Here we present an interview with Gabi, a member of the Cyber Toufan team. We contacted Gabi on Telegram and shared a list of questions, which we make available here in full. This team, active since October 2024, has published details of 13 operations it has conducted against Israeli targets on its website since late| deepdarkCTI
Welcome to deepdarkCTI deepdarkCTI is an open-source project dedicated to enhancing Cyber Threat Intelligence (CTI) by providing insights into threats emerging from the deep and dark web. Our goal is to empower cybersecurity professionals, researchers, and organizations with actionable intelligence to detect and mitigate cyber threats before they materialize into real-world incidents. What We Do| deepdarkCTI -
In this timeline (currently being updated) we show the main events related to the alleged seizure of the XSS underground forum. In addition, here you can find an analysis of the moderators present on the date of the alleged seizure and their latest activities performed on the forum (updated to July 24, 2025). Links to| deepdarkCTI
The following interview, which we publish in full, was conducted in July2025 by Erez, a member of the deepdarkCTI community. Q (Erez): Devman first appeared in April 2025 and, only two months later, released Devman 2, what drove that rapid evolution and which lessons from version 1 pushed you to move so quickly to version| deepdarkCTI
We interviewed Se7en, the founder of Exodus Market, a platform for selling infostealers logs. This market, active for almost a year, has been expanding its business in recent months and is becoming an increasingly popular alternative to what is currently the most popular market, Russian Market. The market, accessible at the urls indicated within our […] The post Interview #5 Exodus Market founder first appeared on deepdarkCTI.| deepdarkCTI
On June 3, a message appeared on the Threat Actor GhostSec channel accusing an Italian company (which was not named) that had requested the group to carry out offensive activities against Macedonian government targets. The company that requested the activity later refused to pay for the services that had been agreed upon, and so GhostSec […] The post Interview #4 GhostSec – attacks on Macedonian targets first appeared on deepdarkCTI.| deepdarkCTI
In this interview we had the pleasure to interview ALPHV Admin (hhxxps[:]//t[.]me/ALPHV_Admin), the founder of the ALPHV forum (hxxps[:]//alphv[.]pro/). Here is the full interview: Origins and Motivation The forum was created in 2011 The forum is not affiliated with the ALPHV/BlackCat group. The ALPHV/BlackCat group conducted an exit scam for $22 million. Initially, our forum […] The post Interview #2 ALPHV forum founder first appeared on deepdarkCTI.| deepdarkCTI
In this interview we had the pleasure to interview STALINGRADSKIY (hxxps[:]//t[.]me/rootkalibt), the founder of the rootsploit forum (hxxps[:]//rootsploit[.]org/). Here is the full interview: Origins and Motivation What inspired you to create the Rootsploit forum? I was inspired by other thematic forums, and I like free communication because there are rules in social networks and instant| deepdarkCTI
The following interview, which we publish in full, was conducted in December 2024 by Erez, a member of the deepdarkCTI community. Q (Erez): Lockbit has been one of the most resilient ransomware groups despitenumerous disruptions. How do you maintain operational secrecy and continuity in the face of global law enforcement efforts like Operation Cronos?A (Lockbit):| deepdarkCTI
