KrakenLabs writes:
This is the second part of Outpost24’s KrakenLabs investigation into EncryptHub, an up-and-coming cybercriminal who has been gaining popularity in recent months and is heavily expanding and evolving operations at the time of writing. We’ve already published one article explaining EncryptHub’s campaigns and TPPs, infrastructure, infection methods, and targets.
This article will follow a different approach. We’ll explore EncryptHub’s last decade online with a particular focus on his one-year-old foray into cybercrime, the OPSEC mistakes he’s made along the way, and how he used ChatGPT as a faithful accomplice throughout. This way, we hope to give you a human image beyond the amorphous dark entity that the generic tag of ‘Threat Actor’ usually gives.
Who is EncryptHub?
When people think of cybercriminals, they tend to imagine high-tech, government-backed teams and elite hackers using cutting-edge technology. However, many hackers are normal people who at some point decided to follow a dark path. Due to OPSEC errors (detailed later) we were able to learn a lot about Encrypthub, most of which will remain private.
And to be clear, the purpose of this section is not to humiliate or dox the individual. It’s simply to shed light on the fact most cybercriminals are ordinary humans that lead mostly ordinary lives.
Read more at Outpost24.