It’s normal to hear companies, businesses, and individuals being hacked in cyberspace for many reasons. However, there are those extreme rare cases whereby hackers are on the other side of the sword, more so by their own doing. Hudon Rock describes itself as “an Israeli Cybercrime Intelligence Company” that specializes in sourcing credentials from threat actors which are compiled to create monitoring and notification products for security professionals.
In one of their recent posts, Hudson Rock notes that a malicious Russian threat actor known as “La_Citrix” or “Lacritrix” accidentally infected his own computer with malware and sold off his own data to researchers at Hudson Rock who were doing intelligence reconnaissance on the Dark Web. La_Citrix has built his reputation since 2020 in Russian Cybercrime forums on the Dark Web and is known for hacking companies and selling their credentials to Citrix/VPN/RDP servers that he infects with info-stealers.
Hudson Rock’s first cue was that they noticed that an individual seemed to be an employee at around 300 different companies. However, they soon realized that it was because his computer was used to store credentials use to perform different hacks. Upon analysis, Hudson Rock discovered that these credentials were already in their database.
Unfortunately, for La_Citrix his personal information was also discovered on the information gathered by his own infection.
Hudson Rock plans to share this information with the authorities. Let’s see where La_Citrix’s future ends after this.
Happy hunting Hudson Rock!
