|
|
Post by GigaChad Sigma. on Sept 19, 2022 23:19:58 GMT
Nah, they go after data and then pivot to blackmail/extortion. We keep a ‘top 5’ threat actor list and they are one of the few non-nation state backed groups that always appear on it. I’m assuming R* had a ransom note last week and knew this was likely to be coming and probably isn’t all of it. If you have access to get 10k lines of code, you likely have access to pretty much everything. 20 quid they got in with an MS account without MFA turned on. You spend all this money on firewalls and some idiots gives them the keys on a text message . When you put it like that it really does make these hacks seem rather mundane rather than these Hollywood scenarios you imagine. Well with this hack apparently they used a "Hydra" a multi-headed worm to sniff out digital footprints across an encrypted network. |
|
|
|
Post by 😎 on Sept 19, 2022 23:26:44 GMT
The admin’s password was god  |
|
Deleted
Deleted Member
Posts: 0
|
Post by Deleted on Sept 19, 2022 23:29:27 GMT
William Gibson was as bad as Frank Miller at coming up with the corniest slang in fiction.
I picture hackers thinking they're Jonny Lee Miller but having no Angelina Jolie to try to impress.
|
|
|
|
Post by Aunt Alison on Sept 19, 2022 23:30:42 GMT
Is that Dave Perry?
|
|
geefe
Full Member
Short for Zangief
Posts: 8,323
|
Post by geefe on Sept 20, 2022 13:06:41 GMT
When you put it like that it really does make these hacks seem rather mundane rather than these Hollywood scenarios you imagine. We have two full time people who do literally nothing other than run down suspicious emails. It’s fucking insane. People scrape LinkedIn literally weekly, compromise email servers of small third party suppliers to send ‘invoices’….. all kinds of stuff. I do this for a living and I’ve had stuff I’ve nearly clicked on. A lot of this went over my head. So there's people who just send out spam constantly just to get clicks from big companies? I'd have thought it would take more than that. |
|
dogbot
Full Member
Posts: 8,738
|
Post by dogbot on Sept 20, 2022 13:12:28 GMT
Never underestimate how stupid many people are.
Also, some of the stuff sent out is really quite convincing. There's a lot of research goes into what would work for the big campaigns.
|
|
Bongo Heracles
Junior Member
Technically illegal to ride on public land
Posts: 4,629
|
Post by Bongo Heracles on Sept 20, 2022 13:50:42 GMT
I would guess that 9/10 breaches* are due to some kind of social engineering**. Its very rare for someone to jack into the mainframe from a rogue super kernel on the firewall pipes.
As an example, we had a group, maybe even lapsus, send our generic marketing mailbox*** an email**** from a real guardian journalist (using their real but spoofed***** email address) saying something like 'we have written an article about your new media campaign, please click here to view and let us know if you have any ammendments'.
Literally half the marketing department clicked on it and when they did, it tried to download a payload****** which would have installed malware******* on their machine. Our anti-virus caught it and blocked it but it was a near miss.
* when bad guys get into your network
** the bad guys pretend to be someone else to trick you
*** a mailbox that doesnt belong to a specific person
**** an electronic letter
***** it wasnt really from them, it was pretending
***** bad software installer
****** bad software
|
|
|
|
Post by 😎 on Sept 20, 2022 13:51:55 GMT
ecosse
|
|
dogbot
Full Member
Posts: 8,738
|
Post by dogbot on Sept 20, 2022 13:54:29 GMT
"Your server has been filled with lots of pictures of grey food" |
|
|
|
Post by baihu1983 on Sept 21, 2022 11:00:20 GMT
|
|
dogbot
Full Member
Posts: 8,738
|
Post by dogbot on Sept 21, 2022 11:02:05 GMT
He's already been fairly widely named and has had a jolly good cry about it.
If he'd just done the hacking, he might have got himself a white hat job, but unfortunately he decided to do some pretty cack handed attempts at blackmail and extortion, so hopefully he'll be facing some consequences for his actions.
Womp womp.
|
|
Lizard
Junior Member
I love ploughmans
Posts: 4,483
|
Post by Lizard on Sept 21, 2022 11:08:44 GMT
Anyone know of any hacking courses? Always wanted to expose all the US governments UFO shit.
|
|
askew
Full Member
Posts: 6,797
|
Post by askew on Sept 21, 2022 11:11:42 GMT
|
|
|
|
Post by Jambowayoh on Sept 21, 2022 11:13:26 GMT
Anyone know of any hacking courses? Always wanted to expose all the US governments UFO shit. Just send Area 51 some spam email saying you're the President and you need to transfer some money to a bank account and you're willing to let them keep some of it as a reward. |
|
Lizard
Junior Member
I love ploughmans
Posts: 4,483
|
Post by Lizard on Sept 21, 2022 11:16:54 GMT
Thanks guys, Area 51 first, then Dannos post count.
|
|
Bongo Heracles
Junior Member
Technically illegal to ride on public land
Posts: 4,629
|
Post by Bongo Heracles on Sept 21, 2022 14:45:15 GMT
|
|
dogbot
Full Member
Posts: 8,738
|
Post by dogbot on Sept 21, 2022 15:35:49 GMT
I've also done that and it was very good, although I don't do l3375p34k.
|
|
Bongo Heracles
Junior Member
Technically illegal to ride on public land
Posts: 4,629
|
Post by Bongo Heracles on Sept 21, 2022 17:08:02 GMT
They must have changed the syllabus. We covered it on day three.
|
|
|
|
Post by Dougs on Sept 21, 2022 17:11:32 GMT
I like that you still have the glossary to hand for geefe.
|
|
|
|
Post by Jambowayoh on Sept 23, 2022 15:18:07 GMT
The kid's been arrested then.
|
|
Lizard
Junior Member
I love ploughmans
Posts: 4,483
|
Post by Lizard on Sept 23, 2022 15:22:05 GMT
The kid's been arrested then. Busted! Carjacking outside the station right after he's bailed. |
|
cubby
Full Member
doesn't get subtext
Posts: 6,362
|
Post by cubby on Sept 23, 2022 15:22:22 GMT
Always British, we have the best hackers.
|
|
dogbot
Full Member
Posts: 8,738
|
Post by dogbot on Sept 23, 2022 16:10:47 GMT
If he was any good, he wouldn't have got caught by leaving trails to his ProtonMail account.
|
|
|
|
Post by Syrette on Sept 23, 2022 16:28:42 GMT
If he was any good, he wouldn't have got caught by leaving trails to his ProtonMail account. Oh - so what were you hacking at age 17?  |
|
dogbot
Full Member
Posts: 8,738
|
Post by dogbot on Sept 23, 2022 16:36:48 GMT
If he was any good, he wouldn't have got caught by leaving trails to his ProtonMail account. Oh - so what were you hacking at age 17? In fairness, computers were a bit different when I was 17 😁 |
|
|
|
Post by Jambowayoh on Sept 23, 2022 16:53:47 GMT
Ahhh memories of Windows 98. Glorious times, it was cumbersome as fuck, but it was the OS that I properly learned inside out when I was 13 and tinkering with stuff. It's been hard to recreate that joy as I used other OS's through the years and I just saw them as a tool for productivity.
|
|
dogbot
Full Member
Posts: 8,738
|
Post by dogbot on Sept 23, 2022 17:49:57 GMT
Yes. Windows 98.
Ummm. 🤣
|
|
cubby
Full Member
doesn't get subtext
Posts: 6,362
|
Post by cubby on Sept 23, 2022 18:32:53 GMT
I kinda wish that dos stuck around for a bit longer, purely for selfish reasons, as I was far more inclined to tinker with that than with any windows that came after it, and I might have got myself a sweet IT job and be a rich mofo that does hacking as a side gig with cool sunglasses and hos all up in my grill, and milkshakes.
|
|
dogbot
Full Member
Posts: 8,738
|
Post by dogbot on Sept 23, 2022 18:43:33 GMT
You've still got time to learn Powershell or Bash. Spin up a Kali VM and get cracking, h4x0r!
|
|
|
|
Post by Jambowayoh on Sept 23, 2022 23:25:34 GMT
Ha, sorry I'm not that old to be using 3.1 man. |
|
