How do hackers get caught? - the hunt for the hacker.
Рет қаралды 91,517
Күн бұрынto catch the hacker - follow-up video to • How do hackers hide th...
🔗 Links Mentioned:
github.com/telekom-security/t... - The All In One Multi Honeypot Platform
www.metacompliance.com/blog/p... Highlights very high-level techniques used by defenders.
cybersecurityventures.com/cyb... - Contains many good examples of cybercriminals getting caught (Laspus$, BitFinex, ReEVIL, Nigerian BEC, and more).
cybersecurityventures.com/hac... - Hack Blotter - Weekly feed reports on noteworthy arrests, extraditions, convictions, sentencing, and release of cybercriminals.
www.theverge.com/2023/1/27/23... - An example of the FBI infiltrating the Hive RAAS gang by using "Simply put, using lawful means, we hacked the hackers," Monaco said regarding the FBI's penetration of Hive's networks."
/ how_do_hackers_get_caught - Comments on how hackers are caught.
This Reddit user explains this best - "We don't know who are the best hackers, because they didn't get caught so far." [[link]( / how_do_hackers_get_caught )]
www.csoonline.com/article/362... - Highlights Bad Opsec examples
www.theguardian.com/world/201... - Fitness tracking app Strava gives away location of secret US army bases
techcrunch.com/2023/03/24/how... - How the FBI caught BreachForums admin
www.justice.gov/opa/pr/two-ar... - Two arrested for laundering $4.5 Billion in Stolen Cryptocurrency
www.theverge.com/2021/6/8/225... FBI secretly launched an encrypted messaging system
⏰ Timestamps:
0:00 - Introduction & Honeypot Overview
1:46 - Technique #1 - Honeypots/Honeynets
3:34 - Technique #2 - Detection Controls/Tools
5:07 - Technique #3 - Poor OPSEC & OSINT
8:02 - Technique #4 - Tracking Transactions
9:02 - Technique #5 - TTP Knowledge Bases
10:39 - Technique #6 - Global Intelligence
13:05 - Technique #7 - Value of Target
🐕 Follow Me:
Twitter: / collinsinfosec
Instagram: / collinsinfosec
Cybercademy Discord Server: / discord
🤔 Have questions, concerns, comments?:
Email me: grant@cybercademy.org
🎧 Gear:
Laptop (Lenovo X1 Carbon Ultrabook 6th Gen): amzn.to/2O0UfAM
Monitors (Dell D Series 31.5” D3218HN): amzn.to/2EXlgRF
Keyboard (Velocifire VM01): amzn.to/2TEswfd
Headphones (Audio Technica ATH-M40x): amzn.to/2F4Tvq6
Work Monitors (Dell U4919DW UltraSharp 49 Curved Monitor): amzn.to/3yQmDhM
Desk (FLEXISPOT EW8 Comhar Electric Standing Desk): amzn.to/3S9OxvG
@CubensisEnjoyer Жыл бұрын
I couldn't believe it when I read about pompompurin, it's hard to believe people are getting caught like that in 2023. But it also speaks to how exhausting it must be for cybercriminals to cover their tracks every single time without fail. With that much heat it's genuinely at the point where if you mess up once, you're done.
@rahulramteke3338 Жыл бұрын
For cybercriminals, there is always a tradeoff, good opsec means they have reduced efficiency and low or no risk of getting caught, bad opsec means more efficiency but higher risk of getting caught
@ytg6663 Жыл бұрын
Well, pompo is not haker .. He is just a 20 year old kid who used to sell stolen data. WHY HE USED DAMN SAME VPN TO LOGIN INTO BOTH , HIS PERSONAL AND CRIMINAL BIZ ACCOUNT ???
@ytg6663 Жыл бұрын
@@rahulramteke3338what kind of efficiency
@Corecarex Жыл бұрын
@@rahulramteke3338 what is opsec
@rahulramteke3338 Жыл бұрын
@@Corecarex Opsec stands for Operational Security, its a measure of how an attacker can stay hidden from authorities or the victims they are targetting
@pranavsivvam5880 Жыл бұрын
Thanks for the informative video, Grant! Quick question: What model is the ultrawide monitor behind you?
@sambajuice7071 Жыл бұрын
Very informative and overall great video!
@CodingKillua Жыл бұрын
you can get caught as long as you are not Elliot Alderson
@Gr8Poseidon Жыл бұрын
Need a spin off
@DDBAA24 Жыл бұрын
Another fun one that was created a while ago is endless-ssh. This is quoted from the git repo "Endlessh is an SSH tarpit that very slowly sends an endless, random SSH banner. It keeps SSH clients locked up for hours or even days at a time. The purpose is to put your real SSH server on another port and then let the script kiddies get stuck in this tarpit instead of bothering a real server." Like I said fun. So even if they use hydra, they won't get anywhere.
@lunar7240 Жыл бұрын
Hydra 💀
@DDBAA24 11 ай бұрын
Just wanted to add in retrospect , protect your physical machine from HID attacks. Check your usb logs if you think somethings off. With all these automated tools a monkey can use its not only possible its probable. I just had a friend that had $70k stolen , from her phone by someone with a duck or an omg. Moral of the story, lock your ish down , every way. Be well all..
@edwardmacnab354 Ай бұрын
@@DDBAA24 i literally have nothing on my computer . I'm pretty sure I could be hacked but the question is why would they bother
@Delbzy Жыл бұрын
This is so interesting, Great watch.
@collinsinfosec Жыл бұрын
Happy to help!
@DannyBoyInsanity Жыл бұрын
great video!
@SmoltingWassie Жыл бұрын
I’ve watched mental outlaw for 2 years now, never knew what opsec meant but just rolled with it, thanks for clearing that up.
@ogbooker4538 Жыл бұрын
fire content my brudda
@cyberjay9146 Жыл бұрын
Great video I learned a lot
@RealCyberCrime Жыл бұрын
I’m thinking about making a similar video but in documentary format
@drummerboy6358 Жыл бұрын
Pls do it!
@terminal_cat Жыл бұрын
Waiting
@jmd489 Жыл бұрын
Weird self plug
@terminal_cat Жыл бұрын
@@jmd489 what are you saying?
@lcsth Жыл бұрын
@@terminal_cat He comments on many videos just to promote himself.
@c4v3studio54 Жыл бұрын
AWESOME MAN!
@MikeJohnCore Жыл бұрын
This was a dope video. Noice job.
@ericouhl5423 Жыл бұрын
Gotta say I love the beard!
@chasemedsker Жыл бұрын
Fantastic video
@x0rZ15t Жыл бұрын
Nice video, there is however something wrong with the links in the description of the video.
@collinsinfosec Жыл бұрын
Thanks for letting me know. Some of the links has the ":" at the end. These should be changed now.
@austinbowman6512 Жыл бұрын
Love ur videos
@collinsinfosec Жыл бұрын
Thank you!
@kazhiroma9736 Жыл бұрын
More videos like this!👍
@collinsinfosec Жыл бұрын
Noted!
@sotecluxan4221 Жыл бұрын
Nizzz!
@guilherme5094 Жыл бұрын
👍
@TheNathanSproul Жыл бұрын
Cool vid, just wanted to mention though that I think you're mispronouncing fallible, should be fa·luh·bl
@michaelhavers1 Жыл бұрын
Me too, an autobiography.
@Coffeemancer Жыл бұрын
why do you have a 9bit binary thing in the background
@wantmoney5533 Жыл бұрын
Could someone suggest to me that I should go for a Cyber security Bachelors degree or a Computer science bachelors degree?
@ytg6663 Жыл бұрын
both have their own tradeoffs but i would have chosen cyber sec degree and then gofor certifications.. then you will have double opportunity for job
@wantmoney5533 Жыл бұрын
@@ytg6663 Thanks . 🙂❤️🥀
@solomn7990 Жыл бұрын
@@ytg6663u mean after degree u go for. a certification
@wantmoney5533 Жыл бұрын
@GHG so Basically CS is better?
@alfonzo7822 Жыл бұрын
I'm doing cyber sec degree just now, the first year on my course is the same as computer science. I'm actually considering swapping to computer science because I am really enjoying that side of things. It's totally your choice, what do you want to end up doing? Look into it and the roles etc and if your leaning more to sec then choose that.
@king09426 Жыл бұрын
Can you please tell us how to take notes while studying cybersecurity? Should we take digital notes or use traditional pen and paper method?
@PenTest3r Жыл бұрын
You can also on paper don’t worry
@collinsinfosec Жыл бұрын
I have a video in my backlog to overview my study process, information retention techniques, and activities I am currently attempting to implement to help.
@Corecarex Жыл бұрын
Great video can you make how to not get caught?
@collinsinfosec Жыл бұрын
kzfaq.info/get/bejne/eL2GrNNh3L_Ul3U.html
@Tooi-1grote-rotzooi Жыл бұрын
Help me out my foon is hacked
@girl4632 Жыл бұрын
Monero cant be tracked
@VRixxo123 4 ай бұрын
I honestly feel like I didn't learn shit from this video, you kinda just told us about tools and techniques but barley touched on how these are actually used in the field. Nice video tho
@mbonuchinedu2420 Жыл бұрын
Remain 100% clean, and the feds wouldn't dare intrude. That's just the secret, maintain your privacy and don't penetrate into systems without a valid and written agreement
@zamasu5917 Жыл бұрын
no way
@itsjustarainyday Жыл бұрын
Tel eh meh tree?... have i been saying it wrong?
@suckyourmoyher Жыл бұрын
Hack your opps not innocent people
@edoh6381 Жыл бұрын
SpaceUK
@CwosontIsGod Жыл бұрын
was waiting for this
@ssenyondwafred156 Жыл бұрын
💯 FREE PUM. ..
@balllord3546 Жыл бұрын
bro acting like he knew him 😂
@SteveGillham Жыл бұрын
So you want a Cyber Criminal Freed ?
@jinxscript Жыл бұрын
Free pompompurin tho
@SteveGillham Жыл бұрын
So you want a Cyber Criminal Freed ?
@jinxscript Жыл бұрын
@@SteveGillham yes
@SteveGillham Жыл бұрын
@@jinxscript ok 😟
@berserkone Жыл бұрын
You look like Zelensky slim version catching Russian Hackers.
@zac2577 Жыл бұрын
Bro you say some stuff that makes me feel like ypu dont actually know what your talking about like confusing opsec with osint.. 150k subs i guess im wrong tho.?
@collinsinfosec Жыл бұрын
OPSEC and OSINT are different, but often can go together. OSINT is the collection of publically available information from any number of sources. OPSEC relates to keeping your identity private / anonymous through your physical and digital footprints. Poor OSINT is poor OPSEC. If people are able to collect information about you through publically available information and are able to reveal your identity, for example, people (and criminals) will brag about their riches / flaunt their wealth on social media. Even without revealing what one does, they are providing publically available information. Take a look at the story of 'hushpuppi' as a popular example.
@HoloScope Жыл бұрын
You didn't get what he said, he explained it well
@kiiturii Жыл бұрын
he explained the difference in the vid..?
@legion465 Жыл бұрын
but if the hacker use VPN ip is not real
@SteveGillham Жыл бұрын
Many hackers get caught while using a VPN because often a VPN will drop for a fraction of a second, thus leaking your original IP. Of course there are additional methods that you could use however many people just believe their VPN will protect them.
@legion465 Жыл бұрын
@@SteveGillham ok if FBI Say take me real IP, logs VPN service take
@SteveGillham Жыл бұрын
@@legion465 I am not sure what you are saying ? Law enforcements can request information from many VPN supplies, and those that say do not log anything or are out of reach of the law enforcements only can protect you so far. If you was using a VPN and it drops, then your original IP (from your ISP) that you are using as you start your VPN is then captured, thus this can be connected to a person. There are lots of ways to be caught, but normally Businesses are not interested in pursing unless you do something big.
@fevicoI Жыл бұрын
The title is misleading. Honeypot is used for threat Intel and not for catching criminals 👎
@SteveGillham Жыл бұрын
Part of catching criminals is using Threat Intelligence. Threat Intelligence is gathered in multiple ways, including Honeypots, Darkweb forum insiders and telematics from internet security tools.
@kiiturii Жыл бұрын
he didn't just talk about honeypots the whole vid lmao
@derekroberts5931 10 ай бұрын
How can a layman dload t-pot but not f himself over. He mentioned it's volatile? I have no clue. My fb got hacked good though and the hacker literally calls me. 18 times....
@lonelykroe133 11 ай бұрын
T-Mobile Uber instacart AT&t have the same customer service they've cracked they've robbed me and my wife of $8,000 please do something about that
@user-nz9gg3xm1v 9 ай бұрын
also got 👆same issue but reaching out to 2𝗙𝗮𝗿𝘆𝗮𝗻 got all my lost funds recovered successfully…
@steveflickinger2538 5 ай бұрын
I got hacked who can I hire to catch them all I want is there address I will fix them once I get a address. Please contact me if you have a company or person who can do this, not waiting on our government ,
@dhanrajbharadwaj3891 Жыл бұрын
Bro please suggest what i do Situation :- I learn all the basic skills for hacking Solve 300+ ctf Hackthebox rank(pro hacker) Tryhackme rank (master) Portswigger learning pathway completely most of labs I need internship for experience What can i do how i get free internship How i approach , what i add in resume, list some certificate in order and how to approach for internship
@UltraBoiDanielSalama Жыл бұрын
Your trying to be a hacker or get a job?... you need to find 0day in system
@girl4632 Жыл бұрын
Monero cant be tracked
@user-nz9gg3xm1v 9 ай бұрын
also got 👆same issue but reaching out to 2𝗙𝗮𝗿𝘆𝗮𝗻 got all my lost funds recovered successfully…
Insider
Рет қаралды 2,9 МЛН
The Fifth Estate
Рет қаралды 716 М.
Grant Collins
Рет қаралды 11 М.