固定されたツイート
IntelOps
913 posts
IntelOps
@IntelOpsV3
The internet holds vast secrets for those who know how to look A darkweb forum for security researchers
参加日 Haziran 2025
82 フォロー中4.8K フォロワー
(EXCLUSIVE) New investigation: Who runs Cl0p ransomware?
Months of reporting, cross-referencing forum records, dossiers, and confidential sources identifies the group's operators, developers, access brokers, and infrastructure.
rmoskovy.github.io/posts/who-runs…
#Ransomware #Cl0p #ThreatIntel #osint #clop #security #research
English
We need a Rey @dulls plushie
Resolute@ResoluteXBF
New collection coming soon at breached[.]st 🔥
English
Who runs Cl0p? 👀
@rmoskovy is dropping some 🔥 intel, give him a follow
Ryan Moran (remo)@rmoskovy
(EXCLUSIVE) New investigation: Who runs Cl0p ransomware? Months of reporting, cross-referencing forum records, dossiers, and confidential sources identifies the group's operators, developers, access brokers, and infrastructure. rmoskovy.github.io/posts/who-runs… #Ransomware #Cl0p #ThreatIntel #osint #clop #security #research
English
@IntCyberDigest The funny thing is that I know all of their real names LMFAO.
English
❗️Meet Hellcat ransomware group operator 'Pryx' — responsible for high-profile hacks like Jaguar Land Rover, Telefonica, Schneider Electric and many more.
He started doing cybercrime as a kid.
He got 4 people killed and 27 injured after starting a fire by hacking into the SCADA network of Telecom Egypt.
An OSINT researcher just revealed who he is and how he tracked him down.
English
@meterpretered @session_app @DoingFedTime @vxunderground "We have already demonstrated and were able to successfully complete an ATO attack and extract the victim’s private key completely remotely."
@rmoskovy has already confirmed a separate XSS vulnerability
English
@IntelOpsV3 @session_app @DoingFedTime @vxunderground Important to note that XSS is a precondition to this being exploited, so it’s not like there is an available exploit
English
Complete remote account takeover in @session_app Desktop by extracting the account’s Ed25519 private key! 🚨
@DoingFedTime @vxunderground
Ryan Moran (remo)@rmoskovy
Session Desktop (@session_app) has a critical Electron misconfiguration that turns any XSS or code injection bug into remote account compromise. A single vulnerability in message/content handling = complete account takeover. rmoskovy.github.io/posts/session-… #Session #cybersecurity #threatintel
English
IntelOps がリツイート
Researchers at @ctrlaltintel once again yanked an APT into the spotlight due to sloppy trade craft.
Today its FancyBear! Check out the full write up.
As always, none of this is possible without
@polygonben and others @ctrlaltintel
ctrlaltintel.com/threat%20resea…
English
BF (Hasan's) is claiming victory and has imported 300k users from the DB of Indra's dead BF. All user ranks have been carried over and they are reportedly working on importing all forum threads
Resolute@ResoluteXBF
The old BreachForums userbase has been fully imported at https://breached[.]st. All ranks have been updated, with GOD now Immortal, while VIP and MVP remain the same. Threads will be done Soon
English
The threat actor group Hellcat has now reportedly had 2 of its members de-anonymized, those members being Rey & Pryx.
IntelBroker, Hellcat's most notorious alleged member in terms of publicity, was reportedly arrested in 2025 and is believed to be in custody.
The current state of Hellcat is shown in the image of alleged members below.
English
Who is Pryx? 👀
Our latest cybercrime intelligence report examines a threat actor tied to data breaches, Hellcat / SLSH, and claims of access to infrastructure leading to a fatal incident
⬇️ See full report
#CyberCrime #OSINT #ThreatIntel #Ransomware
English
❗️Pryx just replied with the cheapest MacBook, a cheap Taurus gun and about 80 USD worth of Kazakhstani tenge.
International Cyber Digest@IntCyberDigest
❗️Meet Hellcat ransomware group operator 'Pryx' — responsible for high-profile hacks like Jaguar Land Rover, Telefonica, Schneider Electric and many more. He started doing cybercrime as a kid. He got 4 people killed and 27 injured after starting a fire by hacking into the SCADA network of Telecom Egypt. An OSINT researcher just revealed who he is and how he tracked him down.
English
IntelOps がリツイート
@IntelOpsV3 If he has so much money, why still live in Rak?
Used to live just a few streets next to his location, and it's a cheap area for someone like him.
English
@IntelOpsV3 @IntelOpsV3 KELA also claimed this, no? if im not mistaken
English
IntelOps がリツイート
IntelOps がリツイート
Learn how Ransomware operators execute their attacks with surgical precision, leveraging Active Directory, Kerberos, and domain controllers.
klydz.net/all/How-ransom…
#CyberSec #ransomware #malware @vxunderground @TMRansomMon
English
very nice work here 😉
Ivan@Ivanklydz
Hello, TOX protocol lovers and the most wanted ransomware operators using TOX for comms! With only your public Tox ID, I can see who you’re talking to, reveal your real IP behind proxies, and even track your activities. #Onion_Path_Poisoning research coming soon! @DoingFedTime
English
@IntelOpsV3 The info seems to match that kela post from a couple years ago.
Seriously tho, what's the deal with cybercriminals using their mother identity? Anyways, nice work as always, keep it up man
English