Who Hacked Mahamevnawa? Who Are The Algerian DZ Hackers? All Explained

If you don’t know already, the popular Buddhist website Mahamevnawa (Mahamevnawa.lk) was hacked and defaced by a group of Algerian Hackers calling themselves H4ck Dz Team. You can read the gossip9 article about the hack here (unfortunately I couldn’t find an English version of the news)

Because, this is an attack against an innocent but popular website in Sri Lanka we decided to look in to it to see who these people are. If you don’t know who these people are just Google the term “H4ck Dz Team”and you will see the hacks and the defacements they’ve done in the past.

So I’m going to tell you what I found,

I went through the comments of the Gossip9 article, on the comments someone has found and posted a link to “H4ck Dz Team” hackers’ Facebook page : https://www.facebook.com/H4ck.Dz.Team

Then looking at the search results of the “H4ck Dz Team” and going through the defacements you can see that he used to call himself “nO lov3” as well as “H4ck Dz Team”. And in some of the defacements there is an email address for contacting “H4ck Dz Team” : nolove49@gmail.com.

If you look at Facebook the email address nolove49@gmail.com is used to register a Facebook profile : https://www.facebook.com/soufain.dz.

But obviously this can’t be a real profile. So I looked on and found some few things which I won’t say what right now, but then I came to a dead end.

So I showed what I found to my good friend which I call him “V”, and he somehow found and gave me the website of H4ck Dz Team” : http://dz-team.biz.

DZ-Team.biz is a hacking forum that is being run by H4ck Dz Team“, looking at the whois info of dz-tam.biz won’t give that much info. But if you reverse ip the dz-team.biz you can see that only 7 websites are hosted on the ip that has dz-team.biz : http://www.ewhois.com/dz-team.biz/

They are,

dz-team.biz
al-daa.com
dz-mafia.net
atddz.com
rahahbb.com
mahdiadz.com
2algeria.org

dz-team.biz and dz-mafia.net belongs to the H4ck Dz Team Hackers. But because so little amount of websites are hosted at this IP and all of these websites being Algerian there is a stong possibility that all these websites are hosted under the same account.

Now, because the hackers that we are looking for are Algerian I first checked the 2algeria.org website. The website uses Adsense and Google Analytics. The same Google Analytics ID and Adsence ID is being used on 3 websites. Which means the 3 websites use the same Google account for Google Analytics and Google Adsence.

There can be more websites using the same Google Analytics and Google Adsence ID.

The Google Analytics ID is : UA-3582164
The Google Adsence ID is : pub-7586127814300842

The 3 websites using the same Analytics and Adsence IDs are :

2algeria.com
2algeria.org
DZWORLD.INFO

The same person who owns the DZWORLD.INFO also owns DZWORLD.NET and DZWORLD.ORG. So many DZs repeating over and over again and belonging to the same person, is this a coincidence?

Because DZWORLD.INFO and 2Algeria.org uses same Google account for Analytics, they should belong to the same person although their whois information are different.

So if you look at the 2Algeria.org who is info it looks like this,

So khadir ben youcef owns DZWORLD.ORG, DZWORLD.NET and DZWORLD.INFO. If you look at the websites that are hosted at the ip of dz-team.biz all the websites other than dz-team.biz and dz-mafia.net are registered under the same name khadir ben youcef or has some connection to that name.

Looking at the email you will find so many domains registered under the name and the email : khadir ben youcef ,khadir_khadda@hotmail.com.

I found nearly 20 domains registered under the same name and email, there can be more.

The email : khadir_khadda@hotmail.com is used to register the https://www.facebook.com/benyoucef.khadir

Googling khadir ben youcef you will find this Facebook profile : https://www.facebook.com/khadda

The email khadir_khadda@hotmail.com, which is used to register all the domains appear in his contact information of that Facebook profile (https://www.facebook.com/khadda) , and khadir ben youcef also lives in Algeria the same country where DZ Hackers are from.

Looking at the LinkedIn profile of khadir ben youcef you can see that his occupation is Information Technology and Services so he has the technical knowledge to do such hacking.

So looking at all these things we can come to a conclusion that khadir ben youcef is Hack DZ team member of n0 l0ve hacker, and according to @ipv10, this https://www.facebook.com/khadda is also a fake profile and the real people behind it are the so called “brothers” of the https://www.facebook.com/khadda Facebook profile, which is also a possibility because there are no photos of that person in real life.

So the final conclusion

So the final conclusion is that H4ck Dz Team consist of,

Ben Youcef Khadir aka khadir ben youcef

Facebook : https://www.facebook.com/khadda
Twitter : @dzworld
Gmail : khadirbenyoucef@gmail.com
Skype : khadir_khadda
Live mail : khadir_khadda@hotmail.com

Yakoub Khadir

 

 

 

 

 

 

 

 

Facebook : https://www.facebook.com/yakoub.khadir
Google Plus : https://plus.google.com/104249732338023001842/about

On his Facebook profile and Google + profile he lists 2algeria.org as his website. Which is registered under the name of khadir ben youcef.

Khadir Kamel

 

 

 

 

 

 

Facebook : https://www.facebook.com/CaPiTaiNeDz
Twitter : twitter.com/CaPiTaiNeDz

In his Facebook profile cover picture says his website is dziso.com,  that website too is registered under the name of Ben Youcef Khadir aka khadir ben youcef.

 

 

 

 

 

 

 

 

And also in his Facebook profile it says that his email is khadirdz@gmail.com however the Facebook profile that is registered under that email is a female profile called “Jojo Imily” (https://www.facebook.com/profile.php?id=100002768720690)

I think nearly 100 domain names (both active and inactive) are shared between these 3 and registered under different email address. A typical thing for hackers who use stolen credit card information to register domains on the internet.

Some of the emails that they’ve used to register domain names include,

elchoroukhost.net@gmail.com
cyberbellia@gmail.com
algerie@hotmail.com.tr

Advertisements

7 thoughts on “Who Hacked Mahamevnawa? Who Are The Algerian DZ Hackers? All Explained

  1. Appreciate your finding, to dox such an a**hole u may have to do lot of work, I been working hard last few days, you deserve lot of credit on this.

    • Well it only took me 4 hours to find who they are, I was done with the finding at 12 noon Friday, so no big deal. It took some time for me to write thanks to some movies ^_^

  2. You will raise the issue of touching honors.
    And an assault on personal prejudice to my feelings and I demand a very large compensation.

    Will make you regret.

    I have contacted the Office of Bar Bellemare and ڤanat; based in Montreal, Canada. You raised the issue.

    Will be contacted and the International Tribunal for the search request in the author of the article by the help of Interpol and MA6 CIA FBI.

    Will make you regret ending your life in prison.

    • So how is your complaint going? Did CIA FBI MI6 gave you any reply? This is not the first time someone threatened us by sending us to jail. Been there done that, this is the lamest excuse ever by skids.

      Been there done that

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s