HackDig : Dig high-quality web security articles for hacker

Website of Albanian Hitmen-For-Hire Hacked, Data Dumped Online

2016-05-13 22:20

A hacker that goes by the name of bRpsd has hacked the Dark Web portal of the Albanian mafia group called Besa, subsequently dumping the data online and exposing their hitman-for-hire service.

The data was first uploaded online to the Files.fm website on April 23, and also made its way into the Siph0n service, as Risk Based Security first noticed. Softpedia has also downloaded the data and verified its content.

The Besa Mafia is the name of Albania's biggest crime organizations, Besa meaning "trust" in Albanian. The group is very active across Europe but has also been seen operating across other continents as well.

Hacker leaks details about site users, admin password

A website on the Dark Web is claiming to represent this group and is offering to provide a hitman-for-hire service to anyone wanting to harm, or even kill other people.

The data stolen from this website contained two CSV files that contained 2,682 personal messages and 38 hit orders. Additionally, the data dump contained a ZIP file holding 60 photos of supposed targets.

The hacker also leaked the site's admin password, along with details about 330 site accounts. The Files.fm data dump does not hold these details, but they can still be found in the Siph0n entry.

User account details included information such as usernames, hashed passwords, email addresses, sign-up data, user ID, and user status.

List of Besa Mafia user accounts
List of Besa Mafia user accounts

The hacker never publicized his findings, even if the data dump's content is quite "sensational." Below is a selection of orders placed on the site. Only the actual order text has been kept, and the data cleaned for readability.

  here is her facebook. put a bullet in her head. and I dont want her body to be seen in public and she live with her parents, so it will be better if you do your job when she is on her way to school. and it will be better if you can finished the job before next monday.  

  Beat him up. His photo can be seen on his facebook: [REDACTED URL]  

  Beat him up badly so there will be bruises and some blood but, don't do anything else. Target is about 173 centimeter tall and fat, but can fight back fiercely so use surprise attack before he can react. Target usually takes a walk during night or late evening. I'll make sure he comes out from his house when you are ready and know where to beat him up. His address is [REDACTED] In next order I'm giving a killing job. Do this beat up job before killing the other guy.  

  From Monday to Friday she brings one of their childs to childgarden. Bringing to this between 8 and 9 am. Take back between 1pm and 2pm. I wish to give her as message ""pay your debt back"" in german (Bezahl deine schulden).  

A lot of site users wanted to be hitmen, not place kill orders

The messages CSV file also contained a lot of interesting tidbits, but mostly messages exchanged between hitmen-wannabes with site administrators.

One of the most interesting messages was one sent by site administrators to one of the applicants. The message explained a test that all killer wannabes had to go through.

The Besa Mafia group would ask applicants to set a car on fire with gasoline, while recording it on video.

The applicants had to hold a piece of paper in front of the camera, with a dedication to the site's admins, named FOX and Pinochet.

One of those videos can be found on YouTube (embedded below), but there are two more on DailyMotion.

Besa Mafia website admins were cooperating with the police

Another even more interesting message thread revealed that website owners usually answered questions from local authorities, and collaborated on police investigations. Here are some of the exchanges.

  Have [REDACTED]@gmail.com contact us regarding information relating to a possible hit on an individual in Watauga, Tx.   We have information that was forwarded to us by the Irving, Tx police department.  Can you provide us with the customer's intent, his contact information as well as his validity in meeting your fake hitmen."  

  Thanks for the quick response.  Please have the customer send a blank e-mail to our [REDACTED]@sigaint.org e-mail address so that we can engage with this person directly.  Please tell him that you may have a brother that's available.  This should be the last communication you need with us, and we should be able to take over after we can make direct contact with the customer. Also, are you able to send the photo the customer provided? (You can provide that to our e-mail address directly if you can't provide it through the website) Can you also send us the statement he made regarding ""seeking local alternatives""? Since time is critical here, please have the customer contact us as soon as possible. Thanks again.  

  For any additional tips please use [REDACTED]@ic.fbi.gov and put ""BesaMafia"" in the subject line.  That way, your information will be routed appropriately. Thank you.  

And then things get weird, as the site's admins start confessing that their site is actually a fake, and they're only a team of programmers from Europe.

  Hello, Yes, that is correct. We receive orders to kill people from all over the world, however our site is fake and we don't have any hitmen. We forward the orders to police departments where the targets are located. [REDACTED]@gmail.com is one of our emails on google, we use it to send notifications of hit orders to police.  

  All the information we got from the guy has been provided by janeblondiesexy to the Police Department, the guy has offered to meet our fake hitmen but we refused, we don't have any personal that can meet customers.  

  We are a team of computer programmers living in Europe, and we made this website as a honey pot for criminals, to fight crime and criminals  

  We will send all texas orders to such an email address. We are also willing to work with FBI to give them info if they want. Why we would do this ?? Because as mentioned, this website is to scam criminals of their money. We report them for 2 reasons: - to stop murder, this is moral and right - to avoid being charged with conspiracy to murder or association to murder, if we get caught.  

Regardless of the above statements, the website admins may have wanted to throw investigators off their trail by confessing to be a fake service, and the statements should be taken with a grain of salt. Nevertheless, these and other messages showed a willingness to provide information on the people that ordered hits if police ever came asking.

As for the server's reputation, RBS has pointed out that there are people online that publicly thanked [graphic content] the Besa Mafia website for their service, while others have marked it as a scam.

Source: .920405-enilno-depmud-atad-dekcah-erih-rof-nemtih-nainabla-fo-etisbew/swen/moc.aideptfos.swen

Read:2535 | Comments:0 | Tags:Data Breaches

“Website of Albanian Hitmen-For-Hire Hacked, Data Dumped Online”0 Comments

Submit A Comment



Blog :

Verification Code:


Share high-quality web security related articles with you:)


Tag Cloud