BACKSTAGE GAME BY JOSH BAAZOV & SAGI LAHMI. MAY’S HACK SCAM REVEALED

In martial arts, a black belt symbolizes wisdom and expertise, yet in the online business world, it can signify glaring incompetence.

What is the most valuable asset in business? There are several decent answers: people, money, connections, and power.

And nowadays, the absolute power is information. With accurate and timely data, you can influence any event. Imagine having insider information just before negotiations – it changes everything, making your position unbeatable.

Consider your smartphone, loaded with messaging apps like WhatsApp, Signal, and Telegram. These apps have direct access to users’ personal lives, including private information, expenses, location, pictures, network connections, finances, and more.

Entities that own these messengers claim to protect users’ personal information, but reality often contradicts these claims. There are numerous ways to snatch personal data from a target’s mobile phone.

SAGI LAHMI. AN INFAMOUS FUGITIVE PAWN

Name in Hebrew: שון דורי

How would you describe Sagi? “The power behind the throne, the player behind the scenes, eminence grise, the gray cardinal, dark horse, a hardly recognizable businessman, a classic power dater.”

Does this sound mystical or even scary? The answer is no.

In the end, it doesn’t matter. It’s just a person with no past and thus, no future. This is someone who barely exists online. Sahi Lachmi could offer practical advice on maintaining impeccable cyber hygiene, using multiple aliases, creating various personas, or even using personal information removal services.

In real life, Sagi Lami is better known for his exceptional talent and rare expertise, inherited mostly in Russia, called “problem-solving.” “Brother! Any type, any complexity. Or maybe you need to create them?”

For cyber-attacks, DDoS, defamation video campaigns, web spam, or personal data breaches, there’s no need to browse the Dark Web –just call Sagi.

This type of person relies on a “protector-benefactor,” a powerful businessman. That’s why Sagi Lahmi especially values his friendship with Ofer Baazov.

There isn’t much information available on Google about Mr. Sagi Lami. 

Your search will be crowned by two references:

• “Bitcostar OU,” an Estonian company launched in 2017.
• A couple of web pages about the abandoned trademark “Rachel Mere” (non-medicated hair care preparation kits).

It’s no surprise. Sagi Natan Lani has used his “right to be forgotten.”

EMAIL THAT MAKES IT ALL

Last week, our editors received an anonymous email containing several URLs to a popular file-sharing service. The files turned out to be audio and video recordings between a Russian hacker named Yosef Sanin (a pseudonym) and Mr. Sagi Lahmi, along with several PDFs of conversation transcripts. One PDF contained a message to journalists, stating that the sender is fed up with Mr. Sagi’s lies and warns all businessmen in Israel, Cyprus, and Dubai to avoid or cancel any business relations with Natan Lani. The sender also noted that the recordings would likely be inadmissible in court due to lack of consent. The message ended with a request for us to inform readers about hacking prices and procedures.

AUTHENTICITY VERIFICATION

Our editorial team carefully studied the recordings and concluded that the provided files are authentic; the voices were not altered or AI-generated. Translations from Russian and Hebrew into English were validated by language experts and native speakers.

After reviewing the files and conducting some research from open sources, we are ready to highlight an ongoing story about hackers, corporate conflict, troubleshooters, and clearly money interests. For obvious reasons, we will not disclose the names of the hacking victims.

ROAD MAP TO HACK INSTANT MESSENGERS

The recordings reveal the inner workings of hacking preparations but lack the beginning. From the first record, it is clear the parties are already mid-negotiation. Thus, it is unclear when Yosef Sanin and Mr. Sagi Lachmi met or how their acquaintance began.

The story begins with Yosef navigating through the messenger of the victim, opening any chat, seeing any file, and text from any contact. He could see and download anything, including shared files. Mr. Sagi Natn Lachmi wanted access to Signal, Telegram, and WhatsApp messengers of several people in a few days, but Yosef insisted on weeks to avoid detection and allow time for precautions.

Several phone calls followed the same pattern: standard greetings, then disputes over the vision of the result and payment procedure. Yosef insisted on payment while Sagi continued to negotiate for a bargain, calling Yosef “Bro” and promising mountains of treasures, which did not help much.

The situation shifted when the hacker asked Sagi about “Mr. Baazov” mentioning numerous files on him during the initial hack. Sagi described him as his 15-year partner and brother. This revelation significantly improved mutual understanding, leading Sagi to agree to the sum asked, plus additional costs.

DEJA VU. AGAIN

This isn’t the first time Mr. Ofer Baazov has been involved in a hacking story.

Not long ago, a court dispute was resolved in the BVI Eastern Caribbean Court. In that case, another partner of Mr. Baazov received hacked Telegram messages from the other party during the hearings. The judge was shocked, demanding an explanation of the source. Later, the claimant presented documents claiming the messages were received from partners in the Donetsk People’s Republic (unrecognized state supported by Russia). The judge deemed such “evidence” inadmissible, setting a precedent on admissibility.

SS7 PROTOCOL AND HACKING OF MOBILE PHONES

Signaling System No 7, known simply as SS7, is a protocol system that connects one mobile phone network to another. In simple terms, this unified protocol, used worldwide, ensures calls and SMS delivery. First appearing in 1975, it was initially used for internal communication by AT&T. With few users and limited use, encryption wasn’t necessary. However, the system proved efficient and was adopted globally by the late 90s. Today, 95% of calls and SMS messages use this system.

The simplicity and unification of SS7 also brought poor protection, allowing anyone with access to spy on users. Hacking the SS7 protocol grants the same level of information and functionality as a mobile operator, including monitoring locations and intercepting calls and SMS.

While SS7 vulnerabilities are well-known to hackers, hacking it requires special equipment and skills. Telecom companies are aware of these security weaknesses and work to limit unauthorized access, reducing but not eliminating the risk for users.

WIFI CLON AND PASSWORD THEFT

Without SS7 access, one can still hack a phone using Wi-Fi cloning. Hackers can either hack existing Wi-Fi or mirror it with the same name. When the target tries to access the fake Wi-Fi, the hacker captures the password. With Wi-Fi access, they can then connect to the target phone and download any information needed, usually over several days to avoid detection.

THE MONEY: HOW MUCH TO HACK TELEGRAM AND WHATSAPP ACCOUNTS?

From the start, the payment was split into three parts:

• General remuneration (35,000 EUR)
• The hacker’s team fee (35,000 EUR)
• Expenses (about 25,000 EUR for equipment, excluding travel costs).

The hacker agreed to 73,000 EUR, though this was disputed several times. From the recordings, it’s difficult to determine the final price, but hacking three messengers with high security costs around 40,000 EUR and takes two weeks to two months. While the sum is substantial, it’s not impossible if you have enough money. Yosef also wanted a 35,000 EUR bonus, but it’s unclear if Sagi agreed.

THE BAAZOV – LAHMI HACK OPERATION

Why would anyone pay such a large amount, risk jail, or tarnish their reputation? The motive is either money or revenge. The audio recordings do not fully explain Sagi’s obsession with hacking phones, but some hints offer clarity.

• Firstly, Sagi wants the phone numbers and addresses of target contacts. He emphasizes the initial step is to review contacts, then specify individuals whose conversations need to be uploaded.
• Secondly, email hacking is never discussed. Sagi is only interested in messengers, indicating the targets’ current business activities are not a priority, but their private lives are of greater value.
• Thirdly, Sagi mentioned “we had 60%,” the same shareholding percentage in the BVI case mentioned earlier.
• Fourthly, the interest timeframe is the last three months, suggesting Sagi wants current updates, not historical data.

DID THE HACK OPERATION FAIL?

The final audio record leaves us uncertain. We don’t know if the second hacking attempt succeeded. Regardless, the names and voices of both the hacker and Sagi are recorded. Even if they hacked the targets’ messengers, their success will be short-lived due to the legal and reputational consequences.

We are witnessing a second round of battles between Josh Ofer Baazov and common sense. The first round, despite support from DPR terrorists, was a failure. Now he has a new fighter, but Sagi Lahmi is proving to be a disaster. He is struggling to complete the job rather than using its results. This attempt is worse in performance. Throughout his career, Joshua Baazov has been a fighter and conqueror, managing to buy a company for almost $5 billion without even $100 million turnover. This requires skill, negotiation talent, and business bravery. The Amaya purchase story is a live Hollywood plot, his greatest achievement. But there’s only one way from the top of

the mountain. Ten years have passed, and the “Golden Boy of Poker” is now hiring a worn-out businessman for a dirty hacking job. Retirement is not an option, but what will be the outcome of the third round?

Stay tuned for upcoming news. We are positive about two facts:

We will hear Mr. Sagi Lahmi’s voice in the next court hearing.

Keep away from Sagi Lachmi and Ofer Baazov, especially your phone and your business.