[christina_b]

BetaMonkey/TouchMe was in fact the person I was referring to who was providing support for his botnet drone builder until he dissapeared with no trace at a later date. Just could not recall the nick at the time of making my original post.

[ryanlol]

I always assumed the two to be different people. The log shows the two of them talking at the same time, and I remember the two of them having very different attitudes in general.

I know TouchMe is malwaretech but would be inclined to assume that BetaMonkey isn't.

TouchMe was still a malware developer though, and apparently used to run voidptr before handing it over to BetaMonkey.

[christina_b]

I was pretty sure TouchMe was BetaMonkey's new nick, I don't think it was Ntoskrnl (MalwareTech). From what I've heard TouchMe continued support of his drone's users until he dissapeared without a trace. This was so long ago and my memory isn't amazing.

[ryanlol]

TouchMe is MalwareTech, 0 doubt https://twitter.com/touchmymalware

If BetaMonkey==TouchMe then they were trying really hard to conceal that.

Here's a hackforums thread mentioning some other malware TouchMe was distributing though https://hackforums.net/showthread.php?tid=3786935

[fweespeech]

> TouchMe is MalwareTech, 0 doubt https://twitter.com/touchmymalware

If I was a bad man in the security profession who was certain he was anonymous, I'd point to someone else who was a security professional on twitter when I vanished too.

It just y'know, wouldn't have been me.

[blaquee]

That tweet was in 2013 however.

[fweespeech]

If you tweet and stop using an account that is what happens and that was a shady group of people in 2013.

[goatsi]

Betamonkey was someone different. The reason he disappeared without a trace was that he was so bad at PHP that people got sent to prison (his support site was owned by a whitehat and all the customer information was harvested and distributed to law enforcement)[0].

Touchme/Marcus was a close friend of his though, one of his first articles on the site that eventually became malwaretech.com was an attempt to disprove the claim that betamonkey's malware was banking malware. This had gotten him banned from selling on hackforums, his main source of customers at the time. You have to read the article on the way back machine, for some reason he deleted it from his site later on [1].

If I were betamonkey I would be sweating pretty hard right now, his malware is also still being used and Marcus will be looking hard for someone else to drag under the bus.

[0] http://www.xylibox.com/2015/04/betabot-retrospective.html [1] https://web-beta.archive.org/web/20130625172146/http://touch... (halfway down the page)