APT 38

Published date : Feb. 18, 2022, 7 p.m.
URGENT

An internal report signals that a group of cyber-criminals, identified as north-koreans, is actively concealing health pass through illegal marketplaces on the dark web.

One of the considered lead is that the deemed secured "EU Digital COVID Certificate system" has been compromised by the group of cyber-criminals.
You will find a network capture of the compromission, the goal of your mission being to recover the data potentially exfiltrated by the attacker.

Solved by

Username Website Score Date
arpascal https://arnaud.sh 1940 Feb. 18, 2022, 8:25 p.m.
nieyraud 1035 Feb. 19, 2022, 12:54 a.m.
lmartin 1235 Feb. 19, 2022, 1:49 p.m.
chamada https://42lyon.fr 645 March 1, 2022, 11:34 p.m.
TarteAuC 95 March 15, 2022, 1:21 a.m.
clinche https://github.com/clinche 1150 March 17, 2022, 1:29 a.m.
pixailz@420v3rfl0w https://github.com/Pixailz 930 March 17, 2022, 2:48 a.m.
sam0verfl0w https://github.com/Unam3dd 1040 March 17, 2022, 2:49 a.m.
Syca https://cyrihack.fr 1570 July 30, 2022, 1:30 a.m.
abouthib 1175 July 31, 2022, 5:33 p.m.
wow https://friends42.fr 445 Oct. 8, 2022, 7:06 p.m.
ParesseuxRose 460 Dec. 15, 2022, 8:58 p.m.
bgrulois 465 Dec. 21, 2022, 8:28 p.m.
atrouill 840 Feb. 12, 2023, 12:26 a.m.
0xpwny_OR_ziggs.ma https://thehackernewsbdarija.com/ 375 Feb. 15, 2023, 1:01 a.m.
riblanc 1190 Feb. 15, 2023, 1:21 p.m.
asoursou https://github.com/ChuOkupai 560 Feb. 18, 2023, 12:04 p.m.
pichuu 605 Feb. 18, 2023, 12:04 p.m.
alyildiz https://github.com/0xSHIN 355 March 16, 2023, 4:49 a.m.
asarandi https://github.com/asarandi 2175 April 28, 2023, 3:26 p.m.
Ardcord 985 Oct. 23, 2023, 1:42 p.m.
mboivin https://twitter.com/m4tya_ 780 Jan. 25, 2024, 8:24 p.m.
_karaskp_ 330 Feb. 3, 2024, 11:48 p.m.
1felx 320 Feb. 17, 2024, 12:14 a.m.
MinjaeLee https://github.com/MinjeaLee 2085 May 9, 2024, 4:05 a.m.
UncleReaton https://unclereaton.dev 805 Feb. 7, 2025, 5:15 p.m.
  • Author : reveng
  • Point reward : 65