[DDW User Profile] Who is the hottest user selling access in DDW? — 1) inthematrix1
With contribution from Hotsauce (Denise Dasom Kim, Jungyeon Lim, Yeonghyeon Jeong, Sujin Lim, Chaewon Moon)| S2W TALON
Abstract
Who is the hottest user selling access in DDW? In this post, we focus on the hottest user based on the intelligence collected by Xarvis.
From July 2021 to August 2021, inthematrix1 has been selling access more frequently on the auction board of Exploit.in. Last month, the auction of selling the admin access related to the supplier was the trending issue in South Korea. (Ref. 2021.07.22 [긴급] 딥웹에 매출 1조원↑ 한국 자동차 관련 기업 관리자 권한 판매글 올라와 (boannews.com) / (EN) [Emergency] Sales of KRW 1 trillion ↑ in sales of Korean automobile-related companies were posted on the Deep Web
The details of inthematrix1's activities on the auction board of Exploit.in using Xarvis as below:
inthematrix1 has doubled its activity compared to last month as below:
According to the 2 screenshots above, we can get 2 Questions as below:
1) Who is inthematrix1?
2) Is inthematrix1 a seller or a buyer?
- If inthematrix1 is a seller on Exploit.in, which access sold by inthematrix1?
- If inthematrix1 is a buyer on Exploit.in, how many buying access in Exploit.in?
Let’s deep dive into the detail of inthematrix1!
1. Who is inthematrix1?
inthematrix1 joined the Exploit.in on June 25, 2020, and it seems that the forum activity started on July 3, 2020, but his auction activity was started on December 12, 2020
- inthematrix1 sold PII(Personally Identifiable Information), DL(Driver License), and SSN(Social Security Number) from December 2020 to May 2021.
- (Current) inthematrix1 selling only access on Exploit.in
1.1. inthematrix1 usually working on Auctions
- Total 28 posts were published on Exploit.in, inthematrix1 published 27 posts on the auction board of Exploit.in, and 1 post on Finance board.
1.2. When inthematrix1 starts the deal after the end of the auction, he wants to receive the money with escrow service supported by Garant
The detail of the conversation with inthematrix1.
- inthematrix1 explained how to participate in the auction and how to trade after the auction.
- inthematrix1 doesn’t expose his wallet address and personal information for selling the product. Instead, he created the deal using the escrow service supported by Garant
The detail of the user of @Garant in Exploit.in.
- Garant is Forum Guarantor
- jabber : garant@exploit.im
2. Which access sold by inthematrix1?
2.1. Top 5 posts related to inthematrix1
(Total 104 posts / 28 posts posted by inthematrix1)
- RDP (Remote Desktop control Protocol)— 77.4%
- PII (Personally Identifiable Information) — 10.4%
- POS (Point of sale)— 5.7%
- ID / Password — 3.8%
- VNC (Virtual Network Computing) — 1.9%
2.2. Top 3 auctions related to inthematrix1
2.2.1. Admin Access Security Firm Canada (10 replies)
- Published Date: June 26, 2021
- Status: Sold / Closed by inthematrix1
2.2.2. Acces Administrator RDP hotel greece (10 replies)
- Published Date: June 22, 2021
- Status: Sold / Closed by inthematrix1
2.2.3. Admin access South Korea Corporate Company Revenue 1B$ (8 replies)
- Published Date: July 20, 2021
- Status: Sold / Closed by inthematrix1($3,000)
ellis.J.douglas bought the access in inthematrix1’s post
The auction was closed by ellis.J.douglas on August 10, 2021. inthematrix1 confirmed his deal as below:
Conclusion
- inthematrix1 is the hottest user in the auction board of Exploit.in.
- The selling activities of inthematrix1 more than doubled in August compared to July, and RDP access information accounted for 77.4% of user activity.
- inthematrix1's activities have exploded recently, and we need to focus on inthematrix1.
- Homepage: https://www.s2wlab.com
- Facebook: https://www.facebook.com/S2W
- Twitter: https://twitter.com/s2w