Inside Cybercrime Markets: Buying & Selling Malware (Dark Web Documentary #11)
Vložit
- čas přidán 20. 09. 2022
- Help the channel grow with a Like, Comment, & Subscribe!
❤️ Support ➡ j-h.io/patreon ↔ j-h.io/paypal ↔ j-h.io/buymeacoffee
Check out the affiliates below for more free or discounted learning!
🖥️ Zero-Point Security ➡ Certified Red Team Operator j-h.io/crto
💻Zero-Point Security ➡ C2 Development with C# j-h.io/c2dev
🐜Zero2Automated ➡ Ultimate Malware Reverse Engineering j-h.io/zero2auto
🐜Zero2Automated ➡ MISP & Malware Sandbox j-h.io/zero2auto-sandbox
⛳Point3 ESCALATE ➡ Top-Notch Capture the Flag Training j-h.io/escalate
👨🏻💻7aSecurity ➡ Hacking Courses & Pentesting j-h.io/7asecurity
📗Humble Bundle ➡ j-h.io/humblebundle
🐶Snyk ➡ j-h.io/snyk
🤹♀️SkillShare ➡ j-h.io/skillshare
🌎Follow me! ➡ j-h.io/discord ↔ j-h.io/twitter ↔ j-h.io/linkedin ↔ j-h.io/instagram ↔ j-h.io/tiktok
📧Contact me! (I may be very slow to respond or completely unable to)
🤝Sponsorship Inquiries ➡ j-h.io/sponsorship
🚩 CTF Hosting Requests ➡ j-h.io/ctf
🎤 Speaking Requests ➡ j-h.io/speaking
💥 Malware Submission ➡ j-h.io/malware
❓ Everything Else ➡ j-h.io/etc
in my experience the illegal vendors/sites have far better customer service than any legal business..
of course i never purchased anything and it was all academic :)
To be honest, I had some drug dealers with better customer support than any legal store xD
not really its full of scammers
Approved
ofcourse
@@mrwancool8648 you have to know how to navigate those channels, in my experience, if you dont know what to look for you will end up in the forums/marketplaces with nothing but scammers and bogus bs. if you do know what to look for and how to navigate the underground, there is a vast amount of new and previously unobtainable products and services that become available.
It used to be a lot harder to source black or grey market items and services, comparably, today it is shockingly and stupidly easy. Most anyone can decide to take up *illegal activity* and within a few hours they can be plugged into the right channels to procur the keys to chaos and destruction.
Always exited for your videos! Your doing a great job.
That's rude to exit, you should wait for the intermission.
Really great content Jhon 🙂 I always come here if I want to see advanced cybersecurity 😃
I wonder if law enforcement groups or tech companies buy such software to try and come up with countermeasures.
Governments and/or government agencies have been known for failing to disclose exploits they find themselves, so I would assume they likely buy these tools to use themselves.
Wouldn’t surprise me if they did. It’s good to get some Intel on your enemies.
@@KieranFoot Good point. Some of the info in the Snowden leaks mentioned how the NSA had MANY know bugs in Windows they did not disclose to Microsoft. Then we have Stuxnet the USA/Israel cyber weapon that took advantage of 4 zero day exploits that were known to the government.
I don't think so... they get plenty of free samples when people try to mass spread the malware
Yes I would imagine crowdstrike buys these and fix their software.
Amazing video as always :)
very nice video! would love to see more of there, good job man
Does the fact that it requires admin access make this less impressive? Wouldn't getting admin access be the hard part in the first place?
If it is targeted to Enterprise environments? Probably...
If you want to target private Individuals it's rather easy I assume.
Most people on Windows are Admins and they blindly clicking"Yes" if Windows asks them, if they want to give a program admin access.
no, this software only act like instruction to disable antivirus service first, u can disable service with powershell as long u have admin privilege. then 2nd execution is remote download virus, then execute. in that, u can pass all antivirus.
An honest businessman, I appreciate.
Since mkdele is willing to release code, I'd say they are comfortable with programming. Thus, when they say the exploit can either stay active between reboots or turn off between reboots, they mean it can do either option but not at the same time. Use cases for both might exists.
It’s pretty wild how much better the illegal businesses customer service is than most legal ones. Like that tool is already impressive and he’s consistently providing updates that he’s expanding functionality while also giving 1 on 1 support for the customers. It’s wrong but ya gotta respect the hustle 😂 I just wanna see that source code so I can see how exactly it works
Great Job thank you so much for your content
Interesting video. Thanks for posting.
Thanks again John 👌
Hi John, thank you for the content. I want to see a video about firewalls pen testing if possible - Not like using nmap with firewall evasion.
A certain "windows feature" allows disabling/enabling of features in windows. A hack of the registry will enable this with a pseudo fake ruleset ID. It requires admin rights to change and you have to know what you are doing/changing. For example, I can't change certain settings on my laptop, even though I'm a local admin.
I was going to ask you to visit xss instead of fake shops. This is going to be interesting :D
👍Thanks again John.
Really it's great information👍
- Buys the Anti virus disabler, put on Windows 10/11
- Grabs a tub of popcorn
- Runs it and enjoy the fight between Windows Defender and the anti virus disabler fight
- 'Fight mofos, fight'
Windows defender just lies there and takes it.
🤣🤣👍 nice imagination
So, your "dark web commentary" content is reading forum posts out loud?
Such creativity, pls teach me senpai!
Out of this whole video what I love the most is that pac man shirt
awesome content, see how easy to disable crap antivirus
Wow, I'm in the wrong business. I wrote a defender auto exclusions exploit for my own use in about an hour. I needed something that could quickly and easily exclude files and folders just to save me a bunch of clicking around, you just right click the file/folder and in the context menu you get "Exclude from Defender" and that's it. Gotta be worth $100 I'd think..
Man I am digging these Dark Web videos I was wanting to bring this to light a while back just never did.
Still hasn't done a "random hidden services" video...
Will he ever?
Nice sponsor !
Ever thought about investigating cracks or modified PC games that are being spread on the clearnet download sites? Bound to be full of malware
Finding malware in a torrent is very rare.
The actual pirates shut that shıt down fast.
I wonder if this can bypass the shutdown protections on MalwareBytes
I don't know but the thread looks like the classic three-card monte.
*But what if you can't afford it ? Do they offer a dark discount ? 😐*
john please do source code review we need that knowledge
Did you guys knew that the chome os update pipeline had a bug where when the end of life date was reached for your chomebook you could have run the chrome security check and bypass the paywall and system update utility? It has been shared with the google dev teams and product experts and is now patched, It was a highly advanced and rare bug they said.
Since it wasn't a security flaw it wasn't rewarded. I share this cuz it has been adressed now and is found in the chome support forums. so yeah
how to avoid zero-day vulnerability?
"Thanks mate" that could narrow down the location of him to possibly Australia cause they use "mate" a lot. Probably best not to use slang when replying on fourms. Could also be UK but definately not American russian or Asian... Very intresting i think
Awesome! I'm going to go cash out my 401k and become an angel investor. Thanks for the tip!
Do you need priv escalation for the show cased tool?
Yes, it says it requires admin rights.
You need to have administrator privileges for it to work
I wonder if this kind of product is ilegal. Can it become a legal business? I feel that this kind of tools have no different with what NSO group is selling
"can John Hammond hack himself?" Next video 😁
Is selling malware is illigal ?
Salam alaekum brother please share tehnik for bug bounty
sewyyy my brother
Do you know Bjorka ? he's famous here in Indonesia...
Law enforcement MIGHT do just that lol
Can anyone help me with a legit site to buy bank logs
Imagine the seller watching this video like😯😯😯
lmao that first guy just kills antivirus services using a vulnerable driver lmao, nothing special about that
🔥
Instead og spending 1800 usd why not just be good and don’t get detected? It is not that hard.
John I got some questions! Very time sensitive, due to safety concerns. Please give me a shout back, I am just getting out of 7 weeks getting attacked by a sophisticated APT group.
NO JOKE PLEASE GIVE ME A SHOUT
If the buyers who gave positive feedback were legit, he may have made up to $4k since the initial post. Enough to make it a meaningful side hustle. lol
A little bit boring, just reading post after post on xss isnt what the title sell...
Naah, i rather spend my dollar on huntress's av
Requires Admin ? Me no care.
is okay to required admin. as long antivirus cant detect in first place. the software disable anti virus first. then, remote download virus.
Who would pay antivirus disabler when it's free
I made it it's on my github page
Maybe I should sell it for 500$
Edit : I didn't make it turn it off every time you turn it on
Hello John, I sent you an email to email attached to this CZcams channel. Do you offer private lessons for a fee? I have a use case where I could use some help please. I'm not a total a noob when it comes to Linux, but not an expert either. Thanks
I dont think you know what the dark web is...
Mind filling me in?
It's easy to do it for Windows defender... Funny he didnt show any other anti virus... he is just a scammer as usual
why cant i get a reply for the comment i put up ?????
you don't deserve it
Here ya go, homie
John, John, John. I am sorry to say this, but the quality of the channel as a whole has gone down. I am sorry because I love your old content but I'll think I'll be out for a while now as a subscriber.
Would you be able to give me constructive criticism as to what has actually changed how the quality of the channel has gone down? What is different now compared to older videos?
@@_JohnHammond Sure, I'd love too!
Ok so for refrence, by "older" I meant till the active directory exploit ones, so about 3 months.
See, this comment wasn't meant to make you doubt your judgment regarding the videos, so don't be critical on yourself for it.
What this comment was actually meant to be was just a reminder that Joh you're forgetting the roots.
Your older audience (about 90% of your total if not more) didn't subscribe for thrilling story time or podcasts or tech vuln reporting in 5 min videos.
The new VIDEOS are GOOD, BUT they are just too far away from the normal content that your old audience expects from you. I personally subscribed for a guy doing CTFs and then surprising himself in each question by either the easiness of it or difficulty. I liked the old feel of the channel, felt more personal.
Now, it's clickbaity thumbnails with weird (Okayish) topics.
I am not saying you stick to CTFs. I like the new content too, but it doesn't feel natural, doesn't belong to the brand you've established.
In short, the "decline" is pretty subjective and honestly wouldn't be that big of deal normally, but in your case the majority of your audience expects something else form the channel that they subscribed to, hence I am sure you would've also noticed a decline in viewership.
Btw, don't let all this worry you, if this really is the direction you find passion in and you wanna take this in, do it. You'll build a new audience as there is an audience for everything.
It's just that I think a majority of us old subscribers would then be out.
4
First
John I can't say this enough. Your fringe in your thumbnails recent is out of control and you need to get your haircut. I've noticed a steady decline in viewers since you've gone down the John Connor hairstyle route. I'm concerned.
What hairstyle should we get, Bigdaddy?
Unsubbed
bye felicia
I checked alot of these applications before , some of them work , some them aren't.
1st these functions need to update always , because the companies keep patching their programs
2nd if it work , it will disables the most famous anti-virus, not all of them , like avira , kasperskey .etc.. , some of anti_s-virus are strongest to stop it
i need rat malware how can i buy it and where can i buy it