Logo

    78: Nerdcore

    en-usNovember 10, 2020

    Podcast Summary

    • YTCracker - A Nerdcore Rapper's Journey from Hacking to MusicYTCracker's interest and skills in technology and hacking from his childhood led him to become a proficient musician and led him to establish a unique style of music called 'nerdcore.'

      YTCracker, a nerdcore rapper, was introduced to the world of tech by his father who worked with Martin Marietta and Lockheed Martin during the Cold War era. YTCracker grew up in California and Colorado and got fascinated with computers since his father had computers at home when they weren't as ubiquitous. He started with learning more about computers and the internet in the 90s through bulletin boards and text files. He learned hacking and learned how to make music on his computer in his high school days. YTCracker's interest in music and technology led him to the demo scene, and he became part of it. YTCracker's music reflects his interest and skills in technology and hacking.

    • The Evolution of the Demo Scene into the Hacker SceneThe blending of the demo scene and the hacker scene in the 90s made it easy for hackers to access personal information and led to the exchange of information between hackers and their victims, highlighting the importance of internet safety.

      In the 90s, the demo scene, focused on showcasing audiovisual creations made by independent artists, blended into the hacker scene, as apps used for pirated games, often created by hacker groups, included cool graphics and music. YTCracker made music and uploaded it to demo scene and also found ways to hack into AOL servers to access users’ personal information. In high school, YTC hacked into the school database and changed grades of other students and defaced web pages to gain street cred as a hacker. The easy accessibility of internet in AOL attracted a lot of newbies to the internet and made them easy targets, which led to the exchange of personal information between hackers and victims.

    • Making Money Through Spamming: YTCracker's Entrepreneurial JourneyYTCracker's spamming journey taught him to identify profitable websites and referral programs that welcome spamming for more traffic, highlighting the entrepreneurial potential of spamming in the internet age.

      YTCracker realized spamming could earn him money, by getting e-mail addresses from AOL's member directory and public chatrooms. He sent millions of e-mails to urge people to visit porn sites and sign up, earning $1000 per week as a teenager. While hacking and defacing websites were his hobbies, he didn't aim to disrupt the inner workings of the US government. His initial motivation was only making graffiti. While he wasn't keeping logs as a hacker, he wasn't worried about getting caught, as his handle, YTCracker, was already known for his music. His spamming journey taught him to find profitable websites with referral programs that don't mind spamming to get more traffic.

    • YTCracker's Journey from Cyber-Crime to SpammingYTCracker learned that cyber-crime can have serious consequences and turned to spamming for profit, highlighting the lucrative nature of criminal activities on the internet.

      YTCracker dropped out of high school but with his proficiency in computer, started indulging in cyber-crime which led to him compromising and defacing over forty websites including servers maintained by NASA. He confessed to one count of computer crime under Colorado law and was placed on two years probation and fined $24,000. He learned that the government will roll over you if they have an infinite budget and infinite time if you humiliate them. While he had a truce with government websites, he continued with his spamming career as it was much more profitable than defacing things. He found out that online pharmacies and fake diplomas referral sites were also paying very well for referrals which led him to sending spam through text messages.

    • YTCracker and the Power of Nerd CultureBeing a nerd is about pursuing knowledge and passion. YTCracker's success comes from inspiring people through music. Nerd communities offer a space for people with similar passions to connect and learn.

      Nerds cover a big range of topics and can be passionate about anything to a crazy, large degree. Being a nerd is all about accumulating knowledge and being passionate about something, whether it's computers, sports, literature or anything else. YTCracker has successfully legitimized and incorporated the spamming business while making smart business choices. He has been able to inspire people to code and teach through his music, making his fans relatively smart and passionate. Unlike major companies, who spam us all day long but do it legally, YTCracker's success comes from inspiring people through music. The nerdcore genre has many subgenres, making it possible for nerds to find communities that shares their interests.

    • The Intersection of Technology and Creativity: YTCracker's Journey from Hacker to Musician to Information Security ProfessionalYTCracker's journey showcases the power of combining creativity and technical skills to make a significant impact on technology and privacy.

      YTCracker, a prominent hacker and musician, was involved in both the anonymous hacking movement and Bitcoin during their early stages. They wrote songs about their experiences, including AntiSec about LulzSec's hacking campaign and Bitcoin Baron. YTCracker now works in information security at Ring, a subsidiary of Amazon, where they can make a tangible impact on privacy and security in technology. YTCracker's interest in computers started in junior high in Brooklyn, where they were introduced to technical-heavy programs like computer science. Their passion for music began in junior high when they were in band. YTCracker's experiences show the intersection of technology and creativity.

    • Overcoming Societal Stereotypes to Pursue One's PassionIt's important to stay true to oneself and pursue one's passion despite societal pressure. Innovation and perseverance can lead to success in unconventional ways.

      Ohm-I's journey showcases the struggle of fitting in and the societal pressure faced due to cultural stereotypes. His passion for music and video games drove him, but the pressure of fitting in pushed him to become an electronic expert. After retiring from the Navy, Ohm-I found his calling in the cyber field by using his expertise in Python. His innovative way of attracting recruiters by creating a song for his resume portrays the unique approach in job search that might not work for everyone, but it did make him stand out. His story is a reminder of how societal pressure can steer us away from our true calling, but with perseverance and passion, we can create our path towards success.

    • The intersection of tech and art in Information Security explained through rap.Python's versatility in InfoSec has led to creative expressions such as nerdcore rap that illustrate how tech and art can intersect and be used to enhance security.

      Python is a versatile language that can be used for a variety of purposes in InfoSec, thanks to the constant development of new libraries and tools. Ohm-I, a nerdcore rapper and security professional, works on hacking Microsoft's own development teams as part of securing their Azure products. Dual Core, another rap group, boasts members who have been skilled programmers and hackers since high school. Both illustrate the intersection of tech and art, and how these forms of creativity can be used to express emotions and connections between people, even in seemingly disparate fields.

    • From Punt Strings to Dual Core: My Journey in Hacking and ProgrammingIntentionally putting bad values in HTML markup can cause bugs and crashes in software. Pursuing a career in hacking and programming can lead to unexpected adventures and opportunities, even for those with non-technical backgrounds.

      Intentionally putting bad values in HTML markup and sending it to someone can cause bugs in the AOL client, leading to crashes or being kicked offline. This drove the speaker to learn Visual Basic and the Windows API to weaponize these "punt strings" and kick people offline. Despite initially wanting to be a lawyer and having a stereotype of a drab career in computers, the speaker found hacking computers and programming fun and pursued it for a career. They started with website development, attended security meetups, and eventually got an application security job where they assessed software for bugs. Dual Core, the group the speaker is a part of, gained popularity after Penny Arcade published a blog post about their album.

    • INT80's Journey from Music to Cloud Engineering and Tackling Cyber ThreatsINT80's diverse background from music to cyber threats helped him become an effective cloud engineer, capable of taking down malware and working with teams to protect critical data.

      INT80 has worked in various positions, from music to cracking copy protection and building threat systems, and is currently in cloud engineering. He conducted a takedown of malware that was mining Litecoin by coordinating with the mining pool, Dropbox, and the hosting provider, resulting in the malware's elimination. At Salesforce, he worked as a red team operator, attempting to breach critical parts of the company, such as customer data and source code. The job ended after a mishap at Defcon, leading him to his current role in cloud engineering. The song All the Things was inspired by a friend's phrase, which they played at parties during Defcon.

    • Dual Core, The Successful Nerdcore Rapper and HackerEmbracing different passions can lead to unique and successful outcomes. Dual Core's music and hacking combined earned him respect and recognition. Collaboration opportunities can arise from showcasing talents in unexpected places.

      Dual Core is a successful nerdcore rapper who idealized a week with hacking on weekdays and rap shows on weekends and has performed all around the world. He allowed collaborations by creating a file-sharing system on a server that he set up, using secure file-transfer methods like SCP. Although most nerdcore rappers are not hackers, Dual Core and his producer do security themselves, which gives a newfound respect to musicians behind nerdcore music. All The Things song of Dual Core was included in Watchdogs 2 game after the game developer saw him perform at Defcon and reached out to him. Freestyle performance of Drink all the booze and 'hack all the things' at the Dual Core show created an amazing experience for people.

    Recent Episodes from Darknet Diaries

    145: Shannen

    145: Shannen
    Shannen Rossmiller wanted to fight terrorism. So she went online and did. Read more about her from her book “The Unexpected Patriot: How an Ordinary American Mother Is Bringing Terrorists to Justice”. An affiliate link to the book on Amazon is here: https://amzn.to/3yaf5sI. Thanks to Spycast for allowing usage of the audio interview with Shannen. Sponsors Support for this show comes from Varonis. Do you wonder what your company’s ransomware blast radius is? Varonis does a free cyber resilience assessment that tells you how many important files a compromised user could steal, whether anything would beep if they did, and a whole lot more. They actually do all the work – show you where your data is too open, if anyone is using it, and what you can lock down before attackers get inside. They also can detect behavior that looks like ransomware and stop it automatically. To learn more visit www.varonis.com/darknet. Support for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free. Support for this show comes from ThreatLocker®. ThreatLocker® is a Zero Trust Endpoint Protection Platform that strengthens your infrastructure from the ground up. With ThreatLocker® Allowlisting and Ringfencing™, you gain a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker® provides Zero Trust control at the kernel level that enables you to allow everything you need and block everything else, including ransomware! Learn more at www.threatlocker.com. Learn more about your ad choices. Visit podcastchoices.com/adchoices

    144: Rachel

    144: Rachel
    Rachel Tobac is a social engineer. In this episode we hear how she got started doing this and a few stories of how she hacked people and places using her voice and charm. Learn more about Rachel by following her on Twitter https://twitter.com/RachelTobac or by visiting https://www.socialproofsecurity.com/ Daniel Miessler also chimes in to talk about AI. Find out more about him at https://danielmiessler.com/. Sponsors Support for this show comes from Varonis. Do you wonder what your company’s ransomware blast radius is? Varonis does a free cyber resilience assessment that tells you how many important files a compromised user could steal, whether anything would beep if they did, and a whole lot more. They actually do all the work – show you where your data is too open, if anyone is using it, and what you can lock down before attackers get inside. They also can detect behavior that looks like ransomware and stop it automatically. To learn more visit www.varonis.com/darknet. Support for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free. Support for this show comes from ThreatLocker®. ThreatLocker® is a Zero Trust Endpoint Protection Platform that strengthens your infrastructure from the ground up. With ThreatLocker® Allowlisting and Ringfencing™, you gain a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker® provides Zero Trust control at the kernel level that enables you to allow everything you need and block everything else, including ransomware! Learn more at www.threatlocker.com. Learn more about your ad choices. Visit podcastchoices.com/adchoices

    143: Jim Hates Scams

    143: Jim Hates Scams
    Jim Browning has dedicated himself to combatting scammers, taking a proactive stance by infiltrating their computer systems. Through his efforts, he not only disrupts these fraudulent operations but also shares his findings publicly on YouTube, shedding light on the intricacies of scam networks. His work uncovers a myriad of intriguing insights into the digital underworld, which he articulately discusses, offering viewers a behind-the-scenes look at his methods for fighting back against scammers. Jim’s YouTube channel: https://www.youtube.com/c/JimBrowning Sponsors Support for this episode comes from NetSuite. NetSuite gives you visibility and control of your financials, planning, budgeting, and of course - inventory - so you can manage risk, get reliable forecasts, and improve margins. NetSuite helps you identify rising costs, automate your manual business processes, and see where to save money. KNOW your numbers. KNOW your business. And get to KNOW how NetSuite can be the source of truth for your entire company. Visit www.netsuite.com/darknet to learn more. This episode is sponsored by Intruder. Growing attack surfaces, dynamic cloud environments, and the constant stream of new vulnerabilities stressing you out? Intruder is here to help you cut through the chaos of vulnerability management with ease. Join the thousands of companies who are using Intruder to find and fix what matters most. Sign up to Intruder today and get 20% off your first 3 months. Visit intruder.io/darknet. This show is sponsored by Shopify. Shopify is the best place to go to start or grow your online retail business. And running a growing business means getting the insights you need wherever you are. With Shopify’s single dashboard, you can manage orders, shipping, and payments from anywhere. Sign up for a one-dollar-per-month trial period at https://shopify.com/darknet. Learn more about your ad choices. Visit podcastchoices.com/adchoices

    142: Axact

    142: Axact
    Axact sells fake diplomas and degrees. What could go wrong with this business plan? Sponsors Support for this episode comes from NetSuite. NetSuite gives you visibility and control of your financials, planning, budgeting, and of course - inventory - so you can manage risk, get reliable forecasts, and improve margins. NetSuite helps you identify rising costs, automate your manual business processes, and see where to save money. KNOW your numbers. KNOW your business. And get to KNOW how NetSuite can be the source of truth for your entire company. Visit www.netsuite.com/darknet to learn more. Support for this show comes from ThreatLocker®. ThreatLocker® is a Zero Trust Endpoint Protection Platform that strengthens your infrastructure from the ground up. With ThreatLocker® Allowlisting and Ringfencing™, you gain a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker® provides Zero Trust control at the kernel level that enables you to allow everything you need and block everything else, including ransomware! Learn more at www.threatlocker.com. This show is sponsored by Shopify. Shopify is the best place to go to start or grow your online retail business. And running a growing business means getting the insights you need wherever you are. With Shopify’s single dashboard, you can manage orders, shipping, and payments from anywhere. Sign up for a one-dollar-per-month trial period at https://shopify.com/darknet. Learn more about your ad choices. Visit podcastchoices.com/adchoices

    141: The Pig Butcher

    141: The Pig Butcher
    The #1 crime which results in the biggest financial loss is BEC fraud. The #2 crime is pig butchering. Ronnie Tokazowski https://twitter.com/iHeartMalware walks us through this wild world. Sponsors Support for this episode comes from NetSuite. NetSuite gives you visibility and control of your financials, planning, budgeting, and of course - inventory - so you can manage risk, get reliable forecasts, and improve margins. NetSuite helps you identify rising costs, automate your manual business processes, and see where to save money. KNOW your numbers. KNOW your business. And get to KNOW how NetSuite can be the source of truth for your entire company. Visit www.netsuite.com/darknet to learn more. Support for this show comes from Drata. Drata streamlines your SOC 2, ISO 27001, PCI DSS, HIPAA, GDPR & many other compliance frameworks, and provides 24-hour continuous control monitoring so you focus on scaling securely. Listeners of Darknet Diaries can get 10% off Drata and waived implementation fees at drata.com/darknetdiaries. This show is sponsored by Shopify. Shopify is the best place to go to start or grow your online retail business. And running a growing business means getting the insights you need wherever you are. With Shopify’s single dashboard, you can manage orders, shipping, and payments from anywhere. Sign up for a one-dollar-per-month trial period at https://shopify.com/darknet. Learn more about your ad choices. Visit podcastchoices.com/adchoices

    139: D3f4ult

    139: D3f4ult
    This is the story of D3f4ult (twitter.com/_d3f4ult) from CWA. He was a hacktivist, upset with the state of the way things were, and wanted to make some changes. Changes were made. Sponsors Support for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free. Support for this show comes from Thinkst Canary. Their canaries attract malicious actors in your network and then send you an alert if someone tries to access them. Great early warning system for knowing when someone is snooping around where they shouldn’t be. Check them out at https://canary.tools. Support for this show comes from Quorum Cyber. Their mantra is: “We help good people win.” If you’re looking for a partner to help you reduce risk and defend against the threats that are targeting your business — and especially if you are interested in Microsoft Security — reach out to Quorum Cyber at www.quorumcyber.com/darknet-diaries. Sources https://www.vice.com/en/article/z3ekk5/kane-gamble-cracka-back-online-after-a-two-year-internet-ban https://www.wired.com/2015/10/hacker-who-broke-into-cia-director-john-brennan-email-tells-how-he-did-it/ https://www.hackread.com/fbi-server-hacked-miami-police-data-leaked/ https://archive.ph/Si79V#selection-66795.5-66795.6 https://wikileaks.org/cia-emails/John-Brennan-Draft-SF86/page-7.html Learn more about your ad choices. Visit podcastchoices.com/adchoices

    138: The Mimics of Punjab

    138: The Mimics of Punjab
    This episode is about scammers in the Punjab region. Tarun (twitter.com/taruns21) comes on the show to tell us a story of what happened to him. Naomi Brockwell (twitter.com/naomibrockwell) makes an appearance to speak about digital privacy. To learn more about protecting your digital privacy, watch Naomi’s YouTube channel https://www.youtube.com/@NaomiBrockwellTV. And check out the books Extreme Privacy (https://amzn.to/3L3ffp9) and Beginner’s Introduction to Privacy (https://amzn.to/3EjuSoY). Sponsors Support for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free. Support for this show comes from SpyCloud. It’s good practice to see what data is getting passed around out there regarding you, your employees, your customers, and your business. The dark web is a place where this data is traded and shared. SpyCloud will help you find what out there about you and give you a report so you can be aware. Then they’ll continuously monitor the dark web for any new exposures you should be aware of. To learn more visit spycloud.com/darknetdiaries. Support for this show comes from ThreatLocker. ThreatLocker has built-in endpoint security solutions that strengthen your infrastructure from the ground up with a zero trust posture. ThreatLocker’s Allowlisting gives you a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker provides zero trust control at the kernel level. Learn more at www.threatlocker.com. Learn more about your ad choices. Visit podcastchoices.com/adchoices

    137: Predator

    137: Predator
    A new type of mercenary spyware came on the radar called Predator. It’ll infect a mobile phone, and then suck up all the data from it. Contacts, text messages, location, and more. This malware is being sold to intelligence agencies around the world. In this episode we hear from Crofton Black at Lighthouse Reports who spent 6 months with a team of journalists researching this story which was published here: https://www.lighthousereports.com/investigation/flight-of-the-predator/. We also hear from Bill Marczak and John Scott-Railton from Citizen Lab. If you want to hear about other mercenary spyware, check out episodes 99 and 100, about NSO group and Pegasus. To hear another episode about Greece check out episode 64 called Athens Shadow Games. Sponsors Support for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free. Support for this show comes from Varonis. Do you wonder what your company’s ransomware blast radius is? Varonis does a free cyber resilience assessment that tells you how many important files a compromised user could steal, whether anything would beep if they did, and a whole lot more. They actually do all the work – show you where your data is too open, if anyone is using it, and what you can lock down before attackers get inside. They also can detect behavior that looks like ransomware and stop it automatically. To learn more visit www.varonis.com/darknet. Support for this show comes from Akamai Connected Cloud (formerly Linode). Akamai Connected Cloud supplies you with virtual servers. Visit linode.com/darknet and get a special offer. Learn more about your ad choices. Visit podcastchoices.com/adchoices

    136: Team Xecuter

    136: Team Xecuter
    Team Xecuter was a group involved with making and selling modchips for video game systems. They often made mods that allowed the video game system to rip games or play pirated games. It was a crowd favorite in the modding scene. Until it all fell apart. The story of what happened to Team Xecuter must be heard to believe. This episode features Gary Bowser. You can find more about Gary here: https://twitter.com/Bowser_GaryOPA https://garyopa.com/ https://www.gofundme.com/f/garyopa-restarting-his-life?utm_location=darknetdiaries Sponsors Support for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free. Support for this show comes from Thinkst Canary. Their canaries attract malicious actors in your network and then send you an alert if someone tries to access them. Great early warning system for knowing when someone is snooping around where they shouldn’t be. Check them out at https://canary.tools. Support for this show comes from ThreatLocker. ThreatLocker has built-in endpoint security solutions that strengthen your infrastructure from the ground up with a zero trust posture. ThreatLocker’s Allowlisting gives you a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker provides zero trust control at the kernel level. Learn more at www.threatlocker.com. Sources https://www.washingtonpost.com/archive/politics/1994/10/27/ringleader-pleads-guilty-in-phone-fraud/56e551bb-a727-43e8-a3ca-1c1f4cf6ef82/ https://www.justice.gov/sites/default/files/usao/legacy/2010/10/12/usab4304.pdf https://www.eurogamer.net/nintendo-to-appeal-not-guilty-judgement-of-flash-cart-sellers-7 https://www.gamesindustry.biz/nintendo-pounces-on-global-piracy-outfit https://www.justice.gov/opa/pr/two-members-notorious-videogame-piracy-group-team-xecuter-custody https://medium.com/swlh/watch-paint-dry-how-i-got-a-game-on-the-steam-store-without-anyone-from-valve-ever-looking-at-it-2e476858c753#.z05q2nykc https://www.lemonde.fr/police-justice/article/2022/05/27/voler-des-societes-qui-font-des-milliards-qu-est-ce-que-j-en-ai-a-faire-max-louarn-c-ur-de-hackeur_6127821_1653578.html https://www.theverge.com/2020/11/20/21579392/nintendo-big-house-super-smash-bros-melee-tournament-slippi-cease-desist https://www.youtube.com/watch?v=U7VwtOrwceo https://www.youtube.com/watch?v=5sNIE5anpik Learn more about your ad choices. Visit podcastchoices.com/adchoices