Exetools  

Go Back   Exetools > General > General Discussion

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 01-14-2021, 00:08
new_profile new_profile is offline
VIP
 
Join Date: Aug 2002
Posts: 142
Rept. Given: 25
Rept. Rcvd 7 Times in 7 Posts
Thanks Given: 37
Thanks Rcvd at 32 Times in 15 Posts
new_profile Reputation: 7
solarleaks.net

Hi,
What do you think about the files available for sale at http://solarleaks.net?
Are they bluffing or do you think it's real ?

Cheers
Reply With Quote
  #2  
Old 01-14-2021, 04:19
Fyyre's Avatar
Fyyre Fyyre is offline
Fyyre
 
Join Date: Dec 2009
Location: 0°N 0°E / 0°N 0°E / 0; 0
Posts: 195
Rept. Given: 49
Rept. Rcvd 67 Times in 31 Posts
Thanks Given: 55
Thanks Rcvd at 230 Times in 83 Posts
Fyyre Reputation: 67
Probably real. Again, who know; until someone makes purchase, or leaks to the public... anyways; some archives to store for hope of future leakage.

Noticed the mega.nz links are dead, is here as well:

hxxp://solarleaks.net/feye.tgz.enc
hxxp://solarleaks.net/msft.tgz.enc
hxxp://solarleaks.net/csco.tgz.enc
hxxp://solarleaks.net/swi.tgz.enc

P.S. this nonsense made me laugh:

"The domain is 1 day old and registered through NJALLA. Njalla is a favorite registrar from Fancy Bear and Cozy Bear. This alone already shows that the people behind this site have at least some knowledge of Russian MO."

Anyone who engage in black/grey areas know of njal.. what makes it "Russian MO" is beyond me, haha.

Quote:
Originally Posted by new_profile View Post
Hi,
What do you think about the files available for sale at http://solarleaks.net?
Are they bluffing or do you think it's real ?

Cheers
__________________
-Fyyre

--
"Expert RCE, old school. People claiming to know me and speak for me, do neither."

https://github.com/Fyyre
Reply With Quote
The Following User Says Thank You to Fyyre For This Useful Post:
niculaita (01-14-2021)
  #3  
Old 01-14-2021, 05:38
deepzero's Avatar
deepzero deepzero is online now
VIP
 
Join Date: Mar 2010
Location: Europe
Posts: 261
Rept. Given: 102
Rept. Rcvd 60 Times in 38 Posts
Thanks Given: 113
Thanks Rcvd at 132 Times in 69 Posts
deepzero Reputation: 60
Site seems down now...
Reply With Quote
  #4  
Old 01-14-2021, 06:28
Rasmus Rasmus is offline
Friend
 
Join Date: Jul 2019
Posts: 136
Rept. Given: 0
Rept. Rcvd 4 Times in 4 Posts
Thanks Given: 36
Thanks Rcvd at 60 Times in 35 Posts
Rasmus Reputation: 4
Quote:
Originally Posted by deepzero View Post
Site seems down now...
Site is up again but... Leaks costing over half a million dollars each. Only the solarwinds one appears to be true. The rest are apparently fake. Someone out to make a quick buck by dangling a carrot with 1 real and remaining fakes. A classic case.
Reply With Quote
  #5  
Old 01-14-2021, 06:37
LordGarfio LordGarfio is online now
Friend
 
Join Date: Jan 2005
Posts: 18
Rept. Given: 7
Rept. Rcvd 1 Time in 1 Post
Thanks Given: 48
Thanks Rcvd at 3 Times in 2 Posts
LordGarfio Reputation: 1
deepzero:

I have looked at the site out of curiosity. Below the text that contains the referenced.

https://www.upload.ee/files/12762395/solarleaks.net.html
Reply With Quote
  #6  
Old 01-14-2021, 07:11
deepzero's Avatar
deepzero deepzero is online now
VIP
 
Join Date: Mar 2010
Location: Europe
Posts: 261
Rept. Given: 102
Rept. Rcvd 60 Times in 38 Posts
Thanks Given: 113
Thanks Rcvd at 132 Times in 69 Posts
deepzero Reputation: 60
Quote:
Send exactly 100 XMR to the address below, add a payment id with your email address so we can contact you back.
Ok, now it sounds like a scam...
Reply With Quote
  #7  
Old 01-14-2021, 11:00
Rasmus Rasmus is offline
Friend
 
Join Date: Jul 2019
Posts: 136
Rept. Given: 0
Rept. Rcvd 4 Times in 4 Posts
Thanks Given: 36
Thanks Rcvd at 60 Times in 35 Posts
Rasmus Reputation: 4
Quote:
Originally Posted by deepzero View Post
Ok, now it sounds like a scam...
Yes some of it leaked elsewhere and the "microsoft source code" that they claimed to sell is nothing but the combined dump of the Windows XP/2000 etc leaked older sources. Similar for other stuff too.
It also appears that protonmail cooperated and gave out some of the details about them to the LEAs, after closing out their accounts.
Reply With Quote
  #8  
Old 01-15-2021, 09:44
MrScotc MrScotc is offline
Friend
 
Join Date: Dec 2017
Posts: 25
Rept. Given: 0
Rept. Rcvd 1 Time in 1 Post
Thanks Given: 16
Thanks Rcvd at 32 Times in 10 Posts
MrScotc Reputation: 1
https://github.com/bf/solarleaks-crawler/tree/main
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



All times are GMT +8. The time now is 22:17.


Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX
( 1998 - 2021 )