APT 38

Published date : 18. Februar 2022 19:00

URGENT

An internal report signals that a group of cyber-criminals, identified as north-koreans, is actively concealing health pass through illegal marketplaces on the dark web.

One of the considered lead is that the deemed secured "EU Digital COVID Certificate system" has been compromised by the group of cyber-criminals.
You will find a network capture of the compromission, the goal of your mission being to recover the data potentially exfiltrated by the attacker.

Solved by

Username	Website	Score	Date
arpascal	https://arnaud.sh	1965	18. Februar 2022 20:25
nieyraud		1055	19. Februar 2022 00:54
lmartin		1260	19. Februar 2022 13:49
chamada	https://42lyon.fr	665	1. März 2022 23:34
TarteAuC		95	15. März 2022 01:21
clinche	https://github.com/clinche	1170	17. März 2022 01:29
pixailz@420v3rfl0w	https://github.com/Pixailz	945	17. März 2022 02:48
sam0verfl0w	https://github.com/Unam3dd	1060	17. März 2022 02:49
Syca	https://cyrihack.fr	1590	30. Juli 2022 01:30
abouthib		1200	31. Juli 2022 17:33
wow	https://friends42.fr	455	8. Oktober 2022 19:06
ParesseuxRose		465	15. Dezember 2022 20:58
bgrulois		470	21. Dezember 2022 20:28
atrouill		860	12. Februar 2023 00:26
0xpwny_OR_ziggs.ma	https://thehackernewsbdarija.com/	385	15. Februar 2023 01:01
riblanc		1210	15. Februar 2023 13:21
asoursou	https://github.com/ChuOkupai	560	18. Februar 2023 12:04
pichuu		610	18. Februar 2023 12:04
alyildiz	https://github.com/0xSHIN	355	16. März 2023 04:49
asarandi	https://github.com/asarandi	2200	28. April 2023 15:26
Ardcord		995	23. Oktober 2023 13:42
mboivin	https://twitter.com/m4tya_	790	25. Januar 2024 20:24
_karaskp_		335	3. Februar 2024 23:48
1felx		320	17. Februar 2024 00:14
MinjaeLee	https://github.com/MinjeaLee	2110	9. Mai 2024 04:05
UncleReaton	https://unclereaton.dev	530	7. Februar 2025 17:15