Hacker/Cybercrime Community / Script Kiddies / Skids / Skid Hunters / Hacker Forums / Darknet Marketplaces - Skids and manchildren that hunt them

[Markass the Worst]

After Alexander “Connor” Moucka AKA Waifu, the TA behind the snowflake breaches was arrested. The FBI visited his underage E-Girlfriend Kenzie. and they. were not. happy.

https://files.catbox.moe/rspiz3.mp4

Upload the file here.

 

[Avenue]

Some new hire at DOGE (19 y/o Edward Coristine a/k/a Big Balls / JoeyCrafter / Rivage) might be COM affiliated. using COM in very broad strokes here. Also employed by path.net for good measure.
Article from WIRED: https://www.wired.com/story/edward-coristine-tesla-sexy-path-networks-doge/
Archive: https://archive.is/VAD48

A young technologist known online as “Big Balls,” who works for Elon Musk's so-called Department of Government Efficiency (DOGE), has access to sensitive US government systems. But his professional and online history call into question whether he would pass the background check typically required to obtain security clearances, security experts tell WIRED.
Edward Coristine, a 19-year-old high school graduate, established at least five different companies in the last four years, with entities registered in Connecticut, Delaware, and the United Kingdom, most of which were not listed on his now-deleted LinkedIn profile. Coristine also briefly worked in 2022 at Path Network, a network monitoring firm known for hiring reformed blackhat hackers. Someone using a Telegram handle tied to Coristine also solicited a cyberattack-for-hire service later that year.
Coristine did not respond to multiple requests for comment.

...

Potential concerns about Coristine extend beyond his work history. Archived Telegram messages shared with WIRED show that, in November 2022, a person using the handle “JoeyCrafter” posted to a Telegram channel focused on so-called distributed denial of service (DDoS) cyberattacks that bombard victim sites with junk traffic to knock them offline. In his messages, JoeyCrafter—which records from Discord, Telegram, and the networking protocol BGP indicate was a handle used by Coristine—writes that he’s “looking for a capable, powerful and reliable L7” that accepts bitcoin payments. That line, in the context of a DDoS-for-hire Telegram channel, suggests he was looking for someone who could carry out a layer-7 attack, a certain form of DDoS. A DDoS-for-hire service with the name Dstat.cc was seized in a multinational law enforcement operation last year.

The JoeyCrafter Telegram account had previously used the name “Rivage,” a name linked to Coristine on Discord and at Path, according to Path internal communications shared with WIRED. Both the Rivage Discord and Telegram accounts at times promoted Coristine’s DiamondCDN startup. It’s not clear whether the JoeyCrafter message was followed by an actual DDoS attack. (In the internal messages among Path staff, a question is asked about Rivage, at which point an individual clarifies they are speaking about “Edward.”)
"It does depend on which government agency is sponsoring your security clearance request, but everything that you've just mentioned would absolutely raise red flags during the investigative process," says Shelzi, the former US Army intelligence officer. He adds that a secret security clearance could be completed in as little as 50 days, while a top-secret security clearance could take anywhere from 90 days to a year to complete.

...

This story hinges on the archived telegram messages being real but I'm inclined to believe that WIRED did at least do some journalistic due diligence.
Now imagine all the possibilities with the kind of access to data Edward now has at the Department Of Government Efficiencies.

 

[Kaspersky]

Some new hire at DOGE (19 y/o Edward Coristine a/k/a Big Balls / JoeyCrafter / Rivage) might be COM affiliated. using COM in very broad strokes here. Also employed by path.net for good measure.

Guessing this skid doesn't have a clearance then, amazing character research by the big E.

One of the companies Coristine founded, Tesla.Sexy LLC, was set up in 2021, when he would have been around 16 years old. Coristine is listed as the founder and CEO of the company, according to business records reviewed by WIRED.

Prior to joining DOGE, Coristine worked for several months of 2024 at Elon Musk’s Neuralink brain implant startup, and, as WIRED previously reported, is now listed in Office of Personnel Management records as an “expert” at that agency, which oversees personnel matters for the federal government.

lol, no wonder he got hired, skid with his nose up Elon's asshole

 

[Standardized Profile]

Some new hire at DOGE (19 y/o Edward Coristine a/k/a Big Balls / JoeyCrafter / Rivage) might be COM affiliated. using COM in very broad strokes here. Also employed by path.net for good measure.

There is an inadequate but slightly informative post about Coristine on the DOGE thread. If you can add anything to the discussion there, please do.

Oh, and "employed by path.net" should read "fired by path.net."

https://kiwifarms.pl/threads/department-of-government-efficiency-doge.211301/page-2#post-20530270

 

[Markass the Worst]

Doxbin has allegedly been compromised after they accused a member of a group named "Tooda" of being a pedophile.

Moments ago Doxbin was compromised.

A group named "Tooda" has taken credit for the compromise.

In summary, administrative staff from Doxbin got into a verbal altercation with members of Tooda. Doxbin administration accused a Tooda member of being a pedophile.

Tooda retaliated by compromising Doxbin.

Upon compromise of Doxbin, Tooda members did the following (in maybe different steps):
- Dumped every account
- Purged all accounts on the website
- Locked the administrative accounts
- Released Doxbin (alleged) administration PII
- Leaked a so-called "blacklist" — a collection of people who have allegedly paid to not have their information posted on Doxbin

Tooda has claimed online they intend to release the dumped details of Doxbin users. This document is believed to contain roughly 136,000 e-mails and usernames on Doxbin.

Additionally, Tooda has released photos of the Doxbin administrative panel. We have censored some of the content within the panel to protect the privacy of others.

Thank you to "Tongue /", VXDB, and the dozen other people who spammed us online to notify us of the compromise.

source (a)

 

[Kaspersky]

Doxbin has allegedly been compromised after they accused a member of a group named "Tooda" of being a pedophile.


source (a)

Blacklist here.

https://tooda.sh/c/3TSlW2zS.txt

Attached, too.

Doxbin admin "River" dox

https://tooda.sh/c/cHo4hunJ.txt

 

[skunt]

note: don't blindly open links in that text file, there are several references to illegal material

GeorgeNF NA George Alexander Davidson, GeorgeDavidson123@gmail.com, georgenotfound Dream Remove

fatty paid up!

other notables:

Sneako N/A Nicholas Kenn De Balinthazy, 137 Weirfield St, 390 Hawthorne Ave https://t.me/skdemille Remove

mizfkif NA Matthew Rinaudo, (407) 654-9630, Matthew Joseph Misrendino @DPDP23 Remove

Karljacobs NA Karl Thomas Jacobs, Karl Jacobs, 173 NE Bridgeton Rd MrBeast magager @finesse Remove
MrBeast NA Jimmy James Donaldson, Jimmy Donaldson, 2404 Royal Dr MrBeast Manager / @Finesse Remove
Chadnler NA Chandler Hallow, 3932 Colony Woods Dr MrBeast Manager @Finesse Remove

@Markass the Worst lol remember this guy:

d4rk r4bb1t NA Skler James Egert, 6651 State St @D4RK_R4BB1T - Tele Remove

 

[Kaspersky]

You just love to see the skid on skid violence.

 

[Nameless One]

Most satisfying news this year. Suffah angry script kiddies!

 

[Spruce Supremacist]

Doxbin has allegedly been compromised after they accused a member of a group named "Tooda" of being a pedophile.


source (a)

Ah yes, the good old "I'm gonna mess with your website to prove that you're wrong" technique that definitely never backfires.

 

[resigned]

Doxbin has allegedly been compromised after they accused a member of a group named "Tooda" of being a pedophile.


source (a)

Doxbin was compromised by @heartBleed's group.
Anastasia, current owner of BreachForums, has made public "her" intentions of buying the database.

Edit: Somewhat clean JSON of the blacklist: https://files.catbox.moe/1l6dfk.json

 

[Kaspersky]

Doxbin was compromised by @heartBleed's group.
Anastasia, current owner of BreachForums, has made public "her" intentions of buying the database.

Edit: Somewhat clean JSON of the blacklist: https://files.catbox.moe/1l6dfk.json

I surely do wonder how a compromise happened. Surely there was no exploit, it must be impossible to fuck up the security on literally just a pastebin clone. So inside man or password theft?

 

[resigned]

I surely do wonder how a compromise happened. Surely there was no exploit, it must be impossible to fuck up the security on literally just a pastebin clone. So inside man or password theft?

It is not a full compromise, afaik they logged in into the owner's account and scraped the user data from within the website.
I saw a screenshot of emo with River's (doxbin owner) account, so he must have hijacked it somehow.

 

[skunt]

I saw a screenshot

Can't you post it?

 

[resigned]

Can't you post it?

I would, but it was in t.me/toodadotsh, channel that has now been deleted; likely because @Nope (River) on Telegram was abusing the EU report bot to take down multiple chats owned by Tooda and emo himself.

I will ask around to see if someone saved it.

 

[Relinquish]

BreachForums user, Jayze, who previously leaked a database to a Doxbin clone called Skidbin, has been asking people to tell @heartBleed to DM him, kind of weird timing

Emo's Telegram channel got nuked after he posted a dox on some comfag from TikTok

 

[Kaspersky]

It is not a full compromise, afaik they logged in into the owner's account and scraped the user data from within the website.
I saw a screenshot of emo with River's (doxbin owner) account, so he must have hijacked it somehow.

Well they could have used an exploit to login, but this points towards an infostealer or malware.

 

[Markass the Worst]

Edit: Somewhat clean JSON of the blacklist: https://files.catbox.moe/1l6dfk.json

Upload it here.

 

[resigned]

BreachForums user, Jayze, who previously leaked a database to a Doxbin clone called Skidbin, has been asking people to tell @heartBleed to DM him, kind of weird timing
View attachment 6972928
Emo's Telegram channel got nuked after he posted a dox on some comfag from TikTok
View attachment 6972939

I will try to summarize.

The "com fag" is known as Mr C, aka @Pajeeter on BreachForums. He had made claims about doxing emo, and shared them around. Mr C is a member of a group known as late.lol, together with Jayze, who is doxbin council.

​

Yesterday, Jayze showed up on breached shoutbox explaining the reasoning on how he caught emo, and was 100% sure it was him.

Emo later claimed it was not him, but a scene soundcloud underground rapper or something like that, while subsequently doxing Mr C back, who used to sell gay porn on Twitter.

 

[Bunkerhousing]

note: don't blindly open links in that text file, there are several references to illegal material




fatty paid up!

other notables:




@Markass the Worst lol remember this guy:

What did they pay for?