API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Dec 30th, 2018
598
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.66 KB | None | 0 0
raw download clone embed print report
  1. Jester - FalconGhost
  2.  
  3. As previously mentioned we of the Falcon Ghost group, we are targeting Energy, Space Aerospace, Military Intelligence (the Intelligence Community as a whole), economic sectors such as Stock Exchanges, Banks and the World Society of Interbank Financial Telecommunications (SWIFT).
  4.  
  5. In recent months, Falcon Ghost has attacked Israel - the National Cyber ​​Security Authority (Israeli Government-Israel), Intelligence of Israel. France - Emmanuel Macron (President of France) and Germany - BND (Federal Intelligence Service of Germany).
  6.  
  7. * The information that was stolen from the above targets is in our VPS.
  8. Also as Documents/Reports (describing the whole attack, such as encountered crashes, exploits used in the attack, etc.)
  9.  
  10. - I recommend taking a look at the VPS Spreadsheets, where you can find ALL machine information, hacked servers, as well as the names of the professionals who took care of Target Security(Team T.I - Information Technology)
  11. Where also as request, were spies. You will find in the spreadsheet details such as:
  12. =============================================================================================================================
  13. *Home address
  14. *IP addresses (personal computers and other devices;)
  15. *Personal information
  16. *Cell phones clipped
  17. =============================================================================================================================
  18. (Use our Framework (CENSORED) *
  19. to have a range of scanning options, such as seeing the device's camera without the individual noticing, capturing all the conversations, calls in the last 24 hours, after the 24 hours have passed, the information collected is destroyed and it collects new information so the process repeats itself.)
  20. As in our last conversation, we will hold a meeting together with the other members of Falcon Ghost.
  21.  
  22. We are thinking of partnering with other APT groups (which will be our choice), if only if this possibility is confirmed.
  23.  
  24. * If we partner with a group that has the possibility and care of invading the NSA, the invasion and information gathering will be performed.
  25.  
  26. Grounds for the invasion:
  27. * Sale of confidential documents
  28. * Stealing NSA exploitations and void (restricted) exploits will have a negative effect on the US political and economic sectors.
  29. * Increase confidence of other markets, Foreign governments in CyberWar (example China)
  30.  
  31. Problems encountered in SWIFT.
  32.  
  33. While doing Pivoting and recognition of the EastNets Network (SWIFT). We found an unusual action. There was someone with access on | ENSBDSSL1 External in block IP 192.168.215.20/27 Outside VLAN 5 | where there was a Rootkit (very noisy), collecting all the Documents of Root possession (Administrative) of the VPN.
  34. So we took our remote access for analysis, we started investigating the whole block. Where we did the whole Forensic and investigative process to get the source of the problem.
  35.  
  36. After the discovery of the Rootkit process, forensic analysis was done, such as reverse engineering of Malware.
  37.  
  38. * By analyzing the Rootkit source code, the malicious DNS was found to receive the information collected by the malicious software. *
  39.  
  40. The group responsible for the disorder where almost committed our Data collection operation, arriving at our own investigations was the group APT Carbanak/Fin7.
  41.  
  42. We were able to configure IPTABLES (Firewall) within the EastNets VPN that blocked the malicious DNS Server from Carbanak.
  43.  
  44. We upgraded the machines from EastNets so that the exploits that the group in question (Carbanak) were unable to exploit and disrupt the Operation of Falcon Ghost.
  45.  
  46. As the problem caused, I as founder and responsible for the Falcon Ghost group, I am declaring our disharmony towards the rival APT group.
  47.  
  48. I request your authorization so that we can plan a possible investigation and that we can compromise the operations of the Carbanak group.
  49.  
  50. Final information:
  51. - We found vulnerabilities in several banks in Brazil, also found critical flaws in the judicial, executive and legislative sector.
  52. - Negative fact: As the faults are highly gravel, it can have several invaders in the networks of the Brazilian Government.
  53. - We found Google's Zero Day vulnerabilities, we can gather bulk information and exploit the internal network.
  54. - We collect the exploits that the BND(Federal Intelligence Service of Germany) uses for military operations, espionage and other actions in CyberWar.
  55.  
  56. Please contact the group The Shadow Brokers (TSB), this is the group that we hope to make a friendly partnership.
  57. The meeting will decide this as per the Falcon Ghost members' decision.
  58.  
  59. I look forward to our next conversation.
  60.  
  61. Cheers
  62.  
  63. @Jester, FalconGhost
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!