Cooper Quintin has been tracking the activities of a cyber mercenary group called Dark Caracal for years. On July 28, 2022, he said he discovered traces of a new ongoing hacking campaign by the group in the Dominican Republic and Venezuela. While he was analyzing the domains that the hackers were using as command and control servers, he made a surprising discovery.
“For more than four months, they hadn’t realized that they had forgotten to register one of the key domains listed in their malware,” Quintin, who is a senior security researcher at the digital rights group Electronic Frontier Foundation, told TechCrunch.
Quintin quickly realized that if he could register the domain and take control of it — a mechanism called sinkholing in cybersecurity lingo — he could get a real-time view into the hackers’ actions, and, more importantly, their targets.
He said he made the discovery late in the day, but he immediately started “badgering” the EFF’s lawyers to get permission to register the domain and sinkhole it. The next day, Q …
