Sometimes just a little bit DNS research can yield a lot of useful results.
Looking at the passive DNS records for the domain chanceletikva.org shows it references the email address [email protected] email address is tied to multiple website registrations for a person by the name of David Margaliot, and also Shoshana Margaliot.
A search on this name in Domaintools finds the name David Margaliot tied to at least 25 domains, including ezri.org.il, which is a very odd site that features a huge image of a young child who is apparently in the hospital holding a gift wrapped box with a teddy bear. The site asks for donations but has a strange mission statement: Ezri Association promotes life-saving innovation through a surveillance drone project for emergency response teams, the establishment of an international medical knowledge database, along with other technological initiatives".
I'll probably continue the rest of this in a follow-up story.
This is the way. You don't have to protect what you don't collect. Mullvad is an excellent example of this. They don't even want you to pick a password, and they're fine if you just mail them cash as payment.
Their earlier statement said they were aware of the CEO's history but were assured that part of his life was behind him. From that statement on March 15: “We were aware of the past affiliations with the entities named in the article and were assured they had ended prior to our work together,” the statement reads. “We’re now looking into this further. We will always put the privacy and security of our customers first and will provide updates as needed.”
One caveat: This list should not be considered exhaustive or complete by any means. e.g. changing the URL slightly by incrementing or decrementing a number in the URL caused a slightly different set of customers to be listed. I didn’t have a chance to go through it all before they took it down (note to self: pillage BEFORE burning).
The identity of the defendant has been doing this for many years and is one of the original members of the Com. The people in that scene sim-swapping artists for their music are those that have already made their stolen millions, and have long ago graduated from stealing usernames and gamertag handles.
Some of the exposure in these cases is due to the fact that you have cybercriminals who've been doing the same things for more than a decade. That is a very long time in which to make just a few key opsec mistakes, and also most RU cybercriminals back then did not take as much care to cover their tracks as they do today.
Looking at the passive DNS records for the domain chanceletikva.org shows it references the email address [email protected] email address is tied to multiple website registrations for a person by the name of David Margaliot, and also Shoshana Margaliot.
A search on this name in Domaintools finds the name David Margaliot tied to at least 25 domains, including ezri.org.il, which is a very odd site that features a huge image of a young child who is apparently in the hospital holding a gift wrapped box with a teddy bear. The site asks for donations but has a strange mission statement: Ezri Association promotes life-saving innovation through a surveillance drone project for emergency response teams, the establishment of an international medical knowledge database, along with other technological initiatives".
I'll probably continue the rest of this in a follow-up story.