Me and my friends started a drinking game where we each choose three random videos from this channel and take a shot every time you hear the words “miscreant” or “hacker”. Three out of the five of us are now in a coma and I’ve just walked out of the emergency room. Next week we’ll just use “miscreant” on its own. Encore! 🍻

The 4090 is a trojan horse. Hackers buy 4090's to crack passwords only to have their house burned down by the 12VHPWR connectors.

Security isn't about being unhackable, it's about being not worth hacking. Don't be a low hanging fruit!

I wonder if hackers would ever use something like the flux network to use a large network of GPUs to crack passwords instead of building their own password cracking machine.

my old password literally was pizza123 you password leaking monster

My biggest reason for believing Dark Reward is state sponsored, along with the obvious motive and opportunity, is that they don't seem at all concerned with funding. Even altruists need to keep the lights on, and running such a clean hacking operation against and, supposedly, from within a hostile regime is not cheap. I suppose anything is possible, they could be a self sustained operation or be backed by some private benefactor, but the likeliest explanation would be the country with a higher defense budget than the next few runner ups combined.

Black Reward are doing good things. Not normally a fan of hackers, but in this case they are entirely justified.

This video serves as a strong reminder that even with the most advanced security measures in place, there is always a possibility of being hacked. It's important to stay vigilant and take necessary precautions to protect sensitive information from falling into the wrong hands.

I remember playing with Hashcat back in ... 2017 with my 980ti, I would just hash stuff, or have others hash something for me, and I would try to figure out the best combination of things to figure it out as fast as possible. The thing is though, take the 8 character pass, add 3 more characters and it will take like a month, playing with this kinda stuff was fun, and while it really helped enforce the idea of password phrase I really just started to stack my pass's.

It really does amaze me people reuse passwords for accounts they really don't want hacked. It's understandable to reuse passwords for throwaway accounts or websites but when it's something you've poured money into...

"these guys must be legit... there are no memes." lol.

I'd be keen to purchase a RTX4090 if EVGA was going to offer them. Probably not going to be purchasing anything for the next 4-5 years now.

Awesome to see you back with hardware sponsors again.

This just makes me realise how much i need to change my gmail password but im just not gonna do it.

To get paid just run this executable from a known bad source. Love it.

This is a game changer @seytonic does salting the passwords before hashing still prevent cracking?

Honestly, Action movies about this decade will be fire.

its crazy how an gpu can be used to do this now

1,300$ isn't much for you maybe, but for regular citizen from russia it's like 4 month work payment

> overtly clean and efficient hacktivist group active in a country that US has a history of attacking Yeah, that glows

At least add 6 characters to every high security password like work or financial just to make sure its hard to crack compared to whatever low sec passwords you use for throwaway logins.

1:52 - instead of calculating the hashes one time, has anyone thought about storing the hashes in a database so that in the future people can just look up the hash values?

This is wild. Imagine foreign governments being able to bribe even a single engineer who worked on site.

Can't wait for M$ to get pawned, that'll be interesting for everybody sharing their same passwords across multiply websites.

If a State Actor is behind Black Reward; I’m assuming the real juicy stuff has no been revealed

It's also possible they said the group was American/Israeli because they didn't want to tip off the hackers that they're conducting an investigation inside the country to try to apprehend them if they're operating inside Iran - standard Iranian intelligence M.O.

Hey! I had seen your videos on my feed in general for a good while, but the thing that made me watch some of your videos(or at least made me have a greater appreciation for them) was the fact that you covered the Iran's protests and the resulting hacks against the government in a rather professional and neutral manner!(And siding with the obvious...) My country has not been doing very well in the past 40 years of these people absolutely ruthlessly murdering people an taking our freedom away in the name of "Freedom under Islam's rule" which is basically the opposite of "freedom" and it's both nice to see my people taking it to the streets after all these years and it's really endearing to see other countries(and their people, e.g. you!) taking note and talking about it in support of our people Thank you, I extremely appreciate even just these few minutes in your videos. My country is in one of the darker times of its history but hopefully this time it is a change for the better... I don't wanna see my peers getting killed anymore, hopefully the bright end of the tunnel will greet us soon! Or rather it will be greeted by us... Stay safe and keep it up, sincerely, a viewer from Iran.

Good videos keep up the good work

I imagine someone is using the password pizza123 and is very worried now.

Love the videos!

yo i love your videos thanks for this

Great upload thanks! The 4090 will easily help uncover my simple zip, rar, 7z passwords with toos like Hashcat, because my passes are usually only 3 characters in length. However the recovered password will still register as incorrect, unless a BOM-key is provided to unlock the Byte Order Manipulation withing the archive binary. After applying the byte order key (L4C361nf) for this specific file, the original zipped file is extracted to its true representation. This is a work in progress but so far looks promising. I'm not aware of any current RE or hack tools that can unpack a random BOM method, seeing that it's not based on any algorithm as such, making it difficult to determine a set obfuscation pattern.

CUDA is amazing at cracking hashes and encrypted files and doing other parallel computing operations

7:00 filtered emails... rid of "spam" that seems more suspicious than the professional style to me.

waiting for the rtx 4090 ti

The password cracking with a 4090 is useless, if someone wants to pay that much for password cracking they would instead buy an FPGA which would do the same much much faster

Password cracking rig😂

De cand a iesit placa asta pe piata eu am schimbat numarul de caractere de la 25 la 30 si ... la passwordul fiecarui cont de care ma folosesc 😂 E de 8 ori mai rapida decat un 1060 direct pasword crakin' rig ...mai ales dupa ce am vazut in timp real cum a "ghicit " o parola de 10 caractere foarte interesant video grij de voi si stay safe🥰

Will make it easier to find the hackers just look for the smoke

No one cares if you are first or last all that matters is ur password doesn't contain special characters

Thankful that I use a password manager that allows me to set the default settings for my passwords. :D

Black Reward is a pretty cool guy. Eh cleans mail dumps of spam and doesnt afraid of anything.

I use 16+ length ful keyspace [(68x2)^16 combinations] passwords that contain no words, they're randomly generated.

I only reuse passwords on forums or sites I don't actually care about. If it's actually important then I use a 12 character password with no recognizable words in L33t case.

Not only Nvidia or MSI GeForce RTX4090 is good for hacking But is for gaming performance Which means RTX4090 would be powerful for games and hacks.

RTX 4090 is just expensive. Using the same amount you could just buy multiple graphics cards and use them to do the same. 70% better performance but also 70% increased of the price.

You guys are getting paid?

woha what kind of magic are you using to show people their passwords? or does it only show my password

2:56 pizza123 is the same password that my school uses for this German homework website

I would have thought the hackers would have to have the source code to the password system to be able to try to find the password from the hash. So surly if a coder used the normal proper way of doing passwords but added an something to the mix (say jumbling the stored hash up) for creating the hash the hacker can't force it.

The trick is to just use a long random password with a password manager secured by a passphrase.

Is it still that easy to crack the hashed passwords if the hashes are salted, particularly salted multiple times over? Like how much longer would that 42 minutes time estimate lengthen if the software had to go through 8 layers or more of salt? I feel like that should honestly be common practice by now even though it's probably not

Look, if your going to DDOS for money - You use public connections or a botnet cluster. dont hack people from home kids. Just don’t. You could, for example, grab a bunch of old weak SBC’s and thin clients, connect them to public wifi via directional antennas and start blasting. The hardware does not need to be fast, because the connections are slow. If you aggregate the links you could get some serious work done. Only issue is you need to make this set up mobile and move shop a bunch. This is why most think overt and obvious targeted attacks are state funded. If your efforts are not paying the bills - its not worth it as a hacker. Political attacks make no money, skilled people have bills to pay and skills pay the bills - you don’t waste them on hacking a nation for political reasons - nobody is “Mr. Robot” you need teams of smart people. For example, who would risk compromising their painstakingly built botnet to ask Iran to stop… researching nuclear power/weapons? I don’t think you need to be reminded, but the current global leader - the USA - is the only nation to use nuclear weapons in anger, and the Japanese where already willing to negotiate surrender - but the USA demanded unconditional surrender, and murdered a quarter of a million people to do it. Researchers are probing and blocking botnets every day. If you use your botnet for a large attack, it will be “burned” pretty quick - as the exact devices you deployed get blacklisted from the major networks. This is why crude ddos tools that you beg children to install are so popular, you need a constant supply of suckers. Honestly… I think our government is using the false notion of “Movie Hackers” to dupe the public into thinking that these attacks on the enemies of the USA are “just hacktivist groups” but every single possible hacking attempt from Russia is state sponsored. Spoiler alert - its all state sponsored.

What a based hacker with the NTMA message lmao

With some curious googling NTLM appears to be discarded precisely for the reason of being "brute-force ready" a decade ago. Using it as a benchmark for today's state of the art engineering is baad. Current encryptions are safe indefinitely.

thats the only thing i think about everytime a new gpu gets released

Thanks!

Russians helping Iran get Nukes, essentially you need a nuclear power plant to produce nukes. This is rather global news worthy.

Well, I'm glad there's *some* legitimate use buying one.

As an iranian american i had to download the nuclear leak from iram

6:33 No memes or childish insults? 100% state sponsored then lol

It is very stupid of Iran's nuclear organisation to not use PGP/GPG, which is really quite easy to implement for all users.

A 970 takes 15 years to crack an 8 letter password of numbers, upper and lower case and symbols. (with sha 256 hashing)

Hey did this video get taken down and reuploaded? I wanted to show this to an IT friend and it said unavailable, but then when I went to the channel the link worked just fine

And it'll warm the entire room for you!

Once I read in their slogan " For Women, life, freedom," I'm like yaaaaa right

i name is so rare that im able to just use it as a password and nobody would bother lol

Hello user👋.... D/Hello_World>: Is it possible to develop an asymmetric encryption combination of one-time pad with enigma and 256-bit AES (features to force users to get creative on password instead of same password)?

Omg I would love to get my hands on a RTX 4090 for password cracking or network penetration testing

Lol... 8 characters in 45 or so minutes or so... at that rate its still gunna take 300 Trillion years to hack my minimum length passwords

I even don't know rtx is used for this type of things

What about salts how exactly dictionary attack can beat salt?

If you have the money to build a rig out of 4090s you have the money to store crunch lists and destroy 12-14 character passwords in minutes… lol 20-30 terabytes of crunched dictionary passes and 2-4 4090s. That would be a scary machine lol

7:16 and by experienced you mean "state sponsored"

0:26 Where is the the hash located for windows passwords ?

2FA sending codes to your phone number *Sighs of relive*

ahhh so itll only cost me 2k to get my old email accounts back 🤣

And i still have GTX 960 lmao

How is it compared to a server GPU?

Nvidia can just lock there future GPUs from doing this :/ since there GPUs are closed source, just recently they added driver updates to stop you from recording any streaming platform

back in the 70s and 80s, my porn name was "black reward"..

Did the black reward twt get taken down?

I think they would brake into peoples homes and steal them. I dont think thieves will pay for them

I reuse 6 passwords. Literally. The only thing keeping me safe is 2FA.

where can i see that data dump

Subbed

With modern GPU's hashing rates I/O becomes the bottleneck hence diminishing the value of dictionary attacks.

black reward is CIA lmao

I NEED IT THEN

80k rubles, wow. And how exactly will you spend them - cos I feel sure it will be paid in rubles specifically... and anyone spending those outside Russia almost certainly gets tagged for "further review" by certain 4-letter agencies (no that's not a typo, think CERT).

Thanks support iran :) we won't forget you ♥

bro hide the links then show their telegram link

Black Reward got suspended on Twitter ... of course

How abt a combination of multiple unicode 8 character password

Black Reward is a MOSSAD opperation

16 char “random” passwords x3

very cool!

I guarantee you none of my passwords are in any dictionary they are not even words they were literally combinations of symbols uppercase and lowercase letters literally in random succession and 16 digits long. I write them on a piece of paper with my hand and a pen and I store them inside of my safe.

damn, I want a Pizza now 🤤

hashcat uses only 25% of the GPU power