Confuser and Oilrig – Iranian Hacks

This is a bit disjointed at this time and is raw data. This is not intelligence, has not been analyzed but does tie directly to Oilrig.

A powerful program to pack your apps. With this program, you can pack programs in C # and VB.Net

Confuser – Confuser program zipped. For download and analysis

a1ir3z4-HK Frequently found on,, formerly of the Kalli Hack Team (kallihack),

Others in the mix: XVII_Hacker, #XVII_Roman & #BlackErroR1 & #sorblack


Bitcoin Cracker Performance Test via Telegram: @ a1ir3z4HK @ a1ir3z4_HK_bot
Using temp emails here:
Sprinkle the effort with a bit of Russian for flavoring

Cʏʙᴇʀ Cʀᴀᴄᴋɪɴɢ | سایبر کرکینگ\administrator;1qaz@WSX3edc\administrator;1qaz@WSX3edc\administrator;1qaz@WSX3edc\administrator;1qaz@WSX\administrator;1qaz@WSX\administrator;1qaz@WSX\administrator;1qaz@WSX\administrator;1qaz@WSX\administrator;1qaz@WSX\administrator;1qaz@WSX\administrator;1qaz@WSX\administrator;123qwe!@#\administrator;123qwe!@#\administrator;1234qwer!@#$\administrator;1qaz!QAZ\administrator;1qaz!QAZ\administrator;1qaz!QAZ\administrator;1qazXSW@\administrator;1qazXSW@\administrator;1qazXSW@\administrator;!QAZ2wsx\administrator;!QAZ2wsxЧитать полностью…\administrator;1qaz@WSX3edc\administrator;1qaz@WSX3edc\administrator;1qaz@WSX3edc\administrator;1qaz@WSX\administrator;1qaz@WSX\administrator;1qaz@WSX\administrator;1qaz@WSX\administrator;1qaz@WSX\administrator;1qaz@WSX\administrator;1qaz@WSX\administrator;1qaz@WSX\administrator;123qwe!@#\administrator;123qwe!@#\administrator;1234qwer!@#$\administrator;1qaz!QAZ\administrator;1qaz!QAZ\administrator;1qaz!QAZ\administrator;1qazXSW@\administrator;1qazXSW@\administrator;1qazXSW@\administrator;!QAZ2wsx\administrator;!QAZ2wsxЧитать полностью…\administrator;p@ssw0rd\administrator;Pass@word1\administrator;P@ssw0rd\administrator;P@ssw0rd\administrator;P@ssw0rd\administrator;P@ssw0rd\administrator;P@ssw0rd\administrator;P@ssw0rd\administrator;Admin@123\administrator;Admin@123\administrator;Admin@123\administrator;Admin@123\administrator;Admin@123\administrator;Admin123\administrator;admin@123\administrator;admin@123\administrator;admin@123\administrator;admin@123\administrator;admin@123\administrator;admin@123\administrator;admin@123\administrator;admin@123\administrator;admin@123\administrator;admin@123\administrator;admin@123\administrator;admin@123\administrator;Passw0rd1\administrator;password@123\administrator;password@123\administrator;password@123\administrator;P@ssw0rd@123\administrator;password@1234\administrator;abc@123\administrator;\administrator;\administrator;
Beast Trojan Builder – (change to .rar to unzip) Use at own risk.
Featured post

Treadstone 71 Selected to Deliver at the RSA Conference 2018 San Francisco

Foundations for a Strong Intelligence Program
April 18, 9AM-11AM RSA Conference
This Lab will explore key aspects of building a strong and long-lasting cyberthreat intelligence program. We’ll review methods of threat intelligence platform selection and bake-off techniques as well as cover stakeholder analysis and priority intelligence requirements. Additionally, we’ll practice collection planning and mission management as well as how to establish effective reporting and dissemination capabilities.

Cyber CounterIntelligence – Deception, Distortion, Dishonesty
April 18, 1:45PM-2:30PM RSA Conference
Deception, distortion, dishonesty are core to social media postings. Our adversaries use these methods concocting stories that create illusions that are meant to leave us divided. The talk will cover methods of countering their messaging while applying these tactics to protect your own organization and brand. Moving from intelligence to counterintelligence is the natural next step in our evolution.

Featured post

Plague of the Cyber RATS

How a toxic computer code delivered by ‘Remote Access Trojans’ is an invisible army able to take over a petrochemical plant and blow it to pieces

Ironically, said Bardin, it was Stuxnet that led Iran to enhance its offensive capability: ‘If Stuxnet had happened to the US or UK, it would have been seen as an act of war. In Iran, it made them invest heavily in offensive cyber operations.’

He revealed that 18 per cent of Iranian university students are studying computer science – a cyber warfare talent pool.

No guns. No bombs. No conventional weapons of any kind. An invisible army able take over a petrochemical plant like this and blow it to pieces. That’s the power of a toxic computer code delivered by RATs – ‘Remote Access Trojans’ – that’s making UK security experts VERY nervous indeed

‘Fixing this takes political will, and business is always pushing back, because good cyber security adds costs,’ said Bardin. ‘Ultimately, something is going to blow up.’

Featured post

Post 5B Syrian Electronic Army – More Emails you may wish to block. SEA Foot Soldiers –

Initial List of Email Addresses – Syrian Electronic Army – Part 3 (30k+)

Initial List of Email Addresses – Syrian Electronic Army – Part 4 (10k+)

Please note that emails within will be email addresses potentially from intelligence agencies, hackers, hacktivists, as well as legitimate organizations.  Sort and separate as needed.

Treadstone 71

Dru’a al-Waaqiah lil-Bedoon – Syrian Sanctions Busting with Russian Help

Past report on Syrian Government collusion with Russia to bypass sanctions against Syria. This instance involves acquiring materials and machines to manufacture their own body armor in Latakia by way of the UAE where a Syrian soldier working with a female FSB agent centralize the acquisitions.

Visas, passports, military IDs, fake names, bills of lading and more for your reading and review.

The Treadstone 71 Report (pdf) – Treadstone 71 – drua-alwaaqiah-lilboodoon

Treadstone 71 acquired supporting files and documents (30MB zip) – drua-rawfiles-treadstone71

Featured post

Treadstone 71 Announces Cyber Intelligence Capability Maturity Model

Treadstone 71 developed a maturity model to help organizations determine the maturity of their cyber intelligence initiatives against the cyber intelligence common body of knowledge (CICBOK). The model provides strategic and operational aspects of your cyber intelligence maturity, where it needs to go, and where you should concentrate your attention to create more value for your business. Nearly 8 years in the making, the Treadstone 71 Cyber Intelligence Maturity Model uses traditional tradecraft as delivered by Sherman Kent and Richards Heuer, intelligence community standards, analytic standards, and experiential knowledge derived from years of training, assessing, and building cyber intelligence programs.

The Treadstone 71 Cyber Intelligence Capability Maturity Model (T71-CICMM) is a methodology used to develop and refine an organization’s cyber intelligence program. Not only is the model educational and practical skills for learning and developing expertise, but also a roadmap for building a cyber intelligence program. More information is available here:

Treadstone 71 Cyber Intelligence Maturity Model


Featured post

Training Report – Treadstone 71 Cyber Intelligence Tradecraft Professional Certification

“This past week, I had the absolute pleasure of attending the 5-day Treadstone 71 Cyber Intelligence Tradecraft Professional Certification course along with three of my colleagues.  Mr. Jeff Bardin was the instructor and his knowledge and depth in this area is exceptionally impressive!cyberintelt71

The training allows students to gain a better understanding of the cyber intelligence life cycle, the role and value of cyber intelligence relative to online targeting and collection, in modern organizations, businesses, and governments at the completion of this course. In addition, students understand: the methods of online anonymity, the fundamentals behind cyber intelligence collection and analysis, and how these current methods can be employed in our organizations to assist in online operational security and in defense against adversaries. The course was a combination of lecture, hands-on and student deliverables seen by many as an apprenticeship. We completed 4 case studies throughout the week in varying subjects such as Iranian hackers, high financial networks, Russian SCADA equipment, etc.

I would highly recommend this course to anyone looking to further their knowledge in the cyber area.  It will also allow you to become a better intelligence analyst, as a whole.  Overall, it was a truly fantastic learning experience that is applicable in both our personal, as well as professional lives.  I most certainly have a new appreciation for online security and safety.” – Recently certified student February 2017

Featured post

2017 Training Courses – Treadstone 71

2017 Training Dates

Main Page to Treadstone 71 Training – 2017

(or on demand including in-house or by location)

Treadstone 71 is working with FS-ISAC for training in London, Singapore, Malaysia, and Australia.

FS-ISAC Sponsored Courses:

Cyber Intelligence Tradecraft Training
3-7 April | Reston, VA
More | Register
Cyber Intelligence Tradecraft Training
8-12 May | London
More | Register
Cyber Intelligence Tradecraft Training
19-23 June | Reston, VA
More | Register
Cyber Intelligence Tradecraft Training
21-25 August | Reston, VA
More | Register

Featured post

Blog at

Up ↑

%d bloggers like this: