Hacker leaks passwords for more than 500,000 servers

What Is The Dark Web? How Can You Access It? What Will You Find?

What Is The Dark Web? How Can You Access It? What Will You Find?

Dark Net Hacker
DarkNetHacker.net
What is the dark web? How to access it and what you'll find
The dark web is part of the internet that isn't visible to search engines and requires the use of an anonymizing browser called Tor to be accessed.
Dark web definition
The dark web is a part of the internet that isn't indexed by search engines. You've no doubt heard talk of the “dark web” as a hotbed of criminal activity — and it is. Researchers Daniel Moore and Thomas Rid of King's College in London classified the contents of 2,723 live dark web sites over a five-week period in 2015 and found that 57% host illicit material.

A 2019 study, Into the Web of Profit, conducted by Dr. Michael McGuires at the University of Surrey, shows that things have become worse. The number of dark web listings that could harm an enterprise has risen by 20% since 2016. Of all listings (excluding those selling drugs), 60% could potentially harm enterprises.

You can buy credit card numbers, all manner of drugs, guns, counterfeit money, stolen subscription credentials, hacked Netflix accounts and software that helps you break into other people’s computers. Buy login credentials to a $50,000 Bank of America account for $500. Get $3,000 in counterfeit $20 bills for $600. Buy seven prepaid debit cards, each with a $2,500 balance, for $500 (express shipping included). A “lifetime” Netflix premium account goes for $6. You can hire hackers to attack computers for you. You can buy usernames and passwords.

But not everything is illegal, the dark web also has a legitimate side. For example, you can join a chess club or BlackBook, a social network described as the “the Facebook of Tor.”


Note: This post contains links to dark web sites that can only be accessed with the Tor browser, which can be downloaded for free at https://www.torproject.org.

Deep web vs. dark web: What’s the difference?
The terms “deep web” and “dark web” are sometimes used interchangeably, but they are not the same. Deep web refers to anything on the internet that is not indexed by and, therefore, accessible via a search engine like Google. Deep web content includes anything behind a paywall or requires sign-in credentials. It also includes any content that its owners have blocked web crawlers from indexing.

Medical records, fee-based content, membership websites, and confidential corporate web pages are just a few examples of what makes up the deep web. Estimates place the size of the deep web at between 96% and 99% of the internet. Only a tiny portion of the internet is accessible through a standard web browser—generally known as the “clear web”.

RECOMMENDED WHITEPAPERS
2020 Modern Backup Buyers’ Guide

Business continuity for remote workers

10 Reasons Why 15,000+ Businesses Point DNS to Cisco Umbrella

The dark web is a subset of the deep web that is intentionally hidden, requiring a specific browser—Tor—to access, as explained below. No one really knows the size of the dark web, but most estimates put it at around 5% of the total internet. Again, not all the dark web is used for illicit purposes despite its ominous-sounding name.


Dark web tools and services that present enterprise risk
The Into the Web of Profit report identified 12 categories of tools or services that could present a risk in the form of a network breach or data compromise:

Infection or attacks, including malware, distributed denial of service (DDoS) and botnets
Access, including remote access Trojans (RATs), keyloggers and exploits
Espionage, including services, customization and targeting
Support services such as tutorials
Credentials
Phishing
Refunds
Customer data
Operational data
Financial data
Intellectual property/trade secrets
Other emerging threats
The report also outlined three risk variables for each category:

Devaluing the enterprise, which could include undermining brand trust, reputational damage or losing ground to a competitor
Disrupting the enterprise, which could include DDoS attacks or other malware that affects business operations
Defrauding the enterprise, which could include IP theft or espionage that impairs a company's ability to compete or causes a direct financial loss
Dark web browser
All this activity, this vision of a bustling marketplace, might make you think that navigating the dark web is easy. It isn’t. The place is as messy and chaotic as you would expect when everyone is anonymous, and a substantial minority are out to scam others.

Accessing the dark web requires the use of an anonymizing browser called Tor. The Tor browser routes your web page requests through a series of proxy servers operated by thousands of volunteers around the globe, rendering your IP address unidentifiable and untraceable. Tor works like magic, but the result is an experience that’s like the dark web itself: unpredictable, unreliable and maddeningly slow.

[ Is your data being sold? What you need to know about monitoring the dark web. | Get the latest from CSO by signing up for our newsletters. ]

Still, for those willing to put up with the inconvenience, the dark web provides a memorable glimpse at the seamy underbelly of the human experience – without the risk of skulking around in a dark alley.

Dark web search engine
Dark web search engines exist, but even the best are challenged to keep up with the constantly shifting landscape. The experience is reminiscent of searching the web in the late 1990s. Even one of the best search engines, called Grams, returns results that are repetitive and often irrelevant to the query. Link lists like The Hidden Wiki are another option, but even indices also return a frustrating number of timed-out connections and 404 errors.

Dark web sites
Dark web sites look pretty much like any other site, but there are important differences. One is the naming structure. Instead of ending in .com or .co, dark web sites end in .onion. That’s “a special-use top level domain suffix designating an anonymous hidden service reachable via the Tor network,” according to Wikipedia. Browsers with the appropriate proxy can reach these sites, but others can’t.

Dark web sites also use a scrambled naming structure that creates URLs that are often impossible to remember. For example, a popular commerce site called Dream Market goes by the unintelligible address of “eajwlvm3z2lcca76.onion.”

Many dark websites are set up by scammers, who constantly move around to avoid the wrath of their victims. Even commerce sites that may have existed for a year or more can suddenly disappear if the owners decide to cash in and flee with the escrow money they’re holding on behalf of customers.

Law enforcement officials are getting better at finding and prosecuting owners of sites that sell illicit goods and services. In the summer of 2017, a team of cyber cops from three countries successfully shut down AlphaBay, the dark web’s largest source of contraband, sending shudders throughout the network. But many merchants simply migrated elsewhere.

The anonymous nature of the Tor network also makes it especially vulnerable to DDoS, said Patrick Tiquet, Director of Security & Architecture at Keeper Security, and the company’s resident expert on the topic. “Sites are constantly changing addresses to avoid DDoS, which makes for a very dynamic environment,” he said. As a result, “The quality of search varies widely, and a lot of material is outdated.”

SALTED HASH
Get a hands-on, inside look at the dark web | Salted Hash Ep 25
Commerce on the dark web
The dark web has flourished thanks to bitcoin, the crypto-currency that enables two parties to conduct a trusted transaction without knowing each other’s identity. “Bitcoin has been a major factor in the growth of the dark web, and the dark web has been a big factor in the growth of bitcoin,” says Tiquet.

Nearly all dark web commerce sites conduct transactions in bitcoin or some variant, but that doesn’t mean it’s safe to do business there. The inherent anonymity of the place attracts scammers and thieves, but what do you expect when buying guns or drugs is your objective?

Dark web commerce sites have the same features as any e-retail operation, including ratings/reviews, shopping carts and forums, but there are important differences. One is quality control. When both buyers and sellers are anonymous, the credibility of any ratings system is dubious. Ratings are easily manipulated, and even sellers with long track records have been known to suddenly disappear with their customers’ crypto-coins, only to set up shop later under a different alias.

Most e-commerce providers offer some kind of escrow service that keeps customer funds on hold until the product has been delivered. However, in the event of a dispute don’t expect service with a smile. It’s pretty much up to the buyer and the seller to duke it out. Every communication is encrypted, so even the simplest transaction requires a PGP key.

Even completing a transaction is no guarantee that the goods will arrive. Many need to cross international borders, and customs officials are cracking down on suspicious packages. The dark web news site Deep.Dot.Web teems with stories of buyers who have been arrested or jailed for attempted purchases.

SECURITY
How the dark web has gone corporate
Is the dark web illegal?
We don’t want to leave you with the impression that everything on the dark web is nefarious or illegal. The Tor network began as an anonymous communications channel, and it still serves a valuable purpose in helping people communicate in environments that are hostile to free speech. “A lot of people use it in countries where there’s eavesdropping or where internet access is criminalized,” Tiquet said.

If you want to learn all about privacy protection or cryptocurrency, the dark web has plenty to offer. There are a variety of private and encrypted email services, instructions for installing an anonymous operating system and advanced tips for the privacy-conscious.

There’s also material that you wouldn’t be surprised to find on the public web, such as links to full-text editions of hard-to-find books, collections of political news from mainstream websites and a guide to the steam tunnels under the Virginia Tech campus. You can conduct discussions about current events anonymously on Intel Exchange. There are several whistleblower sites, including a dark web version of Wikileaks. Pirate Bay, a BitTorrent site that law enforcement officials have repeatedly shut down, is alive and well there. Even Facebook has a dark web presence.

“More and more legitimate web companies are starting to have presences there,” Tiquet said. “It shows that they’re aware, they’re cutting edge and in the know.”

There’s also plenty of practical value for some organizations. Law enforcement agencies keep an ear to the ground on the dark web looking for stolen data from recent security breaches that might lead to a trail to the perpetrators. Many mainstream media organizations monitor whistleblower sites looking for news.

Staying on top of the hacker underground
Keeper’s Patrick Tiquet checks in regularly because it’s important for him to be on top of what’s happening in the hacker underground. “I use the dark web for situational awareness, threat analysis and keeping an eye on what’s going on,” he said will. “I want to know what information is available and have an external lens into the digital assets that are being monetized – this gives us insight on what hackers are targeting.”

If you find your own information on the dark web, there’s precious little you can do about it, but at least you’ll know you’ve been compromised. Bottom line: If you can tolerate the lousy performance, unpredictable availability, and occasional shock factor of the dark web, it’s worth a visit. Just don’t buy anything there.
submitted by hireahackerpro to u/hireahackerpro [link] [comments]

A few stories about Brian Krebs: The independent cybercrime journalist who exposes criminals on the internet

First, a bit of introduction before we get into the living drama that is Brian Krebs.
Brian Krebs has been a journalist for decades, starting in the late 90s. He got his start at The Washington Post, but what he's most famous for are his exposes on criminal businesses and individuals who perpetuate cyber crime worldwide. In 2001, he got his interest in cybercrime piqued when a computer worm locked him out of his own computer. In 2005, he shifted from working as a staff writer at The Washington Post's tech newswire to writing for their security blog, "Security Wire". During his tenure there, he started by focusing on the victims of cybercrime, but later also started to focus on the perpetrators of it as well. His reporting helped lead to the shutdown of McColo, a hosting provider who provided service to some of the world's biggest spammers and hackers. Reports analyzing the shutdown of McColo estimated that global spam volume dropped by between 40 and 70 percent. Further analysis revealed it also played host to child pornography sites, and the Russian Business Network, a major Russian cybercrime ring.
In 2009, Krebs left to start his own site, KrebsOnSecurity. Since then, he's been credited with being the first to report on major events such as Stuxnet and when Target was breached, resulting in the leakage of 40 million cards. He also regularly investigates and reveals criminals' identities on his site. The latter has made him the bane of the world of cybercrime, as well as basically a meme, where criminals will include references like Made by Brian Krebs in their code, or name their shops full of stolen credit cards after him.
One of his first posts on his new site was a selection of his best work. While not particularly dramatic, they serve as an excellent example of dogged investigative work, and his series reveal the trail of takedowns his work has documented, or even contributed to.
And now, a selection of drama involving Krebs. Note, all posts are sarcastically-tinged retellings of the source material which I will link throughout. I also didn't use the real names in my retellings, but they are in the source material. This took way too long to write, and it still does massively condense the events described in the series. Krebs has been involved with feuds with other figures, but I'd argue these tales are the "main" bits of drama that are most suited for here.

Fly on the Wall

By 2013, Krebs was no stranger to cybercriminals taking the fight to the real world. He was swatted previously to the point where the police actually know to give him a ring and see if there'd actually been a murder, or if it was just those wacky hackers at it again. In addition, his identity was basically common knowledge to cybercriminals, who would open lines of credit in his name, or find ways to send him money using stolen credit cards.
However, one particular campaign against him caught his eye. A hacker known as "Fly" aka "Flycracker" aka "MUXACC1" posted on a Russian-language fraud forum he administered about a "Krebs fund". His plan was simple. Raise Bitcoin to buy Heroin off of a darknet marketplace, address it to Krebs, and alert his local police via a spoofed phone call. Now, because Krebs is an investigative journalist, he develops undercover presences on cybercrime forums, and it just so happened he'd built up a presence on this one already.
Guys, it became known recently that Brian Krebs is a heroin addict and he desperately needs the smack, so we have started the "Helping Brian Fund", and shortly we will create a bitcoin wallet called "Drugs for Krebs" which we will use to buy him the purest heroin on the Silk Road. My friends, his withdrawal is very bad, let’s join forces to help the guy! We will save Brian from the acute heroin withdrawal and the world will get slightly better!
Fly had first caught Krebs' attention by taunting him on Twitter, sending him Tweets including insults and abuse, and totally-legit looking links. Probably either laced with malware, or designed to get Krebs' IP. He also took to posting personal details such as Krebs' credit report, directions to his house, and pictures of his front door on LiveJournal, of all places.
So, after spotting the scheme, he alerted his local police that he'd probably have someone sending him some China White. Sure enough, the ne'er-do-wells managed to raise 2 BTC, which at the time was a cool $200 or so. They created an account on the premiere darknet site at the time, The Silk Road under the foolproof name "briankrebs7". They found one seller who had consistently high reviews, but the deal fell through for unknown reasons. My personal theory is the seller decided to Google where it was going, and realized sending a gram of dope into the waiting arms of local law enforcement probably wasn't the best use of his time. Still, the forum members persevered, and found another seller who was running a buy 10 get 2 free promotion. $165 of Bitcoin later, the drugs were on their way to a new home. The seller apparently informed Fly that the shipment should arrive by Tuesday, a fact which he gleefully shared with the forum.
While our intrepid hero had no doubt that the forum members were determined to help him grab the tail of the dragon, he's not one to assume without confirmation, and enlisted the help of a graduate student at UCSD who was researching Bitcoin and anonymity on The Silk Road, and confirmed the address shared by Fly was used to deposit 2 BTC into an account known to be used for money management on the site.
By Monday, an envelope from Chicago had arrived, containing a copy of Chicago confidential. Taped inside were tiny baggies filled with the purported heroin. Either dedicated to satisfied customers, or mathematically challenged, the seller had included thirteen baggies instead of the twelve advertised. A police officer arrived to take a report and whisked the baggies away.
Now, Fly was upset that Krebs wasn't in handcuffs for drug possession, and decided to follow up his stunt by sending Krebs a floral arrangement shaped like a cross, and an accompanying threatening message addressed to his wife, the dire tone slightly undercut by the fact that it was signed "Velvet Crabs". Krebs' curiosity was already piqued from the shenanigans with the heroin, but with the arrival of the flowers decided to dive deeper into the сука behind things.
He began digging into databases from carding sites that had been hacked, but got his first major breakthrough to his identity from a Russian computer forensics firm. Fly had maintained an account on a now-defunct hacking forum, whose database was breached under "Flycracker". It turns out, the email Flycracker had used was also hacked at some point, and a source told Krebs that the email was full of reports from a keylogger Fly had installed on his wife's computer. Now, because presumably his wife wasn't part of, or perhaps even privy to her husband's illicit dealings, her email account happened to be her full legal name, which Krebs was able to trace to her husband. Now, around this time, the site Fly maintained disappeared from the web, and administrators on another major fraud forum started purging his account. This is a step they typically take when they suspect a member has been apprehended by authorities. Nobody knew for sure, but they didn't want to take any chances.
More research by Krebs revealed that the criminals' intuition had been correct, and Fly was arrested in Italy, carrying documents under an assumed name. He was sitting in an Italian jail, awaiting potential extradition to the United States, as well as potentially facing charges in Italy. This was relayed to Krebs by a law enforcement official who simply said "The Fly has been swatted". (Presumably while slowly removing a pair of aviator sunglasses)
While Fly may have been put away, the story between Krebs and Fly wasn't quite over. He did end up being extradited to the US for prosecution, but while imprisoned in Italy, Fly actually started sending Krebs letters. Understandably distrustful after the whole "heroin" thing, his contacts in federal law enforcement tested the letter, and found it to be clean. Inside, there was a heartfelt and personal letter, apologizing for fucking with Krebs in so many ways. He also forgave Krebs for posting his identity online, leading him to muse that perhaps Fly was working through a twelve-step program. In December, he received another letter, this time a simple postcard with a cheerful message wishing him a Merry Christmas and a Happy New Year. Krebs concluded his post thusly:
Cybercrooks have done some pretty crazy stuff to me in response to my reporting about them. But I don’t normally get this kind of closure. I look forward to meeting with Fly in person one day soon now that he will be just a short train ride away. And he may be here for some time: If convicted on all charges, Fly faces up to 30 years in U.S. federal prison.
Fly ultimately was extradited. He plead guilty and was sentenced to 41 months in jail

vDOS and Mirai Break The Internet

Criminals are none too happy when they find their businesses and identities on the front page of KrebsOnSecurity. It usually means law enforcement isn't far behind. One such business was known as vDOS. A DDOS-for-hire (also known as a "booter" or a "stresser") site that found itself hacked, with all their customer records still in their databases leaked. Analysis of the records found that in a four-month time span, the service had been responsible for about 8.81 years worth of attack time, meaning on average at any given second, there were 26 simultaneous attacks running. Interestingly, the hack of vDOS came about from another DDOS-for-hire site, who as it turns out was simply reselling services provided by vDOS. They were far from the only one. vDOS appeared to provide firepower to a large number of different resellers.
In addition to the attack logs, support messages were also among the data stolen. This contained some complaints from various clients who complained they were unable to launch attacks against Israeli IPs. This is a common tactic by hackers to try and avoid unwanted attention from authorities in their country of residence. This was confirmed when two men from Israel were arrested for their involvement in owning and running vDOS. However, this was just the beginning for this bit of drama.
The two men arrested went by the handles "applej4ck" and "Raziel". They had recently published a paper on DDOS attack methods in an online Israeli security magazine. Interestingly, on the same day the men were arrested, questioned, and released on bail, vDOS went offline. Not because it had been taken down by Israeli authorities, not because they had shut it down themselves, but because a DDOS protection firm, BackConnect Security, had hijacked the IP addresses belonging to the company. To spare a lot of technical detail, it's called a BGP hijack, and it basically works by a company saying "Yeah, those are our addresses." It's kind of amazing how much of the internet is basically just secured by the digital equivalent of pinky swears. You can read some more technical detail on Wikipedia. Anyway, we'll get back to BackConnect.
Following the publication of the story uncovering the inner workings of vDOS, KrebsOnSecurity was hit with a record breaking DDOS attack, that peaked at 620/Gbps, nearly double the most powerful DDOS attack previously on record. To put that in perspective, that's enough bandwidth to download 5 simultaneous copies of Interstellar in 4K resolution every single second, and still have room to spare. The attack was so devastating, Akamai, one of the largest providers of DDOS protection in the world had to drop Krebs as a pro bono client. Luckily, Google was willing to step in and place his site under the protection of Google's Project Shield, a free service designed to protect the news sites and journalists from being knocked offline by DDOS attacks.
This attack was apparently in retaliation for the vDOS story, since some of the data sent in the attack included the string "freeapplej4ck". The attack was executed by a botnet of Internet of Things (or IoT) devices. These are those "smart" devices like camera systems, routers, DVRs. Basically things that connect to the cloud. An astounding amount of those are secured with default passwords that can be easily looked up from various sites or even the manufacturers' websites. This was the start of a discovery of a massive botnet that had been growing for years.
Now time for a couple quick side stories:
Dyn, a company who provides DNS to many major companies including Twitter, Reddit, and others came under attack, leaving many sites (including Twitter and Reddit) faltering in the wake of it. Potentially due to one of their engineers' collaboration with Krebs on another story. It turned out that the same botnet that attacked Krebs' site was at least part of the attack on Dyn
And back to BackConnect, that DDOS protection firm that hijacked the IP addresses from vDOS. Well it turns out BGP Hijacks are old hat for the company. They had done it at least 17 times before. Including at least once (purportedly with permission) for the address 1.3.3.7. Aka, "leet". It turns out one of the co-founders of BackConnect actually posted screenshots of him visiting sites that tell you your public IP address in a DDOS mitigation industry chat, showing it as 1.3.3.7. They also used a BGP Hijack against a hosting company and tried to frame a rival DDOS mitigation provider.
Finally, another provider, Datawagon was interestingly implicated in hosting DDOS-for-hire sites while offering DDOS protection. In a Skype conversation where the founder of Datawagon wanted to talk about that time he registered dominos.pizza and got sued for it, he brings up scanning the internet for vulnerable routers completely unprompted. Following the publication of the story about BackConnect, in which he was included in, he was incensed about his portrayal, and argued with Krebs over Skype before Krebs ultimately ended up blocking him. He was subsequently flooded with fake contact requests from bogus or hacked Skype accounts. Shortly thereafter, the record-breaking DDOS attack rained down upon his site.
Back to the main tale!
So, it turns out the botnet of IoT devices was puppeteered by a malware called Mirai. How did it get its name? Well, that's the name its creator gave it, after an anime called Mirai Nikki. How did this name come to light? The creator posted the source code online. (The name part, not the origin. The origin didn't come 'til later.) The post purported that they'd picked it up from somewhere in their travels as a DDOS industry professional. It turns out this is a semi-common tactic when miscreants fear that law enforcement might come looking for them, and having the only copy of the source code of a malware in existence is a pretty strong indicator that you have something to do with it. So, releasing the source to the world gives a veneer of plausible deniability should that eventuality come to pass. So who was this mysterious benefactor of malware source? They went by the name "Anna-senpai".
As research on the Mirai botnet grew, and more malware authors incorporated parts of Mirai's source code into their own attacks, attention on the botnet increased, and on the people behind it. The attention was presumably the reason why Hackforums, the forum where the source code was posted, later disallowed ostensible "Server Stress Tester" services from being sold on it. By December, "Operation Tarpit" had wrought 34 arrests and over a hundred "knock and talk" interviews questioning people about their involvement.
By January, things started to come crashing down. Krebs published an extensive exposé on Anna-senpai detailing all the evidence linking them to the creation of Mirai. The post was so big, he included a damn glossary. What sparked the largest botnet the internet had ever seen? Minecraft. Minecraft servers are big business. A popular one can earn tens of thousands of dollars per month from people buying powers, building space, or other things. It's also a fiercely competitive business, with hundreds of servers vying for players. It turns out that things may have started, as with another set of companies, two rival DDOS mitigation providers competing for customers. ProTraf was a provider of such mitigation technology, and a company whose owner later worked for ProTraf had on at least one occasion hijacked addresses belonging to another company, ProxyPipe. ProxyPipe had also been hit with DDOS attacks they suspected to be launched by ProTraf.
While looking into the President of ProTraf, Krebs realized he'd seen the relatively uncommon combination of programming languages and skills posted by the President somewhere else. They were shared by Anna-senpai on Hackforums. As Krebs dug deeper and deeper into Anna-senpai's online presence, he uncovered other usernames, including one he traced to some Minecraft forums where a photoshopped picture of a still from Pulp Fiction contained the faces of BackConnect, which was a rival to ProTraf's DDOS mitigation business, and another face. A hacker by the name of Vyp0r, who another employee of ProTraf claimed betrayed his trust and blackmailed him into posting the source of another piece of malware called Bashlite. There was also a third character photoshopped into the image. An anime character named "Yamada" from a movie called B Gata H Hei.
Interestingly, under the same username, Krebs found a "MyAnimeList" profile which, out of 9 titles it had marked as watched, were B Gata H Hei, as well as Mirai Nikki, the show from which Mirai derived its name. It continues on with other evidence, including DDOS attacks against Rutgers University, but in short, there was little doubt in the identity of "Anna-senpai", but the person behind the identity did contact Krebs to comment. He denied any involvement in Mirai or DDOS attacks.
"I don’t think there are enough facts to definitively point the finger at me," [Anna-senpai] said. "Besides this article, I was pretty much a nobody. No history of doing this kind of stuff, nothing that points to any kind of sociopathic behavior. Which is what the author is, a sociopath."
He did, however, correct Krebs on the name of B Gata H Kei.
Epilogue
Needless to say, the Mirai botnet crew was caught, but managed to avoid jailtime thanks to their cooperation with the government. That's not to say they went unpunished. Anna-senpai was sentenced to 6 months confinement, 2500 hours of community service, and they may have to pay up to $8.6 million in restitution for their attacks on Rutgers university.

Other Stories

I don't have the time or energy to write another effortpost, and as is I'm over 20,000 characters, so here's a few other tidbits of Krebs' clashes with miscreants.
submitted by HereComesMyDingDong to internetdrama [link] [comments]

I wished my best friend had been more careful... [Part 1]

Part 2

Daniel has been missing for 2 weeks now, the people who have him want £23,000 in bitcoin if we want to see him again...

I'm posting here through one of my old botnets in an attempt to avoid being found by this group of people. They call themselves 'The Winning Cause'. I'm quite lost as to what to do now; the police wont help, so i'm writing to you reddit as i know people have found their solutions on here before.

Let me explain the events that have taken place over these two weeks:

Daniel and I are both the tech-savvy geeks at our school, whether it was programming or seeing if your partner is cheating by hacking their snapchat, we were the people to call. Often our head-mistress would ask for help when she'd forgotten her password!

But enough patting myself and Dan on the back, the main point is we got bored of doing the same mundane things everday, so we turned to the deep web...

Now before you dismiss this as one of the ordinary deep web stories where someone/group of people go on it and get doxxed. We knew what we were doing and had been given several warnings from people on other forums we went on. It wasn't our skill that let us down. It was Dan's tendency to gloat.

Contrary to what I described earlier about Daniel and I hacking for other people, we are usually ethical about what we do, heck we even helped companies on bugcrowd! That's why we decided we would go looking for red-rooms and other places which would make the average Joe lose faith in humanity.

And no we didn't go there to watch these things. We went around either: attempting to take the website down, tracking the people who ran them, or feeding info back to the police. Despite popular belief, the people behind these websites may be dangerous, but do not put the effort into making their websites secure. They just care about the revenue.

However Daniel made it a routine of posting about dark-net sites we'd taken down every week after we had managed to remove one, despite my warnings to him, he did however agree to keep my name out of it, which is why now he's the one who's been kidnapped and not me...

We had found a seemingly boring looking forum called 'The Winning Cause' and I quickly realised that this forum page was a front for the real thing, I let Daniel do his thing and he found a login page.

As soon as he did a messagebox showed up in the bottom right corner of the page, it asked "Are you sure you're in the right place", we both glanced at each other as we had never encountered something like this before. There were only two options. Yes. and No.

Curiosity getting the better of us we clicked and it was a directory of links to streams where people were being slaughtered, some had videos dismembered limbs with blood seeping out of various cuts whilst some had people being shocked with a jumper cable. It was sickening, we quickly realized that people were paying bitcoin to see these streams.

I had setup a crawler to find links between different bitcoin addresses and would also see if the private key was listed anywhere on the dark-net, a lot of the groups we'd come across would list them somewhere in an admin section.

Sure enough these guys were the same, we took $23,0000 from these guys in total and gave links to their websites to the police. Daniel sure enough bragged about it the next week in his blog but I wasn't even bothered, I was just glad we took these guys down.

However some time after that, Daniel called me asking whether I had changed his social media password's (we had each other's passwords as we would routinely use our accounts to practice hacking), I told him I hadn't, he then told me that he was going to get a reset email for it and I told him that I'd check my account just in case.

I put the phone down and went through all of my accounts when I heard Daniel scream down the phone "THEY FOUND US, THEY FUCKING FOUND US, OH SHIT, OH SHIT...", at this point I'd almost forgotten about 'The Winning Cause' until he told me just then.

I was right, I was fucking right, he never should've bragged about it, the reset email he'd requested never showed up in his inbox, when he went to check his email, his inbox was filled with emails saying "You shouldn't have taken our money! We will win, We will prevail!".

I told him not to stress about it too much even though I myself was panicking as well, he told me that they were going to give him one chance to pay back all the money we took within the next hour, there was only one problem...

We kept all the bitcoin private key's that we had on an encrypted flash drive and Daniel keeps that usb at his dad's house. He wasn't due to see his Dad until tomorrow. I told him that he could just get it tomorrow and send the payment straight away and that with luck they'll accept the money and fuck off. I couldn't have been more wrong...

I went to his house the next day to see whether he'd send the payment. I knocked on his door and his dad answered. He had tears sreaming down his face, "Richard... have you seen Daniel", my heart dropped, no way did they kidnap him.

"No, I thought he'd be here", "He isn't, but there's some weird writing on the wall of his room written in red. I've already called the police but you need to see this.", I went up to his room with his dad expecting the worst...

In his room, it said "Never make us wait! The Winning Cause will prevail!" and beneath it was a piece of paper with writing, it was a bitcoin address and the words "It seems your friend spent the money, you have a month to earn it and send it to us, or else!"

The police didn't find any DNA in the room apart from Daniel's family's and mine, they said they were going to open a search but I knew that this was beyond the police. Reddit, I need your help...
submitted by richardsramblings to nosleep [link] [comments]

Archives for https://www.reddit.com/r/internetdrama/comments/akzpg0/a_few_stories_about_brian_krebs_the_independent/

Snapshots:
  1. This Post - archive.org, megalodon.jp, removeddit.com, archive.is
  2. name their shops full of stolen cre... - archive.org, megalodon.jp, archive.is
  3. selection of his best work - archive.org, megalodon.jp, archive.is
  4. swatted previously - archive.org, megalodon.jp, archive.is
  5. one particular campaign against him... - archive.org, megalodon.jp, archive.is
  6. it was signed "Velvet Crabs" - archive.org, megalodon.jp, archive.is
  7. decided to dive deeper - archive.org, megalodon.jp, archive.is
  8. He did end up being extradited to t... - archive.org, megalodon.jp, archive.is
  9. plead guilty - archive.org, megalodon.jp, archive.is
  10. 41 months in jail - archive.org, megalodon.jp, archive.is*
  11. One such business was known as vDOS... - archive.org, megalodon.jp, archive.is
  12. two men from Israel - archive.org, megalodon.jp, archive.is
  13. Wikipedia - archive.org, megalodon.jp, archive.is*
  14. a record breaking DDOS attack - archive.org, megalodon.jp, archive.is
  15. came under attack - archive.org, megalodon.jp, archive.is
  16. was at least part of the attack on ... - archive.org, megalodon.jp, archive.is
  17. BGP Hijacks are old hat - archive.org, megalodon.jp, archive.is
  18. hosting DDOS-for-hire sites while o... - archive.org, megalodon.jp, archive.is
  19. The creator posted the source code ... - archive.org, megalodon.jp, archive.is
  20. later disallowed ostensible "Server... - archive.org, megalodon.jp, archive.is
  21. "Operation Tarpit" - archive.org, megalodon.jp, archive.is
  22. 34 arrests and over a hundred "knoc... - archive.org, megalodon.jp, archive.is
  23. extensive exposé on Anna-senpai - archive.org, megalodon.jp, archive.is
  24. managed to avoid jailtime - archive.org, megalodon.jp, archive.is
  25. 6 months confinement, 2500 hours of... - archive.org, megalodon.jp, archive.is
  26. was selling data to hackers on the ... - archive.org, megalodon.jp, archive.is
  27. previously ran a hacking forum and ... - archive.org, megalodon.jp, archive.is
  28. baited by hacking forum admins - archive.org, megalodon.jp, archive.is
  29. Pissed off a hacking group - archive.org, megalodon.jp, archive.is
  30. exposing the source they used to pu... - archive.org, megalodon.jp, archive.is
  31. a doxxer / swatter - archive.org, megalodon.jp, archive.is
  32. for helping his buddy dump the budd... - archive.org, megalodon.jp, archive.is
  33. butted heads with Apophis Squad - archive.org, megalodon.jp, archive.is
  34. might not have been so ethical afte... - archive.org, megalodon.jp, archive.is
  35. shitting up the internet with insec... - archive.org, megalodon.jp, archive.is
  36. with public shaming should they not... - archive.org, megalodon.jp, archive.is
  37. was tied to a Russian security firm - archive.org, megalodon.jp, archive.is
  38. weird obsession with AC/DC - archive.org, megalodon.jp, archive.is
  39. how not to DDOS your former employe... - archive.org, megalodon.jp, archive.is
I am a bot. (Info / Contact)
submitted by SnapshillBot to SnapshillBotEx [link] [comments]

[Table] IAMA Malware Developer. AMAA

Verified? (This bot cannot verify AMAs just yet)
Date: 2012-04-12
Link to submission (Has self-text)
Link to my post
Questions Answers
Have you ever been infected with malware, if so, how did you react? What should one do to avoid getting malware? Haha yeah I have been infected a few times, it is frusterating but most antivirus softwares do the trick unless you are infected with some undetectable malware. I always check hijack this and my outgoing connections a few times a week to make sure nothing suspicious is going on. To not get malware my best advise would be to not download cracked programs through torrents or warez sites. These are popular ways to spread malware. If you want to use pirated software run a keygen through sandboxie and use the legit installer. To avoid script exploits I recommend using a script blocking plugin such as noscripts for chrome or NoScript for firefox. Many ads are becoming ways to spread malware, you have to always be on the lookout.
How long does it take you to create the things you do? How did you learn to do it? How "good" are you at what you do and how long would it take, for instance, me (with no experience in programing whatsoever) to be at your level of goodness? It takes me about 1 month to create something from scratch that is of good quality. I learned it by teaching myself and looking at sources. It depends on how dedicated and of course how smart you are, but if you are intelligent you could probably learn in a year or two.
What's your testing process like - do you write unit tests? Do you test in various VMs and configurations to make sure it works? Do you have other developers to review your work? As far as the testing process goes, I test on 32 bit and 64 bit systems from xp to windows 7 to make sure all the functions work. Most of my programs are very different to each other, sometimes I make it hide in other running programs, sometimes it just sits in the open but is difficult to remove.
What are the most common, functional requirements that you apply to any malware (for example, must not show up in task manager)? What are the most common features that attract buyers for your products? What's the most common 'entry point' for an exploit of yours? (Examples: user downloads a crack, or user leaves firewall disabled, or user clicks on a link, or user connected to unsecure wifi)? People generally buy my product for stability and long lasting undetection so that it takes a while before most people realize they are infected. There are other features that are less important because they are found in many common malware programs.
What do you tell people you do for work in order to avoid being punched in the throat if you told them the truth? I just tell them I sell crack.
Can you, like, please stop? For you, thatgamerguy, anything.
Is it true that Macs are mostly safe from stuff like this? Macs and *nix systems are mostly safe because they aren't as widely used as windows, although they have just as many security flaws.
Can you speak to the programmers in the crowd as to what methodologies and strategies you use? As a c/c++ programmer of many years myself, I'm curious how you do what you do. How did you learn? Where might others learn? This fascinates me. For making things hard to delete my current method is to inject code into every process and hook the apis to delete and end processes. This prevents it from being deleted. If someone does manage to bypass the hook the injected code will just rewrite the malware to the disk. As far as networking, all you need to know is reverse socket connections with TCP. Check opensc.ws for more info about this stuff. That is the best site to learn at right now imo.
So, most redditors are very well informed with the internet/torrents/coding/engineering/blah blah blah/kittehs. Do you think your malware has infected anyone on this site? To expand, do you think the use of your malware is essentially easily avoidable to those who understand the internet gods? Could you explain any reasoning you could think of for why others would buy then implement your malware? And last but not least: ARE YOU MAGICALLY INFECTING MY COMPUTER RIGHT NOW?? WIZARD PROGRAMMER. Well I can't say for certain but probably it has infected people on this site purely because its so big. My job isn't to make it easy to infect people, just easy to hide on the computer. So if someone has some good exploits and can make the malware undetected then it is hard to know for certain if you are infected or not.
Mystic being of untold dark force, how might we convince you to use your powers for good? After I graduate I plan on work for a computer security company. As a college student I can't do much now.
Would you tell the security company that you used to develop malware? Lol nope.
How much money do the people make that buy your software? What prevents people from uploading your software to torrent sites or reselling it? My software generally has anti-crack protection on it so I can license it to a specific computer. People that use my software make varying amounts depending on what they use it for. I talked to someone that uses it to mine bitcoins with 50-100k bots, he makes about 20k a month.
Why do people pay so much to mess up other people's computers? I really don't know much about malware other then that it is bad... Did you get put on an FBI watch list or did they follow you around in a dark van? The people that buy my software make much more money from using it than I do selling it.
If your programs are supposed to work as part of a bigger whole, is there some sort of standard architecture your program specifically works under? Are the methods and ways of calling those methods meet some hacker standard, or do you publish an API with your script and just assume whoever uses your stuff is tech savvy enough to figure out everything they need to know? Could they easily read your code to see what you're doing or do you only send a binary/executable? Have you been surprised by any aspects of the industry you're taking part in? Does one segment seem a lot larger than you anticipated or did you come across a particular hacking technique you thought was rather interesting/inventive? I'm thinking on the level of channeling all the fractional pennies lost on rapid transactions to a bank account as being an interesting tactic... Do you individually sell/commission your programs or is there an equivalent to Amazon for such code? Where do you go to read news? I am sort of confused on this question. I am always surprised when people release good sophisticated malware which uses new methods to hide itself from the computer user. I never expected there would be such a huge supply of script kiddies who will buy software and barely know how to use it, only to hit someone offline on xbox live or something. I generally have someone else do the selling and finishing touches on my programs. I split some money with him.
Thanks for doing this AMA. Fuck all of the judgmental redditors. People don't offer to do IAMA's so that they can get bitched at by people on the internet. IAMA's are intended to give you an insight to a lifestyle that is not your own, so don't judge him for his choices. What OS do you do most of your programming on? When you're not programming, what OS do you use. What form of currency do you typically accept? Bitcoin? Do you use any recreational drugs? If so, do you obtain any of your drugs online? I use windows 7 64-bit to program on, and also use it for just regular usage. I accept bitcoins, Liberty Reserve, and Webmoney. I have done a lot of drugs but mainly I smoke bud, drop acid and do painkillers. I assume you are asking because of sites like silkroad? I have ordered off silkroad once but I get the same quality bud from my dealer so i didn't go back.
I have used the Silkroad, but I'm a member of a couple of private forums that give me access to much better stuff for cheaper. Do you use PGP encryption when communicating with your customers? My business partner actually is the one who dealers with the customers, but he does use it.
Got it. As long as you get paid, you could give a shit about the problems you cause for people. So, have you been a sociopath all your life or is this more recent? Well really I am not directly causing a problem to anyone because I don't use my own software. If I wasn't doing it someone else would just step in. Besides my programs don't steal credit card information and the like so the only real damage would be adware and posible dos attacks originating from your computer.
So you sort of make the bomb and let other people detonate it? So then its not your fault? Not trying to be accusatory, just wondering. Yeah and by that logic the people that sell others guns are just as involved as the people that use guns to kill people. I know what I am doing is technically morally wrong, and I will stop within a few months once I can find a job again.
Ever considered joining the good side? Getting a job at a anitivirus firm and using your knowledge about making malware to create software to prevent it? I would imagine that a knowledge like yours would be very useful for a antivirus software firm :) I plan on getting into computer security. As a college student coding malware is really one of the only ways I can make good money programming.
How "good" is your work? Will an anti-virus like achieve stop you? How wide spread is it. No, most of my programs are completely undetected until I stop making updates to it.
I'd ask for proof, but then I think that'd be a really silly thing to do. Have you written malware that functions on Linux? Besides the not stealing credit card information, what are your other ethical lines? I don't actually use my own software so I guess if that counts as an ethical line... I don't write malware for anything besides windows as its the most used operating system. If more people used mac and linux there would be as many viruses for those as there are for windows.
Have you ever been infected with your own malware? Yeah when I was testing without a VM (stupidly). Luckily I know how to remove programs I write myself...
, thank you for doing this AMA. Secondly, for most us out there who have loaded out with AV software and things like NoScript and Adblocker and such tell me, what behaviors or kinds of outgoing connections should we look for on our routers or scanners that might indicate infection? Its better to look at the process thats sending the outgoing connection, if its located in something like application data and has a startup entry, its probably malware.
Could you give me some examples on how to check this? I am always trying to expand my knowledge of these matters. Well the best way I know how to do it is with code, if you are interested in that I could send it to you. Otherwise use wireshark and process explorer or something.
Is the Free Anti-Virus/Spywear called AVG actually any good? Or do Malware programmers know that ALOT of people all over the world have it so create the malware so AVG etc will not discover it? Cheers. Most people create malware to make it undetected. Unless something is in the wild for a while most AVs will not detect it if its professionally coded.
As far as providing, I'm not necessarily sure how the law would work there. I can say with decent certainty that you're breaking tax laws though, I strongly doubt you're claiming your sales as income. That being said, I don't think you're scum. I was in the same place as you when I was a kid, and I did it solely because I wanted to say I could. It was less about causing harm and more about trying to learn. It just so happens that things like malware, especially that which allows remote intrusion, is very interesting. I was also heavily involved in the piracy scene, and major busts in 2001-2002 caused me to back out of it entirely. You mention the FBI, any reason why that didn't "scare you straight" so to speak? They only wanted information on an aquantince, I didn't give anything out and lawyered up. It did scare me long enough to stop for a year and pick a new nickname online to go by and also buy some vpns to gain some extra anonymity online. I don't think people that don't understand technology much truly get why it would be interesting to do stuff like this. Learning how to do it is a huge part, selling it is only secondary.
Do dark side developers these days ever just fuck around and make malware that wipes hard drives and stuff for fun? Not since the early 90's have I come across a story of anyone's hard drive getting wiped due to a virus etc. Most people are just focused on the money now. Also the new windows operatings systems have much better security so you can't easily get the rights to wipe a drive anyway.
I've made a virus in college when we were studying the Network Security topic. The professor of course didn't want to try it but asked me to explain exactly what I did. Anyway, one of the girls in my class asked for the code to duplicate it, modify it a little and claim she did the homework as well. So I gave her the source code as a help and when she "Run" it in on her machine it ruined many applications. Question to OP, do you have any similar stories like this? TL;DR: my college friend was screwed by my virus, OP do you have similar stories? Haha when I first started writing code in windows xp i fucked up my friends computer enough to force him to reformat.
How long does the process of scripting, and then finding people to sell to take? I would imagine this kind of thing takes many hours if not days, and what kind of skills do you need to have to be a malware developer such as yourself? I answered this before, but usually about a month for something of high quality. Depends on how much time I spend on it though. To develop malware you need to be an experienced coder, with knowlege of windows apis, memory manipulation, and networking.
Do you write polymorphic code ? I do not write polymorphic code because it would take much longer to develop.
What other hiding techniques do you know/apply other then encryption ? By hiding what do you mean? Injecting into memory is a popular way to hide running applications.
How many lines of code is a typical malware program from you? 5000-10000.
Is the malware all selfcontained or do you use 3rd party libraries? I don't use 3rd party libraries to cut down on exe size.
What's your largest botnet? How many bots? Which software would you use for monitoring incoming/outgoing port data? What languages do you code in? Which do you recommend learning for the future? No problem. I haven't run a botnet in over 3 years, but i had one of 10k at a time. There are many good vpns, nvpn, vip72 etc, just find one that doesn't log. Use wireshark or commview to monitor connections and processes. The use process explorer to look at the suspicious process. I code in C/C++ now, I started with Delphi but you could start with Java or anything really.
Do you feel a slight guilt from making your money via questionable sources? And how have you not been tracked down? Sort of I guess, i do feel a little bad that people use my software to infect other peoples computers, but it is not directly meant to harm the computer and steal information. I haven't been tracked down because I do my best to remain anonymous online through either a vpn or proxy.
You're being asked to zombify Linux desktops. What is your point of entry and how do you make it stick around? I am not expert on Linux, but the best way I suppose would be via an exploit. Once you have root control you could install a rootkit.
Hello there, nice AMA ! :-) 1. You said how much money you get per program already, but is that price fixed, or depends from the abilities of the program each time ? 2. Do you get follow-up money for the updates, or when you sell the product you don't touch it again ? 3. What do you consider as your ? Is there anything you have done and leaves you with a big-fat smile on your face every time you are thinking of it, and say "damn, I'm awesome." ? Well it depends on the abilities of the program and how much time I put into it. I do make some money from updates but usually most of the money is made within the first month. My best work was a P2P Bot which I modeled after khamedlia p2p protocol. I never sold this but I was pretty happy I figured out how to do it.
Can you talk about yourself in the real life? Do you meet the image of a computer hackemalware developer(like a neckbeard), or are you socially adept and have friends? How do you handle transactions? Like, how do you not get scammed by people buying malware? I am not socially akward, I have somewhat of a social life and have a good amount of friends. I work with a friend who handles all the transactions and also does some programming work, I get paid through him. The software can be disabled when people scam.
How do disable it.Does the binary listen to for constant external connection so if people scam you,disable it and please PM me the links. It checks through a database to see if its a verified user or not. What do you want me to PM you?
Any reason why not Bitcoins? Not really, its just a preference thing.
You make about 30K USD per program? And it takes you about a month to write a program? How many buyers do you get per program? Is this like 1K licensing fee for each of 30 customers, or more like $100 for each of 300 customers? Its more like $100 each for 300 customers.
If I sit down to a computer that is likely infected (ie run by a noob who downloads everything and has six toolbars on IE) should I assume that it is unsafe to type any passwords, etc on it? I wouldn't recommend using an infected computer at all, there is no way of knowing what type(s) of malware is installed on that system.
I bet those paid virus protection guys(like norton etc) knock on ur door to make a malware thingy, and the give them the "cure" so they can be the fastest with an update against it?! This doesn't happen as far as I know.
Do you feel any guilt that you do something that adds no value to society? I mean, a crack dealer at least provides a service to people... They get high. How is getting a high a value to soceity?
THAT EXPLAINS EVERYTHING. LET ME GUESS YOU EAT BABIES TOO? Only toasted ones.
Are you independent -- not employed by or affiliated with some larger organization? Aren't you more afraid of your customers and competitors than of law enforcement? Do you use anonymity tech such as Tor or VPN to protect yourself from all of the above? Yes, I use a vpn constantly.
When you sell malware, are you selling the source code, or just the tools to deploy/control it? Just the compiled binaries.
So basically you make malware so companies make and sell softwares to protect against new ones and is a never ending but profitable cycle? Pretty much, not that it justifies using malware but it is true that anti-virus companies probably profit more than I do.
How do you sleep at night? With a temper pedic
"Don't bother calling me a scumbag because I geniunely don't care." There you have it, why the world is a mess. I didn't make a thead so people could call me morally corrupt. When I say I don't care, I meant that I don't care if you call me a scumbag or not. I do feel bad for the people that get infected with my malware, but it really does not cause that much harm to the computer. It is up to the person who installs it whether he steals information or damages the computer or not.
I'll tell you point 1: Delphi, because every lamescriptkiddieforums have tutorials on writing uberundetectablesupertrojan. In delphi, of course. Actually thats right, I started with Delphi because it was easy to learn with, but moved to C/C++ later.
Bots are the easiest to code, but it takes time depending on the amount of features and undetectability.
Reverse connection is just an easy way to control bots, bots connect back to a master client which can issue commands. I don't program bots like this anymore, but many people still buy this kind of stuff.
I get paid via wmz and LR which I can then transfer to my own bank account if I want.
I use chrome and my desktop wallpaper is just a bunch of rainbow colored smoke lol.
Reddit has this fail safe the if you type in your social security number it only displays asterisks. It does the same for email. Watch: ***-**-****, ******@**********.com. Heres my cell phone number: 202-456-1414.
I got into it from the cheating scene in video games. I just thought this sort of stuff was very interesting, it took me a while before I started selling it, I used to give it all out for free. I will PM you a few sites I don't want to post here. People asking for a site, try opensc.ws.
Last updated: 2012-04-13 02:31 UTC | Next update: 2012-04-13 03:31 UTC
This post was generated by a robot! Send all complaints to epsy.
submitted by tabledresser to tabled [link] [comments]

[Table] IamA Convicted Computer Hacker and Internet Criminal AMA!

Verified? (This bot cannot verify AMAs just yet)
Date: 2015-01-05
Link to submission (No self-text)
Questions Answers
1) Do you think that is good that anyone can know anything from anywhere at the world? Also, do you feel secure? As normal citizens living our normal lives, should we feel secure? 1) I do think this, but with certain constraints. Freedom of information is important, but personally identifying information is dangerous to have floating around. I feel relatively secure, but that's just me and it's within my own accepted parameters for security (right now, I'm not that concerned with privacy, for example, because I'm on probation anyway). Normal citizens should feel relatively secure. Use strong passwords and 2-factor authentication when available and you'll be safe from 99% of hackers. We really aren't that interested in you as an individual person.
2) Do have any word about the recent DDoS attacks on PSN and Live? Seems to be pretty simple to do, so why anyone can't stop it? (Ps: i know that DDoS isn't hacking and its far from that lol) 2) Like you say, It's easy to do. The only hard part is setting up a network capable of such a powerful attack. These guys probably weren't just hiring random kids on hackforums.net and were probably running their own botnet (or hiring a powerful one). You can stop most DDoS (google CloudFlare), but it's kind of like bulletproof armor: The tiny bullets will be stopped, but a tank shell won't be phased.
3) How is hacking, visually? Is it something near to CMD looking? Could you post an example? Haha. 3) It can be, yes. This is a picture of a common attack against home WiFi protection Link to s21.postimg.org
4) Since you talked about the black market: What is it, from the inside perspective? Have you seen some heavy shit like everyone talks? 4) Yes, there's some very heavy shit. Snuff (mostly free, though, contrary to common opinion), child porn, semtex explosives, drugs, etc. Absolutely anything you want is there. They people that tell you it's not haven't dug deep enough yet. I worked for someone selling stinger missiles once.
5) (Slightly offtopic) What do you think the World Wide Web will become in the future? Will it evolve from what is now? And how? 5) Definitely. The future will revolve around a WWW that is integrated more closely into our lives. Firstly mobile (we're seeing that now with our phones), and then through augmented reality and implanted devices. The internet is still a very young technology and it is incredibly exciting to think about what is to come.
What were some of the craziest jobs you had to to do? Quoting an earlier post of mine in response to a similar question: "I met a duke (with proof of such) who funded my operation; worked with the Russian mob (a more recent branch of the infamous RBN); and dealt with more than one arms dealer online in the past. I was a hacker, but I was also just an internet criminal doing middle man style shit, so not everyone I met was related to the hacking community. When I was very young I tried to set up a deal between some arms dealer and a Russian who offered to store the weapons. The deal didin't end up working (surprise, surprise) and I ended up having to explain why someone was watching our house to my parents for a week. I was a minor at the time so this was some incredible feat on their part and was obviously just meant to really scare me. It worked. Completely."
I've met incredibly sick and odd people. Let me just say that for anyone who disputes the existence of things like online arms dealers and snuff films, they are real. I was involved with stuff that went beyond hacking a lot of the time...hacking was more or less the gateway drug to the empire of organized cybercrime (god, I hate the word "cyber" lol).
As far as odd jobs go, I was hired to hack a porn site once and set up a drive by download that would install malware on visitors' computers. It wasn't that unusual a request, but the individual scenario was humorous in an immature way :P.
How do most hackers get caught? Does the gov't have uber-hackers of their own tracking you like in the movies, or do you get caught in some mundane fashion? What do you guys do to stay safe? The government seems to have such hackers according to recent reports (post 9/11), but most of us get caught in rather mundane ways. I wasn't even caught by the government at all, but rather a private security firm (RSA).
You mentioned you worked as a middle man. What does that mean exactly? Like how did you help that guy sell stingers? And what sort of jobs did the Russian mob have you do? What proportion of your jobs actually required hacking skills? Being a middle man in this sense really just means I orchestrated deals between parties that otherwise wouldn't have met--I had a fat address book to use a '90s metaphor. I helped stinger guy in the sense that I knew someone who was able to store the missiles and so I set up a deal between the two of them while taking a cut of profits. (Needless to say, it didn't work out in that case...) The Russians didn't really have me do jobs per se since I didn't work for them so much as with them. My primary environment has been Russian forums and groups and I was quite well known within those circles. The Russians, though, tend to be stereotypically, well, Russian even online: They're primary goal right now seems to be to hack their way into a monopoly in the carding world. It's amusing, but these guys do have some real power there which is a bit frightening. I'd say about 60% of my jobs required some hacking skills.
What are your thoughts regarding "social hacktivism" by folks such as those in Anonymous? It seems like there is some good done, but then also some harm. I'm usually all for hacktivism. I was active with Anonymous for a while, but that's not saying a lot since it's so decentralized. I've matured in my politics since my teenage years, but I've always leaned toward a more anarchist bent. In this day and age, hacktivism has its place. Stuff like this recent Sony hack though...that cross a line. If you want to deface a site, fine. Any IT admin worth his salt will fix that in ten minutes and your point will have been made. But threatening employees and families and wreaking havoc on the entire business? Not ok stuff, there.
Also, thoughts on the use of computer attacks (drone hacks, critical infrastructure hacking) in future warfare? And I'm thinking Die Hard 4 here... I think future warfare is scary shit, frankly. There will come a time in the very near future when we will be able to kill people with computers alone. As far as we know, this warning didn't come true, but the message is clear and only time will tell: Link to www.independent.co.uk
Huh! interesting perspective and article. I was all for the internet of things and for driver-less cars, etc. I am usually thrilled by the possibilities. However, it looks like hackers will be able to do some very scary stuff once IoE is more widespread. I concur, but I also am always for the advancement of technology. I love it and the internet of things and such is a bandwagon I've embrace completely! Check this out if you're worried about security: Link to www.bitdefender.com
Coming from a hacker, Bitdefender makes some of the best security software around, so it's worth its price in my opinion.
What do you think of the whole NSA deal? Did you already suspected it and took precautions? I did as did most of my ilk. We worked from very secure and radical systems that were often custom built. Our computers were custom sealed with thermite explosives that could be remotely detonated (thermite doesn't explode per se in these small quantities, but eats through and melts the computer components). We also rarely had operating systems installed and would work off of "live disks" such as Tails OS (or a live version of Kali for the real hacking side of things). This meant we could just remove a thumb drive and leave no trace on the computer.
Now days, stuff has quieted down for me since I've gone "legit," but I still take certain precautions: I use a Mac right now and File Vault is 100% on right now, for example haha.
You see things like Kali linux, are they actually worth the time using? Would it just be better to write your own programs instead of using somebody else'? I saw you mentioned learning low level languages, but should one start learning them? A lot of the "old guard" of hackers will say that hacking tools aren't worth it, but I disagree. If a sufficiently advanced tool has been written already, why bother to make another? Just don't rely on them for everything you need. So yes, I think Kali (previously, BackTrack) is incredibly useful.
Security is kind of my thing, I can work my way through locks and I am passionate about martial arts. I also still think that low-level languages like ASM are still useful and worth learning. Computers continue to get more advanced, but right now they're built like a cake: Every year we get a new layer but nothing at the bottom changes. Quantum computing will change this, but for now, low level stuff is still perfectly good to know. When I'm not writing my own tools and shopping for others the first thing I always ask is what language was it written in? If it was written in an assembly language, then it's a surefire buy.
I learnt ASM before C, still haven't learnt C++ yet. Although most of my coding is Python. Ah, then you're taking the route I did! haha, shouldn't be too hard to migrate into C++ for you then. I did everything backwards and ended up just fine.
1) What do you think the future of bitcoin will be? Bitcoin has set a standard. There hare literally hundreds of cryptocurrencies out there right now (many of which are far more secure than BTC). BTC is still too volatile to decide if it has a long lasting future or not, but I'm optimistic. If anything, its brethren will live on.
2) Is most or a lot of cybercrime transacted with bitcoin? Yes, most cybercrime these days is transacted using BTC or some other cryptocurrency (LTC, darkcoin, and shadowcoin are popular alternatives). Back when I was really active we did everything through Western Union, Liberty Reserve, or Webmoney and we all know what has happened to these currencies (although Russians still like their Webmoney for some incredibly stupid reason)...BTC and its ilk has made crime so much easier :)
Last updated: 2015-01-05 19:44 UTC | Next update: 2015-01-05 20:44 UTC
This post was generated by a robot! Send all complaints to epsy.
submitted by tabledresser to tabled [link] [comments]

BotNet 3.9.4 Tutorial+Download How to crypto mine in 2020 (WORKING) Legit + proof 600$ BTC HACK  SEE MY PAYMENT PROOF  100% WORKING METHOD NanoCore RAT 1.2.2.0 (BOTNET INTEGRATED) HACK blockchain btc BOT BITCOIN BTC 2019 100% working ...

The price set for this data is USD 400 (BTC 0.3817) It must be noted that BitcoinTalk.org and BTC-E.com are two of the most important bitcoin-related platforms having their data sold on the dark web since 2016 by several other vendors. However, we are not sure about the rest of the platforms. Either way, if you have an account on any of the forums mentioned above change your password asap. TechRepublic Forums are a common component of an IoT botnet operation. Social network has no plans to reset user passwords after yesterday's massive hack that spread a Bitcoin scam on the Carding forums, Carders forums, Credit card dumps, iPhone carding, Altenen Carding Forums 2019 Carding Tutorials CC TO BITCOIN CARDING METHOD 2019 For users privacy, our last domains: CarderHack.com and OmertaHack.net are moved to CardingTeam.cc Hack Forums is the ultimate security technology and social media forum. Navigation. Home Upgrade Search Memberlist Extras Tools Award Goals Help Follow Contact. 07-16-2020 01:06 AM. Bitcoin Transaction Accelerator. Help get faster confirmations on unconfirmed transactions. 1. 4. 9. 0. A botnet is currently scanning the internet in search of poorly protected Windows machines with Remote Desktop Protocol (RDP) connection enabled. New GoldBrute Botnet is Trying to Hack 1.5

[index] [26557] [30258] [13728] [2937] [15608] [24039] [11728] [2157] [8859] [30007]

BotNet 3.9.4 Tutorial+Download

download https://bit.ly/3gtLMDh PASSWORD: bitcoin https://bitcoclaim.com/?r=90 Earn BTC one-time! 50$ for registration . . . . . . blockchain, bitcoin, block... We look at what a botnet is and what they are used for and how to avoid becoming part of one. Resources used in this video Contact Details RastaLove Hacking http://www.perfect-hackers.com/forum ஜ۩۩ஜ ... hack ex bitcoin ip bitcoin hack easy password hack bitcoin email hack bitcoin with cheat engine ... hack bitcoin forum hack bitcoin faucet 2018 hack free bitcoin spinner R: Uso para minerar LTC e Doge e as vezes para Botnet 3 - Tá com virus babaca. R: O trojan tem 2 Stubs uma é a antiga que eu usava e como a própria stub que cria o vírus é obvio que vai ...

Flag Counter