Logo

    101: Lotería

    Before initiating an attack, it is important to explore available options, segment the network to restrict unauthorized access, and use tools like Nmap to identify vulnerabilities. Also, setting up a reverse shell provides safer remote access.

    en-usSeptember 28, 2021

    About this Episode

    In 2014 the Puerto Rico Lottery was mysteriously losing money. Listen to this never before told story about what happened and who did it. Sponsors Support for this show comes from IT Pro TV. Get 65 hours of free training by visiting ITPro.tv/darknet. And use promo code DARKNET. Support for this show comes from Linode. Linode supplies you with virtual servers. Visit linode.com/darknet and get a special offer. Sources https://en.wikipedia.org/wiki/Puerto_Rico_Lottery https://www.justice.gov/usao-pr/pr/10-individuals-indicted-drug-trafficking-and-money-laundering https://www.dea.gov/press-releases/2014/07/22/caribbean-corridor-strike-force-arrests-10-individuals-indicted-drug https://casetext.com/case/united-states-v-delfin-robles-alvarez-7 Learn more about your ad choices. Visit podcastchoices.com/adchoices

    🔑 Key Takeaways

    • Being proactive and staying ahead of potential privacy threats, both online and offline, can be crucial in protecting yourself. Implementing safeguards and early warning systems can be effective in catching threats before they become larger issues.
    • Pursuing your passions can lead to unexpected paths, but a willingness to learn and face challenges can lead to success.
    • Joining the military or government service requires setting goals beforehand, and hands-on experience in the Marine Corps can be valuable in understanding cybersecurity and performing tasks in a consulting firm, where the aim is to create a secure network through various projects.
    • Don't jump to conclusions when facing a problem, investigate thoroughly, and consider all possible factors, even small ones, to find the solution.
    • Lottery balls go through multiple checks and reconciliations to ensure fairness, with limited access, manual documentation, and four analysts verifying correct numbers. The results are shared with the government for publication.
    • Despite strong physical security measures and fair drawing processes, the absence of losses for the investigated weeks leads to suspicions of an insider involved in the lottery system.
    • Full permission and experience can stop criminal activity, even in cases where breaking laws is necessary.
    • Proper reconnaissance and preparation before entering a building covertly is vital in penetrating networks for malicious insider activity. It's essential to maintain a low profile and keep a watchful eye on possible surveillance cameras during such an operation.
    • When faced with a potentially risky situation, think fast and come up with a believable story instead of running. Be aware and alert, and take action to improve security where necessary.
    • Even outdated systems can be vulnerable and hackers are resourceful in finding ways to bypass security measures. Employing multiple layers of defense, including antivirus software and network filtering, can help prevent unauthorized access.
    • Before initiating an attack, it is important to explore available options, segment the network to restrict unauthorized access, and use tools like Nmap to identify vulnerabilities. Also, setting up a reverse shell provides safer remote access.
    • To hack a system, knowledge of the system's vulnerabilities is crucial. Identify and gaining unauthorized access to the system using known exploits, conduct man-in-the-middle attacks to analyze network traffic, track data changes, and monitor logs to successfully scam the system.
    • Real-time monitoring of logs and physical access can help track down cybercriminals. Patience and gathering of evidence are also crucial in catching them.
    • Investigations into criminal activity in dangerous environments can come with risks and challenges, such as coordinating with law enforcement, avoiding tipping off criminals, and potentially sacrificing personal obligations.
    • The risks of assisting law enforcement agencies in the fight against organized crime cannot be overstated. Confidentiality and security measures must be taken seriously, and victories like this are crucial in the battle against corruption and violence caused by drug cartels.
    • Money laundering schemes can have deadly consequences and individuals must take precautions to avoid getting involved with criminal organizations.

    📝 Podcast Summary

    The Importance of Being Proactive in Protecting Your Privacy

    Being proactive and staying ahead of someone's actions can help catch them in the act. It can be important to have safeguards in place to protect privacy, and early warning systems can be effective. The story of Jack and his dad highlights the importance of staying several steps ahead, particularly in scenarios where privacy is a concern. The concept of being proactive and taking charge can also be applied to other aspects of life, including online activity. While it may take effort and careful planning, the benefits of staying ahead can be significant, particularly when it comes to safety and privacy on the internet.

    From Warez to Warfare: One Man's Journey to Cybersecurity Expert and Marine Corps Veteran

    A fascination with computers and a desire to learn led the protagonist to the warez scene of the 90s where he set up servers to distribute pirated software. However, after losing all his data in a virus attack, he turned his life around and trained to join the Marine Corps. His interest in cyber-security and programming led him to choose this branch where he excelled and contributed to the nation's defense. The intense training at boot camp prepared him to face any obstacle with fearlessness and determination. His journey from a computer enthusiast to a cybersecurity expert and Marine Corps veteran is a story of personal growth and triumph over challenges.

    Marine Corps Training and Its Relevance in Cybersecurity Consulting

    The Marine Corps trains soldiers in killing, making it their core specialty. Although it was challenging, being a part of the Marine Corps provided hands-on experience and training in government capabilities. Signing a contract with the military or any government service does not guarantee anything, making it important to set goals before joining. The experience in the Marine Corps helps in understanding cybersecurity and related fields. Working in a consulting firm involves being assigned to projects, and experience in digital forensics and offensive attack work can help in such work. Projects can vary from IT operational improvements to network audits, and the objective is to make the network as secure as possible.

    Thorough investigation solves complex problems

    The Puerto Rico lottery was losing millions of dollars and Os and his team were tasked with finding out the reason behind it. They thought of possible issues like network connectivity, outdated systems, and lack of book reconciliation. The forensic accountant confirmed the losses but found nothing suspicious. Os and his team went to physically examine the lottery balls. The story highlights the importance of thorough investigation and analysis when trying to solve complex problems. It is also crucial to keep an open mind and consider all possible factors that could contribute to the problem, even if they may seem trivial at first.

    Lottery Balls Accountability and Tamper-Proof Measures

    The lottery balls are subject to multiple levels of accountability and tamper-proof measure to ensure fairness on the day of the draw. There are only a few people who have access to the balls and drawing room, and they go through numerous checks and reconciliation before and after being drawn. The lottery balls are kept in a large wooden box with multiple locks, and their movement is closely monitored on the day of the drawing. Employees manually document the numbers on the paper, and four analysts sit in a review room to validate the correct balls and numbers. The computing system for the lottery of Puerto Rico shares the winning numbers database with the government of Puerto Rico's printing group for publication in the newspaper.

    The secure Puerto Rican lottery raises suspicions of insider involvement.

    The physical security process of Puerto Rican lottery was fully secure with accountability throughout the process of printing and validating the numbers. Upon analyzing the system, the security of the balls and drawing process was found to be fair and secure. The team followed the winning numbers to another department and confirmed that the numbers match what was actually drawn. They then audited the database system and payout stations, where they found nothing unusual. However, when they noticed that the lottery showed no losses for the weeks that they were there investigating, they suspected an insider. This clue led them to conclude that there might be an insider somewhere in the system.

    Indemnity granted for unusual penetration testing investigation

    Os was given full indemnity by the governor of Puerto Rico to investigate the insider behind the lottery's missing money. He was granted permission to break laws if necessary, which is unusual even for a penetration tester. He has experience in offensive work and was already auditing the process for a month, so he notified the FBI about the criminal case. Puerto Rico being a US territory, the FBI agreed to it and gave him carte blanche to do whatever he needs to investigate. The case was worthy of the FBI knowing about, and Os had permission to investigate it. The insider stopped activities once they saw Os investigating and stopped the lottery's money loss.

    The Importance of Reconnaissance and Preparation in Offensive Security.

    The importance of reconnaissance and preparation for an offensive security mission is crucial, as seen in the story of the consultant who went to the government building to investigate the lottery payout system. He dressed like a tourist and brought necessary tools to be successful, but even with these precautions, things didn't go as planned. However, using his experience and knowledge, he was quick to leave the Finance Department unnoticed. The approach of entering a building covertly and relying on skills, even when authorized access appears impossible, is essential in penetrating networks for malicious insider activity. Moreover, it highlights the need to maintain a low profile and keep a watchful eye on possible surveillance cameras during such an operation.

    Quick Thinking and Awareness in Risky Situations

    When faced with a potentially risky situation, it's better to think fast and come up with a plausible story rather than run, as it can create more suspicion. This was demonstrated when the person in the story had to enter a finance office in Puerto Rico and had to devise a believable excuse to stay out of trouble. Later on, they also pointed out the security flaws in the building and made recommendations to the governor, showing the importance of being aware and alert in all situations.

    A Hacker's Attempts to Obtain Access to an Abandoned Computer

    A hacker gains access to a 1998 Windows computer in an abandoned room. Despite failing to guess the admin password, he uses the Metasploit toolkit to create a USB with a payload that bypasses the login screen. He gains admin access to the computer but realizes he has access only to that machine and not the network. However, there is no local antivirus on the system, and he can connect to the network from this computer. He considers unplugging the system and also wonders whether NIC-based or MAC address filtering security is in place.

    Tips for Effective Pen Testing

    As a pen tester, it is important to assess the options before initiating any attack. Dumping credential files and running a password cracking tool like John the Ripper can help access other computers on the network, but it may take a while to crack the passwords. Enumerating the network and using tools like Nmap can help in mapping out the network and identifying potential vulnerabilities. It is also crucial to segment the network to prevent attackers from accessing other parts of the network. Setting up a reverse shell enables remote access to a computer, making it easier for pen testers to operate from a safe location. A flat network with unrestricted access can pose a potential threat and should be avoided.

    Understanding System Vulnerabilities to Hack Effectively

    Knowing the specific details of a system and its vulnerabilities can help in successfully hacking into it. In this case, the team used an exploit for a known vulnerability in Drupal to gain unauthorized access to the system. Once inside, they conducted a man-in-the-middle attack to capture and analyze network traffic. This allowed them to monitor the logs of the lottery database, which showed who logs in, what changes are made, and what data is being updated. By understanding how the database system works, they were able to track winning tickets and cash them in anonymously, successfully scamming the Puerto Rican government out of millions of dollars.

    Real-time monitoring and physical access aided in catching a fraudster.

    Real-time monitoring of logs and collecting network traffic revealed the fraudulent activity of an individual working within the lottery IT team. They were found to be changing a ticket's payout amount in the database and then changing it back after the payout, effectively wiping out any evidence. The possibility of physically going into the data center room to access the super-secure database made it easier to track down the culprit from the security camera footage. In coordinating with someone outside, the fraudster changed the payout amount at a payout station, while the clerk remained oblivious to the change. Patience and meticulous gathering of evidence enabled the FBI to catch the criminal and put an end to the fraudulent activities.

    Investigating Criminal Activity in a Dangerous Environment

    Os and Jack had evidence of fraud in the lottery and took it to the FBI. They were advised to meet in a mall food court to avoid tipping off the cartels, who were watching the FBI field office closely. The FBI picked up the evidence during a casual lunch meeting and later requested a debrief with Os. He missed picking up his significant other from the airport due to the debrief, and the FBI failed to pick them up as promised. This experience shows the risks and challenges involved in investigating criminal activity in a dangerous environment.

    How One Person Helped the FBI Take Down a Massive Cartel Operation in Puerto Rico.

    Os risked his life to assist the FBI in uncovering a massive cartel operation involving drug trafficking, weapons, lottery fraud, and money laundering in Puerto Rico. The FBI indicted ten people who generated 127 million dollars from illegal activities. The feds intended to seize all the money and assets that were part of this scheme. The investigation highlights the scale and elaborate nature of organized crimes and the risks involved for those who assist law enforcement agencies. Os's classified case also demonstrates the importance of confidentiality and the need for security measures when dealing with sensitive information. The FBI operation is a significant victory against the growing violence and corruption caused by drug cartels.

    How the Puerto Rican Cartel Used Lottery Tickets to Launder Money and the Fatal Consequences of Quick Riches

    The Puerto Rican cartel used winning lottery tickets to launder their money by buying them from an insider at the lottery who would produce such tickets. These tickets were sold to cartel members for a higher price to allow them to make their illicit cash look legitimate by cashing in the ticket check at the bank. One person arrested, who was involved in the drug running and lottery fraud, was an innocent IT guy who was chartered by the cartel to smuggle drugs. He eventually changed his plea to guilty, but before his sentencing, he got involved with the cartel again and was shot and killed during a mission, with $30,000 found in his car after his death. This case emphasizes the fatal risks people can take to get rich quickly.

    Recent Episodes from Darknet Diaries

    145: Shannen

    145: Shannen
    Shannen Rossmiller wanted to fight terrorism. So she went online and did. Read more about her from her book “The Unexpected Patriot: How an Ordinary American Mother Is Bringing Terrorists to Justice”. An affiliate link to the book on Amazon is here: https://amzn.to/3yaf5sI. Thanks to Spycast for allowing usage of the audio interview with Shannen. Sponsors Support for this show comes from Varonis. Do you wonder what your company’s ransomware blast radius is? Varonis does a free cyber resilience assessment that tells you how many important files a compromised user could steal, whether anything would beep if they did, and a whole lot more. They actually do all the work – show you where your data is too open, if anyone is using it, and what you can lock down before attackers get inside. They also can detect behavior that looks like ransomware and stop it automatically. To learn more visit www.varonis.com/darknet. Support for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free. Support for this show comes from ThreatLocker®. ThreatLocker® is a Zero Trust Endpoint Protection Platform that strengthens your infrastructure from the ground up. With ThreatLocker® Allowlisting and Ringfencing™, you gain a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker® provides Zero Trust control at the kernel level that enables you to allow everything you need and block everything else, including ransomware! Learn more at www.threatlocker.com. Learn more about your ad choices. Visit podcastchoices.com/adchoices

    144: Rachel

    144: Rachel
    Rachel Tobac is a social engineer. In this episode we hear how she got started doing this and a few stories of how she hacked people and places using her voice and charm. Learn more about Rachel by following her on Twitter https://twitter.com/RachelTobac or by visiting https://www.socialproofsecurity.com/ Daniel Miessler also chimes in to talk about AI. Find out more about him at https://danielmiessler.com/. Sponsors Support for this show comes from Varonis. Do you wonder what your company’s ransomware blast radius is? Varonis does a free cyber resilience assessment that tells you how many important files a compromised user could steal, whether anything would beep if they did, and a whole lot more. They actually do all the work – show you where your data is too open, if anyone is using it, and what you can lock down before attackers get inside. They also can detect behavior that looks like ransomware and stop it automatically. To learn more visit www.varonis.com/darknet. Support for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free. Support for this show comes from ThreatLocker®. ThreatLocker® is a Zero Trust Endpoint Protection Platform that strengthens your infrastructure from the ground up. With ThreatLocker® Allowlisting and Ringfencing™, you gain a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker® provides Zero Trust control at the kernel level that enables you to allow everything you need and block everything else, including ransomware! Learn more at www.threatlocker.com. Learn more about your ad choices. Visit podcastchoices.com/adchoices

    143: Jim Hates Scams

    143: Jim Hates Scams
    Jim Browning has dedicated himself to combatting scammers, taking a proactive stance by infiltrating their computer systems. Through his efforts, he not only disrupts these fraudulent operations but also shares his findings publicly on YouTube, shedding light on the intricacies of scam networks. His work uncovers a myriad of intriguing insights into the digital underworld, which he articulately discusses, offering viewers a behind-the-scenes look at his methods for fighting back against scammers. Jim’s YouTube channel: https://www.youtube.com/c/JimBrowning Sponsors Support for this episode comes from NetSuite. NetSuite gives you visibility and control of your financials, planning, budgeting, and of course - inventory - so you can manage risk, get reliable forecasts, and improve margins. NetSuite helps you identify rising costs, automate your manual business processes, and see where to save money. KNOW your numbers. KNOW your business. And get to KNOW how NetSuite can be the source of truth for your entire company. Visit www.netsuite.com/darknet to learn more. This episode is sponsored by Intruder. Growing attack surfaces, dynamic cloud environments, and the constant stream of new vulnerabilities stressing you out? Intruder is here to help you cut through the chaos of vulnerability management with ease. Join the thousands of companies who are using Intruder to find and fix what matters most. Sign up to Intruder today and get 20% off your first 3 months. Visit intruder.io/darknet. This show is sponsored by Shopify. Shopify is the best place to go to start or grow your online retail business. And running a growing business means getting the insights you need wherever you are. With Shopify’s single dashboard, you can manage orders, shipping, and payments from anywhere. Sign up for a one-dollar-per-month trial period at https://shopify.com/darknet. Learn more about your ad choices. Visit podcastchoices.com/adchoices

    142: Axact

    142: Axact
    Axact sells fake diplomas and degrees. What could go wrong with this business plan? Sponsors Support for this episode comes from NetSuite. NetSuite gives you visibility and control of your financials, planning, budgeting, and of course - inventory - so you can manage risk, get reliable forecasts, and improve margins. NetSuite helps you identify rising costs, automate your manual business processes, and see where to save money. KNOW your numbers. KNOW your business. And get to KNOW how NetSuite can be the source of truth for your entire company. Visit www.netsuite.com/darknet to learn more. Support for this show comes from ThreatLocker®. ThreatLocker® is a Zero Trust Endpoint Protection Platform that strengthens your infrastructure from the ground up. With ThreatLocker® Allowlisting and Ringfencing™, you gain a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker® provides Zero Trust control at the kernel level that enables you to allow everything you need and block everything else, including ransomware! Learn more at www.threatlocker.com. This show is sponsored by Shopify. Shopify is the best place to go to start or grow your online retail business. And running a growing business means getting the insights you need wherever you are. With Shopify’s single dashboard, you can manage orders, shipping, and payments from anywhere. Sign up for a one-dollar-per-month trial period at https://shopify.com/darknet. Learn more about your ad choices. Visit podcastchoices.com/adchoices

    141: The Pig Butcher

    141: The Pig Butcher
    The #1 crime which results in the biggest financial loss is BEC fraud. The #2 crime is pig butchering. Ronnie Tokazowski https://twitter.com/iHeartMalware walks us through this wild world. Sponsors Support for this episode comes from NetSuite. NetSuite gives you visibility and control of your financials, planning, budgeting, and of course - inventory - so you can manage risk, get reliable forecasts, and improve margins. NetSuite helps you identify rising costs, automate your manual business processes, and see where to save money. KNOW your numbers. KNOW your business. And get to KNOW how NetSuite can be the source of truth for your entire company. Visit www.netsuite.com/darknet to learn more. Support for this show comes from Drata. Drata streamlines your SOC 2, ISO 27001, PCI DSS, HIPAA, GDPR & many other compliance frameworks, and provides 24-hour continuous control monitoring so you focus on scaling securely. Listeners of Darknet Diaries can get 10% off Drata and waived implementation fees at drata.com/darknetdiaries. This show is sponsored by Shopify. Shopify is the best place to go to start or grow your online retail business. And running a growing business means getting the insights you need wherever you are. With Shopify’s single dashboard, you can manage orders, shipping, and payments from anywhere. Sign up for a one-dollar-per-month trial period at https://shopify.com/darknet. Learn more about your ad choices. Visit podcastchoices.com/adchoices

    139: D3f4ult

    139: D3f4ult
    This is the story of D3f4ult (twitter.com/_d3f4ult) from CWA. He was a hacktivist, upset with the state of the way things were, and wanted to make some changes. Changes were made. Sponsors Support for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free. Support for this show comes from Thinkst Canary. Their canaries attract malicious actors in your network and then send you an alert if someone tries to access them. Great early warning system for knowing when someone is snooping around where they shouldn’t be. Check them out at https://canary.tools. Support for this show comes from Quorum Cyber. Their mantra is: “We help good people win.” If you’re looking for a partner to help you reduce risk and defend against the threats that are targeting your business — and especially if you are interested in Microsoft Security — reach out to Quorum Cyber at www.quorumcyber.com/darknet-diaries. Sources https://www.vice.com/en/article/z3ekk5/kane-gamble-cracka-back-online-after-a-two-year-internet-ban https://www.wired.com/2015/10/hacker-who-broke-into-cia-director-john-brennan-email-tells-how-he-did-it/ https://www.hackread.com/fbi-server-hacked-miami-police-data-leaked/ https://archive.ph/Si79V#selection-66795.5-66795.6 https://wikileaks.org/cia-emails/John-Brennan-Draft-SF86/page-7.html Learn more about your ad choices. Visit podcastchoices.com/adchoices

    138: The Mimics of Punjab

    138: The Mimics of Punjab
    This episode is about scammers in the Punjab region. Tarun (twitter.com/taruns21) comes on the show to tell us a story of what happened to him. Naomi Brockwell (twitter.com/naomibrockwell) makes an appearance to speak about digital privacy. To learn more about protecting your digital privacy, watch Naomi’s YouTube channel https://www.youtube.com/@NaomiBrockwellTV. And check out the books Extreme Privacy (https://amzn.to/3L3ffp9) and Beginner’s Introduction to Privacy (https://amzn.to/3EjuSoY). Sponsors Support for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free. Support for this show comes from SpyCloud. It’s good practice to see what data is getting passed around out there regarding you, your employees, your customers, and your business. The dark web is a place where this data is traded and shared. SpyCloud will help you find what out there about you and give you a report so you can be aware. Then they’ll continuously monitor the dark web for any new exposures you should be aware of. To learn more visit spycloud.com/darknetdiaries. Support for this show comes from ThreatLocker. ThreatLocker has built-in endpoint security solutions that strengthen your infrastructure from the ground up with a zero trust posture. ThreatLocker’s Allowlisting gives you a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker provides zero trust control at the kernel level. Learn more at www.threatlocker.com. Learn more about your ad choices. Visit podcastchoices.com/adchoices

    137: Predator

    137: Predator
    A new type of mercenary spyware came on the radar called Predator. It’ll infect a mobile phone, and then suck up all the data from it. Contacts, text messages, location, and more. This malware is being sold to intelligence agencies around the world. In this episode we hear from Crofton Black at Lighthouse Reports who spent 6 months with a team of journalists researching this story which was published here: https://www.lighthousereports.com/investigation/flight-of-the-predator/. We also hear from Bill Marczak and John Scott-Railton from Citizen Lab. If you want to hear about other mercenary spyware, check out episodes 99 and 100, about NSO group and Pegasus. To hear another episode about Greece check out episode 64 called Athens Shadow Games. Sponsors Support for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free. Support for this show comes from Varonis. Do you wonder what your company’s ransomware blast radius is? Varonis does a free cyber resilience assessment that tells you how many important files a compromised user could steal, whether anything would beep if they did, and a whole lot more. They actually do all the work – show you where your data is too open, if anyone is using it, and what you can lock down before attackers get inside. They also can detect behavior that looks like ransomware and stop it automatically. To learn more visit www.varonis.com/darknet. Support for this show comes from Akamai Connected Cloud (formerly Linode). Akamai Connected Cloud supplies you with virtual servers. Visit linode.com/darknet and get a special offer. Learn more about your ad choices. Visit podcastchoices.com/adchoices

    136: Team Xecuter

    136: Team Xecuter
    Team Xecuter was a group involved with making and selling modchips for video game systems. They often made mods that allowed the video game system to rip games or play pirated games. It was a crowd favorite in the modding scene. Until it all fell apart. The story of what happened to Team Xecuter must be heard to believe. This episode features Gary Bowser. You can find more about Gary here: https://twitter.com/Bowser_GaryOPA https://garyopa.com/ https://www.gofundme.com/f/garyopa-restarting-his-life?utm_location=darknetdiaries Sponsors Support for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free. Support for this show comes from Thinkst Canary. Their canaries attract malicious actors in your network and then send you an alert if someone tries to access them. Great early warning system for knowing when someone is snooping around where they shouldn’t be. Check them out at https://canary.tools. Support for this show comes from ThreatLocker. ThreatLocker has built-in endpoint security solutions that strengthen your infrastructure from the ground up with a zero trust posture. ThreatLocker’s Allowlisting gives you a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker provides zero trust control at the kernel level. Learn more at www.threatlocker.com. Sources https://www.washingtonpost.com/archive/politics/1994/10/27/ringleader-pleads-guilty-in-phone-fraud/56e551bb-a727-43e8-a3ca-1c1f4cf6ef82/ https://www.justice.gov/sites/default/files/usao/legacy/2010/10/12/usab4304.pdf https://www.eurogamer.net/nintendo-to-appeal-not-guilty-judgement-of-flash-cart-sellers-7 https://www.gamesindustry.biz/nintendo-pounces-on-global-piracy-outfit https://www.justice.gov/opa/pr/two-members-notorious-videogame-piracy-group-team-xecuter-custody https://medium.com/swlh/watch-paint-dry-how-i-got-a-game-on-the-steam-store-without-anyone-from-valve-ever-looking-at-it-2e476858c753#.z05q2nykc https://www.lemonde.fr/police-justice/article/2022/05/27/voler-des-societes-qui-font-des-milliards-qu-est-ce-que-j-en-ai-a-faire-max-louarn-c-ur-de-hackeur_6127821_1653578.html https://www.theverge.com/2020/11/20/21579392/nintendo-big-house-super-smash-bros-melee-tournament-slippi-cease-desist https://www.youtube.com/watch?v=U7VwtOrwceo https://www.youtube.com/watch?v=5sNIE5anpik Learn more about your ad choices. Visit podcastchoices.com/adchoices