Cinner @ Cinner @lemmy.world

BOT

Posts

6

Comments

390

Joined

2 yr. ago

Unless he cracked it himself, he wouldn't know for a long time if the cracks were malicious or not. When I found an uploader that had so much working software even the smaller more obscure and niche stuff, I tried to stay with him..Eventually I did malware analysis (hobby at the time) and found out he was binding his password manager stealer to the main program or some necessary .dll that was called my the main program.

That was on IPTorrents private tracker, and he was incredibly highly regarded.

I cum in my pants thinking about the number of different accounts he stole over all those years. I was able to access a similar dumb via ftp and hardcore username and password in the downloader, but that uploader has his bound file so crazy hidden.

The rest was high me writing a story about what your coworker could have been doing, Office Space style.

I can see that. Appreciate you taking the time to break it down like that.

I am technically less than 49.999999999 bot.

Take that as you will.

Seriously? 21 downvotes? Is everyone in the piracy Lemmy completely ignorant and unaware of USB drops? Do you guys not get information security training at work?

I'm talking about https://www.osibeyond.com/blog/usb-drop-attacks-cause-cybersecurity-incidents - USB drops and how that'd be the ideal way I would do it, if I were going to.

I was basically making a story about how OPs colleague could be using cracked programs so the ransomware he coded didn't get him charged, but instead only fired.

I watched Office Space recently and I was high when I wrote it so maybe it didn't come read as well as I thought it did.

P.S. .ws files can be as dangerous as .exe and .com/bat/PS1 if that's what's confusing people.

====================

Edit: Can any fellow infosec nerds chime in and say whether this is readable or not? I feel like I just wrote it incoherently because I was stoned. I hope that's what happened anyway, and people pirating software aren't actually this ignorant about network security.

tl;dr: Disgruntled employee wants to make a bunch of easy crypto from the company he hates. cracks contain viruses a non-minimal amount of the time. This turned into a story about an easier way this coworker could be doing it to introduce his own ransomware and get away with it, and then I went into how I would do it if that was the intention.

I have no idea if this is the reason or if OPs colleague really hated scrolling down and clicking Accept. Maybe he just wanted the legit version for himself.

====================

This sounds like a great way to introduce your 2-year-delay ransomware on the company without it being as risky of a charge if you're caught. Only fired for causing a ransomware infection out of neglect and stupidity if caught, just make sure you tell a few coworkers about it.

Although it'd be easier to plug in a USB drive you found in the parking lot with folder [company name blackmail] which contains "[hot male coworkers name] NUDES.zip.ws" and "[hot female coworkers name] NUDES.zip.ws"

Just make sure you buy a throwaway laptop and install a Russian or Chinese language pack and use that as the primary system language when opening the final source code before you add some CN/RU strings in the file and compile. Use Google Lens to translate in realtime from a burner smartphone /e/OS and location disabled. Make 3 drives and toss 2 of them from your car window in hard to find places a week before, with multiple days between. Then on the day you find yours, covertly chuck it from the roadway an hour before opening in the general area you park, and show up 5 minutes early in the spot you usually park. Make sure you always show up somewhat early. Then "notice it" and walk in and plug it in.

Ransomware starts after a 2 day delay, they being in LE and find the others that were dropped. Make sure to use neoprene gloves, as latex can pass fingerprints through.

Good chance it's for OPSEC reasons and is a small, highly skilled team, not a single woman.

Why not just... get a headset with a mute button? Laptop and phone mics sound like shit to those of us with good audio. There are great inexpensive headphones with awesome mics that will make you sound as if you're standing right next to them. And they have a physical mute button, to boot. It's far less obvious (and cheaper) if you get a wired pair or a boom mic, because you just click the physical mute button hanging on a little control pad off the wire below, instead of tapping your ear every time.

I would bring a laptop with a good CPU and GPU, an ASIC Bitcoin miner and 10,000 in cash in case for some reason the miner broke or didn't work.

I would bide my time at pizza delivery jobs for 10 years paying rent living on ramen and buying small amounts of gold and silver coins. As soon as the first btc client was released by Satoshi I would start mining. I would be selling things on the cheap and performing services as much as humanly possibly. Id have a small gold and silver for BTC company, selling $50 gold coins for the equivalent of $25 in BTC at the time. I would not stop until I had at least 1,000,000 Bitcoin, or January 2017, whatever came first. As soon as the BTC rush of 2017 starts, I start selling my BTC en masse at the peak. Mail order, cash, in person, whatever. Claim what I need to on taxes. Sell the rest via an exchange before it's regulated as a security and needs to be taxed.

Now I am a big time multi-billionaire and no one even knows my name besides my financial advisors and closest friends from my pizza delivery days who now work for me doing "whatever the fuck they want" work for 100k per year.

I keep investing in companies who sell the most in online communications services (zoom, Microsoft, etc), mask production, hand sanitizer, laptops, gold and silver, and whatever else I can remember. As a ride out COVID, I've increased my 5-10 billion to 20-30 billion.

Now I live a happy "do whatever the fuck I want" life at roughly the same age I am now, only now I have total freedom and power because of "20 years of hard work and foresight -- I started as a pizza delivery boy, and you can too ;).”

correct, the guy I'm replying to said Al-Jazeera English but the OP just said Al-Jazeera. I think it's important that more people are aware there is the Western Al-Jazeera (English) which has pretty solid reporting, and regular Al-Jazeera which is the paper all the articles were about recently where (one of) the journalists who were targeted with a strike worked for as it was pushing pro-Hamas stuff... obviously any attacking of the press is not OK. the point of my mentioning it was people should know that Al-Jazeera English isn't pushing a bunch of pro-Hamas articles. that it's Al-Jazeera that's had a lot of bad press lately, not Al-Jazeera English which is still solid.

It should be noted that there is Al-Jazeera English, which is credible and good, and then Al-Jazeera which... well, isn't so much. They are two different companies run by two different sets of people, basically. They do not run the same articles generally. Similarly, American mainstream media reporting is generally pretty accurate about stuff in other parts of the world (when it's not a war article) but when reporting about things here it can get murky.

The only difference between public and private trackers is availability and quality. You should have a VPN always enabled (through the closest locale if you like, for speed) or a seedbox which is even better than a VPN. If public trackers have what you want, there's zero reason not to use them.

When I was back on IPT, I found one of the top software uploaders binding a fully undetectable backdoor downloader to his downloads. Never in the installer or anything, always bound to the main software file and could be unbound after install and activation. Always showed 0/50 on virustotal etc. Since I was somewhat into malware analysis at the time, I tried to do some analysis on it but of course it would detect my analysis of it and just not run. Whereas if I ran the software on an old PC, it would do it's thing and I could detect it after the fact, but still not get very far.

I used a lot of software from that guy previously. Who knows what keys to the kingdom he has.

No I got a better job after that and pretty much only pirate popular stuff that shows on 1337x, TPB, or TorrentGalaxy. I used to pirate mostly software but because of the increasing risk of ransomware and FUD rootkit botnets, I'd rather just pay $30 for it. I'll still pirate something and run it in a VM if I /really/ need to and it's $1,000 and I'm going to use it 5 times, but I usually just buy software now.

I'll probably get a seedbox setup and run Plex for media soon, in which case I'll just use open trackers or find some non-IPT private tracker.

I would leave my laptop on 24/7 for years to make sure I seeded as much as possible on IPT. Then I wasn't able to login or seed for a couple months and they locked my account. I went into their IRC to get it unlocked, and they said I should have logged in and could pay like $200 to get it unlocked. At the time I didn't even have that much money in my account. I tried to reason with them, about how much I've uploaded and loved the site, and without a second response they just muted me and after a PM trying to talk to the guy they kicked and banned me from the IRC.

FUCK IPTorrents.

We are not the thug for hire, we are the rich daddy who pays off the credit card when his cute daughter calls and sweet talks him, then uses it to go buy a bunch of lingerie and lube to get anal trained.

If we don't think it's in our interests to further our goals, we're going to sit on our ass and do nothing. Because we don't need to do things that don't benefit us.

Just noticed the tear in the underwear lmao

....

https://en.m.wikipedia.org/wiki/Mining_in_North_Korea

His point was that NK was taking a note from the Russian playbook and made even smaller tracks so they couldn't be invaded.

https://youtu.be/FzF1KySHmUA

The conspiracy goes SO much deeper..... it's rumored that even physics is involved.

Maybe we should stop forcefully removing cats from the locations people gather the most. Grocery stores. Churches. Places of business. Maybe the Egyptians knew a thing or two about keeping the Gods happy.

Edit for the downvoter: maybe you didn't get the joke, but Egyptians basically worshipped cats. https://en.m.wikipedia.org/wiki/Cats_in_ancient_Egypt

I know that in America they recognize it in the form of "thanks for the worker, here is financial assistance for diapers/food/etc if you meet under the poverty line of household income so your kids don't clog up our hospital system with your uninsured, diaper-rash-turned-infection starving children, and have some child care tax credits either way."**

In Sweden I think every newborn comes home with a huge box of diapers clothes formula if needed etc. And I think it's a monthly box for X number of months.

But large families aren't looked at as a status symbol like they're trying to make happen in Russia, and as it was in the Soviet Union. Literal Military Metals of Honor 3 levels deep for the amount of children you had (Level 1 was highest honor, level 3 was lowest).

**Except maybe for some certain sects of certain religions, like some of Catholicism and Mormonism. But that's for more messengers to spread the word of Jesus/Joseph Smith. That's all the frame of reference I have.