What’s in a name? For cybersecurity defenders, apparently plenty.
Cyber investigator Recorded Future said it has hunted down the real name of a notorious hacker known as Tessa88, who in 2016 reportedly offered for sale on the dark web high-profile compromised databases of notables such as VKontakte, Mobango, Myspace, Badoo, QIP, Dropbox, Rambler, LinkedIn and Twitter.
The data included more than half a billion passwords stolen from some of the biggest social media websites in the world. (Note: In July, 2016, Motherboard published what it claimed was an interview with Tessa88 to "piece together a rough sketch" of the shadowy hacker. "I am a very old inhabitant of the network :))," Tessa88 told Motherboard. At the time, no real names were revealed.
Tessa88: Identity Revealed?
Maksim Donakov, a resident of Penza, Russia, is apparently the hacker’s real name, according to Recorded Future threat researchers Insikt Group (“insikt” is Swedish for “insight”). Donakov operated under the aliases Paranoy777, Daykalif and tarakan72511 to sell high-profile databases, Insikt said in a blog post. Insikt believes Donakov is a man not a woman as widely reported. (Scroll down on Insikt’s blog to see pictures of who the researcher believes is Donakov).
Keep firmly in mind that the unearthing of Donakov’s name is heady stuff not all that commonly found by researchers. Insikt appears to have conducted good old fashioned detective work of the digital variety to create a profile of Tessa88. Some breadcrumbs Insikt followed:
"Within several months of incredibly active public engagement, the hacker's personas were banned from almost every dark web community for various reasons, and by May of 2016, Tessa88 entirely ceased all communications with the media and public alike," according to the Insikt report. “In either scenario, we firmly believe that Donakov Maksim has directly benefited from the sales of compromised databases and should be viewed as the main actor."