September 5, 2016
A hacker that uses the name Pahan has had a prodigious streak of infecting fellow hackers with all sorts of malware, presumably for his own gain.
The Internet is filled with “hacking forums” where people can learn about hacking and even download or buy hacking tools.
These are not the places where you find malware and exploits employed by APTs (cyber-espionage) groups that’s hard to detect even by the most up-to-date antivirus engines.
These are the places where common cyber-criminals peddle their pathetic attempt at developing malware, which in most cases, is also kept under close surveillance by security firms, mainly because these forums are also available via Google and for everyone to view.
According to a Sophos report, in the past year, a crook has spent most of his time targeting other hackers, just as much as targeting regular users.
Using the names Pahan, Pahan12, Pahan123, or Pahann, this individual has been adding ads for various hacking tools on several hacking forums, but Sophos discovered that all these tools were infected with malware.
The most likely motives for his actions is that he’s trying to discover what other hackers are up to, or trying to deploy keyloggers to steal passwords and hijack their malware/botnet control panels.