Israeli threat intelligence company Hudson Rock uncovered the identity of a threat actor after they infected their own computer with an information stealer. The threat actor ‘La_Citrix’ has operated on Russian-speaking cybercrime forums for over three years.

La_Citrix hacked into multiple organizations’ Citrix, VPN, and RDP servers to steal information. The threat actor sold access to hacked companies and info-stealer logs from ongoing infections on cybercrime forums. It was on one of these forums where the threat actor sold their own machine’s information without even realizing it. Hudson Rock was able to use the computer’s information to uncover La_Citrix’s name, address, phone, and history on other messaging services. The company will forward the information to relevant law enforcement agencies. According to Hudson Rock, thousands of hackers have made this exact same mistake.

Read More: