Friend
Professional
- Messages
- 2,677
- Reaction score
- 1,096
- Points
- 113
The administrator of the Doxbin site talks about his experience.
Recently published interviews with prominent doxers shed light on the financial side of this practice and reveal how their extortion methods are becoming increasingly violent.
The term "doxing" is used to describe situations where someone intentionally reveals a person's true identity by publishing documents and confidential data. This practice is widespread, has existed for many years, and is often used by cybercriminals for financial gain.
The scale of the doxing market is amazing. The leading platform for sharing such information — Doxbin-has about 300,000 registered users and more than 165,000 published "pastes" (as each individual publication is called).
The popularity of Doxbin makes this practice particularly lucrative. If we were talking about a little-known underground site that no one visits, people would not care that their data is published there.
According to former Doxbin members, the site generated six-figure annual revenue through buybacks. This information was provided by a cybercriminal known under the pseudonym Ego-a former member of the ViLE group, whose members recently pleaded guilty to hacking the portal of the US Drug Enforcement Administration in order to collect data on persons of interest.
Ego and a Doxbin administrator named "Reiko" gave an interview last year to Jacob Larsen, a threat researcher and CyberCX specialist. Larsen first revealed their dialogue this week as part of his presentation at the Black Hat 2024 conference.
After the interview, both people disappeared from the network. Ego disappeared in August 2023, shortly after the arrest of two ViLE members. Reiko has not been seen since May, following the alleged abduction of a Doxbin owner known as "Operator".
Larsen noted that although Reiko has removed most of its online presence, the site of its doxit group has been removed. Valhal.la still functioning. The recent appearance of new members on the site indicates that Reiko is continuing its activities in this area.
For Ego, doxing was just a side job. According to him, shortly before the interview, he completed his training as a network engineer. In a conversation with Larsen, Ego shared: "I'm quite young and I've never worked from 9 to 5. To be honest, I don't think anything will change. I focused on learning about networks and recently completed my degree in network Engineering. In parallel, I received several more certificates. During the last year of my studies, this activity was my main source of income."
Unlike other more lucrative forms of cybercrime, doxers motivations tend to be ambiguous. Ego is clearly driven by financial gain, while Reiko targets specific individuals, such as child molesters. However, financial incentives undoubtedly play a role in its activities.
Cybercriminals often try to disguise their self-serving intentions as political motives or a thirst for justice. Apparently, in the case of doxing, the same picture is observed. At least that's what Larson thinks.
Although doxing is not illegal in most countries, the very methods of obtaining information often violate the law. Ego admitted to using remote access Trojans, social engineering techniques, and fake requests for emergency data from law enforcement agencies.
Of particular concern is the growing trend of using physical violence to intimidate victims and force them to pay ransoms. Ego spoke about cases when people whose data was disclosed were attacked: their homes were shelled, Molotov cocktails were thrown at the windows. He even mentioned cases of torture and murder for the purpose of seizing other people's cryptocurrency assets.
Larsen pointed out that many of the "pastes" on Doxbin contain messages that encourage the victim to commit suicide or incite the Doxer community to further harm. These posts are not moderated by the site administrators.
The researcher also found that physical harm services are becoming increasingly accessible to doxers.
At the end of his speech, Larson stressed that laws need to be changed to protect victims of doxing platforms and effectively target criminals involved in such schemes. He also gave recommendations on how to protect against doxing, including using unique email addresses and passwords for all accounts, using a VPN, and refusing to publish the full name or photos of friends and family on the Internet.
Source
Recently published interviews with prominent doxers shed light on the financial side of this practice and reveal how their extortion methods are becoming increasingly violent.
The term "doxing" is used to describe situations where someone intentionally reveals a person's true identity by publishing documents and confidential data. This practice is widespread, has existed for many years, and is often used by cybercriminals for financial gain.
The scale of the doxing market is amazing. The leading platform for sharing such information — Doxbin-has about 300,000 registered users and more than 165,000 published "pastes" (as each individual publication is called).
The popularity of Doxbin makes this practice particularly lucrative. If we were talking about a little-known underground site that no one visits, people would not care that their data is published there.
According to former Doxbin members, the site generated six-figure annual revenue through buybacks. This information was provided by a cybercriminal known under the pseudonym Ego-a former member of the ViLE group, whose members recently pleaded guilty to hacking the portal of the US Drug Enforcement Administration in order to collect data on persons of interest.
Ego and a Doxbin administrator named "Reiko" gave an interview last year to Jacob Larsen, a threat researcher and CyberCX specialist. Larsen first revealed their dialogue this week as part of his presentation at the Black Hat 2024 conference.
After the interview, both people disappeared from the network. Ego disappeared in August 2023, shortly after the arrest of two ViLE members. Reiko has not been seen since May, following the alleged abduction of a Doxbin owner known as "Operator".
Larsen noted that although Reiko has removed most of its online presence, the site of its doxit group has been removed. Valhal.la still functioning. The recent appearance of new members on the site indicates that Reiko is continuing its activities in this area.
For Ego, doxing was just a side job. According to him, shortly before the interview, he completed his training as a network engineer. In a conversation with Larsen, Ego shared: "I'm quite young and I've never worked from 9 to 5. To be honest, I don't think anything will change. I focused on learning about networks and recently completed my degree in network Engineering. In parallel, I received several more certificates. During the last year of my studies, this activity was my main source of income."
Unlike other more lucrative forms of cybercrime, doxers motivations tend to be ambiguous. Ego is clearly driven by financial gain, while Reiko targets specific individuals, such as child molesters. However, financial incentives undoubtedly play a role in its activities.
Cybercriminals often try to disguise their self-serving intentions as political motives or a thirst for justice. Apparently, in the case of doxing, the same picture is observed. At least that's what Larson thinks.
Although doxing is not illegal in most countries, the very methods of obtaining information often violate the law. Ego admitted to using remote access Trojans, social engineering techniques, and fake requests for emergency data from law enforcement agencies.
Of particular concern is the growing trend of using physical violence to intimidate victims and force them to pay ransoms. Ego spoke about cases when people whose data was disclosed were attacked: their homes were shelled, Molotov cocktails were thrown at the windows. He even mentioned cases of torture and murder for the purpose of seizing other people's cryptocurrency assets.
Larsen pointed out that many of the "pastes" on Doxbin contain messages that encourage the victim to commit suicide or incite the Doxer community to further harm. These posts are not moderated by the site administrators.
The researcher also found that physical harm services are becoming increasingly accessible to doxers.
At the end of his speech, Larson stressed that laws need to be changed to protect victims of doxing platforms and effectively target criminals involved in such schemes. He also gave recommendations on how to protect against doxing, including using unique email addresses and passwords for all accounts, using a VPN, and refusing to publish the full name or photos of friends and family on the Internet.
Source
