1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Caught A Hacker - Full Personal Details :D

Discussion in 'BlackHat Lounge' started by stealthisblog, Apr 17, 2009.

Thread Status:
Not open for further replies.
  1. stealthisblog

    stealthisblog Regular Member

    Joined:
    May 26, 2008
    Messages:
    289
    Likes Received:
    238
    Location:
    New York City
    Hey. So i was searching around last night and found a post where someone apparently posted GodCPA for download. I thought what the hell, I'll give it a shot. So I downloaded it and ran it, and nothing happened. I tried like 4 times and still nothing happened. Thats when I realized I probably just got trojaned...

    So I turned on wireshark and sniffed the traffic


    As you can see the exe tried to log into an FTP server, which means it was most likely a firefox/IE password stealer. For some reason the username and password combo the guy put into the exe didn't work anymore though... Anyway, so I decided to check out some info on the domain:

    And I saw that this was a dedicated box since thats what the host offered and there were only 4 sites on it. So I got the list of sites and decided to do a whois on each one. The first site gave me this:


    The site was about *********, which would link the guy to the original fake CpaGod trojan... and after I scrolled down, I found:

    :D Owned! So what do you guys think, is this the real guy? I think it is, one because its a dedi box and the sites about CPA... I'm thinking about giving him a call to ask :p
     
    Last edited by a moderator: Apr 23, 2009
  2. the_demon

    the_demon Jr. Executive VIP

    Joined:
    Nov 23, 2008
    Messages:
    3,177
    Likes Received:
    1,563
    Occupation:
    Search Engine Marketing
    Location:
    The Internet
    Report him to the affiliate networks and hosting... All his account will be terminated... Then you can give him a call (block your # first).
     
  3. Claudiu

    Claudiu Regular Member

    Joined:
    Feb 28, 2009
    Messages:
    287
    Likes Received:
    81
    Location:
    127.0.0.1
    :)) yeah .. a call would scare him so make it a good call so you can laugh at .. tell him your CIA (or someone) and found some illegal activities with his IP
     
  4. spect

    spect Newbie

    Joined:
    Nov 8, 2008
    Messages:
    48
    Likes Received:
    46
    No offense, but this is a waste of time. Instead of dedicating it to make some dough, you're wasting it playing pranks on a wannabe hacker. Time is money.

    Although I do agree on the "report him to the affiliate network and hosting" part. :rolleyes:
     
    Last edited: Apr 17, 2009
  5. stealthisblog

    stealthisblog Regular Member

    Joined:
    May 26, 2008
    Messages:
    289
    Likes Received:
    238
    Location:
    New York City
    well, I initially wasn't trying to play pranks on him. I started this because I wanted to go into his FTP and delete any logs stolen from my computer to protect me... but THEN I decided to screw around :p You can't work all day, you gotta have a little fun too! I'm gonna send an email out to the host now, then maybe call the guy on skype and record it later... it should be funny :D
     
  6. guv360

    guv360 Newbie

    Joined:
    Dec 30, 2008
    Messages:
    11
    Likes Received:
    0
    haha i would love to see the look on his face if you done that xD
     
  7. the_demon

    the_demon Jr. Executive VIP

    Joined:
    Nov 23, 2008
    Messages:
    3,177
    Likes Received:
    1,563
    Occupation:
    Search Engine Marketing
    Location:
    The Internet
    I just called host monster informing them of stolen content and that the user was distrubting trojans... They didn't even ask me the domain name...They basically said they want a DMCA from the owner of the stolen content.... WTF I've never heard suck crap from a web hosting company most will ask the domain name and hit terminate without question.

    I forget which mod/admin owns ******** but you should contact hostmonster as they are using your site images,etc.


    [edit] Report now filed with Click Bank
     
    Last edited: Apr 17, 2009
  8. nam6641

    nam6641 Supreme Member

    Joined:
    Nov 15, 2008
    Messages:
    1,476
    Likes Received:
    914
    Location:
    East Coast
    maybe the owner of GodCPA (who is a member here) got you for trying to download his software for free.
     
  9. spikyy

    spikyy Junior Member

    Joined:
    Jul 27, 2008
    Messages:
    187
    Likes Received:
    213
    it those are his real info's than you should stop calling him 'hacker'
     
  10. yeti_racer

    yeti_racer Junior Member Premium Member

    Joined:
    Dec 3, 2008
    Messages:
    192
    Likes Received:
    87
    Location:
    Hick Ville
    Wouldn't that be kinda stupid though? Banning the accounts with no proof? Then I could just call your host, make up some sort of BS and get all your accounts terminated. Wanting to see an actual DMCA notice means they have some sort of safeguards in place & that is a good thing.
     
  11. falcommoney

    falcommoney Junior Member

    Joined:
    Jan 11, 2009
    Messages:
    127
    Likes Received:
    62
    Well said.

    You should report him.

    Maybe try downloading a new version to get working user and pass...
     
  12. lucian999

    lucian999 Newbie

    Joined:
    Mar 4, 2009
    Messages:
    33
    Likes Received:
    4
    blackmail him into doing stuff for u. :p
     
  13. Danny Relic

    Danny Relic Regular Member Premium Member

    Joined:
    Apr 13, 2007
    Messages:
    374
    Likes Received:
    250
    Occupation:
    Student
    Location:
    New Mexico
    *sigh* I just came across someone selling my software as his own.

    This shit happens all the time, and it sucks.

    BUT, I'm literally about 25 minutes from carrollton, where this guy lives. Hmmmm......
     
  14. nirose

    nirose Senior Member

    Joined:
    Oct 24, 2008
    Messages:
    984
    Likes Received:
    437
    Location:
    somake.us
    Ya blackmail him to do something for you.
     
  15. gundamwing

    gundamwing Jr. VIP Jr. VIP Premium Member

    Joined:
    Sep 18, 2008
    Messages:
    1,274
    Likes Received:
    913
    russian guy ....
     
  16. dismantle

    dismantle Newbie

    Joined:
    Apr 12, 2008
    Messages:
    43
    Likes Received:
    19
    Location:
    In your computer
    He is definitely not a "Hacker", Only lamers send trojan's. There's a clear difference between "Hacker" and "Cracker". Hes a wannabe "Cracker", If he got caught that easy i wouldn't want to blackmail him to do stuff for me on any level..lol
     
  17. agj32mrgibbits

    agj32mrgibbits Registered Member

    Joined:
    Mar 1, 2008
    Messages:
    73
    Likes Received:
    50
    If his FTP is down chances are that he was already caught and forced to remove it or he gave up and shut the thing down.
     
  18. voxclan

    voxclan Regular Member

    Joined:
    Feb 11, 2008
    Messages:
    267
    Likes Received:
    274
    report him first, call him after, record the call and let us all listen to that conversation and laugh.
     
  19. l0cke

    l0cke Regular Member

    Joined:
    Dec 7, 2008
    Messages:
    212
    Likes Received:
    70
    Occupation:
    Designer, Marketer, Real Estate Sales, Author
    Location:
    TX, US
    Home Page:
    From the topic title I was about to bitch about people being vigitlantes for osmeone jacking and reposting forbidden softs.. but this takes the cake and made me eat crow. Hahahahaha, that stupid fuck tried to use a trojan to callback with passwords and hoped no one would notice? The soft didn't even work.

    Good job

    l0cke
     
  20. kingtrojan

    kingtrojan Junior Member

    Joined:
    Feb 28, 2008
    Messages:
    175
    Likes Received:
    167
    Occupation:
    Software Engineer
    Location:
    127.0.0.1

    That's what the owner of Xrumer do . They bind trojan with their software and distribute on the warez .. :p:p . It's like a kind of spam to make their soft become more popular and make peaple buy it ! hehe ..
     
Thread Status:
Not open for further replies.