Iranian Hackers [APT, H4ckCity, MohitAMN]?
#1
Hello there GS,

Just wondering if any one of u have access to the Iranian Hacking group named as APT/33/34, Helix Kitten or Oilrig?
Handbooks, papers, articles, saved webpages or telegram images, tools, scripts ...
any type of data/Intel would be appreciated.

its been quite a while I'm searching for their Ongoing, undercover community, Came up with a few clues but not efficient enough to get me closer to them or their Live community. I write articles for a few websites such as Null-Byte and UNIT 42 (search for it in ur fav engine).

As u can find in this link , my group nd I are putting together all pieces of puzzles about them.
this group is way Bigger than what u could ever imagine. just check out the link if u wanna know about the Scale of the whole deal. we are working on other Former Hacking groups such as H4ckCity and MohitAMN. we can bounce ideas bout them or i can share a few private tools of ur demand.

I will refer to the name of whoever's somehow contributing in my articles or I can show my gratitude in many other ways. 

u can contact me Through :
email : solog44k@gmail.com
Telegram : sologeek

stay Supreme 
Reply
#2
Never heard of these guys before. Only Iranian APT I've read about is the so called 'Charming Kitten'. They had some pretty innovative ideas and techniques to bypass 2fa by real-time phising the target. Pretty cool article about it here: https://threatpost.com/charming-kitten-i...fa/139979/
Reply
#3
One of the govt. funded iranian hackers have telegram channel where they dump their materials.
I've joined the group long time before, need to recheck if im still there.
Reply
#4
Going by your link i think it's safe to assume you guys do threat intel and maybe even some more exciting things. If that's the case and you have in house tooling designed for active engagements, then those may be worthwhile to assist you guys for. Run of the mill OSS tooling, while good, generally falls short of the quality i'd expect of tooling developed by an organization that is dedicated to hunting APTs.

If you can't share any of those due to NDAs, IP(The intellectual property kind) or general company policy i'd hope you have 0days or something of equivalent value to trade, you're going to have a hard time trading anything with any of our skilled members otherwise i'd wager. For the most part our skilled members are perfectly capable of developing their own TTPs.

I generally don't concern myself too much with the cyber battle for world domination that rages on a massive scale and i am generally not for hire. But i wouldn't mind chipping in if you have something special and worthwhile to trade.
Reply
#5
If you're still looking for info on this. Found a pretty good overview over the APT-operations from Iran. Might be worth a read.
http://garwarner.blogspot.com/2020/01/ir...rview.html
Reply
#6
(11-27-2020, 06:46 PM)Vector Wrote: Going by your link i think it's safe to assume you guys do threat intel and maybe even some more exciting things. If that's the case and you have in house tooling designed for active engagements, then those may be worthwhile to assist you guys for. Run of the mill OSS tooling, while good, generally falls short of the quality i'd expect of tooling developed by an organization that is dedicated to hunting APTs.

If you can't share any of those due to NDAs, IP(The intellectual property kind) or general company policy i'd hope you have 0days or something of equivalent value to trade, you're going to have a hard time trading anything with any of our skilled members otherwise i'd wager. For the most part our skilled members are perfectly capable of developing their own TTPs.

I generally don't concern myself too much with the cyber battle for world domination that rages on a massive scale and i am generally not for hire. But i wouldn't mind chipping in if you have something special and worthwhile to trade.

I'm just curious .... is there anyone around here that is for hire? Someone that maybe looking to do a good deed paying it forward or just bored? I might be barking up the wrong tree, but I'm kinda desperate and it should be a small task depending on if there is someone willing to help me out and/or what they are willing to help with. Any info or direction would be greatly appreciated if anyone cares to pm me. If not, I apologize for intruding.
Reply
#7
(02-10-2021, 07:03 PM)helpmeplease Wrote:
(11-27-2020, 06:46 PM)Vector Wrote: Going by your link i think it's safe to assume you guys do threat intel and maybe even some more exciting things. If that's the case and you have in house tooling designed for active engagements, then those may be worthwhile to assist you guys for. Run of the mill OSS tooling, while good, generally falls short of the quality i'd expect of tooling developed by an organization that is dedicated to hunting APTs.

If you can't share any of those due to NDAs, IP(The intellectual property kind) or general company policy i'd hope you have 0days or something of equivalent value to trade, you're going to have a hard time trading anything with any of our skilled members otherwise i'd wager. For the most part our skilled members are perfectly capable of developing their own TTPs.

I generally don't concern myself too much with the cyber battle for world domination that rages on a massive scale and i am generally not for hire. But i wouldn't mind chipping in if you have something special and worthwhile to trade.

I'm just curious .... is there anyone around here that is for hire? Someone that maybe looking to do a good deed paying it forward or just bored? I might be barking up the wrong tree, but I'm kinda desperate and it should be a small task depending on if there is someone willing to help me out and/or what they are willing to help with. Any info or direction would be greatly appreciated if anyone cares to pm me. If not, I apologize for intruding.

No. It's against the rules. This is not a market or a place hacker4hire.

See:
Rules Wrote:1.2 – Transactions
Economic transactions and activity are not allowed on GreySec. This includes:
  • Marketplace threads.
  • Buy/Sell activities.
  • Hire members.
  • Any type of monetary rewards for requests.
  • Trading.

And more, none of it is allowed on GreySec. You may do trades and purchases offsite outside the forum. But we do not accept any time of scam reports, everything is on your own risk. These rules are not limited to money: For example, trading and other similar topics. (Database-trading is exempt to this rule)
Advertising your products, mentioning your products or even hinting to your product is not allowed either. Only exception would be if its relevant to the topic at hand. But advertising for the sake of advertising; to increase your own profit margins is not allowed. GreySec is first and foremost a place for sharing information and mutual discussion on Hacking. In other words, a hacking forum. We are not and never will be an underground bazaar.

1.2.2 - Regarding Free services and products
Hit and run posts are not allowed. Even if your service is free of charge or nonprofit. If you are here for the sole purpose of advertising your website or product of any kind. Such content is subject to removal.

These free services are only to be mentioned in an appropriate context of discussion in which the service is relevant to the discussion and the thread.
In short words: Shill your stuff elsewhere. Unless your stuff is relevant to the topic. And that does not warrant its own dedicated thread for it.

Exception can be made if you are: A contributor, active member of the forum etc. Contact the admin if you wish to be granted permission to advertise something.
If your post/thread regarding your free product has been removed, you will be informed about it. You may appeal this claim by sending a private message to the administrator, administration has the final say in the matter regardless of context or rules. If we determine that you are not here to benefit the community but solely to benefit yourself, we may choose to deny you this despite your activity record.

See rules: https://greysec.net/misc.php?action=help&hid=8

I would advise you to go elsewhere. Or contact someone offsite (XMPP, Signal, Telegram etc. Outside of GreySec), although that does not mean to solicit members through Private Message.
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  Analogue Hackers? limb777 1 3,119 05-11-2019, 08:38 AM
Last Post: enmafia2
  do you think that psychology studies on hackers are bad? QMark 2 5,814 05-14-2018, 03:02 PM
Last Post: enmafia2