Connect with us

Hi, what are you looking for?



Black Hat Hacker Exposes Real Identity After Infecting Own Computer With Malware

A threat actor’s real identity was uncovered after they infected their own computer with an information stealer.

A threat actor infected their own computer with an information stealer, which has allowed Israeli threat intelligence company Hudson Rock to uncover their real identity.

Using the online moniker ‘La_Citrix’, the threat actor has been active on Russian speaking cybercrime forums since 2020, offering access to hacked companies and info-stealer logs from active infections.

La_Citrix, Hudson Rock says, has been observed hacking into organizations and compromising Citrix, VPN, and RDP servers to sell illicit access to them.

The hacker, the cybersecurity firm says, was careless enough to infect their own computer with an information stealer and to sell access to the machine without noticing.

This allowed Hudson Rock to explore the cybercriminal’s computer, which had been used to perpetrate intrusions at hundreds of companies. The computer contained employee credentials at almost 300 organizations, and the browser stored corporate credentials used to perform hacks.

According to Hudson Rock, La_Citrix was employing information stealers to exfiltrate corporate credentials that were then used to access organizations’ networks without authorization.

Further analysis of the threat actor’s computer also helped the cybersecurity firm discover their real identity and their location.

Advertisement. Scroll to continue reading.

“Data from La_Citrix’s computer such as ‘Installed Software’ reveals the real identity of the hacker, his address, phone, and other incriminating evidence such as ‘qTox’, prominent messenger used by ransomware groups, being installed on the computer,” Hudson Rock notes.

The threat intelligence company, which notes that it has knowledge of thousands of hackers who accidentally infected their own computers with malware, says it will forward the uncovered evidence to the relevant law enforcement authorities.

“This is not the first time we’ve identified hackers who accidentally got compromised by info-stealers, and we expect to see more as info-stealer infections grow exponentially,” the company notes.

Related: New Information Stealer ‘Mystic Stealer’ Rising to Fame

Related: North Korean Hackers Caught Using Malware With Microphone Wiretapping Capabilities

Related: Google Obtains Court Order to Disrupt CryptBot Distribution

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join security experts as they discuss ZTNA’s untapped potential to both reduce cyber risk and empower the business.


Join Microsoft and Finite State for a webinar that will introduce a new strategy for securing the software supply chain.


Expert Insights

Related Content


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...


Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.

Artificial Intelligence

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.


A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...