Tags: osint 

Rating:

> A new ransomware group you may have heard about has emerged: WOLPHV
>
> There’s already been reports of their presence in articles and posts.
>
> NOTE: Wolphv’s twitter/X account and https://wolphv.chal.wolvsec.org/ are out of scope for all these challenges. Any flags found from these are not a part of these challenges
>
> This is a start to a 5 part series of challenges. Solving this challenge will unlock WOLPHV II: Infiltrate

We came to the question that exhausted me the most but was easy. ?

The question actually gives us a hint in the Twitter accounts and says that a domain is not related to this question. This leads us not to follow up and look at Twitter, but not everything is true. Let’s look at Twitter with a simple Google search then.

![](https://margheritaviola.com/wp-content/uploads/2024/03/image-54.png)

Twitter [link](https://twitter.com/FalconFeedsio/status/1706989111414849989).

![](https://margheritaviola.com/wp-content/uploads/2024/03/image-55.png)

We decode base64.

![](https://margheritaviola.com/wp-content/uploads/2024/03/image-56.png)

`wctf{0k_1_d0nT_th1Nk_A1_w1ll_r3Pl4c3_Us_f0R_4_l0ng_t1me}`

Original writeup (https://margheritaviola.com/2024/03/20/wolvctf-osint-wolphv-i-reconnaissance-writeup/).