We're sunsetting PodQuest on 2025-07-28. Thank you for your support!
Export Podcast Subscriptions
cover of episode 151: Chris Rock

151: Chris Rock

2024/11/5
logo of podcast Darknet Diaries

Darknet Diaries
AI Deep Dive AI Chapters Transcript
People
C
Chris Rock
J
Jack Ritter
Topics
Chris Rock:我公开分享自己的研究成果,但对黑客活动保持低调。我认为黑客活动本身并非犯罪,关键在于动机。我曾针对银行、政府、电信公司和大型石油公司进行过黑客活动,并对自己的行为相当坦诚。我认为被抓的黑客都是不够聪明。我的职业生涯主要在IT和安全领域发展,从童年时期就开始接触电脑并学习编程。我通过口碑获得了一些非传统安全工作,例如帮助一位中东富豪调查公司资金被盗的情况。客户与我之间存在中间人,这可能是为了实现合理化否认。客户希望我调查资金去向,并以此作为指控证据。在中东等地区,法律和道德约束较弱,黑客活动较为常见。这次任务没有明确的范围限制,要求不择手段调查。我获得的信息有限,只有嫌疑公司员工的姓名和部分个人信息。资金被怀疑转移到另一家投资公司。调查团队制定了目标人物清单并进行了信息收集,分层攻击目标,先从外围人员入手。目标人物Bob是主要目标。我利用Adobe PDF漏洞进行攻击,尽管成功植入恶意软件,但无法获得目标计算机的远程访问权限。我们使用了定制的PDF文件绕过杀毒软件,并计划通过入侵公司Wi-Fi网络获取内部访问权限。我使用定制的设备进行Wi-Fi攻击,并伪装成商务人士进入办公楼,利用共享办公空间的便利性进入目标公司办公室。我的团队规模较大,目标众多。我们使用aircrack-ng工具破解了WEP加密,找到了包含关键信息的服务器,并获取了大量目标公司及相关人员的信息。我们向客户定期汇报调查进展,调查持续了九个月,期间我们分析了大量的邮件和信息。我们使用多个跳板服务器隐藏自己的踪迹,并拥有一个“黑名单”,包含全球各地的被入侵系统。客户报警后,调查结束。我们收集到了足够的证据证明资金被盗,我们的工作是提供证据,而非处理后续事宜。我们的收费模式包括初始费用、完成费用和持续监控费用,我们的服务可以带来长期合作机会。客户将证据提交给了律师,并最终将嫌疑人送进了监狱。客户要求我找回被盗资金,我认为客户的要求符合当地实际情况,并非单纯的道德问题。我并不认为自己的行为存在道德问题。我们将钱退还给了受害者,没有额外收取费用。我们入侵了银行系统,获取了用户的登录信息和双因素认证码。我认为银行的安全性存在漏洞。由于目标人物Bob入狱,我们无法获得其双因素认证码,导致计划失败。我们通过伪装成银行职员来转移资金,成功找回了250万美元。这笔钱通过洗钱过程最终回到了客户手中。我推测银行可能出于各种原因没有追究此事。我们没有删除任何交易记录。我质疑客户为何不直接联系银行解决问题,客户担心资金被用于报复行动。Bob很有心机,需要持续监控。 Jack Ritter:Chris Rock既有进攻性安全经验,也有防御性安全经验。他通过口碑获得了一些“非传统”安全工作。一位中东富豪雇佣Chris Rock调查资金去向。客户与Chris Rock之间存在中间人,这可能是为了实现合理化否认。客户希望Chris Rock调查资金去向,并以此作为指控证据。这次任务没有明确的范围限制,要求不择手段调查。他们计划通过入侵公司Wi-Fi网络获取内部访问权限。他们使用aircrack-ng工具破解了WEP加密,找到了包含关键信息的服务器。Chris Rock获取了大量目标公司及相关人员的信息,包括一些嫌疑人的家庭成员、朋友和医生。客户报警后,调查结束。客户要求Chris Rock找回被盗资金,我认为客户的要求很疯狂,因为他们可以直接报警。他认为客户的要求符合当地实际情况,并非单纯的道德问题。他质疑银行为何没有发现这笔巨额可疑转账,推测银行可能出于各种原因没有追究此事。他质疑客户为何不直接联系银行解决问题。Bob很有心机,需要持续监控。

Deep Dive

Chapters
Introduction to Chris Rock, a security researcher with a background in both white and black hat activities, including hacking banks and governments.
  • Chris Rock is a security researcher with a decade-long reputation.
  • He has engaged in both white and black hat activities, including hacking banks and governments.
  • He considers hacking as a job, regardless of its ethical implications.

Shownotes Transcript

Chris Rock is known for being a security researcher. But he’s also a black hat incident responder. He tells us about a job he did in the middle east.

https://x.com/chrisrockhackerSponsorsSupport for this show comes from Varonis. Do you wonder what your company’s ransomware blast radius is? Varonis does a free cyber resilience assessment that tells you how many important files a compromised user could steal, whether anything would beep if they did, and a whole lot more. They actually do all the work – show you where your data is too open, if anyone is using it, and what you can lock down before attackers get inside. They also can detect behavior that looks like ransomware and stop it automatically. To learn more visit www.varonis.com/darknet.Support for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free.Support for this show comes from Flare. Flare automates monitoring across the dark & clear web to detect high-risk exposure, before threat actors have a chance to leverage it. Their unified solution makes it easy to rapidly identify risks across thousands of sources, including developers leaking secrets on public GitHub Repositories, threat actors selling infected devices on dark web markets, and targeted attacks being planned on illicit Telegram Channels. Visit https://flare.io to learn more.