Dancho Danchev

Dancho Danchev's Blog

Anonymous Bulgaria is your typical Anonymous “franchise” Anonymous hackers model where you have a group of people doing web site defacements and compromises of legitimate web sites and infrastructure and actually blame a bigger cause that they don’t really have anything to do with and don’t understand or know anything ... Read More

In my line of work in specific when doing research and analysis I always stick to a common concept which has to do with the fact that “everything that can be found has already been found somewhere online”. Sticking to this basic methodology the only thing an individual or a ... Read More

Dear blog readers,The following is a personally identifiable email address compilation known to belong to known members of the Breach Forums cybercrime-friendly forum community which I've decided to share with the idea to assist researchers vendors and organizations including U.S Law Enforcement on its way to properly track down and ... Read More

The power of OSINT and real-time OSINT which has been my methodology since December, 2005 when I originally launched this blog? Check out the following analysis courtesy of me which details in-depth who's behind the Conti Ransomware Gang and the Trickbot cybercrime enterprise using exclusively and entirely public sources of ... Read More

Who's aware of his new VK.com account? Here's his user ID: mb9911 which I obtained using public sources. Happy research.Sample photos:Here's a full list of his VK.com friends:Mikhail TikhomirovSergey GromykhalovAlexander SmolentsevYulia SergeevaDmitry SoshnikovNataly Rouf-TrubetskayaIrina VostroknutovaSvyatoslav PolynchukKsenia KuklinaAlisa VorobyevaAndryusha PalatnikOleg ZubovKirill ShokinKristina ShustovaSvetlana ShantalovaAlbert UrbanovichLiza TsarevskayaMasha VaulinaDmitry OgorodnikovAlexey KozlovAnka LarikovaVera IvanovaRituchcha KuzmenkoKsenia ... Read More

Folks,This is the third part of the blog posts series where I'm actively data mining publicly and private invite only cybercrime-friendly communities looking for personally identifiable email address accounts and XMPP/Jabber account IDs with the idea to assist everyone on their way to properly do their research including the U.S ... Read More

Dear blog readers,The following is a set of personally identifiable email address accounts known to belong to ransomware operators or participants in ransomware-themed affiliate-based partner programs which I've decided to share with everyone doing research on the topic and looking for clues or additional resources on how to improve their ... Read More

Folks,I've been recently digging deep into the ever evolving cybercrime ecosystem doing research and trying to supply as much personally identifiable information on the bad guys in the form of personally identifiable email address accounts including XMPP/Jabber account IDs where the ultimate goal would be to properly assist everyone on ... Read More

In need of a fresh and relevant bulletproof hosting provider domain list for research purposes?Check out the following list of domains which I compiled today and decided to share with everyone reading my blog.Sample bulletproof hosting provider domains include:hxxp://1984hosting.comhxxp://2X4.ruhxxp://2sync.cohxxp://3nt.comhxxp://NovoGara.comhxxp://abusehosting.ruhxxp://admintek.nethxxp://advania.comhxxp://afranet.comhxxp://agava.ruhxxp://albahost.nethxxp://alexhost.comhxxp://altushost.comhxxp://anders.ruhxxp://anonymoushosting.inhxxp://antiddos.bizhxxp://area6.ruhxxp://artmotion.euhxxp://asiapacific-it.comhxxp://asiapacifichosting.comhxxp://atlax.comhxxp://availo.sehxxp://avk-com.ruhxxp://bacloud.comhxxp://bahnhof.nethxxp://balkanvps.comhxxp://beotel.nethxxp://berihoster.ruhxxp://besthosting.uahxxp://blazingfast.iohxxp://blueangelhost.comhxxp://borneo.kghxxp://bulletproof-web.ruhxxp://bullhost.cohxxp://ccihosting.comhxxp://cinipac.comhxxp://citynethost.comhxxp://cloud.volia.comhxxp://cloudlite.ruhxxp://colocall.nethxxp://comsats.net.pkhxxp://continent8.comhxxp://crservers.comhxxp://ctyun.cnhxxp://cubexsweatherly.comhxxp://curacaowebhosting.comhxxp://cyberbunker.comhxxp://cyberfuel.comhxxp://datacenter.irhxxp://datahouse.ruhxxp://dataplugs.comhxxp://dedicado.com.uyhxxp://deltahost.comhxxp://deltalis.comhxxp://deltasystem.clhxxp://dis.telecom.kzhxxp://dmzhost.chxxp://doclerweb.comhxxp://dreamwebhosting.nethxxp://ecatel.co.ukhxxp://eccsolutions.nethxxp://ecodissident.nethxxp://ekvia.comhxxp://elkupi.comhxxp://elvsoft.comhxxp://en.datasource.chhxxp://en.hostsolutions.rohxxp://en.ukrtelecom.uahxxp://en.uplink.huhxxp://eng.deninet.nethxxp://eodatacenter.comhxxp://eranet.comhxxp://eserver.ruhxxp://evoluso.comhxxp://exmasters.comhxxp://fastvds.ruhxxp://finalhosting.czhxxp://firstbyte.ruhxxp://firstvds.ruhxxp://flokinet.ishxxp://freehost.com.uahxxp://galkahost.comhxxp://geekhost.prohxxp://gemenii.rohxxp://glesys.comhxxp://global.bahxxp://globatel.orghxxp://gmhost.hostinghxxp://goodnet.com.uahxxp://grandhost.cchxxp://habangnet.comhxxp://hc.ruhxxp://heberjahiz.comhxxp://hidemyhost.comhxxp://hktechnology.comhxxp://host.alhxxp://hostalot.ruhxxp://hoster.ruhxxp://hosthink.nethxxp://hosting.nic.ruhxxp://hosting.reg.comhxxp://hosting.tel.ruhxxp://hosting.tongacable.nethxxp://hosting.turk.nethxxp://hosting.uahxxp://hostingserve.rshxxp://hostkey.comhxxp://hostname.clhxxp://hostoweb.comhxxp://hostparatuvida.comhxxp://hostsailor.comhxxp://hts.ruhxxp://hub.orghxxp://icyevolution.comhxxp://idhost.kzhxxp://ihc.ruhxxp://ihor.ruhxxp://infiumhost.comhxxp://infobox.ruhxxp://infomaniak.chhxxp://innovahosting.nethxxp://insacom.clhxxp://internetport.comhxxp://internetsolutions.hkhxxp://iprosrv.comhxxp://ironservers.clhxxp://ispcompania.comhxxp://ispserver.comhxxp://ititch.comhxxp://itldc.comhxxp://itools.mnhxxp://ixam-hosting.comhxxp://justhost.in.uahxxp://katzglobal.comhxxp://knownsrv.comhxxp://koddos.comhxxp://kowloonhosting.comhxxp://kras.hosthxxp://kriweb.comhxxp://laceibanetsociety.comhxxp://lankapartnerhost.comhxxp://latinoserver.comhxxp://lfait.comhxxp://libertyvps.nethxxp://libyanspider.comhxxp://licosys.comhxxp://linkdatacenter.nethxxp://localhost.tnhxxp://lolekhosted.nethxxp://ltt.lyhxxp://lunarvps.comhxxp://lunarvps.comorangewebsite.comhxxp://m247.roenhxxp://magicnet.mdhxxp://masterhost.ruhxxp://mcloud.rshxxp://melbicom.nethxxp://memvds.ruhxxp://mikrovps.comhxxp://mirohost.nethxxp://mtel.bahxxp://mycloud.byhxxp://nashirnet.nethxxp://natro.comhxxp://neoserver.ruhxxp://netassist.uahxxp://netbrella.nethxxp://netengi.comhxxp://netplace.ruhxxp://networksdelmanana.comhxxp://nexlinx.net.pkhxxp://nexus.pkhxxp://nidahost.comhxxp://nine.chhxxp://ninet.rshxxp://nonamehosts.comhxxp://nplusone.mahxxp://nsc.bahxxp://oblaci.rshxxp://offshorededi.comhxxp://offshoreracks.comhxxp://ohp.uahxxp://ok.ishxxp://online.tmhxxp://orangewebsite.comhxxp://ouriran.comhxxp://overleaf.comhxxp://pachosting.hkhxxp://panamaserver.comhxxp://parsonline.comhxxp://parspack.comhxxp://pavietnam.vnhxxp://pin.sehxxp://pirateshosting.nethxxp://planetahost.ruhxxp://plus.hrhxxp://pndc.irhxxp://portlane.comhxxp://powerhost.clhxxp://privatelayer.comhxxp://pro-managed.comhxxp://proen.cohxxp://proen.co.CARDING FORUMhxxp://proen.co.thhxxp://profivps.huhxxp://prq.sehxxp://ps.kzhxxp://ptclcloud.com.pkhxxp://pttrs.nethxxp://pw-service.comhxxp://qsscloud.bahxxp://rackend.comhxxp://racklodge.comhxxp://racknation.crhxxp://radore.comhxxp://rapidcompute.comhxxp://rayadatacenter.comhxxp://renter.ruhxxp://rockhoster.comhxxp://ru-tld.ruenhxxp://rusonyx.ruhxxp://rx-name.uahxxp://sadecehosting.comhxxp://securehost.comhxxp://selectel.comhxxp://semele.com.trhxxp://seohosting.com.trhxxp://server.uahxxp://serverastra.comhxxp://serverhk.orghxxp://serverhosting.myhxxp://serveria.comhxxp://servidores.gamerlive.clhxxp://shinjiru.comhxxp://simplecloud.ruhxxp://sinohosting.nethxxp://smart-hosting.rohxxp://solarcom.chhxxp://sologigabit.comhxxp://space.kzhxxp://starrydns.nethxxp://sunnyvision.comhxxp://superhosting.nethxxp://swedehost.nethxxp://swedendedicated.comhxxp://synwebhost.orghxxp://syt.comhxxp://t4.crhxxp://takewyn.comhxxp://tchile.comhxxp://tehnodom.comhxxp://tele-asia.nethxxp://teleklik.bahxxp://thnic.cohxxp://thnic.co.CARDING FORUMhxxp://thnic.co.thhxxp://thost.ruhxxp://tilaa.comhxxp://time4vps.euhxxp://timeweb.comhxxp://tomtel.ruhxxp://tophost.mdenhxxp://trabia.comhxxp://trvps.nethxxp://tucha.uahxxp://uanode.nethxxp://uar.nethxxp://udasha.comhxxp://ukraine.com.uahxxp://ukrdc.nethxxp://ukrnames.comhxxp://ultratechhost.comhxxp://underhost.comhxxp://unit-is.comhxxp://uniteddc.net.uahxxp://urdn.com.uahxxp://valuehost.ruhxxp://vds64.comhxxp://vdsinside.comhxxp://vhoster.nethxxp://victoriagroup.mehxxp://vinahost.vnhxxp://vinastar.nethxxp://virtono.comhxxp://virtualpark.huhxxp://vit.com.trhxxp://voxility.comhxxp://vps.aghxxp://vpsbg.euhxxp://vpsgod.comhxxp://vscale.iohxxp://vstoike.ruhxxp://warez-host.comhxxp://wavecom.eehxxp://web-server.euhxxp://webcare360.comhxxp://webhost.tnhxxp://webonic.huhxxp://webservices.dzhxxp://webuzo.nethxxp://weservit.nlhxxp://wrzhost.comhxxp://xenyohosting.comhxxp://xeonbd.comhxxp://xethost.comhxxp://xhostfire.comhxxp://xservers.rohxxp://yourserver.sehxxp://zgh.clhxxp://zomro.comHappy hunting ... Read More

In need of a freshly collected Iran-based hacker groups and lone hacker personal Web sites?As I did some homework on the topic of finding these I actually came across to the fact that the majority of these are located on an Iran-based hosting provider known as Persiangig.com and as I've ... Read More