Intelligence X
1.32K subscribers
1 photo
66 files
50 links
intelx.io - search engine & data archive
Download Telegram
to view and join the conversation
One user scraped 88,172 pastes from our API and uploaded it. That's about 0.001% of pastes in our index.

The dump only includes pastes <= 2021-05. We were able to find the account (and other related accounts) that were involved in the scraping.

During this research we found that this user was targeting the CEO of a datacenter/uplink provider we work with.

The actor registered multiple accounts under "http://my.sunywcc.edu" email addresses. He abused our Academia program which provides free access to certain categories including Pastes.

Some of the accounts were registered in 2020 and we were able to seize them.

After publishing the details and freezing the account, the actor continues to register accounts (with edu emails). In a tweet today he posted his redacted account details.

As per our privacy policy (which the user agreed to), we share information about attackers with the public.
image_2021-09-27_22-29-09.png
151.7 KB
It is quite bizarre that the United States Postal Service runs an 'Internet Covert Operations Program'.
They included our Capitol Hill riot tweet in one of their bulletins.

Great reporting by Politico:
https://www.politico.com/news/2021/09/27/covert-postal-service-514327

Link to the USPS bulletin include a picture of our tweet:
https://propertyofthepeople.org/document-detail/?doc-id=21069042
We are currently preparing a special Christmas offer valid for a week. 🎄🎁

It will be a one-time 1 month Researcher License for €50. This is a 70% discount (compared to what a Pro license would cost for the same period). 📉💸
image_2021-12-23_11-31-43.png
50.5 KB
Our Christmas special is live! 🎄

You can order it here: https://intelx.io/order

🔹 1-month license for € 50
🔹 This offer is valid for a week.
🔹 Same type of access as the Pro license that costs € 2000 /year.
OSINT time! The user 'Koray Anic' thought it is a good idea to use a stolen credit card on our service - which is instantly blocked.

His emails korayanic@gmail.com and korayanic@mail.com.tr were instantly blocked, though research reveals interesting details about this person. In the attached picture you can see a search results indicating accounts on the site cardingmafia.ws, BlackHatWorld and elitecarders.

We are obviously checking each order and deactivate the account in question if fraud occurs and forward all IP addresses to law enforcement.
We are thinking of introducing a Hall of Shame 🤔

It will include fraudsters that use stolen credit cards and stolen PayPal accounts who think it is a good idea to sign up and try to scam a security company. 🙅🏻‍♂️ 🛑

Fraud hurts everyone in the process: First and foremost the card holder, the processor, the merchant, and legitimate customers who absorb overhead costs.

Our Terms of Service makes it clear that we will share details of fraud with law enforcement and the public.
image_2022-01-20_02-29-57.png
359.6 KB
We are actively reaching out to federal law enforcement agencies to establish partnerships for sharing information about threat actors in accordance with our TOS and 🇪🇺 law.

We are kicking it off with the FBI. 🚔🚨

We do not tolerate any abuse of our service.

The full letter is attached. It includes the following statement regarding the ongoing encryption debate:

"we should strengthen, not weaken, undermine, or backdoor encryption. It is technical nonsense to undermine encryption and could lead to a dangerous precedent for non-Western countries to follow."