Hello everyone!
I have discovered a big group of cryptocurrency hackers, and these guys need to be stopped. So the least I could do is make everyone aware and post as much information I could gather and maybe it could be useful to a victim out there.
Address where all hacked funds end up: (after being mixed). 3J3dWtKXgxMWKEAZyDENMRDSan753asAJi
wallet balance:
93.23541381 BTC and growing
His IP address: 115.164.204.24 links back to Malaysia
ISP: DiGi Telecommunications Sdn Bhd
Email I managed to find an email address [email protected] linked to 3J3dWtKXgxMWKEAZyDENMRDSan753asAJi
Just posting this for users to be aware of this address and any information that can be found should be posted here.
After doing a lot more research: I linked up Iranian IP addresses used to exploit web servers
Iranian Bitcoin hackers seem to be linked as well, details are below of the team(or person behind cyber attacks):
[email protected] (IP address: 86.57.101.61)
[email protected] (IP address: 5.114.237.75)
[email protected] (IP address: 37.129.69.34)
[email protected] (IP address: PENDING)
[email protected] (IP address: PENDING)
Iranian hackers website with exposed information http://95.156.254.35/api/login
SERVER_SOFTWARE
"Apache/2.4.6 (CentOS) PHP/7.1.14"
SERVER_NAME
"95.156.254.35"
EXCEPTION_IP_ADDRESS
"46.209.255.138,91.72.219.46"
CREDIT_ALERTS_NUMBERS
"09351866262,09124037786,09102471966"
CLICK_SEND_USERNAME
"[email protected]"
tgbsco.com
https://infinite8.ae/ (this website is linked with tgbsco.com ) Iran and united Arab emirates.
https://whois.domaintools.com/infinite8.ae
https://tgbsco.com/services/payment-services based UAE and Iranian background
https://www.crunchbase.com/organization/tgbs-tadbir-gostaran-behine-saz#section-overview
https://www.linkedin.com/company/infinite8.ae/
https://www.linkedin.com/in/hamid-fathalian-61716a3a/?originalSubdomain=ae
https://reverseip.domaintools.com/search/?q=tgbsco.com
1. badbadak.ir
2. mpos.ir
3. payam-pardaz.ir
I have discovered a big group of cryptocurrency hackers, and these guys need to be stopped. So the least I could do is make everyone aware and post as much information I could gather and maybe it could be useful to a victim out there.
Address where all hacked funds end up: (after being mixed). 3J3dWtKXgxMWKEAZyDENMRDSan753asAJi
wallet balance:
93.23541381 BTC and growing
His IP address: 115.164.204.24 links back to Malaysia
ISP: DiGi Telecommunications Sdn Bhd
Email I managed to find an email address [email protected] linked to 3J3dWtKXgxMWKEAZyDENMRDSan753asAJi
Just posting this for users to be aware of this address and any information that can be found should be posted here.
After doing a lot more research: I linked up Iranian IP addresses used to exploit web servers
Iranian Bitcoin hackers seem to be linked as well, details are below of the team(or person behind cyber attacks):
[email protected] (IP address: 86.57.101.61)
[email protected] (IP address: 5.114.237.75)
[email protected] (IP address: 37.129.69.34)
[email protected] (IP address: PENDING)
[email protected] (IP address: PENDING)
Iranian hackers website with exposed information http://95.156.254.35/api/login
SERVER_SOFTWARE
"Apache/2.4.6 (CentOS) PHP/7.1.14"
SERVER_NAME
"95.156.254.35"
EXCEPTION_IP_ADDRESS
"46.209.255.138,91.72.219.46"
CREDIT_ALERTS_NUMBERS
"09351866262,09124037786,09102471966"
CLICK_SEND_USERNAME
"[email protected]"
tgbsco.com
https://infinite8.ae/ (this website is linked with tgbsco.com ) Iran and united Arab emirates.
https://whois.domaintools.com/infinite8.ae
https://tgbsco.com/services/payment-services based UAE and Iranian background
https://www.crunchbase.com/organization/tgbs-tadbir-gostaran-behine-saz#section-overview
https://www.linkedin.com/company/infinite8.ae/
https://www.linkedin.com/in/hamid-fathalian-61716a3a/?originalSubdomain=ae
https://reverseip.domaintools.com/search/?q=tgbsco.com
1. badbadak.ir
2. mpos.ir
3. payam-pardaz.ir
While I appreciate the info, you don't provide much proof where you got the information, it could be anyone and you're not showing us what made you draw those lines. Investigate the issue better and come back with something supporting your claims, good luck!
