Exposing BG Worm – A Bulgaria-Based Web Site Defacement Group – An OSINT Analysis
An image is worth a thousand words.
EvilHack -> http://www.youtube.com/user/AnonymousEvilHack/about -> http://cyber-code.tk/ -> BG Cyber Army -> http://www.zone-h.org/archive/notifier=Bulgarian%20Cyber%20Army
-> https://www.facebook.com/bgcyberarmy
Bca-group.org – Email: [email protected]
BG Cyber Army – Cyber Root, Cyber King, iNCUBUS, JoKeR, MoonSpire
– [Pa3pyxA, FuckOFF, CyberKing, CyberLord]
CyberLord: [email protected] :: [OK] [+] CyberKing: [email protected] :: [OK]
Pa3pyxA: [email protected]
Anonymous BG’s main forum URL: http://anonbg.info
Group member handles: rootheR_, Hades, NoTolerance, EvilHack, PsychoPatternz.
Forum postings for ID-ed member PsychoPatternz: http://anonbg.info/member.php?34-PsychoPatternz
Forum postings for ID-ed member EvilHack: http://anonbg.info/member.php?13-EvilHack
EvilHack’s real name: Genadi
Skype: genadi_97
Skype: anonymous_evilhack
City: Veliko Turnovo or Tutrakan
Associated emails:
URL he maintains:
https://www.facebook.com/pages/EvilHack-Programs
http://anonymous-world.free.bg/page-8.html
http://web-dangerous.free.bg/page-9.html
http://evilhack-official.blogspot.com/
http://www.podariavam.com/user/GenadiD
PsychoPatternz’s name: Asparuh Naydenov
City:: Plovdiv
Skype: asparuh1231
URLs he maintains:
http://psychopatternz.blogspot.com/
https://www.facebook.com/hakhz/timeline
Facebook profile:
https://www.facebook.com/Psychopatternz
EvilHack appears to be also a member of a newly emerged group, namely, Bulgarian Cyber Army.
Connection: EvilHack -> http://www.youtube.com/user/AnonymousEvilHack/about -> http://cyber-code.tk/ -> BG Cyber Army -> http://www.zone-h.org/archive/notifier=Bulgarian%20Cyber%20Army
-> https://www.facebook.com/bgcyberarmy
Official Web site: bca-group.org – Email: [email protected]
Related group emails: [email protected]; [email protected]
Current members: Cyber Root, Cyber King, iNCUBUS, JoKeR, MoonSpire
Ex-members: Pa3pyxA, FuckOFF, CyberKing, CyberLord
Group members’ associated emails:
CyberLord – [email protected]
CyberKing – [email protected]
Pa3pyxA – [email protected]
Group’s Name: Hack3D TeaM” or “MTH Soft
Facebook: https://www.facebook.com/hack3dteam;
https://www.facebook.com/bgworm.info
Vimeo account: http://vimeo.com/user16145338/videos
Forum: http://hakerstvo.informe.com/
Zone-H Archive: http://zone-h.org/archive/notifier=MaStErChO/page=1
Hackdb Archive: http://www.hack-db.com/hacker/r00tkit/all.html
Google Plus Profile: https://plus.google.com/104878573752624522053/photos
Group Members: r00tkit, MaStErChO AloneWolf, Sspdf11, razora911, Metalqear
Shout outs most commonly given to — on the basis of multiple defaced
page assessments –MaStErHaCk, – RTFM -The Godfather-(tm)(R) PanteliX (R)(tm) –
(tm)W!PS(tm) – Tiger(tm) – Slackera – TraferA – 3ikmy – N3x0R.
Known group domains’ reconnaissance:
hxxp://bgworm.com – Email: [email protected] – name: “Mastercho
Hoomie” same as the Google Plus account
hxxp://bgworm.info – historical WHOIS emails: Email: [email protected];
Email: [email protected]
Group member profile: Anton Nikolaev (MaStErChO)
Email: [email protected] – email used from the forum’s registration confirmation
Secondary email: [email protected] – Reference:
Skype: ko.ti.puka
Mobile: 0895373102
Second Mobile: 0887565357
Birth date: March 25, 1992 or 17 July, 1990
*** This is a Security Bloggers Network syndicated blog from Dancho Danchev's Blog - Mind Streams of Information Security Knowledge authored by Dancho Danchev. Read the original post at: http://feedproxy.google.com/~r/danchodanchevonsecurityandnewmedia/~3/QnD-nR7u6x0/exposing-bg-worm-bulgaria-based-web.html
