgbassamzeyadddnsnetbatterysaver3utilitiescombehnamhackddnsnetbeijg3322orgbensphonetrackerddnsnetberkani0774no-iporgbitoandroidno-ipinfobl4ckh0tddnsnetbl4ckhatjokerddnsnetblack1990ddnsnetblackghostdcduckdnsorgblackghostorgddnsnetblind1234ddnsnetbmt96noipmeboinserver12no-ipinfobopressddnsnetbostanooddnsnetboubou271ddnsnetbox100ddnsnetbrasilteamopddnsnetbrave-hackerno-iporgbrousse16ddnsnetbwaleezhoptoorgc1no-ipbizcamper92ddnsnetcanariano-ipinfocarapuce-2015no-ipbizcardangino-iporgcccamdmyftpbizcerdofileddnsnetchabarddnsnetchacal00hoptoorgchangyu231ddnsnetchanksno-ipbizcharifo1310tokno-ipbizchrisfono-iporgcity55hoptoorgcjbks0u0no-iporgclashdroidno-ipbizclayhosthoptoorgcnwredirectmenetcometmyftporgcomsurogatenoipmecoxiamigomyq-seecomcraxyviruxddnsnetcreatemeonzaptoorgcricbotno-ipinfocrimeddnsnetcrispruebaddnsnetcyberandroduckdnsorgcyberbitddnsnetcyberbwarriorddnsnetcybercrysisddnsnetdadadadadaprivetddnsnetdagohackno-ipmedalibob12ddnsnetdamndamnddnsnetdangerloveno-ipbizdanialdeltaddnsnetdanialmostafaeino-ipbizdaniele3814ddnsnetdanielratsddnsnetdantehackzaptoorgdarkshionno-iporgdaroedkakno-ipbizdarweshfisno-iporgdatadownloaderddnsnetdddeeeddnsnetddnsnetdeep1234ddnsnetdellearmddnsnetdendroidhoptoorgdenishulhldnsrudetlef-gmbhtkdexonicduckdnsorgdiceediceeddnsnetdidi03duckdnsorgdiener123ddnsnetdionisddnsnetdjshoptmdj123no-iporgdjack1zaptoorgdkmsddnsnetdltelegramddnsnetdnsdynamicorgdodee97dodeeddnsnetdodotototatapublicvmcomdogecoinspeedzaptoorgdomeer-androidddnsnetdomiraddnsnetdraagonddnsnetdragonhkr1myftpbizdrdamarhoptoorgdrhackhoptoorgdriodracddnsnetdrosoxxusdroiddeutsche-db-bankrudroidfagdnscomdroidfreedynamicdnsorgdroidservehttpcomdroidserverhttpcomdroidcraftismelmaoddnsnetdroidgeddnsnetdroidhostzaptoorgdroidjaackzaptoorgdroidjackhoptoorgdroidjack1sytesnetdroidjack121ddnsnetdroidjack2137hoptoorgdroidjack228ddnsnetdroidjack2333ddnsnetdroidjack258bouncemenetdroidjack33no-ipbizdroidjackdnsduckdnsorgdroidjackiamddnskingcomdroidjackisgodlyddnsnetdroidjackkksytesnetdroidjackv5ddnsnetdroidjockmyftpbizdroidmosaddnsnetdroidniggazaptoorgdroidrathoptoorgdroidspyzaptoorgdroidssnoipmedroyzaptoorgdrrazikhanno-ipinfodsfno-iporgduckdnsorgduckemduckdnsorgducmanhhoangtranddnsnetduke5010duckdnsorgduyguseliberkayno-ipbizdzhacker16ddnsnete777kx47ddnsnetegytigermyftporgehsanmaaliddnsnetehsanmaali3ddnsneteldiablono-ipbizelgen1no-ipbizelisou19ddnsnetelvis2015ddnsnetemmeno-ipbizengnngnsduckdnsorgengridno-ipbizequisdeddnsneterikatersptraddnsnetesharjddnsneteslam87hoptoorgessalhi2047hoptoorgeuquerotchuddnsnetevilcasperddnsnetexplosifzaptoorgfacbookserverddnsnetfaceboohzaptoorgfacebook2ww290ddnsnetfacrbookredirectmenetfadisesubaihddnsnetfairylowno-ipbizfakaeliteno-iporgfarzanddnsnetfateh2017ddnsnetfati43030no-ipbizfatiha29ddnsnetfazoro66ddnsnetfenon158ddnsnetferzo1881duckdnsorgfifi147fifino-ipbizfirsthostddnsnetflashplayerxxno-iporgflorian-pcksueyuj0mtxpt6gnmyfritznetforcehackingloveddnsnetfoxfelineno-iporgfree1neiwangtongcomfreeannsytesnetfreeeeeeeeeeno-ipinfofreepalestineddnsnetfrubyzaptoorgfsocfsocddnsnetfukeyou12myftpbizfuturaskyno-ipbizgaabarhoptoorggalauddnsnetgcafegoodnoipmegcafegood2noipmegemini85hoptoorggentel901no-iporggeocheats2eugert44duckdnsorggetphggwasgehtddnsnetghanim2017ddnsnetghanou1603no-ipinfoghfx1ddnsnetghghghghetrezwno-iporgglaive24no-ipbizgmailss11hoptoorggogagggddnsnetgogglesytesnetgold5000ddnsnetgoldeneagle1112ddnsnetgooboomno-ipbizgoodmyddnsmegoog2no-ipbizgoogleadpublicvmcomgooglesservemp3comgooglewebddnsnetgooogleplayddnsnetgorrhoptoorggoshasbddnsnetgrandeamoreddnsnetgreat-supportcomgreatkeyboardhoptoorggta5hacking12duckdnsorgguru123ddnsnetgusui1ddnsnethaa7aahno-ipbizhabbono-iporghabib1376ddnsnethabib556ddnsnethac123khoptoorghachim07regno-ipinfohack-iraqno-ipinfohack1111noipmehack155vicpnethackcamzaptoorghackdeamno-ipinfohacked2001hoptoorghackedonaddnsnethacker-321no-ipbizhacker-81no-ipbizhacker2hoptoorghacker421hoptoorghackermoqtadano-ipbizhackertn123no-ipbizhackhack2016no-ipinfohackhamerzaptoorghackinrollddnsnethackmeno-iporghacksd20ddnsnethacksyria2myftpbizhadsurveyddnsnethahalolddnsnethahalolno-ipbizhaiderhacer12no-ipbizhajeeeeehoptoorghakedpc0000myftpbizhakeerali2ddnsnethaker-2119ddnsnethaker10ddnsnethaker33sadekgaferno-ipbizhakosikenduckdnsorghakunamatata007ddnsnethala222hoptoorghalo12duckdnsorghamadagentelddnsnethamed1993ddnsnethamidoranisno-ipbizhamidos1342ddnsnethamkerddnsnethamo55hoptoorghamza19991hoptoorghamzaelcbddnsnethananoxddnsnethardikno-ipinfohardstyleraverno-iporgharoune12myddnsmehash0rno-ipbizhashahoptoorghasn9999ddnsnethassan100ddnsnethassanabd1233ddnsnethatamno-iporghavijddnsnethaxno-ipinfohaxorhoptoorghaxorjibno-iporghazem123no-ipbizhazhar77no-ipbizhdkhanh123no-iporghedr78ddnsnetheemoanahoptoorghegazy5753ddnsnetheheduckdnsorgheikechenmo3322orgheilbronnduckdnsorghell2066zaptoorghelloandroidno-iporghero400ddnsnetheroeschargehackedddnsnethhamokchaddnsnethhhhhfhfddnsnethmt1985ddnsnethobi3utilitiescomhoho121292ddnsnethoho39ddncnethohoangpmyddnsnethooman8219servecounterstrikecomhoptoorghorcheni123ddnsnethoseenoori2277khddnsnethossam3030ddnsnethossarddnsnethosteng123hoptoorghosthack25ddnsnethouaribey4ddnsnethouaribey4no-iporghousamlinkpcnethoussmeszaptoorghowie96jiosorghpwdza47o8huc1xjmyfritznethqnddnsnethtmpsytesnethttpdsshddnsnethuhuhuyaddnsnethuntergoldno-ipbizhussein1889no-ipbizhusseinali5698ddnsnethusshackahoptoorgi1993ddnsnetignoredhostno-ipbizimad2001bohoptoorgindusv00duckdnsorginfobouncemenetinjectmanddnsnetinjectmanno-ipinfointeljetddnsnetintelresolddnsnetinvisibleghostno-ipbizipv445hoptoorgiqram85spyddnsnetiran0513ddnsnetiraqn6777ddnsnetisamdonitano-iporgislam2020libyano-ipbizislamwayno-ipinfoivon9393no-iporgjackdroidsystesnetjackdroid1337ddnsnetjafarmanddnsnetjalal123hoptoorgjalldomainddnsnetjas7serhoptoorgjassairhoptoorgjastnddnsnetjirawat01ddnsnetjkgytgasjg12serveftpcomjnkeyddnsnetjockerhackerxnxxddnsnetjohnharim004ddnsnetjojomoddnsnetjokerbabelno-ipbizjomozaptoorgjosewaldoddnsnetjuanblackhakddnsnetjuliocoelhodesahoptoorgjundynucomjustaratnoipmek0k0wawahoptoorgkaddressddnsnetkaedalshddnsnetkaizen00ddnsnetkakashiddnsnetkalihehno-ipbizkalinneddnsnetkalinusddnsnetkalizinhono-iporgkalljodvrdnsorgkamlabhai123no-ipbizkararkarar0780ddnsnetkarasqlee9no-iporgkarenchik19hoptoorgkarrarhuseein82ddnsnetkaskwmyftpbizkaskwzaptoorgkasofe123123aano-ipbizkasperddnsnetkeskes02122002ddnsnetkevte26zaptoorgkhaleel0zaptoorgkhalid-2016noipmekhantacddnsnetkheridlahoptoorgkilasxddnsnetkingdomno-ipbizkingggddnsnetkjgjgkhffhsytesnetkka163ddnsnetkkarox90no-iporgkmessimyddnsmekomplevit-ratddnsnetkontolanimeno-ipbizkorelevno-iporgkorg600no-ipbizkrem111ddnsnetkrlolddnsnetksbozoddnsnetkskdtddnsnetkuraistzaptoorgkurd-karddnsnetkusleratntduckdnsorglahyarhmohoptoorglamorashddnsnetlaze22hoptoorglbossnddnsnetlearnxeaduckdnsorgled5526ddnsnetlikerrddmyftpbizlinonymousamino-iporgliquidixenddnsnetliquidstoneddnsnetlizdlezozifpoddnsnetlocal1232ddnsnetlocolocolocoddnsnetlolmanddnsnetlomocomlordxxxmyq-seecomlosever2no-ipbizlove2014ddnsnetloveubaby3utilitiescomlputyrmyq-seecomluxuriaecuddnsnetmadblack0sytesnetmadov-matrix25no-iporgmagemankoktelamddnsnetmahamadmahmodddnsnetmahasiswano-ipbizmahdi1379ddnsnetmahdi3141ddnsnetmahdibaba123ddnsnetmajed111111myq-seecommajod98mddnsnetmakarandno-iporgmalakatef09ddnsnetmamal9921ddnsnetmami5255duckdnsorgmar020onehoptoorgmarcsilddnsnetmariorossi2013homepcitmarknetzhoptoorgmarocmarochoptoorgmartin123456no-iporgmasafatddnsnetmaskaralamaddnsnetmasteratmyftporgmatgioduckdnsorgmatinddnsnetmatrix-testeddnsnetmayyahano-ipinfomazenttr2hoptoorgmazxorzaptoorgme512zaptoorgmedo7911ddnsnetmedoahmed3ddnsnetmedx321ddnsnetmee2008zaptoorgmegalolchickenkillercommehostddnsnetmehtab123ddnsnetmemeaimen10hoptoorgmemexmamaddnsnetmezoo32no-ipbizmghorbani78ddnsnetmhoammedttyhoptoorgmht3ddnsnetmicro-softno-ipbizmicrosoft-officeddnsnetmido28hoptoorgmigo2018zaptoorgmiioolinaseddnsnetmikanikiddnsnetmikestarno-ipbizmiltin2no-iporgminou555hoptoorgmisterx94ddnsnetmisty255no-iporgmixtape2016ddnsnetmjhooollltuuuno-ipbizmmdjj212myftpbizmobdrohoptoorgmobiles0ftno-iporgmoein1369no-ipbizmoep004no-iporgmogahedddnsnetmoha55no-ipbizmohamed11ddnsnetmohamed46565656no-ipbizmohamed4dzddnsnetmohamedamineddnsnetmohamedhgno-iporgmohamednjrat111no-ipbizmohammad2002no-ipbizmohammadhkddnsnetmohammed22468no-ipbizmohammed93mahdiddnsnetmohammedwasibddnsnetmohfortddnsnetmohmadmyftpbizmohmdnorddnsnetmohsanali79355ddnsnetmohsenfazddnsnetmoji1936ddnsnetmokhter222029ddnsnetmoktarpicaasrinabilzaptoorgmomen-swesino-ipbizmomo2015duckdnsorgmon009no-ipbizmonitoring007zaptoorgmoonmar10no-ipbizmoosiono-ipbizmoslimddnsnetmostafaafroto0ddnsnetmotoshizaptoorgmoussa-hakno-ipbizmphphoptoorgmpt1969ddnsnetmrblacklifeddnsnetmrclone97ddnsnetmrgnetddnsnetmrkriper3331zaptoorgmrm2ddnsnetmrreda98ddnsnetmsficecreamddnsnetmsn-webddnskingcommsn79ddnsnetmstarddnsnetmster0102no-ipbizmstfa10ddnsnetmsupdatemyvnccommurryapplicazioneno-iporgmuxamiluhoptoorgmwanikano-ipbizmyawno-ipbizmyfreeratddnsnetmyfrenid2xzaptoorgmyhost123myftpbizmyillusion02hoptoorgmyonlineno-ipbizmypy23ddnsnetmzgergesno-ipbiznademhackno-iporgnadineemmaservegamecomnamandroidk63zaptoorgnapaixonadoddnsnetnassahslimanddnsnetnemesis2017zaptoorgnetflix-iphoptoorgnew777ddnsnetnewwordserveblognetnewxor2no-iporgnexmopro830ddnsnetninabounitaddnsnetninjabird29myvnccomnirajpawar1997ddnsnetnjesraddnsnetnododgddnsnetnohackerddnsnetnoiphackkddnsnetnoipjajajaddnsnetnoussano-ipbiznowgirlasddnsnetnoxrrddnsnetnulldoesnotexistduckdnsorgoday1995zaptoorgokogotdnschomarno-ipbizoneriakosaddnsnetopt91ddnsnetorihackerddnsnetosamarizkddnsnetosammer0asmam3addnsnetosmsalemddnsnetosprpublicvmcomoussama1997ddnsnetoussamadj1997ddnsnetovirusddnsnetowsenddnsnetpaaradowxhoptoorgpapasystemno-iporgparrot01hoptoorgparsddnsnetpersirno-ipbizpetermohsenvi2hoptoorgpfijspnoipmephantom94ddnsnetphotoeditorddnsnetphotofixhoptoorgpianotiles2ddnsnetpimpdaddymyq-seecompippo86no-ipbizplaystoreddnsnetportmeimddnsnetpremium007zaptoorgpriyakumariddnsnetprofmilfzaptoorgprohackerfreedynamicdnsorgprojectpddnsnetproviewddnsnetpruebasernestoddnsnetpuplicdslddnsnetqq376552030ddnsnetqwerty1212ddnsnetr00tmyftpbizr3cxwddnsnetr90no-ipbizradouan123hoptoorgrafkin85ddnsnetrahimtrxhoptoorgraliphesusddnsnetrameezmasterddnsnetrandsnairadnsdynamiccomrarwindowno-ipbizratcapsulelabusratforandroidddnsnetrds11ddnsnetrecycledno-iporgredckardddnsnetredcodeddnsnetreddemonddnsnetrefsaduckdnsorgreich666ddnsnetreich777ddnsnetremoteip999ddnsnetreplaceduckdnsorgrinalditeamddnsnetrmk133hoptoorgrmx2121ddnsnetrockrockddnsnetrok13198666no-ipbizron1372ddnsnetroyalhackerzaptoorgrpshowpickddnsnetrpswlrkgkarpp-ekrrumpelztinzkinsytesnetrustyashno-ipbizrzra51126ddnsnetsddnsnetsleasims3b4snoipmes3rv3randr0idno-ipbizsabbahduckdnsorgsadaqddnsnetsaiber-far68ddnsnetsaighinissouddnsnetsajadianhddnsnetsajjad1994ddnsnetsajjadnassar3no-ipbizsalah067hoptoorgsalarkalatddnsnetsalemazizhoptoorgsamdzbbaddnsnetsamersamerzno-ipbizsamirano-ipbizsammuiyerddnsnetsamoomalikno-ipbizsamsungappslinkpcnetsamuseucuddnsnetsamy777no-ipbizsandhusim001ddnsnetsara17911no-iporgsara19918ddnsnetsarahwyganno-ipbizsaraiaddnsnetsarasisino-iporgsasi546454hoptoorgsatahezubno-ipinfosava33ddnsnetsazan765ddnsnetscropion20078no-ipbizsecureline2244ddnsnetsecurepurposeno-ipinfosecuritytestsddnsnetsecuritytesttddnsnetsersaisaddnsnetserver4updateserveftpcomservicezosysnetservidor23ddnsnetservrhoptoorgsesizkal32no-ipbizsettsno-iporgseven1ddnsnetseyf2017linkpcnetshabbushahduckdnsorgshahabhackerddnsnetshahidsajanno-ipbizshakakyddnsnetshanksno-ipbizsharawy74hoptoorgsharmayashno-ipbizsheamusking34no-ipbizsherlockholmesduckdnsorgshgttkshoo2018no-iporgshop10ddnsnetshoshddnsnetshowjf3322netsilenthunter3021no-iporgsimbabwerattehoptoorgskinchangerhoptoorgskipyddnsnetskituljkomooocomskylex123hoptoorgslavikkalinovskiyddnsnetslayslayduckdnsorgsmiix2012ddnsnetsmk22jktnetsnaiderhoptoorgsniper-fddnsnetsniperviruse3hoptoorgsniperyakubddnsnetsnopino-ipbizsocialplusddnsnetsofemmno-ipbizsomenormalguyduckdnsorgsondres1ddnsnetsonkar412duckdnsorgsorryduckdnsorgsosg77ddnsnetsosonoipusspicymemesduckdnsorgspiel007ddnsorgspofyddnsnetspynote-webdynucomsramicddnsnetssjfmyftpbizssxdsweno-iporgstandby1537duckdnsorgstoringhoptoorgstrategddnsnetstux0netno-iporgsuckmordecockduckdnsorgsuperlegitratvirusddnsnetsvn-01ddnsnetsweetman2020no-ipbizsystem32comtaha100iqhoptoorgtaherhackerhoptoorgtakno-ipinfotakpar67no-ipbiztaras1928ddnsnettargi01hoptoorgtatacallservebeercomtatalinehoptoorgteda11zaptoorgtedy1993ddnsnettelegram-stickersnoipmetelegram-toolsno-ipbizteolandiano-ipbiztestno-iporgtestpagezkrtest145ddnsnettest29ddnsnettestanddnsnettestandroddnsnettestapkkhoptoorgtestkpsddnsnettestsrddnsnettestsssddnsnettesttwo2ddnsnettestxyddnsnetth3expert3utilitiescomthaerno-ipbiztheblack16ddnsnetthedroidjackddnsnetthegangsterrapnoipmethegod2ddnsnetthekillersddnsnetthelostanddnsnetthemayhen23no-iporgtnaxinmsnscntobytori18myftporgtom928no-ipbiztomyykddnsnettonyjonyddnsnettopmaxmyq-seecomtoyman6699no-ipinfotrythelastno-iporgttn10no-iporgtunisvista3utilitiescomudownddnsnetufologlylyddnsnetumar14344ddnsnetunknownuserno-ipbizupdatermyftporgupdatesystemdynucomupdatexxxhoptoorgusamyftpbizusa20002015ddnsnetusa2222ddnsnetuserframersytesnetusernamegopro1ddnsnetusmhmyq-seecomuzzal619viewdnsnetvajausingdynucomvbblogsytecomvegoddnsnetvetalamator1ddnsnetviagrajumpingcrabcomvictimno-iporgvigohoptoorgvikasno-ipbizvillevalochickenkillercomvipmustafano-ipinfovodano-iporgvolnadosytesnetvpn0ddnsnetvwelxvddnsnetw0rm32ddnsnetwar10ckserveftpcomwarl10ckddnsnetwarrirrsno-iporgwasawalidhoptoorgwassam100ddnsnetwasxmrtdubddnsnetwatzebddnsnetwcvwcvpicpnetwebhack2017ddnsnetwebi7ddnsinfoweedforlifehackerddnsnetwelcomeheretomeptddnsnetwhatsradarno-ipbizwilduddnsnetwilliettingerccwin32ddnsnetwindows12345ddnsnetwindows7trojanddnsnetwinlogenduckdnsorgwinserverdlinkddnscomwoaisue3322orgwogusnbno-ipinfowombocombomooocomwtfwtfduckdnsorgwww177mucnwxf2009817f3322netx300x300xxno-iporgx64-windowsddnsnetxa1newoldhoptoorgxatar12ddnsnetxiltoduckdnsorgxingyuekejif3322netxmohcineddnsnetxmppegycomxnxx123publicvmcomxomrono-ipbizxos1982ddnsnetxtiger007ddnsnetxyz2145ddnsnetxzoro2016no-ipinfoyamsoheddnsnetyangwebf3322netyassinescaleoddnsnetyelp01f3322orgyorkiepetddnsnetyossf2014no-ipbizyouduckdnsorgyounixddnsnetyousefehab11ddnsnetyouseffathiiddnsnetyoussef-1234hoptoorgyuosaf1993ddnsnetyurimacedo1ddnsnetza3blawyddnsnetzaboza2020ddnsnetzadehasan1ddnsnetzaheerkhan786ddnsnetzakifrno-ipbizzakoo1zaptoorgzal75zkddnsnetzaliminxxduckdnsorgzaqataladynucomzecovpnhasan1123ddnsnetzennoneddnsnetzero228ddnsnetzoheirdroidjackzaptoorgzokor-zokorddnsnetzola123no-ipbizzongkahanino-ipbizzouhr9hoptoorgzxczxczxcddnsnet

Security Boulevard

What is Nassef from Darkode Up To? - Part Two

What is Nassef from Darkode Up To? - Part Two

By: Dancho Danchev

Dear blog readers,I've decided to continue my elaboration and provide further actionable intelligence on a well known member of the Darkode cybercrime-friendly forum community Nassef.Nassef is using xavi-linuxer@live as his personal email address account and is known to have registered the following domains using it - hxxp://tonymontana.cards - hxxp://tonymontana.cash - hxxp://tonymontana.biz.He's also using the following email address account tonymontana_mexican@yahoo and is known to have registered the following domains using it:hxxp://c2bit-powerhxxp://procarderhxxp://novlops.cchxxp://freshcvv2hxxp://sharkcchxxp://edumps.cchxxp://cvvlisthxxp://cardinghispanohxxp://dumps4youhxxp://zanoledhxxp://vic-sockshxxp://dump-servicehxxp://thugcardershxxp://hotdumpshxxp://dumpsvendorhxxp://getbettehxxp://crimemarkethxxp://cardingmaestrohxxp://ug-storecardshxxp://cvvsitehxxp://tonymontana.cchxxp://dumpscliniquehxxp://source4dumps.cchxxp://skycvvhxxp://carderprofit.cchxxp://styxmarkethxxp://wt1shophxxp://scene-toolshxxp://fraudsmarkethxxp://cardersvillahxxp://bigcarderhxxp://cardertoolshxxp://cvvsh0phxxp://fe-dumpstorehxxp://profitbinshxxp://carding-shophxxp://zonecvvhxxp://torcrdshxxp://shopvl.nethxxp://prvtzonehxxp://rdpwallmarthxxp://xdedichxxp://smartstripes.bizhxxp://cc-baseRelated posts:What is Nassef from Darkode Up To?Exposing the Darkode Forum Bust and the Associated Individuals Behind It - Or How I Almost Got Kidnapped? - An OSINT AnalysisDomain Portfolio Operated by Sp3cial1st from Darkode He's also known to be using [email protected] as his personal email where he is known to have registered the following domains:hxxp://fe-dumpstorehxxp://profitbinshxxp://dump-servicehxxp://thugcardershxxp://torcrdshxxp://shopvl.nethxxp://cardertoolshxxp://cvvsh0phxxp://xdedichxxp://smartstripes.bizhxxp://carding-shophxxp://zonecvvhxxp://cc-basehxxp://prvtzonehxxp://rdpwallmarthxxp://novlops.cchxxp://scene-toolshxxp://fraudsmarkethxxp://cardersvillahxxp://edumps.cchxxp://cvvlisthxxp://c2bit-powerhxxp://procarderhxxp://zanoledhxxp://vic-sockshxxp://freshcvv2hxxp://sharkcchxxp://hotdumpshxxp://dumpsvendorhxxp://cardinghispanohxxp://dumps4youhxxp://ug-storecardshxxp://source4dumps.cchxxp://getbettehxxp://crimemarkethxxp://cardingmaestrohxxp://wt1shophxxp://cvvsitehxxp://tonymontana.cchxxp://dumpscliniquehxxp://bigcarderhxxp://skycvvhxxp://carderprofit.cchxxp://styxmarket

© 2025 Intelligent Relations