NHS computer systems hacked!?
- Thread starter Tone1979
- Start date
They mention in the article and its possibly the case that it isn't unusual for security researchers to log into malware backdoors and/or use honeypots, etc. to interact with botnets and so on for analysis and research purposes or even to take them down which can look like criminal activity at a superficial level - something you really need to have well documented oversight of and/or a connection with professional security bodies before going about it so you can prove your innocence.
Those kind of interactions often leave much more identifiable digital fingerprints versus those involved with distributing or using the malware who are usually hidden behind a few layers of obfuscation.
Soldato
- Joined
- 1 May 2003
- Posts
- 11,193
Interesting how his twitter account shows him asking for samples of Kronos back in 2014, unless this is just a red herring and the Feds can link him to the sale of Kronos on Alphabay?
Sneaky how the feds waited till he was about to leave the US before arresting him. I bet his laptop is full of tech and Intel from his stay in Vegas.
Sneaky how the feds waited till he was about to leave the US before arresting him. I bet his laptop is full of tech and Intel from his stay in Vegas.
Soldato
- Joined
- 7 Jul 2011
- Posts
- 4,418
- Location
- Cambridgeshire
Ah yes, Fantastic Botnet Infiltrators Ltd. FBI for short, because that meant they could use the existing headed paper.
I kind of hoped it was Creative's suggestion, some form of malware Munchausen by proxy. Then I could just ignore the press coverage and catch up when the film is released.
His Tweet - https://twitter.com/MalwareTechBlog/status/488373794168254464
It's dated 13 July 2014 6:26pm - the same day the other defendant demo's how to use it, a month later they put it up for sale...
In or around, in or around. On or about, on or about.
Brilliant detective work there.To me it looks like he was working on samples etc and the 'other' person is the one who took it and sold it on Alphabay. They've since spewed to the FBI. You wouldn't have thought he'd travel to the US if he was the original creator or there could possibly be info against him.
Of course the Tweet could be a part of a massive long game.
I remember at the time he 'saved' the NHS that he seemed a little too eager to be lorded as a hero. Something seemed off about him, I could be completely wrong here. But I wonder if he has a need to be a hero or 'liked' etc & this is what has tripped him up. So he played the good guy while behind the scenes he was up to no good. Got too cocky & believed he was invincible & tripped himself up into the lap of the FBI.His Tweet - https://twitter.com/MalwareTechBlog/status/488373794168254464
>SNIP<
To me it looks like he was working on samples etc and the 'other' person is the one who took it and sold it on Alphabay. They've since spewed to the FBI. You wouldn't have thought he'd travel to the US if he was the original creator or there could possibly be info against him.
Of course the Tweet could be a part of a massive long game.
On the other hand he may be innocent
He describes himself as a hero on his twitter bio. That looks rather arrogant to me & suggests he loves the limelight
Well lets agree to disagree.
A number of cyber criminals have been busted this way. They're lured to the US or travel to a country willing to extradite.
Soldato
- Joined
- 21 Apr 2007
- Posts
- 6,611
What i'm finding surprising is how sloppy a number of cyber criminals seem to be just basics like encrypting laptops etc....
I followed Silk Road very closely again, sloppy. Now Alphabay and Hansa both brought down, Hansa i've not looked into yet but AB was sloppy as hell.
I mean possibility is like someone says NSA makes up lies to cover how they really caught these guys but who knows....
For me, a question would be why did they need to wait until he went to the United States. We have various law enforcement agreements with the USA. If they have evidence that he is guilty why not share it with us? My presumption would be that it's either that the evidence doesn't meet our standards or the evidence would be inadmissible here because of how it was obtained. We have long had a reciprocal agreement with the United States where they spy on our citizens and we spy on theirs - conveniently avoiding laws on surveillance in both countries. Now of course surveillance happens, but when you want to prosecute someone you need a legal chain of evidence.
At least that's a hypothesis. There are several other possibilities such as - they got evidence / useful information from him during the conference, it's a stitch up because he trod on other operations of theirs (WannaCry was grafted onto stolen NSA malware so maybe there's collateral). Or perhaps it's simply a mistake and he's nothing to do with creating it - wouldn't be the first mistake when law enforcement meets IT. But the chain of evidence ones above are my most plausible, imo.
At least that's a hypothesis. There are several other possibilities such as - they got evidence / useful information from him during the conference, it's a stitch up because he trod on other operations of theirs (WannaCry was grafted onto stolen NSA malware so maybe there's collateral). Or perhaps it's simply a mistake and he's nothing to do with creating it - wouldn't be the first mistake when law enforcement meets IT. But the chain of evidence ones above are my most plausible, imo.
Opsec is difficult, and all it takes is one mistake. Brian Krebs manages to dox people because they become lazy and complacent.
Difficult to extradite.
https://en.wikipedia.org/wiki/Gary_McKinnon
https://en.wikipedia.org/wiki/Lauri_Love
Patience is rewarded.
Soldato
- Joined
- 31 May 2009
- Posts
- 21,457
The quotes are a direct reference to all the various press media and outlets referring to him as just that 'accidental hero'. It is how he was described, not as he described, thus quoted.
You can disagree all you like.
I wasn't looking for your permission to disagree. His Bio written by him about himself he calls himself a hero. He's arrogant & now he's in jail. If found guilty his arrogance may have just cost him his freedom for years
Well in the case of the SR, the FBI distracted him from his laptop which give them enough time to take it without letting him power it off.
Soldato
- Joined
- 31 May 2009
- Posts
- 21,457
Arrogance cost him his freedom?
What do you mean? His bio might be responsible for a jail term? Unlikely, criminal activities might get him jail, his bio and arrogance is unlikely to.
Never said his Bio cost him it. I said it was an example of his arrogance, as I made clear in an earlier post. He reminds me of cases I've read about of arsonist fireman. Lighting fires to play the hero.
Soldato
- Joined
- 31 May 2009
- Posts
- 21,457
When I heard of his arrest, I pondered the same, time will tell, but US justice system will bury the world in legalese as usual and the truth might be hard to find.