‼️ New Dark Web Informer Blog Post!
Title: German Authorities Shut Down Revived "Crimenetwork" Platform, Arrest Operator on Mallorca
Link: https://darkwebinformer.com/german-authorities-shut-down-revived-crimenetwork-platform-arrest-operator-on-mallorca/
Title: German Authorities Shut Down Revived "Crimenetwork" Platform, Arrest Operator on Mallorca
Link: https://darkwebinformer.com/german-authorities-shut-down-revived-crimenetwork-platform-arrest-operator-on-mallorca/
Dark Web Informer
German Authorities Shut Down Revived "Crimenetwork" Platform, Arrest Operator on Mallorca
German law enforcement has dismantled the relaunched version of the criminal online marketplace "Crimenetwork" and arrested its alleged operator on the Spanish island of Mallorca, the Federal Criminal Police Office (BKA) and the Frankfurt Public Prosecutor's…
‼️9,500 passport and national ID card scans allegedly being sold mainly from France and Turkey
A threat actor is selling a 4.01GB compressed archive of 9,542 passport and national identity card scans, advertised as primarily sourced from France and Turkey but spanning multiple countries. The listing is priced at $1,000.
Post details:
▸ Actor(s): NormalLeVrai
▸ Sector: Identity documents (multi-country)
▸ Type: Data Sale
▸ Format: PDF and image scans, 4.01GB compressed
▸ Price: $1,000
▸ Records: 9,542 documents
▸ Countries: Primarily France and Turkey (mixed others)
▸ Date: 10/05/2026
Compromised data:
▪️ Passport scans
▪️ National identity card scans
▪️ Holder full names and dates of birth
▪️ Document numbers
▪️ Issue and expiry dates
▪️ Issuing country and authority
▪️ Photographs and signatures
Stop guessing what's redacted. Subscribers see everything → darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor is selling a 4.01GB compressed archive of 9,542 passport and national identity card scans, advertised as primarily sourced from France and Turkey but spanning multiple countries. The listing is priced at $1,000.
Post details:
▸ Actor(s): NormalLeVrai
▸ Sector: Identity documents (multi-country)
▸ Type: Data Sale
▸ Format: PDF and image scans, 4.01GB compressed
▸ Price: $1,000
▸ Records: 9,542 documents
▸ Countries: Primarily France and Turkey (mixed others)
▸ Date: 10/05/2026
Compromised data:
▪️ Passport scans
▪️ National identity card scans
▪️ Holder full names and dates of birth
▪️ Document numbers
▪️ Issue and expiry dates
▪️ Issuing country and authority
▪️ Photographs and signatures
Stop guessing what's redacted. Subscribers see everything → darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
‼️🏴☠️ Gollum Email Tools allegedly being sold as a four-part spam infrastructure suite on a hacking forum
A user is selling "Gollum Email Tools," a four-part offensive emailing toolkit pitched at "serious senders," covering bulk SMTP delivery, contact harvesting from compromised mailboxes, list hygiene, and country-based segmentation. The seller advertises lifetime licensing with prices ranging from $75 per individual tool to $300 for the full suite, with dedicated Telegram support and a separate "Gollum SMTP Service" for sending infrastructure.
Post details:
▸ Actor(s): GOLLUM
▸ Sector: Spam / Phishing infrastructure tooling
▸ Type: Tool Sale (suite)
▸ Format: Multi-threaded GUI mailer + CLI fetcher + GUI cleaner + GUI sorter
▸ Price: $150 mailer, $75 fetcher, $75 cleaner, $75 sorter, $300 full bundle
▸ Date: 10/05/2026
Capabilities described in the post:
▪️ Gollum Mailer Pro V3: bulk SMTP campaign sender with rotation, placeholders, Direct MX mode
▪️ HTML editor with inline images, random HTML/text letter rotation, subject and sender name rotation
▪️ Tracking, throttling, scheduling, bounce handler with suppression list
▪️ Obfuscation and spin syntax support, custom headers and placeholders
▪️ Gollum Email Fetcher V1: CLI mailbox harvester with 96 pre-loaded mail providers
▪️ Accepts email:password lists, extracts contacts at scale "in less than 2 minutes"
▪️ Gollum Email Cleaner: spam trap remover and verifier with syntax, MX, and blocked domain checks
▪️ Honeypot/spam trap detection, up to 300 threads, drag-and-drop input
▪️ Gollum Email Country Sorter: MX lookup and domain-based country resolution
▪️ Splits lists into per-country output files with up to 500 threads and duplicate removal
▪️ Workflow advertised as Fetch → Clean → Sort → Send
Defender notes:
▪️ Treat any list of victim email:password pairs as actively being mined; rotate compromised mailbox creds and enforce MFA on email
▪️ Hunt for IMAP/POP logins from new geographies on accounts shortly after credential leaks, especially with high outbound contact-list reads
▪️ Tune inbound mail policy on SPF/DKIM/DMARC and reject messages from senders abusing Direct MX delivery without authentication
▪️ Add new infrastructure indicators tied to GOLLUM SMTP service to phishing detection feeds
▪️ Watch for high-volume sender-name and subject-line rotation patterns in inbound campaigns; these are signatures of mailer-driven spam, not legitimate marketing
Stop guessing what's redacted. Subscribers see everything → darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A user is selling "Gollum Email Tools," a four-part offensive emailing toolkit pitched at "serious senders," covering bulk SMTP delivery, contact harvesting from compromised mailboxes, list hygiene, and country-based segmentation. The seller advertises lifetime licensing with prices ranging from $75 per individual tool to $300 for the full suite, with dedicated Telegram support and a separate "Gollum SMTP Service" for sending infrastructure.
Post details:
▸ Actor(s): GOLLUM
▸ Sector: Spam / Phishing infrastructure tooling
▸ Type: Tool Sale (suite)
▸ Format: Multi-threaded GUI mailer + CLI fetcher + GUI cleaner + GUI sorter
▸ Price: $150 mailer, $75 fetcher, $75 cleaner, $75 sorter, $300 full bundle
▸ Date: 10/05/2026
Capabilities described in the post:
▪️ Gollum Mailer Pro V3: bulk SMTP campaign sender with rotation, placeholders, Direct MX mode
▪️ HTML editor with inline images, random HTML/text letter rotation, subject and sender name rotation
▪️ Tracking, throttling, scheduling, bounce handler with suppression list
▪️ Obfuscation and spin syntax support, custom headers and placeholders
▪️ Gollum Email Fetcher V1: CLI mailbox harvester with 96 pre-loaded mail providers
▪️ Accepts email:password lists, extracts contacts at scale "in less than 2 minutes"
▪️ Gollum Email Cleaner: spam trap remover and verifier with syntax, MX, and blocked domain checks
▪️ Honeypot/spam trap detection, up to 300 threads, drag-and-drop input
▪️ Gollum Email Country Sorter: MX lookup and domain-based country resolution
▪️ Splits lists into per-country output files with up to 500 threads and duplicate removal
▪️ Workflow advertised as Fetch → Clean → Sort → Send
Defender notes:
▪️ Treat any list of victim email:password pairs as actively being mined; rotate compromised mailbox creds and enforce MFA on email
▪️ Hunt for IMAP/POP logins from new geographies on accounts shortly after credential leaks, especially with high outbound contact-list reads
▪️ Tune inbound mail policy on SPF/DKIM/DMARC and reject messages from senders abusing Direct MX delivery without authentication
▪️ Add new infrastructure indicators tied to GOLLUM SMTP service to phishing detection feeds
▪️ Watch for high-volume sender-name and subject-line rotation patterns in inbound campaigns; these are signatures of mailer-driven spam, not legitimate marketing
Stop guessing what's redacted. Subscribers see everything → darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
‼️🇮🇩 Indonesian Ministry of Transportation (Dishub) allegedly breached exposing 93GB+ of vehicle and owner records
A threat actor claims to have a 93GB+ database from Dishub (dishub.go.id), tied to Indonesia's Kementerian Perhubungan, covering 38 provinces and 514 cities/regencies. The seller is asking $8,500 and explicitly opens the door to extortion by saying they are "open to negotiations to delete the database," with samples showing hundreds of thousands of vehicle and owner records concentrated in the Jakarta capital region.
Post details:
▸ Actor(s): Kyyzo
▸ Sector: Government / Transportation regulator
▸ Type: Data Sale (with deletion-fee extortion offered)
▸ Format: SQL records
▸ Price: $8,500 (open to "pay or sell" negotiation)
▸ Volume: 93GB+
▸ Coverage: 38 provinces, 514 cities/regencies
▸ Country: Indonesia
▸ Date: 10/05/2026
Compromised data:
▪️ Vehicle ID (id_kendaraan)
▪️ Owner full name (nama_pemilik)
▪️ License plate (nopol)
▪️ Account password
▪️ Route ID and route number (id_trayek, no_trayek)
▪️ Vehicle type (tipe_mobil) and brand/model (Suzuki, Daihatsu, Mitsubishi, etc.)
▪️ Year of manufacture (tahun_perakitan)
▪️ Body/category code (bbm, no_uji)
▪️ Chassis and engine numbers
▪️ Registration / inspection dates
Stop guessing what's redacted. Subscribers see everything → darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor claims to have a 93GB+ database from Dishub (dishub.go.id), tied to Indonesia's Kementerian Perhubungan, covering 38 provinces and 514 cities/regencies. The seller is asking $8,500 and explicitly opens the door to extortion by saying they are "open to negotiations to delete the database," with samples showing hundreds of thousands of vehicle and owner records concentrated in the Jakarta capital region.
Post details:
▸ Actor(s): Kyyzo
▸ Sector: Government / Transportation regulator
▸ Type: Data Sale (with deletion-fee extortion offered)
▸ Format: SQL records
▸ Price: $8,500 (open to "pay or sell" negotiation)
▸ Volume: 93GB+
▸ Coverage: 38 provinces, 514 cities/regencies
▸ Country: Indonesia
▸ Date: 10/05/2026
Compromised data:
▪️ Vehicle ID (id_kendaraan)
▪️ Owner full name (nama_pemilik)
▪️ License plate (nopol)
▪️ Account password
▪️ Route ID and route number (id_trayek, no_trayek)
▪️ Vehicle type (tipe_mobil) and brand/model (Suzuki, Daihatsu, Mitsubishi, etc.)
▪️ Year of manufacture (tahun_perakitan)
▪️ Body/category code (bbm, no_uji)
▪️ Chassis and engine numbers
▪️ Registration / inspection dates
Stop guessing what's redacted. Subscribers see everything → darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
‼️🇧🇩 BADC allegedly breached exposing full private git repo from Bangladesh Agricultural Development Corporation
A threat actor claims to have leaked the full private git repository of Bangladesh Agricultural Development Corporation (BADC), an autonomous government body under the Ministry of Agriculture of Bangladesh. The leak allegedly contains payment gateway configuration credentials, database passwords, and sensitive/confidential documents. The actor also claims to have taken down the portal during the intrusion, preventing administrator logins.
Post details:
▸ Actor(s): vicmeow
▸ Sector: Government / Agriculture
▸ Type: Data Breach / Source Code Leak
▸ Format: Git Repository
▸ Price: Free
▸ Country: Bangladesh
▸ Date: 10/05/2026
Compromised data:
▪️ Full private git repository source code
▪️ Payment gateway configuration credentials (SPG / Sonali Bank)
▪️ SPG API URLs and authorization tokens (Basic auth)
▪️ Payment request and transaction verification endpoints
▪️ Response handler URLs and Codeigniter routes
▪️ Database connection configuration
▪️ Database hostname (TNS name)
▪️ Database username (badc_live_1)
▪️ Database password (synbadc_123)
▪️ Database driver (oci8 / Oracle)
▪️ Environment and debug flags
▪️ Sensitive and confidential internal documents
Stop guessing what's redacted. Subscribers see everything → darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor claims to have leaked the full private git repository of Bangladesh Agricultural Development Corporation (BADC), an autonomous government body under the Ministry of Agriculture of Bangladesh. The leak allegedly contains payment gateway configuration credentials, database passwords, and sensitive/confidential documents. The actor also claims to have taken down the portal during the intrusion, preventing administrator logins.
Post details:
▸ Actor(s): vicmeow
▸ Sector: Government / Agriculture
▸ Type: Data Breach / Source Code Leak
▸ Format: Git Repository
▸ Price: Free
▸ Country: Bangladesh
▸ Date: 10/05/2026
Compromised data:
▪️ Full private git repository source code
▪️ Payment gateway configuration credentials (SPG / Sonali Bank)
▪️ SPG API URLs and authorization tokens (Basic auth)
▪️ Payment request and transaction verification endpoints
▪️ Response handler URLs and Codeigniter routes
▪️ Database connection configuration
▪️ Database hostname (TNS name)
▪️ Database username (badc_live_1)
▪️ Database password (synbadc_123)
▪️ Database driver (oci8 / Oracle)
▪️ Environment and debug flags
▪️ Sensitive and confidential internal documents
Stop guessing what's redacted. Subscribers see everything → darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
‼️🇳🇬 Oyo State Commerce website allegedly hacked as part of opNigeria
A threat actor claims to have hacked the Oyo State Commerce website, releasing a data leak as part of an ongoing campaign branded opNigeria. The actor frames the operation as a politically motivated protest against the Nigerian government, stating that more leaks will follow. The post advertises the dump as "a simple data leak" with additional releases promised.
Post details:
▸ Actor(s): ki4tane (Nullsec Nigeria)
▸ Sector: Government / E-Commerce
▸ Type: Data Leak / Website Hack
▸ Format: Not specified
▸ Price: Free
▸ Country: Nigeria
▸ Campaign: opNigeria
▸ Date: 10/05/2026
Compromised data:
▪️ MySQL logs
▪️ System logs
▪️ Additional data reportedly forthcoming
Additional notes:
▪️ Actor claims this is an initial release with more leaks to come
▪️ Attributed to "Nullsec Nigeria"
Stop guessing what's redacted. Subscribers see everything → darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor claims to have hacked the Oyo State Commerce website, releasing a data leak as part of an ongoing campaign branded opNigeria. The actor frames the operation as a politically motivated protest against the Nigerian government, stating that more leaks will follow. The post advertises the dump as "a simple data leak" with additional releases promised.
Post details:
▸ Actor(s): ki4tane (Nullsec Nigeria)
▸ Sector: Government / E-Commerce
▸ Type: Data Leak / Website Hack
▸ Format: Not specified
▸ Price: Free
▸ Country: Nigeria
▸ Campaign: opNigeria
▸ Date: 10/05/2026
Compromised data:
▪️ MySQL logs
▪️ System logs
▪️ Additional data reportedly forthcoming
Additional notes:
▪️ Actor claims this is an initial release with more leaks to come
▪️ Attributed to "Nullsec Nigeria"
Stop guessing what's redacted. Subscribers see everything → darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
‼️🇮🇷 Iran Nuclear allegedly breached with 77.56 GB of data threatened for release under "Pay Or Leak" ransom
A threat actor claims to have obtained 77.56 GB of data related to Iran, including archives tied to the Iranian nuclear program, government databases, and a nuclear authority website. The actor has issued a "Pay Or Leak" ultimatum, demanding €5,000 by May 15th and threatening to publicly release all collected information if the ransom is not paid. The actor frames the operation as a response to events involving Israel and Iran, and claims to have also defaced Iranian websites and exfiltrated their databases during the intrusion.
Post details:
▸ Actor(s): NormalLeVrai
▸ Sector: Government / Nuclear / Insurance
▸ Type: Ransom / Pre-Leak Extortion
▸ Format: RAR, ZIP, JSON, XLSX, TXT
▸ Price: €5,000 (ransom) / Free if unpaid by deadline
▸ Records: 77.56 GB
▸ Country: Iran
▸ Deadline: 15/05/2026
▸ Date: 10/05/2026
Compromised data:
▪️ Data_Iran_Nuclear_Program - ~1.6 GB per file, archives related to the Iranian nuclear program (multiple files)
▪️ Nuclear Iranian Database.part01–35.rar - database divided into 35 parts, up to ~1.48 GB each
▪️ Iran 4.63GB.json.002 - part of a large structured JSON file
▪️ Iran & RF 95.000.000.zip.001 - ~1.84 GB
▪️ Iran & RF 95.000.000database.zip - additional part of a 95 million record database
▪️ iran_insurances_samples.zip - Iranian insurance data
▪️ IranBudget-Table-07-1-Bill1399.xlsx - Iranian budget table
▪️ Iran 500k.txt - large list of telephone number data
▪️ bapeten.go.id - ~1.47 GB, archive related to Iranian nuclear authority / government website
▪️ Defacement evidence and extracted databases from additional Iranian websites
Stop guessing what's redacted. Subscribers see everything → darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor claims to have obtained 77.56 GB of data related to Iran, including archives tied to the Iranian nuclear program, government databases, and a nuclear authority website. The actor has issued a "Pay Or Leak" ultimatum, demanding €5,000 by May 15th and threatening to publicly release all collected information if the ransom is not paid. The actor frames the operation as a response to events involving Israel and Iran, and claims to have also defaced Iranian websites and exfiltrated their databases during the intrusion.
Post details:
▸ Actor(s): NormalLeVrai
▸ Sector: Government / Nuclear / Insurance
▸ Type: Ransom / Pre-Leak Extortion
▸ Format: RAR, ZIP, JSON, XLSX, TXT
▸ Price: €5,000 (ransom) / Free if unpaid by deadline
▸ Records: 77.56 GB
▸ Country: Iran
▸ Deadline: 15/05/2026
▸ Date: 10/05/2026
Compromised data:
▪️ Data_Iran_Nuclear_Program - ~1.6 GB per file, archives related to the Iranian nuclear program (multiple files)
▪️ Nuclear Iranian Database.part01–35.rar - database divided into 35 parts, up to ~1.48 GB each
▪️ Iran 4.63GB.json.002 - part of a large structured JSON file
▪️ Iran & RF 95.000.000.zip.001 - ~1.84 GB
▪️ Iran & RF 95.000.000database.zip - additional part of a 95 million record database
▪️ iran_insurances_samples.zip - Iranian insurance data
▪️ IranBudget-Table-07-1-Bill1399.xlsx - Iranian budget table
▪️ Iran 500k.txt - large list of telephone number data
▪️ bapeten.go.id - ~1.47 GB, archive related to Iranian nuclear authority / government website
▪️ Defacement evidence and extracted databases from additional Iranian websites
Stop guessing what's redacted. Subscribers see everything → darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
❤1
"Use a computer. Then make it vanish."
‼️bubbl.cx allegedly advertised as disposable anonymous RDP service for Windows & Linux
A threat actor is promoting bubbl.cx, a service marketed as a disposable cloud desktop platform offering anonymous Windows and Linux RDP access. The service advertises no-email signup, cryptocurrency-only payments, and full destruction of VMs, disks, and keys on termination, branded as "anonymous by design" and aimed at users seeking untraceable remote computing infrastructure.
Post details:
▸ Actor(s): gravem1nd (VIP)
▸ Sector: Anonymous Hosting / Disposable RDP
▸ Type: Service Advertisement
▸ Format: Browser-based RDP + SSH
▸ Country: Multi-region (DE, US, AU)
▸ Date: 10/05/2026
Service features:
▪️ Full Windows or Linux RDP in-browser, deployable in under 60 seconds
▪️ Supported OS: Windows 11, Windows Server 2022, Ubuntu, Debian, Fedora, Parrot
▪️ Regions: Frankfurt, NYC, Sydney
▪️ WireGuard kill switch, all traffic forced through encrypted VPN at firewall level
▪️ No email signup, password-only authentication
▪️ "Pop & Gone" destruction, VM, disk, and keys wiped on termination, advertised as unrecoverable
▪️ LUKS full-disk encryption on NVMe storage at rest
▪️ Browser RDP + SSH access, no client install required
▪️ US and EU exit nodes for traffic routing
▪️ Plans: Micro ($9/mo, 2 vCPU, 4GB RAM, 60GB, 1 Bubble), Standard ($19/mo, 4 vCPU, 8GB RAM, 120GB, 2 Bubbles), Pro ($39/mo, 6 vCPU, 12GB RAM, 180GB, 3 Bubbles)
▪️ Payment: BTC, ETH, XMR, LTC plus 50 more cryptocurrencies
▪️ Slogan: "No logs, no traces, no recovery"
Stop guessing what's redacted. Subscribers see everything → darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
‼️bubbl.cx allegedly advertised as disposable anonymous RDP service for Windows & Linux
A threat actor is promoting bubbl.cx, a service marketed as a disposable cloud desktop platform offering anonymous Windows and Linux RDP access. The service advertises no-email signup, cryptocurrency-only payments, and full destruction of VMs, disks, and keys on termination, branded as "anonymous by design" and aimed at users seeking untraceable remote computing infrastructure.
Post details:
▸ Actor(s): gravem1nd (VIP)
▸ Sector: Anonymous Hosting / Disposable RDP
▸ Type: Service Advertisement
▸ Format: Browser-based RDP + SSH
▸ Country: Multi-region (DE, US, AU)
▸ Date: 10/05/2026
Service features:
▪️ Full Windows or Linux RDP in-browser, deployable in under 60 seconds
▪️ Supported OS: Windows 11, Windows Server 2022, Ubuntu, Debian, Fedora, Parrot
▪️ Regions: Frankfurt, NYC, Sydney
▪️ WireGuard kill switch, all traffic forced through encrypted VPN at firewall level
▪️ No email signup, password-only authentication
▪️ "Pop & Gone" destruction, VM, disk, and keys wiped on termination, advertised as unrecoverable
▪️ LUKS full-disk encryption on NVMe storage at rest
▪️ Browser RDP + SSH access, no client install required
▪️ US and EU exit nodes for traffic routing
▪️ Plans: Micro ($9/mo, 2 vCPU, 4GB RAM, 60GB, 1 Bubble), Standard ($19/mo, 4 vCPU, 8GB RAM, 120GB, 2 Bubbles), Pro ($39/mo, 6 vCPU, 12GB RAM, 180GB, 3 Bubbles)
▪️ Payment: BTC, ETH, XMR, LTC plus 50 more cryptocurrencies
▪️ Slogan: "No logs, no traces, no recovery"
Stop guessing what's redacted. Subscribers see everything → darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
❤1🔥1