Author

Topic: Beware of this hacking organisation 3J3dWtKXgxMWKEAZyDENMRDSan753asAJi $1M hack (Read 604 times)

jr. member
Activity: 52
Merit: 3
Hello everyone!

I have discovered a big group of cryptocurrency hackers, and these guys need to be stopped. So the least I could do is make everyone aware and post as much information I could gather and maybe it could be useful to a victim out there.

Address where all hacked funds end up: (after being mixed). 3J3dWtKXgxMWKEAZyDENMRDSan753asAJi

wallet balance:
93.23541381 BTC and growing Smiley

His IP address: 115.164.204.24 links back to Malaysia
ISP:   DiGi Telecommunications Sdn Bhd

Email I managed to find an email address [email protected] linked to 3J3dWtKXgxMWKEAZyDENMRDSan753asAJi

Just posting this for users to be aware of this address and any information that can be found should be posted here.

After doing a lot more research: I linked up Iranian IP addresses used to exploit web servers

Iranian Bitcoin hackers seem to be linked as well, details are below of the team(or person behind cyber attacks):

[email protected] (IP address: 86.57.101.61)
[email protected] (IP address: 5.114.237.75)
[email protected] (IP address: 37.129.69.34)
[email protected] (IP address: PENDING)
[email protected] (IP address: PENDING)

Iranian hackers website with exposed information http://95.156.254.35/api/login

SERVER_SOFTWARE   
"Apache/2.4.6 (CentOS) PHP/7.1.14"
SERVER_NAME   
"95.156.254.35"

EXCEPTION_IP_ADDRESS   
"46.209.255.138,91.72.219.46"
CREDIT_ALERTS_NUMBERS   
"09351866262,09124037786,09102471966"
CLICK_SEND_USERNAME   
"[email protected]"


tgbsco.com
https://infinite8.ae/ (this website is linked with tgbsco.com ) Iran and united Arab emirates.

https://whois.domaintools.com/infinite8.ae

https://tgbsco.com/services/payment-services based UAE and Iranian background

https://www.crunchbase.com/organization/tgbs-tadbir-gostaran-behine-saz#section-overview

https://www.linkedin.com/company/infinite8.ae/
https://www.linkedin.com/in/hamid-fathalian-61716a3a/?originalSubdomain=ae

https://reverseip.domaintools.com/search/?q=tgbsco.com
1.   badbadak.ir   
2.   mpos.ir   
3.   payam-pardaz.ir




While I appreciate the info, you don't provide much proof where you got the information, it could be anyone and you're not showing us what made you draw those lines. Investigate the issue better and come back with something supporting your claims, good luck!
hero member
Activity: 1358
Merit: 851
You are claiming this is linked to this, that is linked to that but you have posted no proof of your claiming. Why the address you think is an address of hacker, how the email is connected to that hacker, how the IP is connected to the hacker.

Address where all hacked funds end up: (after being mixed). 3J3dWtKXgxMWKEAZyDENMRDSan753asAJi
If they used mixing service, how do you know who own this address? I believe ther are smart enough not to use such a mixing service which will link their previous input.
member
Activity: 84
Merit: 22
Hello everyone!

I have discovered a big group of cryptocurrency hackers, and these guys need to be stopped. So the least I could do is make everyone aware and post as much information I could gather and maybe it could be useful to a victim out there.

Address where all hacked funds end up: (after being mixed). 3J3dWtKXgxMWKEAZyDENMRDSan753asAJi

wallet balance:
93.23541381 BTC and growing Smiley

His IP address: 115.164.204.24 links back to Malaysia
ISP:   DiGi Telecommunications Sdn Bhd

Email I managed to find an email address [email protected] linked to 3J3dWtKXgxMWKEAZyDENMRDSan753asAJi

Just posting this for users to be aware of this address and any information that can be found should be posted here.

After doing a lot more research: I linked up Iranian IP addresses used to exploit web servers

Iranian Bitcoin hackers seem to be linked as well, details are below of the team(or person behind cyber attacks):

[email protected] (IP address: 86.57.101.61)
[email protected] (IP address: 5.114.237.75)
[email protected] (IP address: 37.129.69.34)
[email protected] (IP address: PENDING)
[email protected] (IP address: PENDING)

Iranian hackers website with exposed information http://95.156.254.35/api/login

SERVER_SOFTWARE   
"Apache/2.4.6 (CentOS) PHP/7.1.14"
SERVER_NAME   
"95.156.254.35"

EXCEPTION_IP_ADDRESS   
"46.209.255.138,91.72.219.46"
CREDIT_ALERTS_NUMBERS   
"09351866262,09124037786,09102471966"
CLICK_SEND_USERNAME   
"[email protected]"


tgbsco.com
https://infinite8.ae/ (this website is linked with tgbsco.com ) Iran and united Arab emirates.

https://whois.domaintools.com/infinite8.ae

https://tgbsco.com/services/payment-services based UAE and Iranian background

https://www.crunchbase.com/organization/tgbs-tadbir-gostaran-behine-saz#section-overview

https://www.linkedin.com/company/infinite8.ae/
https://www.linkedin.com/in/hamid-fathalian-61716a3a/?originalSubdomain=ae

https://reverseip.domaintools.com/search/?q=tgbsco.com
1.   badbadak.ir   
2.   mpos.ir   
3.   payam-pardaz.ir


Jump to: