Info@NationalCyberSecurity
Info@NationalCyberSecurity

The Conti Ransomware Gang and the Trickbot Cybercrime Enterprise XMPP’s and Jabber Account IDs | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware


The power of OSINT and real-time OSINT which has been my methodology since December, 2005 when I originally launched this blog? Check out the following analysis courtesy of me which details in-depth who’s behind the Conti Ransomware Gang and the Trickbot cybercrime enterprise using exclusively and entirely public sources of information in combination with my real-time OSINT methodology hence the results.

Sample XMPP and Jabber account IDs include:

[email protected]

[email protected]

[email protected]

[email protected]

[email protected]

[email protected]

[email protected]

[email protected]

[email protected]

[email protected]

[email protected]

[email protected]

[email protected]

[email protected]

[email protected]

[email protected]

[email protected]

[email protected]

[email protected]

[email protected]

[email protected]

[email protected]

[email protected]

[email protected]

[email protected]

[email protected]

[email protected]

[email protected]

[email protected]

[email protected]

[email protected]

[email protected]

[email protected]

[email protected]

[email protected]

[email protected]

[email protected]

[email protected]

[email protected]

[email protected]

[email protected]

[email protected]

[email protected]

[email protected]

[email protected]

[email protected]

[email protected]

It gets even better with the recent OFAC sanctions that also mention several interesting email address accounts:

[email protected]

[email protected]

[email protected]

[email protected]

[email protected]

[email protected]

[email protected]

[email protected]

[email protected]

It gets even more interesting when we dig a little bit deeper and find related domain registrations associated with these email address accounts.

For instance we have hxxp://baikal-tour.su which is a travel agency and hxxp://kurochkina.com which is Ekaterina Kurochkina who is a fashion photographer currently known as Valentina Ushenina currently a training instructor at the PortDeBras company where we have the same domains registered by a known individual on the Conti Ransomware Gang’s sanctions list ([email protected]).

We also have a Google Play application (hxxp://play.google.com/store/apps/details?id=com.WSCards.RSP&&gl=US) that also points to (hxxp://finters.su) which stands for an international sports organization.

Personally identifiable information on Valentina Ushenina include:

Skype: valentinatigra

hxxp://vk.com/id3151577

Email: [email protected]; [email protected]

Sample photos of Valentina Ushenina include:

All known domains known to have been registered by [email protected] include:

hxxp://artfreegallery.us

hxxp://artfreegallery.com

hxxp://kurochkina.com

hxxp://s23.su

hxxp://baikal-tour.su

hxxp://finters.su

All known domains known to have been registered by [email protected] include:

hxxp://art-deko.biz

hxxp://serpwomanhealth.info

hxxp://avtofortuna.info

hxxp://knigodvor.info

hxxp://alkommet.com

hxxp://art-deko.info

Stay tuned!

*** This is a Security Bloggers Network syndicated blog from Dancho Danchev’s Blog authored by Dancho Danchev. Read the original post at: https://ddanchev.blogspot.com/2023/09/the-conti-ransomware-gang-and-trickbot.html

——————————————————–


Click Here For The Original Source.

National Cyber Security

FREE
VIEW