Vinny Troia

Last updated
Vinny Troia
Vinny Troia photo.jpg
EducationPhD[ citation needed ]
Alma mater Capella University, Western Governors University [ citation needed ]
Occupation(s)Ethical hacker and cybersecurity researcher [1] [2]
Website www.vinnytroia.com

Vincenzo Troia is an American ethical hacker and cybersecurity researcher who is known for reporting and identifying the Dark Overlord hacker group and hacker pompompurin, who was the owner-operator of the website BreachForums and was also involved in the 2021 FBI email hacking. [3] [4] He is also known for disclosing the Shanghai police database leak in 2022. [5] [6]

Troia also serves as CEO and principal security researcher at Night Lion Security, a cyber-security firm based in the US [7] and founded a threat intelligence firm named Shadowbyte. [1]

In 2018, Troia found a data leak of nearly 340 million detailed records about individual people available on a publicly accessible server of Exactis. [8] [9]

In 2019, he found a data breach in People Data Labs where records of personal data, including email addresses, employers, locations, job titles, names, phone numbers and social media profiles of 1.2 billion people were exposed. [10] [11]

In 2020, Troia identified and wrote a report on an entire underground cybercrime economy built on the stealing of reselling of video game passwords. [12] The white paper, published by Troia and Night Lion Security, outlines the process by which hackers make money by stealing and reselling Fortnite video game cosmetics, some making nearly a million dollars per year. [13] After the hackers gain access to a victim's account, most often by using common or reused passwords, the account's contents are stolen and resold on an underground black market valued at nearly 1 billion dollars annually. [14]

Publication

Troia is the author of the book "Hunting Cyber Criminals: A Hacker’s Guide to Online Intelligence Gathering Tools and Techniques" (Wiley Books), which illustrates various investigative tools and techniques used to track down and investigate cybercriminals using Open Source Intelligence (OSINT) gathering tools and techniques. [15] The book provides a detailed account of Troia's investigation into cyber criminal hacking group The Dark Overlord. [16]

Troia's book provides evidence and analysis to support claims that the masterminds behind The Dark Overlord cybercrime group are two teenagers living in Calgary, Canada. Evidence provided in the book, as well as a subsequent report published by Troia and Night Lion Security, link the members of The Dark Overlord hacking group to other "database focused" hacking groups such as ShinyHunters and GnosticPlayers, along with people such as Conor Brian Fitzpatrick, also known as pompompurin, who owned BreachForums. [17]

Related Research Articles

<span class="mw-page-title-main">Cybercrime</span> Type of crime based in computer networks

Cybercrime encompasses a wide range of criminal activities that are carried out using digital devices and/or networks. These crimes involve the use of technology to commit fraud, identity theft, data breaches, computer viruses, scams, and expanded upon in other malicious acts. Cybercriminals exploit vulnerabilities in computer systems and networks to gain unauthorized access, steal sensitive information, disrupt services, and cause financial or reputational harm to individuals, organizations, and governments.

A black hat is a computer hacker who violates laws or ethical standards for nefarious purposes, such as cybercrime, cyberwarfare, or malice. These acts can range from piracy to identity theft. A Black hat is often referred to as a "cracker".

The Australian High Tech Crime Centre (AHTCC) are hosted by the Australian Federal Police (AFP) at their headquarters in Canberra. Under the auspices of the AFP, the AHTCC is party to the formal Joint Operating Arrangement established between the AFP, the Australian Security Intelligence Organisation and the Computer Network Vulnerability Team of the Australian Signals Directorate.

<span class="mw-page-title-main">Timeline of Internet conflicts</span>

The Internet has a long history of turbulent relations, major maliciously designed disruptions, and other conflicts. This is a list of known and documented Internet, Usenet, virtual community and World Wide Web related conflicts, and of conflicts that touch on both offline and online worlds with possibly wider reaching implications.

A cyberattack is any offensive maneuver that targets computer information systems, computer networks, infrastructures, personal computer devices, or smartphones. An attacker is a person or process that attempts to access data, functions, or other restricted areas of the system without authorization, potentially with malicious intent. Depending on the context, cyberattacks can be part of cyber warfare or cyberterrorism. A cyberattack can be employed by sovereign states, individuals, groups, societies or organizations and it may originate from an anonymous source. A product that facilitates a cyberattack is sometimes called a cyber weapon. Cyberattacks have increased over the last few years. A well-known example of a cyberattack is a distributed denial of service attack.

<span class="mw-page-title-main">Carding (fraud)</span> Crime involving the trafficking of credit card data

Carding is a term of the trafficking and unauthorized use of credit cards. The stolen credit cards or credit card numbers are then used to buy prepaid gift cards to cover up the tracks. Activities also encompass exploitation of personal data, and money laundering techniques. Modern carding sites have been described as full-service commercial entities.

Lazarus Group is a hacker group made up of an unknown number of individuals, alleged to be run by the government of North Korea. While not much is known about the Lazarus Group, researchers have attributed many cyberattacks to them since 2010. Originally a criminal group, the group has now been designated as an advanced persistent threat due to intended nature, threat, and wide array of methods used when conducting an operation. Names given by cybersecurity organizations include Hidden Cobra and ZINC or Diamond Sleet. According to North Korean defector Kim Kuk-song, the unit is internally known in North Korea as 414 Liaison Office.

<span class="mw-page-title-main">Democratic National Committee cyber attacks</span> 2015-16 data breaches by Russian hackers as part of US election interference

The Democratic National Committee cyber attacks took place in 2015 and 2016, in which two groups of Russian computer hackers infiltrated the Democratic National Committee (DNC) computer network, leading to a data breach. Cybersecurity experts, as well as the U.S. government, determined that the cyberespionage was the work of Russian intelligence agencies.

In 2013 and 2014, the American web services company Yahoo was subjected to two of the largest data breaches on record. Although Yahoo was aware, neither breach was revealed publicly until September 2016.

<span class="mw-page-title-main">Sixgill</span> Israeli B2B cyber intelligence company

Sixgill is an Israeli B2B cyber intelligence company that analyses and monitors the deep web and dark web for threat intelligence. The company was founded in 2014 and is headquartered in Tel Aviv, Israel.

Exactis LLC is a data broker established in 2015 and based in the U.S state of Florida. The firm reportedly handles business and consumer data in an effort to refine targeted advertising.

The Dark Overlord is an international hacker organization which garnered significant publicity through cybercrime extortion of high-profile targets and public demands for ransom to prevent the release of confidential or potentially embarrassing documents.

Charming Kitten, also called APT35, Phosphorus or Mint Sandstorm, Ajax Security, and NewsBeef, is an Iranian government cyberwarfare group, described by several companies and government officials as an advanced persistent threat.

GnosticPlayers is a computer hacking group, which is believed to have been formed in 2019 and gained notability for hacking Zynga, Canva, and several other online services.

Data breach incidences in India were the second highest globally in 2018, according to a report by digital security firm Gemalto. With over 690 million internet subscribers and growing, India has increasingly seen a rise in data breaches both in the private and public sector. This is a list of some of the biggest data breaches in the country.

ShinyHunters is a black-hat criminal hacker group that is believed to have formed in 2020 and is said to have been involved in numerous data breaches. The stolen information is often sold on the dark web.

On November 13, 2021, Conor Brian Fitzpatrick, going by his alias "Pompompurin", compromised the FBI's external email system, sending thousands of messages warning of a cyberattack by cybersecurity CEO Vinny Troia who was falsely suggested to have been identified as part of The Dark Overlord hacking group by the United States Department of Homeland Security.

BlackCat, also known as ALPHV and Noberus, is a ransomware family written in Rust. It made its first appearance in November 2021. By extension, it is also the name of the threat actor(s) who exploit it.

References

  1. 1 2 "FBI Email Hoaxer ID'ed by the Guy He Allegedly Loves to Torment". threatpost.com. 16 November 2021.
  2. "NightLion Worm Takes Revenge on Night Lion Security | Cyware Hacker News". Cyware Labs.
  3. "FBI system hacked to email 'urgent' warning about fake cyberattacks". www.bleepingcomputer.com.
  4. "Wait—The FBI Got Hacked Over a Beef With a Guy Named Vinny?". www.thedailybeast.com.
  5. "China Police Database Was Left Open Online for Over a Year, Enabling Leak". www.wsj.com.
  6. Gan, Yong Xiong,Hannah Ritchie,Nectar (5 July 2022). "Nearly one billion people in China had their personal data leaked, and it's been online for more than a year". CNN.{{cite news}}: CS1 maint: multiple names: authors list (link)
  7. "Hacker breaches security firm in act of revenge". www.zdnet.com.
  8. "Exactis said to have exposed 340 million records in massive leak". CNET.
  9. "A New Data Leak Reportedly Exposed 230 Million Americans' Personal Information". fortune.com.
  10. Reichert, Corinne. "1.2 billion records exposed in unsecured database". www.cnet.com.
  11. Newman, Lily Hay. "1.2 Billion Records Found Exposed Online in a Single Server". Wired.com.
  12. Winder, Davey. "Fortnite Hackers Earn $1 Million A Year—Stealing Your Skins". Forbes .
  13. "Fortnite Hackers Earn $1 Million A Year—Stealing Your Skins". Forbes. Retrieved 21 April 2023.
  14. "Fortnite 'black-market' part of billion-dollar hacker economy, report claims". Fox News. 27 August 2020. Retrieved 21 April 2023.
  15. "Book Review of "Hunting Cyber Criminals: A Hacker's Guide to Online Intelligence Gathering Tools and Techniques"". www.rsaconference.com.
  16. Troia, Vinny (January 2020). Hunting Cyber Criminals. Wiley. pp. 440–443. ISBN   978-1-119-54099-1 . Retrieved 23 December 2020.
  17. "The Dark Overlord report: An Investigation Into A Cyber Terrorist Hacking Group". Night Lion Security. Night Lion Security. Retrieved 17 July 2023.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.