Inside Cybercrime Markets: Buying & Selling Malware (Dark Web Documentary #11)

Рет қаралды 40,128

Жыл бұрын

Help the channel grow with a Like, Comment, & Subscribe!
❤️ Support ➡ j-h.io/patreon ↔ j-h.io/paypal ↔ j-h.io/buymeacoffee
Check out the affiliates below for more free or discounted learning!
🖥️ Zero-Point Security ➡ Certified Red Team Operator j-h.io/crto
💻Zero-Point Security ➡ C2 Development with C# j-h.io/c2dev
🐜Zero2Automated ➡ Ultimate Malware Reverse Engineering j-h.io/zero2auto
🐜Zero2Automated ➡ MISP & Malware Sandbox j-h.io/zero2auto-sandbox
⛳Point3 ESCALATE ➡ Top-Notch Capture the Flag Training j-h.io/escalate
👨🏻‍💻7aSecurity ➡ Hacking Courses & Pentesting j-h.io/7asecurity
📗Humble Bundle ➡ j-h.io/humblebundle
🐶Snyk ➡ j-h.io/snyk
🤹‍♀️SkillShare ➡ j-h.io/skillshare
🌎Follow me! ➡ j-h.io/discord ↔ j-h.io/twitter ↔ j-h.io/linkedin ↔ j-h.io/instagram ↔ j-h.io/tiktok
📧Contact me! (I may be very slow to respond or completely unable to)
🤝Sponsorship Inquiries ➡ j-h.io/sponsorship
🚩 CTF Hosting Requests ➡ j-h.io/ctf
🎤 Speaking Requests ➡ j-h.io/speaking
💥 Malware Submission ➡ j-h.io/malware
❓ Everything Else ➡ j-h.io/etc

Пікірлер: 104

@powellpker Жыл бұрын

in my experience the illegal vendors/sites have far better customer service than any legal business.. of course i never purchased anything and it was all academic :)

@nuvaintereseaza Жыл бұрын

To be honest, I had some drug dealers with better customer support than any legal store xD

@mrwancool8648 Жыл бұрын

not really its full of scammers

@dragoscosma84 Жыл бұрын

Approved

@jumpmanjxhnsxn7608 Жыл бұрын

ofcourse

@4b5urd. Жыл бұрын

@@mrwancool8648 you have to know how to navigate those channels, in my experience, if you dont know what to look for you will end up in the forums/marketplaces with nothing but scammers and bogus bs. if you do know what to look for and how to navigate the underground, there is a vast amount of new and previously unobtainable products and services that become available. It used to be a lot harder to source black or grey market items and services, comparably, today it is shockingly and stupidly easy. Most anyone can decide to take up *illegal activity* and within a few hours they can be plugged into the right channels to procur the keys to chaos and destruction.

@robertwouda Жыл бұрын

Always exited for your videos! Your doing a great job.

@raiden72 Жыл бұрын

That's rude to exit, you should wait for the intermission.

@proptrader Жыл бұрын

I wonder if law enforcement groups or tech companies buy such software to try and come up with countermeasures.

@KieranFoot Жыл бұрын

Governments and/or government agencies have been known for failing to disclose exploits they find themselves, so I would assume they likely buy these tools to use themselves.

@Wastelander1972 Жыл бұрын

Wouldn’t surprise me if they did. It’s good to get some Intel on your enemies.

@proptrader Жыл бұрын

@@KieranFoot Good point. Some of the info in the Snowden leaks mentioned how the NSA had MANY know bugs in Windows they did not disclose to Microsoft. Then we have Stuxnet the USA/Israel cyber weapon that took advantage of 4 zero day exploits that were known to the government.

@root317 Жыл бұрын

I don't think so... they get plenty of free samples when people try to mass spread the malware

@NeoKailthas Жыл бұрын

Yes I would imagine crowdstrike buys these and fix their software.

@cyberdevil657 Жыл бұрын

Really great content Jhon 🙂 I always come here if I want to see advanced cybersecurity 😃

@Notsorandomnumbers Жыл бұрын

Does the fact that it requires admin access make this less impressive? Wouldn't getting admin access be the hard part in the first place?

@Max_Blue_Storm Жыл бұрын

If it is targeted to Enterprise environments? Probably... If you want to target private Individuals it's rather easy I assume. Most people on Windows are Admins and they blindly clicking"Yes" if Windows asks them, if they want to give a program admin access.

@davidstephen7070 Жыл бұрын

no, this software only act like instruction to disable antivirus service first, u can disable service with powershell as long u have admin privilege. then 2nd execution is remote download virus, then execute. in that, u can pass all antivirus.

@Hulkpoolsmash Жыл бұрын

It’s pretty wild how much better the illegal businesses customer service is than most legal ones. Like that tool is already impressive and he’s consistently providing updates that he’s expanding functionality while also giving 1 on 1 support for the customers. It’s wrong but ya gotta respect the hustle 😂 I just wanna see that source code so I can see how exactly it works

@bloudengaming8736 Жыл бұрын

Amazing video as always :)

@rafaellisboa8493 Жыл бұрын

very nice video! would love to see more of there, good job man

@arn_abs8882 Жыл бұрын

An honest businessman, I appreciate.

@liamwhalen Жыл бұрын

Since mkdele is willing to release code, I'd say they are comfortable with programming. Thus, when they say the exploit can either stay active between reboots or turn off between reboots, they mean it can do either option but not at the same time. Use cases for both might exists.

@lumin0l161 Жыл бұрын

Thanks again John 👌

@r4nd0m25 Жыл бұрын

Great Job thank you so much for your content

@guilherme5094 Жыл бұрын

👍Thanks again John.

@notta3d Жыл бұрын

Interesting video. Thanks for posting.

@root317 Жыл бұрын

I was going to ask you to visit xss instead of fake shops. This is going to be interesting :D

@Dani-cr7cj Жыл бұрын

Hi John, thank you for the content. I want to see a video about firewalls pen testing if possible - Not like using nmap with firewall evasion.

@donh8833 Жыл бұрын

A certain "windows feature" allows disabling/enabling of features in windows. A hack of the registry will enable this with a pseudo fake ruleset ID. It requires admin rights to change and you have to know what you are doing/changing. For example, I can't change certain settings on my laptop, even though I'm a local admin.

@rpeetz Жыл бұрын

- Buys the Anti virus disabler, put on Windows 10/11 - Grabs a tub of popcorn - Runs it and enjoy the fight between Windows Defender and the anti virus disabler fight - 'Fight mofos, fight'

@DezXereanas Жыл бұрын

Windows defender just lies there and takes it.

@abhishekpatil5768 Жыл бұрын

🤣🤣👍 nice imagination

@_SanjayBiswas Жыл бұрын

Really it's great information👍

@DavorinKrivak Жыл бұрын

So, your "dark web commentary" content is reading forum posts out loud? Such creativity, pls teach me senpai!

@normandrapper8208 10 ай бұрын

Out of this whole video what I love the most is that pac man shirt

@spudhead169 Жыл бұрын

Wow, I'm in the wrong business. I wrote a defender auto exclusions exploit for my own use in about an hour. I needed something that could quickly and easily exclude files and folders just to save me a bunch of clicking around, you just right click the file/folder and in the context menu you get "Exclude from Defender" and that's it. Gotta be worth $100 I'd think..

@techmasters4013 Жыл бұрын

awesome content, see how easy to disable crap antivirus

@pcap_pirate960 Жыл бұрын

Man I am digging these Dark Web videos I was wanting to bring this to light a while back just never did.

@OnlyPureContent Жыл бұрын

Nice sponsor !

@Mongo11b Жыл бұрын

I wonder if this can bypass the shutdown protections on MalwareBytes

@velho6298 Жыл бұрын

Do you need priv escalation for the show cased tool?

@eriksab1609 Жыл бұрын

Yes, it says it requires admin rights.

@rx3007 Жыл бұрын

You need to have administrator privileges for it to work

@blinking_dodo Жыл бұрын

Still hasn't done a "random hidden services" video... Will he ever?

@Vilematrix Жыл бұрын

Did you guys knew that the chome os update pipeline had a bug where when the end of life date was reached for your chomebook you could have run the chrome security check and bypass the paywall and system update utility? It has been shared with the google dev teams and product experts and is now patched, It was a highly advanced and rare bug they said. Since it wasn't a security flaw it wasn't rewarded. I share this cuz it has been adressed now and is found in the chome support forums. so yeah

@Ace_is_Win Жыл бұрын

Ever thought about investigating cracks or modified PC games that are being spread on the clearnet download sites? Bound to be full of malware

@jeffbrownstain Жыл бұрын

Finding malware in a torrent is very rare. The actual pirates shut that shıt down fast.

@rageauto1291 Жыл бұрын

"Thanks mate" that could narrow down the location of him to possibly Australia cause they use "mate" a lot. Probably best not to use slang when replying on fourms. Could also be UK but definately not American russian or Asian... Very intresting i think

@monKeman495 Жыл бұрын

john please do source code review we need that knowledge

@adeniranm7647 Жыл бұрын

Awesome! I'm going to go cash out my 401k and become an angel investor. Thanks for the tip!

@applePrincess Жыл бұрын

I don't know but the thread looks like the classic three-card monte.

@terry.chootiyaa Жыл бұрын

*But what if you can't afford it ? Do they offer a dark discount ? 😐*

@stswebhusesele5626 Жыл бұрын

how to avoid zero-day vulnerability?

@Stealth8 Жыл бұрын

🔥

@Shintowel Жыл бұрын

Salam alaekum brother please share tehnik for bug bounty

@DaEpic Жыл бұрын

sewyyy my brother

@namnguyen-kc4kp Жыл бұрын

I wonder if this kind of product is ilegal. Can it become a legal business? I feel that this kind of tools have no different with what NSO group is selling

@adminxds Жыл бұрын

Is selling malware is illigal ?

@vroometernal Жыл бұрын

lmao that first guy just kills antivirus services using a vulnerable driver lmao, nothing special about that

@jocularich Жыл бұрын

Do you know Bjorka ? he's famous here in Indonesia...

@kerhabplays Жыл бұрын

"can John Hammond hack himself?" Next video 😁

@donnieclayton9465 Жыл бұрын

Law enforcement MIGHT do just that lol

@faran4536 Жыл бұрын

Imagine the seller watching this video like😯😯😯

@_lifeliving1927 Жыл бұрын

Can anyone help me with a legit site to buy bank logs

@thomsethom8567 Жыл бұрын

Instead og spending 1800 usd why not just be good and don’t get detected? It is not that hard.

@StevenIngram Жыл бұрын

If the buyers who gave positive feedback were legit, he may have made up to $4k since the initial post. Enough to make it a meaningful side hustle. lol

@PR0x8TOR 3 ай бұрын

John I got some questions! Very time sensitive, due to safety concerns. Please give me a shout back, I am just getting out of 7 weeks getting attacked by a sophisticated APT group. NO JOKE PLEASE GIVE ME A SHOUT

@utensilapparatus8692 Жыл бұрын

Naah, i rather spend my dollar on huntress's av

@idkfk1305 Жыл бұрын

It's easy to do it for Windows defender... Funny he didnt show any other anti virus... he is just a scammer as usual

@jaytee2871 Жыл бұрын

Requires Admin ? Me no care.

@davidstephen7070 Жыл бұрын

is okay to required admin. as long antivirus cant detect in first place. the software disable anti virus first. then, remote download virus.

@trustedsecurity6039 Жыл бұрын

A little bit boring, just reading post after post on xss isnt what the title sell...

@cirklare Жыл бұрын

Who would pay antivirus disabler when it's free I made it it's on my github page Maybe I should sell it for 500$ Edit : I didn't make it turn it off every time you turn it on

@stannylou1636 Жыл бұрын

Hello John, I sent you an email to email attached to this KZfaq channel. Do you offer private lessons for a fee? I have a use case where I could use some help please. I'm not a total a noob when it comes to Linux, but not an expert either. Thanks

@bonfirehost Жыл бұрын

@Kaughts Жыл бұрын

I dont think you know what the dark web is...

@_JohnHammond Жыл бұрын

Mind filling me in?

@harmitchhabra989 Жыл бұрын

John, John, John. I am sorry to say this, but the quality of the channel as a whole has gone down. I am sorry because I love your old content but I'll think I'll be out for a while now as a subscriber.

@_JohnHammond Жыл бұрын

Would you be able to give me constructive criticism as to what has actually changed how the quality of the channel has gone down? What is different now compared to older videos?

@harmitchhabra989 Жыл бұрын

@@_JohnHammond Sure, I'd love too! Ok so for refrence, by "older" I meant till the active directory exploit ones, so about 3 months. See, this comment wasn't meant to make you doubt your judgment regarding the videos, so don't be critical on yourself for it. What this comment was actually meant to be was just a reminder that Joh you're forgetting the roots. Your older audience (about 90% of your total if not more) didn't subscribe for thrilling story time or podcasts or tech vuln reporting in 5 min videos. The new VIDEOS are GOOD, BUT they are just too far away from the normal content that your old audience expects from you. I personally subscribed for a guy doing CTFs and then surprising himself in each question by either the easiness of it or difficulty. I liked the old feel of the channel, felt more personal. Now, it's clickbaity thumbnails with weird (Okayish) topics. I am not saying you stick to CTFs. I like the new content too, but it doesn't feel natural, doesn't belong to the brand you've established. In short, the "decline" is pretty subjective and honestly wouldn't be that big of deal normally, but in your case the majority of your audience expects something else form the channel that they subscribed to, hence I am sure you would've also noticed a decline in viewership. Btw, don't let all this worry you, if this really is the direction you find passion in and you wanna take this in, do it. You'll build a new audience as there is an audience for everything. It's just that I think a majority of us old subscribers would then be out.

@dbzanudroid2467 Жыл бұрын

why cant i get a reply for the comment i put up ?????

@DaEpic Жыл бұрын

you don't deserve it

@veggiebroth5542 Жыл бұрын

Here ya go, homie

@JustArion Жыл бұрын

First

@bigdaddy5303 Жыл бұрын

John I can't say this enough. Your fringe in your thumbnails recent is out of control and you need to get your haircut. I've noticed a steady decline in viewers since you've gone down the John Connor hairstyle route. I'm concerned.

@_JohnHammond Жыл бұрын

What hairstyle should we get, Bigdaddy?

@tejken Жыл бұрын

Unsubbed

@_JohnHammond Жыл бұрын

bye felicia

@thewm5476 Жыл бұрын

I checked alot of these applications before , some of them work , some them aren't. 1st these functions need to update always , because the companies keep patching their programs 2nd if it work , it will disables the most famous anti-virus, not all of them , like avira , kasperskey .etc.. , some of anti_s-virus are strongest to stop it