Tag Archives: OSINT

Access to Central Bank is for Sale

A threat actor, called ‘4c3’ selling access to a central bank. The threat actor did not disclose the name of the bank.

The ad posted today, in exploit.in website. The threat actor did not disclose the name of the bank but gave some information like the bank has Symantec as EDR and around 10k machines, mostly running Windows. The bank is using Flexcube database too.

The threat actor is claiming that she/he can give VPN access for the central bank and all passwords of domain dump.

The threat actor announced that she/he is not giving the name of the bank publicly and she/he can give it only via private chat.

exploit.in is a very popular Russian undergroun hacking forum.

Image Reverse Search

With the growth of social media usage, fake news and social media scams are growing too. For many reasons, we need to correct the posts before we believe and/or share them. Image reverse shell is an OSINT technique, very important because of these social media and news scams and as easy as it is important.

To see if the news is true, one of the tools we can use is image reverse search. There are many ways for this but here, we will explain the easiest ones.

Suppose we have the above image and we want to know when and where it was filmed. We start with Google search.

Google

In Google Images, press the camera icon and upload the image.

We can then directly find the web sites including this image. So, we can find where and when it was filmed. We now learn that this image is from Syria and showing an airstrike. So if we see that it was shared for another news as scam, we can know the truth about it.

Yandex

It is also same with Yandex. We upload the image to Yandex Images in the same way.

Yandex can find more than Google so I recommend you to use Yandex too in your searches.