APT 38

Published date : Feb. 18, 2022, 7 p.m.
URGENT

An internal report signals that a group of cyber-criminals, identified as north-koreans, is actively concealing health pass through illegal marketplaces on the dark web.

One of the considered lead is that the deemed secured "EU Digital COVID Certificate system" has been compromised by the group of cyber-criminals.
You will find a network capture of the compromission, the goal of your mission being to recover the data potentially exfiltrated by the attacker.

Solved by

Username Website Score Date
arpascal https://arnaud.sh 1970 Feb. 18, 2022, 8:25 p.m.
nieyraud 1055 Feb. 19, 2022, 12:54 a.m.
lmartin 1260 Feb. 19, 2022, 1:49 p.m.
chamada https://42lyon.fr 665 March 1, 2022, 11:34 p.m.
TarteAuC 95 March 15, 2022, 1:21 a.m.
clinche https://github.com/clinche 1185 March 17, 2022, 1:29 a.m.
pixailz@420v3rfl0w https://github.com/Pixailz 955 March 17, 2022, 2:48 a.m.
sam0verfl0w https://github.com/Unam3dd 1070 March 17, 2022, 2:49 a.m.
Syca https://cyrihack.fr 1605 July 30, 2022, 1:30 a.m.
abouthib 1200 July 31, 2022, 5:33 p.m.
wow https://friends42.fr 465 Oct. 8, 2022, 7:06 p.m.
ParesseuxRose 470 Dec. 15, 2022, 8:58 p.m.
bgrulois 485 Dec. 21, 2022, 8:28 p.m.
atrouill 860 Feb. 12, 2023, 12:26 a.m.
0xpwny_OR_ziggs.ma https://thehackernewsbdarija.com/ 385 Feb. 15, 2023, 1:01 a.m.
riblanc 1225 Feb. 15, 2023, 1:21 p.m.
asoursou https://github.com/ChuOkupai 570 Feb. 18, 2023, 12:04 p.m.
pichuu 625 Feb. 18, 2023, 12:04 p.m.
alyildiz https://github.com/0xSHIN 370 March 16, 2023, 4:49 a.m.
asarandi https://github.com/asarandi 2215 April 28, 2023, 3:26 p.m.
Ardcord 1010 Oct. 23, 2023, 1:42 p.m.
mboivin https://twitter.com/m4tya_ 805 Jan. 25, 2024, 8:24 p.m.
_karaskp_ 300 Feb. 3, 2024, 11:48 p.m.
1felx 335 Feb. 17, 2024, 12:14 a.m.
MinjaeLee https://github.com/MinjeaLee 2095 May 9, 2024, 4:05 a.m.
  • Author : reveng
  • Point reward : 65