Hacking The Hackers: A Private Investigators GuideFor Tracking And Owning Sim Swappers And Gaining Golden Loot By godofhack.

my contact is Wickr: godofhack 

Im going to teach some techniques to dox and extort other sim swappers for there money or you can bespiteful and turn them in. I like watching chaos so ill help you guys out.

READ: This is for educational purposes only. Be extremely careful when doing methods like this.


The first method involves food delivery services like doordash, postmates and uber eats. A lot of sim swappers love to brag about the food they eat and places they order up from on different discord servers to there buddies. We can yet again exploit this knowledge to our advantage armed with a rough estimate of the time and day they ordered, the place they ordered from, money spent even down to the exact food and drink items they ordered. If its not already clear this is leading into another historical reverse order search method this time involving food delivery companies. Simply call up a representative at either of these places and provide either of the aforementioned values so: the amount of the order, food items, store it was placed  from, etc and search various orders and gather all the addresses and numbers for each order and cross reference other data to find your swapper that you are hunting. If you want to get even more thorough theres a physical component as an addon to this. You can hire people or have people stake out each address using a telescope or drone through the window and correspond if someones sitting down at a computer while also on TOR/VPN traffic to 100 percent confirm everything. The physical aspect was used once to find an even more difficult sim swapper who was assaulted using a technique called rubberhose cryptography and the trezor pin was obtained allowing the hackers to empty out the wallet and escape to a safe location. I leave the food delivery historical reverse order search technique as another brain exercise for the reader to complete and figure out on their own.

The second  method involves Internet Service Providers. I call this next method the reverse DNS query lookup. So to understand why this works I’m going to explain a bit on how routers and modems work. So when you sign up for ISP service you’re usually leased equipment, now by default this equipment is always pointed at your ISP’s own DNS resolver servers to handle any DNS query for
all domains resolved by the user of that ISP. By exploiting this knowledge we can help track down sim swappers easier understanding sites they may have visited and a rough time estimate. The network departments and other higher ups have access to historical DNS query records so by providing them a domain name and time of resolution they can see all IP addresses of customers that resolved that domain. Now remember this only works if the customer is not using openDNS or another alternative DNS provider. It’s still possible of course you would just have to social engineer an openDNS employee instead for their DNS logs. A lot of sim swappers are stupid un evolved monkeys that also like to discuss weird sites they visit and the more unique site the quicker you can root out all customer home IP’s that are not the sim swapper. This technique was also used to find a difficult to track down sim swapper. By now you must have noticed all these methods are perfect for breaking through even the most secure peoples operational security because historical records always fuck people over in the end if they weren’t careful from the start.

The third method involves Bank Accounts. A lot of sim swappers will eventually try to launder there money back into physical cash and this creates a paper trail of course. By social engineering various popular bank chains you can do whats known as a reverse bank account lookup and this can be done by guessing high balance amounts and look for strange high balance transactions all happening near each other. If one of the bank accounts you find is doing this theres a very large chance you found the sim swappers personal bank account and you can find there identity. Most sim swappers are rich so one of the recent high withdraw and deposit transaction logs would be them. Banks aso make this even easier and will also log where they spent money if they used their debit card for transactions not just physical cash which can help in figuring out which bank account is linked to them. This method was used to find 2 high profile sim swappers who made a big mistake using popular banks.

The previous methods are skid friendly since they involve social engineering, from this point forward in the thread we’re going to start getting the big guns out so if you don’t have exploit development knowledge the next set of methods aren’t for you. All of the rest of the methods will be exploiting memory safety flaws in your favorite applications these sim swappers use. These exploits only work for C/C++/Delphi and any other memory unsafe lang compiled binaries that allow for pointer manipulation.

The fourth method involves a remote code execution exploit for the pidgin messenger client. I will not disclose the vulnerable dll libraries or really anything specific this will also be an exercise for the reader. So chat clients usually have a lot of components which creates a huge attack surface but our main focus will be on the file and image parsers built into pidgin. Get out AFL or any fuzzer works and fuzz the file send component of pidgin and you should find an exploitable  crash that allows control of EIP. A lot of sim swappers use Pidgin for its xmpp protocol implementation for off the record discussions so using this RCE you can silently execute any piece of malware you want and spy on them to gather more information.

The fifth method involves an RCE in the wickr messenger client. I’m not going to reveal any hints for this one other then when writing for an IOS environment you WILL have to deal with PAC which is one of apples many exploit mitigations. Just fuzz all over and you will find it, I recommend Correlium for IOS exploit development though.

Thats that for now Im done revealing all I will reveal for now. 

Good look on your money making endeavors my fellow black hats.

This has been godofhack FAGGOTS and im out.