Hacker Infected & Foiled by Own Infostealer

  /     /     /  
Publicated : 23/11/2024   Category : security


Hacker Infected & Foiled by Own Infostealer


A prolific threat actor has been operating on Russian-language forums since 2020, but then he accidentally infected his own computer and sold off its contents to threat researchers.



Malicious actor La_Citrix built a reputation on gaining access to organizations Citrix remote desktop protocol (RDP) VPN servers and selling them off to the highest bidder on Russian-language Dark Web forums.
The threat actor was using an infostealer to rip off credentials in campaigns dating back to 2020 — until La_Citrix accidentally infected his own computer with the malware and sold off his own data, along with a cache of other
stolen data
, to threat researchers with Hudson Rock who were lurking on the Dark Web to gather threat intelligence.
The first clue that there was something unusual afoot was when Hudson Rocks API detected a single user in the stolen data who appeared as an employee at nearly 300 different companies, the report explained.
Surprisingly, it was discovered that this threat actor orchestrated all of the hacking incidents using his personal computer, and browsers installed on that computer stored the corporate credentials used for the various hacks,
Hudson Rocks report
noted.
Ujpon digging further, Hudson Rocks team was quickly able to ascertain the threat actors identity, along with his address, phone, as well as evidence of his malicious activities.
Hudson Rock will forward the data to relevant law enforcement agencies, the report added.

Last News

▸ Some DLP Products Vulnerable to Security Holes ◂
Discovered: 23/12/2024
Category: security

▸ Scan suggests Heartbleed patches may not have been successful. ◂
Discovered: 23/12/2024
Category: security

▸ IoT Devices on Average Have 25 Vulnerabilities ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Hacker Infected & Foiled by Own Infostealer