Hello everyone!
I have discovered a big group of cryptocurrency hackers, and these guys need to be stopped. So the least I could do is make everyone aware and post as much information I could gather and maybe it could be useful to a victim out there.
Address where all hacked funds end up: (after being mixed).
3J3dWtKXgxMWKEAZyDENMRDSan753asAJiwallet balance:
93.23541381 BTC and growing
His IP address: 115.164.204.24 links back to Malaysia
ISP: DiGi Telecommunications Sdn Bhd
Email I managed to find an email address
zero.wallets@gmail.com linked to
3J3dWtKXgxMWKEAZyDENMRDSan753asAJiJust posting this for users to be aware of this address and any information that can be found should be posted here.
After doing a lot more research: I linked up Iranian IP addresses used to exploit web servers
Iranian Bitcoin hackers seem to be linked as well, details are below of the team(or person behind cyber attacks):
alicr2019@gmail.com (IP address: 86.57.101.61)1711352@gmail.com (IP address: 5.114.237.75)sajadghochian1220@gmail.com (IP address: 37.129.69.34)salehmohamadali5@gmail.com (IP address: PENDING)Pars55055@gmail.com (IP address: PENDING)Iranian hackers website with exposed information
http://95.156.254.35/api/loginSERVER_SOFTWARE
"Apache/2.4.6 (CentOS) PHP/7.1.14"
SERVER_NAME
"95.156.254.35"
EXCEPTION_IP_ADDRESS
"46.209.255.138,91.72.219.46"
CREDIT_ALERTS_NUMBERS
"09351866262,09124037786,09102471966"
CLICK_SEND_USERNAME
"
admin@infinite8.ae"
tgbsco.com
https://infinite8.ae/ (this website is linked with tgbsco.com ) Iran and united Arab emirates.
https://whois.domaintools.com/infinite8.aehttps://tgbsco.com/services/payment-services based UAE and Iranian background
https://www.crunchbase.com/organization/tgbs-tadbir-gostaran-behine-saz#section-overviewhttps://www.linkedin.com/company/infinite8.ae/https://www.linkedin.com/in/hamid-fathalian-61716a3a/?originalSubdomain=aehttps://reverseip.domaintools.com/search/?q=tgbsco.com1. badbadak.ir
2. mpos.ir
3. payam-pardaz.ir
