DarkNetGuard
Senior Contributor
VIP
- Joined
- Jan 21, 2023
- Threads
- 51
- Post Replies
- 54
- Status
- offline
- Last seen
https:/krebsonsecurity.com/2023/04/giving-a-face-to-the-malware-proxy-service-faceless/
Pretty much everything "important" on kreb's article, those who are too lazy to read, he and he's contacts basically doxed the owner and published a lot of information about the guy. Even though he is Russian, it's still not nice to have your data published like that. You might already know how this can possibly affect to people who has used the website but let's get into that in a second.
I have been "researching" these type of shops/markets, whatever you wanna call them for years. I honestly thought LuxSocks and Faceless were ran by same people because for example because both were opened at around same time, both frontend and "backend" were very similar at least in my eyes. And of course, both sites never sold Russian bots.
So I could say pretty certain that he won't run the site for long and that would be right thing to do and for him to get rid of all user data and logs. Last time when Krebs wrote similar article about a proxy shop named 911.re, it got shut down a few days after but that could be because they claim to get hacked which I honestly believe. They hosted whole interface on a Windows server 2008 + with a simple Shodan search everyone could access to some backend stuff because of open ports and I believe it was some email software with most likely multiple known exploits.
Take care and sorry about the messy post, remember to take your OPSEC seriously guys and that involves not using same usernames/passwords anywhere, even on sites like these that could seem meanless at the time you are registering
Pretty much everything "important" on kreb's article, those who are too lazy to read, he and he's contacts basically doxed the owner and published a lot of information about the guy. Even though he is Russian, it's still not nice to have your data published like that. You might already know how this can possibly affect to people who has used the website but let's get into that in a second.
I have been "researching" these type of shops/markets, whatever you wanna call them for years. I honestly thought LuxSocks and Faceless were ran by same people because for example because both were opened at around same time, both frontend and "backend" were very similar at least in my eyes. And of course, both sites never sold Russian bots.
So I could say pretty certain that he won't run the site for long and that would be right thing to do and for him to get rid of all user data and logs. Last time when Krebs wrote similar article about a proxy shop named 911.re, it got shut down a few days after but that could be because they claim to get hacked which I honestly believe. They hosted whole interface on a Windows server 2008 + with a simple Shodan search everyone could access to some backend stuff because of open ports and I believe it was some email software with most likely multiple known exploits.
Take care and sorry about the messy post, remember to take your OPSEC seriously guys and that involves not using same usernames/passwords anywhere, even on sites like these that could seem meanless at the time you are registering
