[ryanlol]

TouchMe is MalwareTech, 0 doubt https://twitter.com/touchmymalware

If BetaMonkey==TouchMe then they were trying really hard to conceal that.

Here's a hackforums thread mentioning some other malware TouchMe was distributing though https://hackforums.net/showthread.php?tid=3786935

[fweespeech]

> TouchMe is MalwareTech, 0 doubt https://twitter.com/touchmymalware

If I was a bad man in the security profession who was certain he was anonymous, I'd point to someone else who was a security professional on twitter when I vanished too.

It just y'know, wouldn't have been me.

[blaquee]

That tweet was in 2013 however.

[fweespeech]

If you tweet and stop using an account that is what happens and that was a shady group of people in 2013.

[ryanlol]

pfft.

I used to talk to this guy on a malware dev IRC on a daily basis, he started a blog "TouchMyMalware" which eventually evolved into Malwaretech.

This is all easily verifiable with google and archive.org.

And lol, apparently some twitter user dug up logs of him offering to sell me a rootkit for $20k https://twitter.com/jeremiahg/status/893207272154734592

[fweespeech]

> This is all easily verifiable with google and archive.org.

Yes. And I've had a hostile fellow once upon a time put my RL info in the whois and post a bunch of shit on it. I generally give people the benefit of the doubt when its random online public stuff until they are convicted.

The internet "evidence" is way too flimsy to be considered reasonable standards of proof imho.

[ryanlol]

Okay, never fear! In that case I will provide you with irrefutable proof.

Navigate to: https://web.archive.org/web/20131031200609/https://twitter.c...

Pick any of the tweets, copy the direct link to that tweet.

You'll end up with something like this: https://web.archive.org/web/20131031200609/https://twitter.c...

Now remove the archive.org part from the beginning: https://twitter.com/TouchMyMalware/status/395862786602827776

Click on the link and boom you're suddenly redirected to https://twitter.com/MalwareTechBlog/status/39586278660282777...

Here's also an archive.org link showing the account with the "TouchMe" name on it: https://web.archive.org/web/20130710045915/https://twitter.c...

Happy?

[sugersvoltet]

That just looks like standard IRC bantz though. Do you know if he was actually trying to sell/weaponize the malware he was developing? (I assume he was, given the indictment, but can't hurt to ask.)

[ryanlol]

I'd go with "no doubt" for both. Although I'd assume he'd have loved the $20k if it was actually on the table.

[stickers_]

Sup ryan, remember me? i used to chill on voidptr sometimes too. I don't know why everyone is so surprised by this

"he's a fucking genius because he got us all" https://twitter.com/x0rz/status/893203106338680832