____ _ _ | _ \ _____ _| |__ (_)_ __ | | | |/ _ \ \/ / '_ \| | '_ \ | |_| | (_) > <| |_) | | | | | |____/ \___/_/\_\_.__/|_|_| |_|
Title:maxthonx
Created:Aug 3rd, 2024
Created by: Anonymous
Views: 236
Comments: 0
Username: Anonymous - (Login)
Please note that all posted information is publicly available and must follow our TOS.
⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣀⡠⢤⡀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀
⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢀⡴⠟⠃⠀⠀⠙⣄⠀⠀⠀⠀⠀⠀⠀⠀⠀
⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣠⠋⠀⠀⠀⠀⠀⠀⠘⣆⠀⠀⠀⠀⠀⠀⠀⠀
⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢠⠾⢛⠒⠀⠀⠀⠀⠀⠀⠀⢸⡆⠀⠀⠀⠀⠀⠀⠀
⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣿⣶⣄⡈⠓⢄⠠⡀⠀⠀⠀⣄⣷⠀⠀⠀⠀⠀⠀⠀
⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢀⣿⣷⠀⠈⠱⡄⠑⣌⠆⠀⠀⡜⢻⠀⠀⠀⠀⠀⠀⠀
⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢸⣿⡿⠳⡆⠐⢿⣆⠈⢿⠀⠀⡇⠘⡆⠀⠀⠀⠀⠀⠀
⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢿⣿⣷⡇⠀⠀⠈⢆⠈⠆⢸⠀⠀⢣⠀⠀⠀⠀⠀⠀
⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠘⣿⣿⣿⣧⠀⠀⠈⢂⠀⡇⠀⠀⢨⠓⣄⠀⠀⠀⠀
⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣸⣿⣿⣿⣦⣤⠖⡏⡸⠀⣀⡴⠋⠀⠈⠢⡀⠀⠀
⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢠⣾⠁⣹⣿⣿⣿⣷⣾⠽⠖⠊⢹⣀⠄⠀⠀⠀⠈⢣⡀
⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⡟⣇⣰⢫⢻⢉⠉⠀⣿⡆⠀⠀⡸⡏⠀⠀⠀⠀⠀⠀⢇
⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢨⡇⡇⠈⢸⢸⢸⠀⠀⡇⡇⠀⠀⠁⠻⡄⡠⠂⠀⠀⠀⠘
⢤⣄⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢠⠛⠓⡇⠀⠸⡆⢸⠀⢠⣿⠀⠀⠀⠀⣰⣿⣵⡆⠀⠀⠀⠀
⠈⢻⣷⣦⣀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣠⡿⣦⣀⡇⠀⢧⡇⠀⠀⢺⡟⠀⠀⠀⢰⠉⣰⠟⠊⣠⠂⠀⡸
⠀⠀⢻⣿⣿⣷⣦⣀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣠⢧⡙⠺⠿⡇⠀⠘⠇⠀⠀⢸⣧⠀⠀⢠⠃⣾⣌⠉⠩⠭⠍⣉⡇
⠀⠀⠀⠻⣿⣿⣿⣿⣿⣦⣀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣠⣞⣋⠀⠈⠀⡳⣧⠀⠀⠀⠀⠀⢸⡏⠀⠀⡞⢰⠉⠉⠉⠉⠉⠓⢻⠃
⠀⠀⠀⠀⠹⣿⣿⣿⣿⣿⣿⣷⡄⠀⠀⢀⣀⠠⠤⣤⣤⠤⠞⠓⢠⠈⡆⠀⢣⣸⣾⠆⠀⠀⠀⠀⠀⢀⣀⡼⠁⡿⠈⣉⣉⣒⡒⠢⡼⠀
⠀⠀⠀⠀⠀⠘⣿⣿⣿⣿⣿⣿⣿⣎⣽⣶⣤⡶⢋⣤⠃⣠⡦⢀⡼⢦⣾⡤⠚⣟⣁⣀⣀⣀⣀⠀⣀⣈⣀⣠⣾⣅⠀⠑⠂⠤⠌⣩⡇⠀
⠀⠀⠀⠀⠀⠀⠘⢿⣿⣿⣿⣿⣿⣿⣿⣿⣿⡁⣺⢁⣞⣉⡴⠟⡀⠀⠀⠀⠁⠸⡅⠀⠈⢷⠈⠏⠙⠀⢹⡛⠀⢉⠀⠀⠀⣀⣀⣼⡇⠀
⠀⠀⠀⠀⠀⠀⠀⠀⠈⠻⣿⣿⣿⣿⣿⣿⣿⣿⣽⣿⡟⢡⠖⣡⡴⠂⣀⣀⣀⣰⣁⣀⣀⣸⠀⠀⠀⠀⠈⠁⠀⠀⠈⠀⣠⠜⠋⣠⠁⠀
⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠙⢿⣿⣿⣿⡟⢿⣿⣿⣷⡟⢋⣥⣖⣉⠀⠈⢁⡀⠤⠚⠿⣷⡦⢀⣠⣀⠢⣄⣀⡠⠔⠋⠁⠀⣼⠃⠀⠀
⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠈⠻⣿⣿⡄⠈⠻⣿⣿⢿⣛⣩⠤⠒⠉⠁⠀⠀⠀⠀⠀⠉⠒⢤⡀⠉⠁⠀⠀⠀⠀⠀⢀⡿⠀⠀⠀
⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠈⠙⢿⣤⣤⠴⠟⠋⠉⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠈⠑⠤⠀⠀⠀⠀⠀⢩⠇⠀⠀⠀
⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠈⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀
The operation "#BlueDD0sEr"
Operation #BlueDD0sEr started after many of my clients complained about DDoS attacks coming from a famous Botnet network known as "Handnuke" or "RayCNC" according to them it is a variant of mirai. In addition, it also apparently has other names, it is a brazik mafia that creates famous botnet, which helped a lot in the investigation.
------------------------------------------
Some members of this mafia:
» Maxthonx
» Guccifer
» N0Sense
» vetinL
» tcptck
» c4p1t4in
» TheFoxy_02
» Deboched
-------------------------------------------
Botnet IP addresses found:
» [1] IP: 95.214.27.250
» [2] Domain: azureservices.space
» [3] Status: Active
» [1] IP: 141.98.7.68
» [2] Domain: polarnetwork.lol
» [3] Status: Inactive
» [1] IP: Unknown
» [2] Domain: nocry.seraphnetwork.wtf
» [3] Status: Inactive
Apparently the company used to carry out DDoS/DoS attacks by this mafia is called VPSVault and they also use DigitalOcean and Solia.Cloud.
» All IP's above have already been reported.
-------------------------------------------
Emails found:
» [A] Email: mmaxthonx@gmail.com
» [A] Status: Active
» [A] Relevancy: Alt
» [A] Email: luis*******.contato@gmail.com
» [A] Status: Active
» [A] Relevancy: Possibly Personal
» [A] Email: faastyy01@gmail.com
» [A] Status: Inactive
» [A] Relevancy: Alt
» [A] Email: brayner********@gmail.com
» [A] Status: Active
» [A] Relevancy: Possibly Personal
-------------------------------------------
» YouTube:
> https://youtube.com/@luckpermsbungee | Status: Active
- https://youtube.com/@N0sense-t8n | Status: Active
- https://youtube.com/@vetinkkkj | Status: Inactive
- https://youtube.com/@vetinLLLLL | Status: Inactive
- https://youtube.com/@maxthongriefing | Status: Inactive
» Discord
> thefoxy_02
> id: Unknown
> status: Active
> hypexisking
> id: 354402632875376653
> status: Active
> maxthonxx
> id: Unknown
> status: Deactivated or Banned
--------------------------------------------
The National Crime Agency (NCA) of the United Kingdom is currently conducting a critical investigation into a significant case involving the potential unauthorized access into CTT Bank. This investigation is focused on suspicious activities originating from IP addresses listed in the provided report.
To facilitate this investigation effectively, the NCA has enlisted the specialized services of Integrity Software. Integrity Software is exclusively authorized to conduct forensic analysis and gather pertinent data, including IP addresses, associated emails, and any other personal information that could aid in identifying and locating the perpetrators.
Additionally, the NCA is utilizing satellite (SPK-98471837X // SPA-98472390X) and drone surveillance to monitor the activities related to this potential attacker.
Sincerely,
Jane Doe
Investigative Team
National Crime Agency (NCA)
United Kingdom
--------------------------------------------
Some more information about the case, it is clear that: this mafia has already had more than 15 botnets this year and last year, and they have left more than 50 servers and services offline.
• Seraph Botnet,
• Corona Botnet,
• Handnuke Botnet,
• Dream Services,
• Phantom,
• PacketDrop,
• RayCNC,
• Lost Botnet,
• Saturn Botnet
In addition to having possible involvement with former people investigated by the NCA such as: "Dot.sh".
--------------------------------------------
Some phone numbers are available:
• Mobile Phone
> +55 51992791229
• Valid True
• Country "Brazil"
• Type Mobile
• Mobile Phone
> +55 8694512695
• Valid True
• Country "Brazil"
• Type Mobile
-------------------------------------------
» pr0xych4ins.sh <-> r00tkit.sh <-> The majority of investigation.
Created at 2024-03-03
Sent to NCA at 2024-02-20
╔════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════╗
| "The quieter you become, the more you are able to hear", and END. |
└────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────┘