Ochko123 - How the Feds Caught Russian Mega-Carder Roman Seleznev
Vložit
- čas přidán 31. 05. 2024
- Best of Black Hat USA 2017 Briefings Winner
How did the Feds catch the notorious Russian computer hacker Roman Seleznev - the person responsible for over 400 point of sale hacks and at least $169 million in credit card fraud? What challenges did the government face piecing together the international trail of electronic evidence that he left? How was Seleznev located and ultimately arrested? This presentation will begin with a review of the investigation that will include a summary of the electronic evidence that was collected and the methods used to collect that evidence.
by Harold Chun & Norman Barbosa
Read More: www.blackhat.com/us-17/briefi...
Him surviving a terrorist attack and spending two months in a coma halfway through the story was a hell of a twist.
Freaking spoilers >:(
@@grubybysior8635 😞 oh no
The thing is, he more ir less handed himself over to the authorities by being so sloppy. It's less credit to the Feds, and more blame to him.
so the lesson goes back to opsec 101
Even with all that, if he just never left Russia there is nothing the feds could have done about it.
@@xv0047that's what most do. he is one guy who got caught. there are hundreds more like him
Lesson :
1 Live in Russia & Never Leave Russia
THATS ALL
This. Vadym Iermolovych made that mistake by going to Mexico. The night he arrive in Mexico, Mexican cops approached him at his hotel and told him he was not welcome in Mexico. They said the government of Ukraine had agreed to fly him back to Ukraine. They confiscated his laptop, and put him on an airplane. They said he would have one stop in Dallas, Texas. When the plane touched down in Dallas he was in US territory. The first 4 rows of the plane stood up, announced themselves as US federal agents, and arrested him.
The Mexicans cleverly handed him over to the US and got him to agree to it.
@@napalm3899and that was his last mistake or the last bad decision.
@EramSemperRecta oh ! 😲 Was that so ?
Russia dosent have as nice beaches as the Maldives, human weakness
word that was his mistake, plus using usa hop 1 instance.
Learned a lot. I still find it amazing that these massive online empires tend to fall due to massive opsec failures. Silk Road, Alphabay, etc.
Most marketplaces not even fall. Most are still alive or did a own exit scam but it's more interesting for jonalists to talk about the fallen ones.
Would have laughed if he was successfully sued for infringing on 2Pac's IP before being arrested for fraud.
The court and judge would have found anyway to make him lose that case. Unfortunately the US courts or not fair if they want to catch you or don't like you
tl;dr he basically handed himself to them on a plate.
Obviously, he thought that -- being the rich son of a member of the Duma -- he was above the law and so didn't need to employ OPSEC.
RonJohn63 9
@@TheOxywolf 8
yeah but a venue like this for them to speak is pretty cool.
@@blackneos940 7
A legendary talk! Thank you so much for putting this out
Great video. I was really surprised when I saw the old Broadway Grill. I walk past that shuttered restaurant almost every day.
Same! I briefly felt second-hand famous.
The Roman empire has fallen.
1.7M instances of theft, 38 counts of fraud. That's one count for every 45k card numbers he was caught with.
Dan Powell Maybe he stole an average of 45k cards at each store he hacked. Or maybe he (provably) hacked/defrauded 38 stores to get to the cards, then purchased many more stolen cards from other criminals that got them through other (unspecified) crimes. After all, he had officially graduated from thief to fence long before his arrest.
Well if someone breaks into your house and steals all your stuff, they won't be charged for each individual item stolen, but for the act of burglary itself.
Anyone else notice the workgroup name of the machine was VAIO? This guy never reformatted the machine after he bought it? Damn...
ikr
Real hackers also purchase their computer hardware with cash, and then also have it shipped to a third party - completely untraceable
He had 1.7million CC numbers on his computer. He is maybe THE definition of a 'real hacker'...sloppy though.
Ryan Kearney lol
Sometimes they bake that stuff into the BIOS. No reason to remove the manufacturer name and logo aside from bragging rights at that point. My computer still says it's from ZT Systems even though I just bought a used motherboard. I guess it was in a compuer made by them at some point. And i'm too lazy to fully reset every little thing in the BIOS just to make it say something else.
"Was there any encryption that you had to deal with?"
"In this case no, there was none"
*audible laughter across the room*
This hacker is getting roasted by the guys who cuffed him lol
Dude, this is awesome and needs to be made into a screenplay.
yes. I would love to see a trilogy film. Part one is when he starts off. part two is the terrorist attack and the coma and recovery and part three when they nail him. depending on how good it is there would be a prequel trilogy on how he learned not to use encryption and how to be sloppy 😆
"Would it have been harder to convict if you didn't have his password?"
He wasn't protected in any way on that Vaio, no security measures, hardware or software based, as these guys explained, there was no encryption or anything even remotely security related on that laptop.
There's 10000 ways to get into a windows system if you have physical access to the system.
There's 100000 ways to get to the data on a system if you have physical access to the system.
It was cute they guessed the password, but that wasn't even needed. His shitty password, combined with his bad security measures and all the other ways he was blazee about security, the dude was bound to get caught and bound to get convicted if caught.
His security measures were to travel to and through places that didn't extradite to the US. Including the place he was arrested.
Little did he know or understand that diplomacy used to be a thing and you can get any country to agree to anything if its worth their while.
He was an expert at obtaining credit card numbers through black market available malware. So far, there hasn't been much of any indication he did much of any actual hacking.
@@enlightendbel There are many cases where LEO cannot access encrypted data from a hard drive. There are definitely ways to hide your data and keep it hidden.
Adrian Yes? And?
Did I say anything to the contrary?
The subject is this guy, not general practices and problems.
LOL @ Blazee.. I think you mean blase.
He's not a hacker, he's a skiddie. He found one method that worked (RDP brute + malware) and abused it heavily. The reason he was so successful I think is because he was an expert at leveraging what he obtained to profit.
Excellent work gentlemen!! Keep it up.
go f... yourself
To: @@aniellodellacroce9848 They will get you too Aniello. You should have kept your head down. You are Guilty of "Having a brain and attempting to use it".
@@jamesparker6876im not hiding at all. i welcome anyone who wants to give me a visit and get free involuntary led injection at very high velocity
I was just at Mandalay Bay not to long ago, delivered a 350k granite saw to a counter top and tile expo.
24:40 you can tell he's used to waiting for applause at this point, but wrong crowd lol
@g milne ДА
He's a Fed
Nov 2017
"The prolific Russian hacker Roman Seleznev was sentenced to 14 years in prison Thursday for his role in a $50 million cyberfraud ring.
This latest sentence follows a 27-year-prison sentence Seleznev received in April on charges of hacking point-of-sale computers that he then sold to the criminal underground. That scheme generated nearly $170 million in fraudulent charges, prosecutors said. Both sentences will run concurrently."
He got 27 yrs. He also got 14 yrs from a bank fraud charge in Atlanta. Concurrent sentences, of course.
I expect he will be back in Russia long before twenty seven years is up.
As an audience member I'd say "thank you for the insight as to how your team did it." As a gov supervisor I'd ask "why the sh*t are you showing your cards!"
Its all explained here why the feds started talking at defcon, black hat etc. : czcams.com/video/h9wXq6oRBnI/video.html
Which cards? This guy basically surrendered by having zero opsec
Obviously you are not involved in Computer security. He was sloppy in his hacking, left breadcrumbs leading directly to him... But nothing said here was opening up any "Tell Tales" of the investigation.... No REAL cards are being shown or disclosed if you know anything about vulnerabilities in networking or computer security
excellent talk! glad to know there are some smart people on the right side of the law too!
too? you're overestimating criminals
Fascinating from Mrs Wages
They should make a movie about this.
So the typical carelessness, ego, lavish behavior, and carelessness was Roman's demise.
The word is hubris.
With all the IRS scammers, credit card scammers, spammers and other scams, its really good to hear a story where one was tracked down and arrested. Really great presentation!
The major weakness in this and so many cases is Russia itself. Who wants to live IN Russia, or move TO Russia for 'the good life'. As soon as a Russian has money, he is gone. IF you ever think a Russian girl loves you, offer to marry her and move to Russia for the rest of our lives!!! See how long that relationship lasts after she thinks you are serious.
Lived in Toronto for awhile, moved back to Russia, zero regrets. Yes, some things are annoying, but overall quality of life is better, finding good job with English and some skills is easy, most importantly - no SJWs, no speech police, no feminists to speak of.
Nonsense. With millions of dollars you can build wtf you want, wherever you want, and import anything of interest. Tropical vacations are a status symbol in Russia.
@@n.k.63 We don't want an authoritarian police state to protect our feelings from 30 college students and women who want respect from society.
@@n.k.63 100% agree^^^^^^^ , also in the process of moving from toronto to moscow (originally from ukraine tho)
Totally false. I had a Russian client when I drive Uber and she was very sweet, even offered me food and asked me to come over to her workplace. She was a teacher assistant.
I found malware on some public hotel computers in Bali trying to intercept banking details... wonder who that could have been. Always try and use your own machine when travelling.
shades2 when I travel I buy prepaid debit cards. If it's not my machine it doesn't get my numbers.
And it's super easy to install a keylogger on any unattended machine.
Lucas Gorski very true. 👍
27 years for no physical harm done? US is fucking insane
Meanwhile 5 years for murdering someone
because he goes straight back to Russia and continues doing it probably , only way to actually stop him is keeping him in jail here.
@@LiEnby And 3 months for raping a child 🤪
Law enforcement only cares about protecting the banks here.
Great catch !!!!
Love this video
When did this conference take place?
Wow, just October 1, 2017, a month later, Mandalay Bay was a slaughter ground!
That guy thought he would never ever be caught. How the hell a hacker uses Ochko123
Btw this literally means Butthole123
"we don't give attribution for that"
I don't understand why not. The security vulnerability is just as attributable to the attack as the one exploring it.
love that video
these are old but always entertaining.
very interesting
Chief really put those bad cop pants routine on during the questions at the end there huh. Actually solid questions with important feedback to much more pressing issues gone totally dismissed, and all he seemed to attempt to prove is that verbally "it was really just all so terribly hard" to retrieve all that unencrypted, unobfuscated, out in the open, slam dunk data! When really the only hard part wasn't so hard, sitting there biding time, waiting for a blip on a spinny class globe. Then all of the sudden, let's make sure black hat knows again how hard it was to jump those hoops! Around any sort of justice process, avoidance of contacting any actual authority at all costs, refusal to explain why (which could get secops/pentesters/law enforcers killed or imprisoned in many jurisdictions) while snerking at the valid argument that those actions could undermine or blow the cover of many much more difficult ongoing undercover ops or surveillance work, and sow even further distrust into these TA's regarding what it will take to self preserve their own lives. And for these sociopaths, every more reason to push anybody in front of the way to avoid the bars. Not textbook blokes like this one "sophisticated and large scale *network*" here. This crowd is in no shortage of extremely bright individuals. Nobody expected ya to debate the modalities and procedures of undercover tactics for federal government acronym agencies. We just wanted- something, at all?
He'll serve 21.6 years of that 27 year sentence, since he's in federal custody. They make you serve 80% I believe.. that is a long time.
Maybe long enough where he won't do it when he comes out.
If his dad's very prominent, he might be able to get a pardon after 10-15 years.
Russian government is very corrupted. I'm pretty sure his dad knew about his son crimes and maybe even supported him in this. Looks like people in USA start to understand this, so guy will be in jail for full 21.6 years. And no way he will change his mind, I know russian people and can guarantee, that only suggenstion he and his father have that they do a poor job to protect him from a jail, that's it, no regret about crimes at all.
@@MegaSmouke US government is much more corrupt than Russian. you just got no idea
@@aniellodellacroce9848 no, US people has 20 times more money for they job than russians. Russian salary is 200$-500$ per month with constant everyday inflation. When Russian government is extremely rich people, everybody are billionaires. You very naive if you think that US government is much more corrupt than Russia. Because if it was true, american people would be much poor than russian people, but in reality american people has much higher salaries for their job, that's clearly show that US government spend much more money on their people, than russian government.
@@aniellodellacroce9848 definitely not. I think you don't realize the scale of corruption in Russia. You can pay for absolutely anything here. Nothing unusual when someone pays a police officer to not get his driver's license cancelled for DUI or something like that. Just a regular day in Russia.
@@artemiddle look there's more money in US that means there's a lot of corruption and i'm not talking about small police type of bribes but on higher level, in States if you have a lot of money you can pretty much legally bribe any Congressman, House representative and senators with that said i agree that the same thing applies to Russia BUT there is more money circulating in states (and more corporations-they bribe a lot) therefore there should be more corruption on higher level in US. obviously it's almost impossible to bribe the police in states, even if you have a lot of money you still can't bribe your way out of DUI or something. Police in Russia is more corrupt compared to US but oh higher level it's no contest due to the amount of money circulating. and let's not forget that US is the richest economy in the world so there must be more of corruption. if there's money there's corruption.
And it is still credit card fraud, that is the running wild. Can we please get a more secure payment method, than credit cards.
Roman’s ochko has played Tchaikovsky’s Swan Lake after all.... if you know what I mean 😏
@Norman Barbosa
Aren't the Maldives a little bit outside U.S. jurisdiction?
Way outside.
As are the Philippines, where they randomly stop and search people, and there is footage of raids they do over there on YT.
As is Colombia, where the DEA does raids and wipes camps using drones and special forces. Not all are FARC encampments, maybe up to 40% are not going by if weapons are found.
AS is Mexico, where the DEA operates over the border.
As is Aruba, where the DEA arrested a bunch of people after their own incompetence got their car broken into and a bunch of people they were on a terrace with having cocktails refused to search with them.
As is Italy, where they kidnap citizen for renditions and black site prisons.
As is Kazakhstan, where they kidnap citizens for renditions.
As is Pakistan, a supposed ally where find more people than just Bin Laden to kill.
As is Japan, where an American criminal is taken out of Japan and will not see a Japanese court. See the Okinawa incident. The hash trafficker.
Spoiler Alert: We can do it so we will. So fuck you.
ОЧКО123
I know, right?
in conclusion it's better to be a bankster than a hacker
or dont be lazy and stupid
The bankers are the biggest criminals giving themselves millions in bonuses "some free money"
Have you ever paid something with paypal? Something as common as the double currency exchange... let's say from euros to dollars to euros.
The most profitable crimes are the legal ones.
Time to grow up and stop equating immoral but rational activities to being illegal. If you can't pay the interest, don't take the loan. If the rates in your mortgage seem too good to be true they are. Etc etc, you have a brain...no one can force you to use it.
I don't know anything about hacking, this conference, or US attorneys, but I'm surprised he's giving a talk here.
It is a common thing for security agencies to talk at security conferences for some reason. In this case it's a win-win for them. Hacker was so stupid they don't have to reveal much, but they still get to advertise their success and capabilities to the BH community, thereby discouraging cybercrime.
Люди из Владивостока никогда ничего не доби...
С чего ты взял, что он из владивостока? Вдруг это москвич, который купил дом во владивостоке чтобы просто на море ездить.
@@machinerin151 адрес в паспорте, алё? Острякова 26, кв 113, Владивосток?
hi black hat ,plz can i upload to youtube 2 part from your video the part1 from 17:17 to 17:46 and the part2 from 19:09 to 20:23 and produce on them something that i will upload later ?
6 years later, no answer?
@@b3twiise853 i am still waiting bro
That flowers receipt...
A hack user not hacker appears to me.
I find it curious that he was basically at the epicenter of a "terrorist attack" explosion.???
it wouldn't be too much of a stretch to assume that at some point, they may have decided to just take the guy out. Save time and money, etc.
I just think that it's odd that when they were about to move on him....he got blown up. Having had run ins with law enforcement in general, as a U.S. citizen I have been set up, beaten without cause, and jailed. I can only imagine how they would likely treat this guy. The U.S. Govt. doesn't like competition when it comes to ripping off their own taxpayers.
And why they need to blow-up whole building to kill one guy if they can just shoot him somewhere at night at dark place?
All foreigners usually go to the same restaurants, it's a natural target for some organization of peace.
Ok thats it - no more flowers for my wife
A natureza é maravilhosa
great
Sounds exciting. I would love to have a job like theirs.
Interesting screenshot at 20:28... iirc the red and yellow card next to a posting are only visible to moderators and thus the screenshot has been taken by a staff member.
yep I noticed that too, admin perms to infract people
I assume the pics were taken after the arrest? for evidence show or tis power point?
@@nickdrozd May be or may not be, what he wanted to point out that theres a spy/snitch/whatever in the admin/mod staff of this carder forum^^
More like they got a copy of the database of the carder forum, possibly by search warrant on the server, and then pwned the copy as god.
Could also be parallel construction for sure - nice catch.
It's odd to me that they rely on file modified/accessed records. Those can be set to anything by anyone. They're really not reliable...
yepp
The point was that the defense brought that up as proof of him being framed. Therefore the prosecution had to prove that that was not the case. It was a stupid defense, but "the defense is stupid" is not a valid legal argument.
@@lydianlights Ironically his stupid defense strategy could be a valid reason for appeal, under incompetent counsel rules. Although, I don't think it would make any difference in this case. His incompetence is what got him caught in the first place.
lol... and that's why I'm not a lawyer
Listening as a ex laptop acer owner...
@ OPSEC NERDS
If his whole system was encrypted would that mean the L.E would not be able to access or retrieve anything from that laptop? And would be useless to them?
It depends. They had a lot of other evidence against him without the laptop. But encryption depends on the algorithm and the strength of your password (basically more entropy in the password, the better). There are also ways to create "hidden encrypted volumes" where you can keep an operating system, files, or whatever. This allows you to have plausible deniability-- you don't know about any hidden volumes!
Best thing to do is always keep your online identities isolated from one another and encrypt everything. Get rid of logs. Ideally you would have a burner computer that has no identifying information associated with your real identity, fully encrypted. If you feel like the feds are sniffing your butt, just destroy the laptop and drop your activity for a while.
No, they would be able to access it. It would just be a little more hands on
Hardware based encryption can have the keys sniffed off the wire
This is the biggest load of bullshit I've ever heard ! SHAYE, Biboran, bratiya, Biboran
surprised at his sloppiness, he didnt make it very hard at all for law enforcement to find him out
So the Restaurant POS system was installed on a windows server that had a common login password for many servers? Why did people not patch their POS system? I wish they had commented on that more including the name of the system.
Small businesses don't have active management in place. They don't have dedicated staff, nor do they bother to maintain a contract with an IT company. Only call for service when shit breaks.
"Any questions?"
Person asks question:
" I can't answer that."
The art of Doublespeak 😜
How were the point of sale computers hijacked? Did Seleznev install software on those computers?
He should have done it the legal way and become a bank manager..... why didn't the government reimburse the mam n pop companys before they went under, or do they only do this for banks who do far more damage to society than this guy did... at least he put the money back in the system and had a good time instead of greedily hoarding it... hes gunna walk out in a few years and don't be fooled hes still got that money LOL.. wish they put this much effort in arresting Bush n Blair who on the grand scheme of things did far far worse than this guy...
Why would the government reimburse the shops exactly...? It is their responsibility, by law, to protect any personal details on their systems. They did that inadequately and I'll be damned if they're paid for bad security out of my tax dollars. It's bad enough they did it to failures of banks.
The businesses didn’t lose money from the credit cards being stolen directly. They went under because customers didn’t trust the business anymore and for good reason.
@@yc5117 - that's why the US is tearing itself apart...the top can force the bottom to keep them from falling while putting all cost on the people...I'd rather my tax money go to help a local shop than a bank..... America became a socialist country by the order of Wall Street signed by Bush but they want a one way street.
Socialism for the 1%, they deserve everything because they already have it...dog eat dog capitalism for the rest of us to fight each other or do tricks for their scraps.
They didn't go out of business because of card fraud. It's bullshit to gain sympathy and praise for FBI's heroic work. *barf*
@@gophop have you ever had card fraud as a business? It does hit you. Especially if you are swarmed with it, because your an easy cut out for carders, and a swarm can definitely put someone out of business while they wait for investigations to get the insurance reimbursement. Depends on standing capital, inventory, and credit lines to weather it.
"Did u track how many other russians stopped vacationing in maldives" xD
49min? Isn't there a short version of the story somewhere?
Haha they actually thought they could bribe their way out of any trouble, very typical for a corrupt Russian official because this is exactly what they do at home. Thank you for bringing this criminal to justice, this was definitely not possible in Russia.
he wasn't a government official.
His father was (is?) a member of the Duma.
So then you agree - his father is a state official, not him.
IIRC, his father the state official was in full agreement with the idea.
Lol the father, a state official, was the one that was going to be bribing the prosecutor, not the guy in prison........
Harold looks and sounds like Harold from Harold and Kumar lol
For those who are intrested. Ochko can mean a few things:
- butthole (vulg)
- name of the card game. russian version of BlackJack
- point (i.e. measured metric earned in sports, games, competitions) Main meaning
- toilet (vulg)
Can confirm. Ochko means butthole but it's pronounced 'ah-CHKOH'. The second syllable is stressed so the first 'O' sounds like 'ah'
Username checks out.
That's phonetically incorrect. The ch is a part of the first syllable; not the second. The o sounding like ah is correct, but the ch is still a part of the first syllable.
RussianLearnsYou Can it also mean "asshole", as in "a really unpleasant person"?
@@johnfrancisdoe1563 what about dalbayob? Ever heard that one?
@@johnfrancisdoe1563 no, ochko cant be used for "really unpleasant person". dolboyob means dumbass btw
wait so he just bruteforced rdp and installed some sort of keylogger on restaurant systems? were that many of those cash things using rdp?
John Smith *cries in Java*
It's because IT vendors who setup POS remotely use just that. Shit never gets turned off. And no keylogger needed, he pulled the CC numbers from the server. POS server probably stores shit in open text in a database. Which isn't all that insecure... if the fucking server doesn't have RDP open!
gophop Even if not usually stored in plain text, he could install a patch that grabs each card and stores it in a plain file for later delivery to his rented server.
Port scans RDP (most of them have common passwords)then searches queries...a lot of DBs are still getting breached like this
Scholtzkys will do it every time.
So this guy's "political ties and his father's position" mentioned at 3:25 may explain a lot!
What do they do with the enterprise accnts??.all must be orderly written someplace...
how difficult it would have been to simply invent a disk image with all this evidence? for example, no new information found on the laptop. only previously known aliases and known stolen cc numbers taken from the cc server.
or simply swap a pre-prepped hard drive in. A lot of the windows shit should be inadmissible in court. All of that stuff is easily editable in log files and registry.
gophop That's why they have a hallway full of cops willing to swear up and down that they picked up the laptop from another cop at so and so time, didn't plant evidence or leave it unguarded, then handed it to a 3rd cop at so and so time. Even the defense knows this, so they rarely bother. Except in the OJ Simpson case where the defense knew they had proof one of those cops was an admitted racist that they could accuse of lying.
So the takeaway is, use Linux and disable logs :D
and dont go on holiday with an unencrypted laptop stuffed chock full of incrimating evidence.....
@@glanoe nailed it. but most importantly! never leave Russia lol
Aniello Dellacroce Russia is a big place, why would you need to leave it's borders.
@@glanoe to flex exotic places on instagram.. duh.
and don't use yahoo email address...
he didnt switch servers once a month jesus
Why in the hell would they publicly detail all this? I mean, yeah he did say that a lot of it is public record due to the trial proceedings, but even at that digging through trial proceedings is nasty time consuming work and is a high bar that would keep a lot of people out. Here they have bundled up all kinds of "how to be a better criminal" information in a nice easy video. If I was going to turn to a life of crime I would start by watching a bunch of these videos...
wouldnt you like to know problem is this guy is the dumbest of hackers. If you only try to do better than him you will still get arrest
You should start by reading relevant court cases, and all of this is public record. Nothing they said here would be hidden for someone willing to shell out for a bit of Pacer subscription, or just walk in to the court in question and go to their file division. There you can inspect all unsealed records as you wish. There are lots of books that detail cases in the way it was done in this talk, and if the people with direct involvement with the case won’t say it, then someone else whose career it is to write about such things will do it anyway. You’re vastly overestimating the effort needed to collate all this information for someone whose job was to do it, or someone just serious about it. Sure, the first time round it will suck, but so it would if you sat for the first time in your life at a piano. You wouldn’t ask someone about how hard a piece of music is to play after their first lesson on the instrument. I wouldn’t ask anyone inexperienced with gathering such information about how hard it really is to gather it. I presume you haven’t done it much.
Let's make laws secret, so criminals wouldn't know what they will be charged for
Why would he want to call himself 'potato'?
you either pay money to the pentesters, or to the hacker, depending on who charge less. and not sure if pentester will turn into hacker in future? Any relationship to cybersecurity earning good income?
Would be interesting to know what this guy's motivation was. As it sounds his father is a Russian oligarch with strong connections, so money probably wasn't the main driving force. So boredom? Wanting to prove himself? Becoming independent of his father?
if you think the motivation is anything more than money then you are missing the trees for the forest...
In Russia like most places it’s all about the money!!!!!
The reason is coming back to his roots. The Russian government itself is comprised of mafiosi and former gangsters.
To avoid randomly reading/writing why not just give it a executing segment without W/R permission?
I spotted the feds!
36:00 So there is no point to using a VPN because windows records everything in multiple ways?
Those two things are hardly even linked
@@fluffigverbimmelt They don't need to track you live. If there is a detailed log file, they can track you forever.
@@msnpassjan2004 No that isnt what a VPN is, a VPN cloud your data being sent to servers from your ISP or even the servers themselves. This is local, and will not be sent to severs or your ISP
Why not go with Virtual Networks ??? And Changing Mac Address Because , mac address is permanent number of your device which connecta details of u to APN , and Better to use socs For Firewall More Firewall more safety ...
Install gentoo
Mind Blowing, The exploiter gets exploited! It's tom and jerry
Roman. Dope name 👌💪
Actually quite common and boring Slavic name
lol, Roman is not a slavic name. it us clearly the Latin name used in Eastern Roman Empire
@@impaugjuldivmax let me rephrase, quite common and boring name used among Slavs
Next month, I will show you how to hack the NSA undetected. How to download the information they have on you and everyone else and how to get your own back on the bastards who hack your machine.
How hard can it be to to find a jury that knows nothing about computers to indict a Burger? I'm sure DOJ or FBI makes sure to find a knowledgeable jury...certain.
A competent defense would've thrown all of that shit out. Windows logs? LMAO
gophop This was Seattle, home to Microsoft. Hard to find 12 random people there and none knowing the inside of Windows.
You caught an IRL firewall that got paid for 14 years to carry a stacked laptop and leave crumbs to him.
so it mean america can just mail paypal and get a copy of email? Like wow, fuck the privacy
yes
Easiest game of Spot The Fed ever…
Lmao this should just show you how bad security was back then.
What is a fsb?
The Maldives is money lauder central, that's his nest egg stash right there.
Damn governments don't respect privacy ! XD
35:23 THEY SAY THIS WAS THE LAST USER ON THE COMPUTER.. *AFTER* THEY SAY THAT THEY HAD HIS PASSWORD *LOGICAL FACEPALM*
They imaged the hard drive.
nobody should be extradited to usa with their insanely unjust laws
No one should be extradited at all.. tbh
They didnt break any laws only did shit that was in the US but they werent in the US ..
Why weren't any bankers prosecuted after 2008???
Emanuel Fernán Because they actually knew how to efficiently bribe US authorities?
damn, i gotta change my password!
35:12 that does not prove things were not planted on his computer. Just because it was the last place he connected to the internet. USB files could have been dumped on this machine
That's what forensic chain of custody proves, what they were showing here was a spark notes of proving it wasn't an external hacker or some tomfoolery immediately after he was captured. They're not going to waste 20 minutes explaining to a Black Hat audience something that's well known even by students and has nothing unique to the case.
KnownError Chain of custody, if unbroken and honest, only proves evidence wasn't tampered after confiscation. It doesn't disprove prior framing by 3rd parties. That's the point of including evidence one of the crime accounts was used to send his wife flowers, because that is less likely to have been done that long ago to frame him much later.