Regarding the DDoS attack on X:

- Yes, we have identified the correct individual, and he is aware of it. He has attempted to delete evidence since the publication of the tweet.
- Again, it’s not a one-man job. We have also identified the other members of the team.
- They are aware of it. They sent 500 million requests to predictasearch.com over the last three days.
- Trust the process. A report has been sent to the concerned authorities, and they will do their excellent work as usual. They created a new Telegram channel. The last post they forwarded is from a channel called "Russian Partisan." This is not surprising according to our initial findings.

https://x.com/fs0c131y/status/1899433588375867560?s=46&t=TuYvGMRia7bcv-DnpDoahg

Hi @elonmusk,

I've identified the people responsible for the DDoS attack on X yesterday. I'm currently in Washington and will be at the Eisenhower Building tomorrow (for another matter). Would you be interested in meeting?

In the meantime, let me explain

It's OSINT time! @elonmusk Yesterday, a group called "Dark Storm Team" claimed responsibility for a DDoS attack on Twitter.

Their leader, MRHELL112 on Telegram, has previously used usernames like Darkcrr, GLITCHAT1, and GLITCHcracker.

Votre volonté d’ajouter une porte dérobée dans les applications de messagerie est une énorme idiotie. Presque autant que votre condescendance…

Explications ⬇️

https://twitter.com/clarachappaz/status/1896610730167947561

Beaucoup s’inquiètent, donc madame explique. À coup de novlangue et de mots clefs.

Le fameux : “Si les français ne comprennent pas c’est que l’on n’a pas assez expliqué”

Vous prenez les gens pour des idiots et après la classe politique s’étonne des résultats dans les urnes

https://twitter.com/clarachappaz/status/1896610734114812126

Operation TALENT - Tracking the Hackers

On January 29th, Operation Talent dismantled the cybercrime forums Cracked and Nulled, led by two young individuals and used by millions.

Want to dive deeper?

It's OSINT time! ⬇️ To complete this investigation, the @PredictaLabOff team utilized our platforms predictagraph.com and predictasearch.com.

Thanks to the collaborative mode, you can access a snapshot of the graph here:
predictagraph.com/graph/snapshot…

The IP address of DrugHub, a well-known dark web drug marketplace, has been exposed.

The website owner made a critical OPSEC blunder.

It's OPSEC time!

https://twitter.com/EvilRabbitSec/status/1880725289057366172

On the website's /info/market-links page, three links are provided:
- The primary .onion address
- A clearnet link
- A permanent mirror

Worried about a TikTok ban? Americans are now flocking to Xiaohongshu (REDnote), another Chinese app.

Spoiler: Yes, it tracks its users.

Time to dive in! ⬇️ When creating an account, you must verify your phone number by entering a code received via SMS.

The request sent to Xiaohongshu's server includes your phone number (of course), along with your IDFA and IDFV.

Only one country was represented at Kim Jong Un's New Year's Eve party. Can you guess which one?

At the Rungrado Stadium, Kim hosted a grand celebration. Before the fireworks, officials enjoyed a private party near the stadium

One attendee's face stood out 🕵️‍♂️

It’s OSINT time! South Korean media focused on a 2-second clip of Kim Yo Jong, Kim Jong Un's sister, seen publicly with what seemed to be her children for the first time.

But they missed something important 👀

Hackers claim to have breached Gravy Analytics, a US location data broker selling to government agencies.

They shared 3 samples on a Russian forum, exposing millions of location points across the US, Russia, and Europe.

It's OSINT time! 👇 The samples include tens of millions of location data points worldwide.

They cover sensitive locations like the White House, Kremlin, Vatican, military bases, and more.

Time to dig in!

5 days ago, an Instagram account shared a video from North Korea with the caption: "A brave tourist secretly captures restricted views of downtown North Korea"

Can we geolocate this footage?

It's GEOINT time! I paused the video to screenshot this pink building. A quick Google Lens search reveals two matching photos of the location:
- alamyimages.fr/un-agent-de-po…
- flickr.com/photos/tobeyfo…

On Friday, December 20, 2024, the U.S. DOJ charged Rostislav Panev, a dual Russian-Israeli national, as a LockBit ransomware developer. Arrested in Israel, he awaits extradition to the U.S.

It's OSINT time!

https://twitter.com/vxunderground/status/1871024288431587725

You know the drill: with predictasearch.com and predictagraph.com, I traced and mapped Rostislav Panev's complete digital footprint.

Explore the graph here: predictagraph.com/graph/snapshot…

Two days ago, @TheJusticeDept announced an international disruption effort against the current version of RedLine Infostealer.

It's #OSINT time!

https://twitter.com/USAO_WDTX/status/1851212106160357840

In the redacted complaint, Maxim Rudometov is identified as one of the developers of RedLine: justice.gov/usao-wdtx/medi…

Using Predicta Graph and #OSINT techniques, I’ve retraced each step taken by the @FBI. For full details, check out the complete graph!

predictagraph.com/graph/snapshot…

Today, the famous hacker known as USDoD was arrested by the Brazilian police.

The FBI had a way to find his identity and home address since at least June 2022. I will show you how.

It's OSINT time! ⬇️

https://twitter.com/DarkWebInformer/status/1846634069955612822

Let’s recap: On August 23, USDoD was doxxed by Crowdstrike.

Along with the @PredictaLabOff team and using predictagraph.com, we discovered two different OSINT methods to uncover USDoD’s real identity.

x.com/fs0c131y/statu…

Few things about exploding communication pagers

Thread ⬇️

https://twitter.com/Faytuks/status/1836038889179390199

First off, it's still early, and reports are developing. Keep an eye on the news in the coming hours or days for more updates.

theguardian.com/world/2024/sep…

Three days ago, the @FBI released photos of "GRU 29155 cyber operatives": five Russian military intelligence officers and one civilian.

It's #OSINT time!

https://twitter.com/FBIMostWanted/status/1831750446588833813

@FBI I zeroed in on Denis Igorevich Denisenko and, with the help of , mapped a portion of his digital footprint in just a few minutes.

Nothing groundbreaking, but I did uncover some interesting bits! beta.predictagraph.com

On Linkedin, Jean-Michel Bernigaud, (OFMIN chief of staff) wrote

"At the heart of this case is the lack of moderation and cooperation from the platform [..] particularly in the fight against pedocriminality."

Ultimately, it's all about content moderation.

https://twitter.com/fs0c131y/status/1828065679393624249

The legal showdown over this case will be monumental

The woman who accompanied Pavel Durov on his journey that led to his arrest is Juli Vavilova

It's #OSINT time!

https://twitter.com/fs0c131y/status/1827451884300292172

On August 21, Pavel Durov posted on his VK account:

"Telegram delegation visit to Azerbaijan

In Azerbaijan, Pavel Durov honed his target shooting skills and prepared for Formula 1."

The post was accompanied with 2 videos

Today, the famous hacker USDoD has been doxed by CrowdStrike.

You want to know how?

It's #OSINT time! First the recap. This morning @TecmundoDigita published an article based on a report from CrowdStrike received from an anonymous source.

"The likely leader of the USDoD group is a 33-year-old man named Luan BG who lives in Minas Gerais, Brazil"

tecmundo.com.br/seguranca/2885…

The owner of the "Incognito Market" has been arrested. It's #OSINT time!

THREAD 1/n

https://twitter.com/TheJusticeDept/status/1792622076496433558

Today, the @FBI announced today the arrest of RUI-SIANG LIN, a/k/a “Ruisiang Lin,” a/k/a “林睿庠,” a/k/a “Pharoah,” a/k/a “faro,” in connection with his operation and ownership of “Incognito Market,” an online dark web narcotics marketplace

justice.gov/usao-sdny/pr/i…

The identity of the Lockbit leader has been revealed. It's #OSINT time!

THREAD 1/n

https://twitter.com/NCA_UK/status/1787845496574222782

Our starting point will be the specially designated nationals list. It gives 2 email adresses linked to Lockbitsupp:
- khoroshev1@icloud.com
- sitedev5@yandex.ru

src: ofac.treasury.gov/recent-actions…

Ivan Gennadievich Kondratyev, a.k.a. “Bassterlord” has been added to OFAC's SDN list

It gives us an email address. It's time for an investigation. THREAD ⬇️ ofac.treasury.gov/recent-actions…
Who is Bassterlord ?

According to Jon Di Maggio from @Analyst1:
- Bassterlord is a ransomware affiliate who runs his team, known as the National Hazard Agency. Originally, he was a junior. team member, but as time progressed, he moved up the ranks and is now its leader.

- Bassterlord partnered with at least four ransomware gangs: REvil, RansomEXX, Avadon and LockBit.

- Bassterlord is a Caucasian male around 27 years old, born, raised, and living in Lugansk, Ukraine. He operates on Russian underground forums under the monikers “Fisheye,” “Bassterlord,” “Buster,” and “National Hazard Agency,” which is also the name of his team.

analyst1.com/ransomware-dia…

I found the blog of lengmo. Bro people will remembered your blog now

https://twitter.com/fs0c131y/status/1759594910016029157

The blog is .

A lot of archives are available lengmo.net
web.archive.org/web/2024000000…