, & XTChack – Scam Websites Owned by Michael Kolawole Oluwatobi, Nigerian Scammer

Many people sometimes lose login passwords together with recovery information of their online accounts. Others want to check messages inside their partner’s accounts. In all these and similar situations, they decide to hire a professional hackers to do a job for their needs.

Unfortunately since hacking services are not legal and can’t be controlled, most of these so called “hackers” are scammers who advertise their services on a dark web. Which means they will promise you successful hacking delivery, take your money, then block you and disappear without delivering anything.

Exact unlucky situations are happening on a daily basis to people who decided to take a service from these websites , and which are all owned by the same person, Michael Kolawole Oluwatobi.

One of our cybersecurity expert decided to act as their client, and using his social engineering skills, managed to track the owner of these websites, and all personal details about him.

So who is Michael Kolawole Oluwatobi?

Nerdstarkcorp CYBERFINGERSHACKS - Michael Kolawole Oluwatobi Nationality: Nigerian. Age 24. Currently living in Cape Town, South Africa.
Michael started his scamming business while still living in Nigeria in together with his friends. After some months of working together, personal things between them started to go wrong, and they separated and each of them started to work for themselves. Because of revenge, one of his ex-friends reported Michael to the local police. And since overall laws in Nigeria are not that strict like in the rest of world, Michael bribed police department with a few thousands of American dollars so he (more…)

What You Should Know About the Ursnif Banking Malware

Ursnif bank spyware

The infamous Ursnif malware is back at it again, according to ZLab Yoroi-Cybaze researchers who report that there was another wave of attacks from this virus recently. The malware made its first appearance in 2014 during the original Gozi source code leak, hence the malware is commonly known as Gozi ISFB.

According to reports, the Ursnif threat is one of the most active malwares with a presence that spans over a decade. It mostly operates in Italy, where it presents itself as something else in order to infiltrate several organizations. Most of the time, it’s presented as a (more…)

The Common Mobile Security Threats of 2021 & How to Protect Yourself From

Mobile SecurityThe security of mobile devices is the top priority of many companies right now. It’s been building to this for some time now since many corporate workers handle sensitive data on their smartphones at all moments. Keeping this information from falling on the wrong hands is a must and the figures that get dragged down after a significant data leak always leave a company in the red. Just in 2018, the average cost of any form of corporate data breach represented a loss of $3.9 million for any corporation given the size of the leak, according to (more…)

How to Dissect an Office Dropper Malware – Guide

If you’re looking for ways to dissect an Office Dropper, you’ve come to the right place. A number of users have been dealing with an Office Payload threat in the past week or so, so it’s only fitting that we provide you with a step-by-step process. This threat is often disguised in the form of an innocent-looking Microsoft Office document that’s part of a professionally-written MalSpam email.

This document usually comes with a neat “autoopen()” Macro which represents stage 1 of the delivery process. Dropper writers know the “autoopen()” Macro trick very well because it’s very common.

As soon as you open the document, your system will run Microsoft Office as usual, while the “autoopen()”  function runs at the final stage as the first act of implementation. This is nothing new to malware specialists and as you’ll see below, the autopen() content trick is quite straightforward.

Office Dropper Malware

The “autoopen()” function jumpstarts a complicated “Resume Error” technique. This allows the script to avoid errors it comes across so that the execution can run uninterrupted. Basically, this means (more…)

Users are getting their Instagram Accounts Hacked by New “Nasty List” Method

Instagram is one of those social media platforms that almost everyone have account registered on nowadays. Since being acquired by Facebook nearly eight years ago, the social network has become a paradise of viral information used by everyone to make the rounds at every waking hour all over the world. Everyone shares something with the goal of going viral and being noticed by their peers, and unlike Twitter and Facebook, there is not a lot of drama going on. The bad news is that IG is being tested in their vulnerable spots again with a very unhealthy practice of stealing accounts using something called “The Nasty List” an Instagram login information stealer that is a headache to deal with.

Instagram Account Hacked

The Nasty List – What You Need To Know

The Nasty List as an event started to be registered in the first days of May of the current year. It was brought to attention by a Reedit user nicknamed (more…)

Privilege Escalation Flaw Found in LG Device Manager

LG Device Manager VulnerabilityA privilege escalation flaw has been discovered which could affect the online safety and privacy of LG laptop users. According to the online security expert who discovered the flaw, this loophole is relatively easy for hackers to take advantage of.

Security expert and researcher Jackson T. found the flaw while analyzing the LG Device Manager system and in doing so was able to track the flaw as CVE-2019-8372. At the time, Jackson was merely evaluating the LG Device Manager’s low-level hardware access (more…)

New Micropatch to Help Alleviate Malicious Attacks Hiding in Adobe Reader PDFs

0patch experts recently came out with a micropatch designed to mitigate a previously unidentified zero-day loophole in Adobe Reader. According to experts, this vulnerability can be abused by cyber criminals by hiding malware inside corrupt PDF files.

0patch malware Adobe PDF

These documents would then transfer the target’s NTLM hash to the attacker through a SMB request. All of this can be done remotely which would make detection practically impossible.

The vulnerability was identified and reported by Alex Inführ, a security expert who also published a proof-of-concept and technical details of the problem. According to the report, the XML Form Architecture (XFA) structure was instrumental in crafting the attack. XFA is an integral part of PDF documents and it’s what (more…)

New MacOS Malware Hides Inside Windows Executable

Thanks to the good folks at Trend Micro, we now know that there’s a new form of malware in town. Actually, it’s a new type of an existing MacOS malware that enters stealth mode by camouflaging itself as a Windows file so that it can infiltrate devices without detection.

Mac OS Malware Virus

The malware is unable to execute on a Windows machine because it’s carried by a familiar .EXE file that’ easy for Windows to rebuff.

The security experts behind the discovery say they found the malware hiding inside the Little Snitch installer which is a well-known firewall, and network monitor. The researchers downloaded the .ZIP files from different torrent websites.

We all know that trying to run an .EXE file on a Linux or Mac processor is a futile exercise because it will only (more…)

Super Malware Implanted in Security Intel SGX Enclaves

Intel SGX VirusIntel users beware! Hackers have now discovered a new method to hide malware inside the security Intel SGX enclaves. Usually, the Intel Software Guard eXtensions (SGX) is a technology that’s used by app developers as a security measure against unwanted data modification or disclosure.

Intel SGX also allows developers to execute application code through a secret enclave.

Expert researchers have created a new technique that enables them to introduce malicious code in a protected memory area, which makes it nearly impossible to detect.

Ideally, enclaves should be protected from higher privilege processes, including BIOS, kernel, SMM and even the operating system.

The team of experts that discovered this vulnerability is the same one that found (more…)

Facebook Pays $25,000 Reward for Dangerous CSRF Exploit

According to reports, Facebook has just paid a $25,000 reward to a white hat hacker who found a critical cross-site request forgery (CSRF). If you’re wondering what warranted this payday, you need to know the implications of CSRF to realize that this was a big discovery.

Facebook Money Reward

According to Facebook, if the CSRF continued operating without detection it would have made user accounts vulnerable to hackings of the worst kind.

All an attacker needed to do was send requests loaded with CSRF tokens to random Facebook endpoints. That would have allowed them to access user accounts and do with them as they pleased. But, the attacker would have to trick their victim into clicking on a link first, which can be done through the loophole. This weak spot would also enable the attacker to easily bypass CSRF protections, giving them full (more…)