HellCat ransomware activity reflects how modern cyber threats operate through interconnected identities, infrastructure, and dark web ecosystems. The investigation highlights affiliations, operational patterns, and key figures linked to the network, including Miyako and Rey, through live profiling and intelligence-driven analysis. Using real dark web data, the session demonstrates how threat actors can be traced, mapped, and analyzed beyond surface-level indicators using advanced dark web intelligence techniques.
The underground operator “Quessts” demonstrates how activities can span across exploit tools, forums, and compromised account sales. Through a structured investigation walkthrough, fragmented signals across platforms are connected to reveal behavioral patterns and support attribution. The case highlights how dark web intelligence enables analysts to turn scattered data into clearer, actionable insights for understanding cross-platform threat activity.
BadBox 2.0 highlights a complex botnet landscape where identity exposure signals surface across fragmented and hidden digital environments. This session covers the broader scope of the investigation, followed by a live profiling walkthrough of a spotlight case. Reused identifiers, scattered traces, and exposure patterns are examined to demonstrate how structured dark web investigation turns disconnected signals into contextualized threat intelligence insights.
Explore how Bangladesh Civilian Force (BCF) evolved from apparent routine hacktivism into a coordinated digital ecosystem spanning multiple platforms. This session breaks down the investigative process used to trace defacements, recruitment signals, and cross-platform amplification, revealing how intentional identity fragmentation strengthens resilience, sustains ideological messaging, and complicates attribution in today’s cyber threat landscape.
Get an inside look at how you can leverage leaked credentials to identify and track down individuals engaged in illicit online activities and illegal gambling hidden deep within the dark web. In this demo, we walk you through the step-by-step process of uncovering these individuals and investigating their activities using the various modules and tools available on StealthMole threat intelligence platform.
In this webinar, you will learn how StealthMole’s Leaked Monitoring modules works and can be used to efficiently monitor and detect relevant incidents of data leakage. Following this, you will also learn how leaked data investigations can be expanded further with the Darkweb Tracker extension, which draws data from multiple sources to provide more context into the incident.
In this webinar, you will learn how the Darkweb Tracker can be used to profile and track the activities of these ransomware gangs, using Cl0p and Lockbit as examples. Furthermore, you will also see how the network infrastructure of gangs such as Conti can be visualized using the platform.
2025. All rights reserved
