Dancho Danchev
Sample Photo of Dancho Danchev Presenting his Keynote on “Tracking Down and Monitoring of the Koobface Botnet” Keynote at CyberCamp 2016

The year is 1998 and Progenic’s Top 100’s has just added yet another hacking group’s portfolio such as for instance among my favorite hacking and security resources which included at the time — WarIndustries, System7, Blackcode, Progenic. Web Fringe, Neworder and TechnicalWarfare.

What was really taking place within the Scene and the Industry at the time? With new hacking and community projects continuing to pop-up on a daily basis it wasn’t largely a surprise that a new generation of novice and amateur hackers was just beginning to take place with vast repositories of tools and tutorials including articles and guides publicly accessible for everyone to take advantage of and most importantly to get in touch with someone and to learn.

What did we manage to achieve throughout the past decade in terms of innovation development knowledge and data spreading to thousands of novice and experienced users across the globe? Let’s take for instance the Threat Intelligence market segment — a pioneering passive and active virtual SIGINT marketplace with hundreds of groups participating including thousands of malicious and fraudulent online actors utilizing and relying on basic quality assurance and malicious economies of scale type of market-driven factors to scale their cybercrime and fraud-driven operations online prompting a systematic and nation-state driven response to a growing set of economic and financial terrorism type of online activity largely provoked by a specific set of Russian and Eastern European online adversaries.

Among my favorite personal Web site bookmarks at the time were the NBA.com including various other X-Files and related UFO-themed video and photo archive type of personal Web sites while I was busy hiding my UFO files on floppy disks behind the paintings at my place.

Believe it or not among the early basics of Technical Collection experience that I managed to acquire were through the public and proprietary research published by a company called iDefense which was basically always there to provide the necessary intelligence on current and future cyber groups and current and future cyber actors which greatly inspired me on my way to do my research in the field of OSINT (Open Source Intelligence) and later on Cybercrime Research and Threat Intelligence gathering. Who were the hackers and what were they up to? What tools did they use? How famous were they at the time? How did they manage to achieve all of this?

An OSINT conducted today is a tax payer’s dollar saved tomorrow

Remember the U.S-China crashed airplane skirmish? If it’s going to be massive it better be good. What this incident clearly showcased at the time is the possible offensive cyber warfare scenario where U.S based and China-based hackers actually popped-up online to defend and actually launch attacks against each other potentially signifying one of the first major international cyber incidents at the time including the existence of such type of groups.

With TextFiles.com additions continuing to pop-up among the first and most notable sections that truly made me an impression and actually inspired me to get involved in the world of Hacking and basically the Scene was the Anarchy and Phreaking and Hacking sections next to the daily visits to Progenic.com Top100 list of hacking and security Web sites to actually catch up with the votes and check the new additions to the list to potentially obtain various hacking tools and trojan horses further motivating me to work with them and potentially show them and share them with some of my closest friends of the time circa the 90’s for the purpose of attempting to trick irc.dal.net users from various channels including #gay and #lesbians into accepting the latest bogus “screensaver” while exploiting a common flaw in the actual mIRC client where you could easily make it look like that the actual user is receiving an image which in reality was actually an executable part of the server client of a popular trojan horse release at the time.

If terrorism is a form of crime — then cybercrime is a form of economic terrorism.

Among my favorite Hacking Groups at the time was Confidence Remains High which basically read like charm and actually offered high-value and high-quality PoC (Proof of Concept) code. Believe it or not at some point I tried approaching Tetsu Khan and so1o who believe it or not happens to be among the most popular hackers up to present day namely Gary McKinnon who whether you might find it inappropriate to share was running http://hacked.net at the time further re-defining the basics of hacking and information security with the Confidence Remains High E-zine.

While I was busy building a personal collection of what many would describe as script kiddie tools — and they would be wrong — including ICQ flooders mail bombers and trojan horses I got involved into a possible Newsletter and actual trojan horses database software project with one of the best and market-leading anti-trojan program at the time — Trojan Defense Suite including LockDownCorp’s Lockdown2000 where I was responsible for Technical Collection of malicious software which at the time was basically included in the program for a possible signatures-based detection.

Times have greatly changed and thanks to the basics of Technical Collection we later on witnessed the emergence of the Threat Intelligence market-segment including from a both technical and qualitative perspective with more demand courtesy of the U.S Intelligence Community and U.S Law Enforcement including the academic sector to actually attempt to track down and profile various international and high-profile hacking groups including their tools and TTPS (Tactics Techniques and Procedures).

Back in the day among my primary responsibilities included the active Technical Collection of trojan horses and keyloggers which we could later on properly analyze and profile in terms of building and actually developing signatures-based protection mechanisms while I was busy workin for Trojan Defense Suite and later on for LockDownCorp’s LockDown2000 which at the time were among the most popular and high-profile anti-trojan vendors on the market.

Basically I was busy browsing some of the primary hacking and security resources online using basic Technical Collection methodology for the purpose of collecting trojan horses which I later on communicated to my employer at the time which was DiamondCS’s Trojan Defense Suite and at a later stage the U.S based LockDownCorp’s LockDown2000.

Check out my personal memoir [PDF] including the actual memoir posted on Medium here including an in-depth article on my story as a hacker enthusiast during the 90’s here.

Stay tuned!