February 2020
Beginner
544 pages
12h 40m
English
Content preview from Hunting Cyber Criminals
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
CHAPTER 17Profile Tracking and Password Reset Clues
This is, by far, my favorite part of the OSINT process. The next two chapters will detail my process for building a threat actor profile matrix. What is a threat actor profile matrix, you ask? It is essentially a giant Excel sheet full of the multiple account names, usernames, fake profiles, URLs, and other personal information related to a target. It is a way to visually organize your account‐related data into one place. Once you are able to do that, you will start to notice patterns in the data.
We will be using characters and personas from The Dark Overlord group for our examples.
Where to Start (with TDO)?
You have to start somewhere, right? So if the goal is to investigate TDO (or any threat actor), the first question is “What do we already know?”
One thing we can use to our advantage is all of the press and media attention that TDO received. Looking at early news articles, we know that the original stolen data was being sold on several different hacker forums by a user named Cr00k.
Figure 17.1 is a screenshot of Cr00k's TDO sales thread from the Russian hacking forum ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.