Recorded Future, a US-based cyber-security firm, claims to have uncovered the real world identity of a notorious hacker who, back in 2016, had been behind the sale and proliferation of a slew of user databases from companies such as MySpace, Badoo, Dropbox, LinkedIn, and Twitter, just to name a few.
Security
The hacker's pseudonym is Tessa88, but Recorded Future claims that behind this acronym stands a 29-year-old named Maksim Vladimirovich Donakov (Донаков, Максим Владимирович), from the town of Penza, Russia.
Tessa88 is mostly known for being one of two hackers --together with Peace_of_Mind-- behind the string of so-called "mega breaches" that came to light in 2016.
Some of the databases that Tessa88 advertised online contained user data --and sometimes even passwords-- from companies such as MySpace, Twitter, LinkedIn, Dropbox, Badoo, QIP, Rambler, VKontakte, and Mobango. Peace_of_Mind also sold some of the same databases, but also others, unique to him.
ZDNet: Black Friday 2018 deals: Business Bargain Hunter's top picks | Cyber Monday 2018 deals: Business Bargain Hunter's top picks
But neither Tessa88, nor Peace_of_Mind, were the actual hackers who breached these companies. Both have said in multiple interviews given to news media outlets, including to this reporter, that they only acted as middlemen for a larger group of hackers who performed the actual hacks.
Both middlemen weren't active for long. Researchers spotted the Tessa88 persona active and trying to sell the databases on underground hacking forums and Dark Web marketplaces only between February and May 2016.
But despite Tessa88's limited activity, Recorded Future said today in a report that they've managed to interconnect several online identities to the Tessa88 moniker, and later to Maksim Donakov.
Researchers found YouTube videos, images uploaded on forums and Imgur, and three Odnoklassniki profiles (Russian social network service for classmates) that provided enough clues to identify Maksim Donakov as the person behind Tessa88. The two most important clues included:
Photos of Donakov's face that were uploaded on multiple profiles, interlinking various of Tessa88's alternative nicknames.
A YouTube video showing the car license plate for one of Tessa88's alternate acronym's, which was later linked to a traffic incident, revealing Donakov's real name.
Below is an infographic shared by Recorded Future, detailing their findings.
As a side note, US prosecutors have already charged, arrested, and extradited to the US a Russian hacker, Yevgeniy Nikulin, who they accused of hacking into Dropbox and LinkedIn, two of the databases that Tessa88 had put up online for sale back in 2016.
Related cyber-security coverage:
- Hackers use Drupalgeddon 2 and Dirty COW exploits to take over web servers
- Russia wants DNC hack lawsuit thrown out, citing international conventions
- Russian hacker arrested in Bulgaria for ad fraud of over $7 million
- Popular Dark Web hosting provider got hacked, 6,500 sites down
- Russian APT comes back to life with new US spear-phishing campaign
- Researchers find stolen military drone secrets for sale on the dark web CNET
- French police officer caught selling confidential police data on the dark web
- US has a cyberattack ready if Russia interferes with 2018 midterms TechRepublic
Best Black Friday 2018 deals:
- Amazon Seven Days of Black Friday Deals: All-time lows on office devices
- Amazon Black Friday 2018 deals: See early sales on Echo, Fire HD
- Best Buy Black Friday 2018 deals: Deep discounts on Apple Mac, Microsoft Surface
- Target Black Friday 2018 deals: $250 iPad mini 4, $120 Chromebook
- Walmart Black Friday 2018 deals: $99 Chromebook, $89 Windows 2-in-1
- Dell Black Friday 2018 deals: $120 Inspiron laptop, $500 gaming desktop
- Newegg Black Friday 2018 deals: $50 off Moto G6, $70 off Nest thermostat
- Office Depot Black Friday 2018 deals: $300 off Lenovo Flex, $129 HP Chromebook
- eBay Black Friday 2018 deals: See early sales on Galaxy Watch, Chromecast
- Lenovo Black Friday 2018 deals: ThinkPad laptops and more
- Microsoft Store Black Friday 2018 deals: Ad showcases Surface, laptop deals
- Windows laptops Black Friday deals: Dell, HP, Lenovo
- Chromebook Black Friday 2018 deals: Dell, Google, HP
- Best tablet Black Friday deals: Apple iPad, Amazon Fire
- Black Friday 2018 iPhone deals: $400 iPhone X gift card, BOGO iPhone XR
- Black Friday 2018 smartphone deals: OnePlus 6T, LG G7