Search This Blog

Showing posts with label Parler. Show all posts

Cybercrime Forum Publishes Alleged Database, Source Code From Russian Firm That Helped Parler

 

A seller on a famous cybercrime website claims to be selling source code and a database that they claim belongs to DDoS-Guard, the Russia-based hosting firm that helped social media company Parler relaunch after Amazon Web Services banned it. 

DDoS-Guard also offers computing capacity and restricts the recognition of website owners of hundreds of shady resources involved in unlawful goods sales, gambling, and copyright infringements, according to Group-IB research on online piracy. 

On May 26, Group-IB, a global threat hunting, and adversary-centric cyber intelligence firm specialized in investigating and combating high-tech cybercrime, uncovered a database supposedly connected to bulletproof hosting provider DDoS-Guard that was placed for sale on a cybercrime website. 

Customers' names, IP addresses, and payment details are allegedly stored in the database. In addition to the database, the threat actor claims to possess the DDoS-Guard infrastructure's source code. The entire collection is currently up for auction, with a starting bid of $350,000. Since the threat actor did not offer a sample, it is impossible to verify the legitimacy of the allegedly stolen material. 

DDoS-Guard also offers computing capacity and restricts the recognition of website owners of hundreds of shady resources involved in unlawful goods sales, gambling, and copyright infringements, according to Group-IB research on online piracy.

“Initially, the threat actor was auctioning off the lot with a starting price of $500,000. Shortly after the amount was reduced to $350,000,” stated Oleg Dyorov, Threat Intelligence analyst at Group-IB. “The threat actor didn’t provide a sample of the database, which makes it impossible to verify the authenticity of the reported stolen database and the source code. The seller registered this account on exploit in January 2021 and has been looking to buy access to different corporate networks ever since. It is only the second time that they are trying to sell data on the forum. Despite the regular activity, the threat actor has no reputation on the forum and has made no deposits yet.” 

According to the Group-IB Threat Intelligence & Attribution system, this user had an account on exploit[.]in before being barred by the forum administrators for refusing to use the escrow service. DDoS-Guard provides DDoS prevention, CDN, and hosting services, and its data is allegedly being traded on a hacker site. 

“As an international certified emergency response team, we get to interact with dozens of hosting providers around the world every day to ensure violations are removed promptly,” says Reza Rafati, a senior analyst at CERT-GIB in Amsterdam. 

“Whenever we establish a connection with this company, it immediately reflects a red flag. We’ve seen a number of rogue websites hosted by DDoS-Guard. They were almost impossible to take down. Their answer to our numerous complaints on them protecting illegal resources is that they are not the owners of these websites. Such a safe environment for illicit online activity doesn’t do any good for the global effort against cybercrime.”

Parler on the Verge of Permanent Expulsion

 

Launched in 2018, Parler has become a place of refuge for individuals that have been prohibited or suspended by popular social networks including Facebook and Twitter for abusing those stages guidelines. The Henderson, Nevada–based organization has named itself as a free speech option in contrast to mainstream social networks and adopted a more loosened up approach to content moderation, attracting conspiracy theorists, members of hate groups, and right-wing activists who have transparently induced violence.

Google has suspended US-based microblogging stage Parler, where the majority of the supporters of active President Donald Trump are moving their base from its application store, referring to posts inducing viciousness and requesting strong moderation for heinous content from the social networking service. All the while, Apple had given Parler, the social network supported by conservatives and extremists, an ultimatum to implement a full moderation plan of its platform inside the following 24 hours or face suspension from the App store. 

The move by the two Silicon Valley organizations came the day when Twitter forever suspended Trump's account because of the "danger of additional prompting of viciousness". 

In suspending the service, Google, whose software powers Android telephones, referred to its approach against applications that promote violence and gave recent examples from Parler, including a Friday post that started "How do we take back our country? Around 20 or so coordinated hits" and another promoting "Million Militia March" on Washington. 

"To ensure client security on Google Play, our longstanding strategies require that applications showing user-generated content have moderation policies and implementation that eliminates offensive substance like spots that prompt violence. All developers consent to these terms and we have reminded Parler of this clear policy in recent months," Google said in a statement. 

Meanwhile, Apple in a statement said it has gotten various complaints with respect to the offensive substance in Parler service, allegations that the application was utilized to plan, organize and encourage the criminal operations in Washington DC on January 6 that prompted death toll, various wounds and the devastation of property. 

Matze, who depicts himself as a libertarian, established Parler in 2018 as a "free-speech driven" alternative to mainstream platforms however started seeking right-leaning clients as prominent supporters of Trump moved there. On Parler, John Matze sent out an opposing vibe. "We won't give in to pressure from anti-competitive actors! We will and consistently have authorized our guidelines against brutality and criminal behavior. Yet, we won't cave to politically persuaded organizations and those authoritarians who scorn free speech!" he wrote in a message.