Monday, September 18, 2017

Keyenter. wav Keychain Hack - MZFinance (GrandSlam)

Keyenter.WAV
Keyenter.WAV

First in series.  iTunes Extension WebKit facilitates keychain hack, accessible through Win Server, Android.  FBI, CIA, Google/Pentagon.  File can be encoded into pictures, QuickTime, or opened through iTunes (MZFinance).

This file was captured using Folder Actions to send it through Adobe as a TIFF file during its processing and may infect other machines.  It goes to VA, DC (FBI, Pentagon/Google).  Contact us for a copy of the file (free).

© Copyright 2017, The Cyberculturalist


Saturday, September 16, 2017

Equifax Hack #1

Equifax Hack #1
Equifax Hack #1

First in a series.  Equifax hack facilitated by FBI and associates for purposes of extortion.

© Copyright 2017, The Cyberculturalist


Monday, September 11, 2017

Experiments. PBD

Ransomware Script for Mac
Ransomware Script for Mac
Here, some piece of scumbag shit is testing her ability to reformat my hard drive.  This is the methodology used to lock discs for the WannaCry ransomware.  The WannaCry ransomware originated in America and quickly spread to Spain, then Britain, and elsewhere.

This educational script was found on a Mac Sierra 10.12.5 on July 7, 2017 in Decatur County, TN. Its origin is likely Nashville, TN (military).


© Copyright 2017, The Cyberculturalist


Monday, September 4, 2017

RAS Shared BattleNet

RAS Shared BattleNet
RAS Shared BattleNet
This appears to be a RAS (Remote Access Script) EXE used to hack into BattleNet (World of Warcraft, Starcraft) accounts.  This is from a Mac Sierra 10.12.5 in Decatur County, TN found in July, 2017.  It is LINUX-based.

It was located in the Shared BattleNet folder and activated on Right-Click.


© Copyright 2017, The Cyberculturalist


Monday, August 28, 2017

com.apple.mobilenotes.persistentstoreopen.lock

com.apple.mobilenotes.persistentstoreopen.lock
com.apple.mobilenotes.persistentstoreopen.lock
This 0kb EXEC file, found in Library/Cache on Mac Sierra 10.12.5, apparently allows domestic terrorist agents to lock and unlock the Apple App Store at will. It is used to download RAS (Remote Access Service) files and scripts, Automator Scripts, and for Fraudulent activity under the user's name and MAC Address.

This file is a persistent recurrence found active in April, 2017 in Decatur County, TN. You can see that a previous instance was modified so that only the user has Read/Write Access. Every recurrence possesses the same properties.


© Copyright 2017, The Cyberculturalist


Monday, August 21, 2017

URL Hijacker (Mac - Grandslam Entrapment Kit)

url-resolution.plist-com.apple.gamed
url-resolution.plist-com.apple.gamed

This URL redirector, url-resolution.plist-com.apple.gamed, was discovered in Decatur County, TN in 2017 on Mac Sierra (OS X).  The Grandslam script creates fake GameCenter profiles on the local computer to gain access to iCloud accounts, and install keyloggers, screen-sharing software, and scripts that allow and automate remote access control (RAS) of the workstation.

The Grandslam malware suite is used by US law enforcement to gain illegal felony access to others' computers, then steal their identity to create fraudulent social network profiles.  It apparently befriends anyone for whom law enforcement is looking, or allegedly involved in criminal activity.  The Grandslam Suite allows "law enforcement" to track, surveil, and entrap others, as well as commit felonies as though they were the user hacked.

© Copyright 2017, The Cyberculturalist