fafo
November 30, 2024 2:57 PM Subscribe
Prolific hacker arrested after threatening woman online. The guy allegedly behind the massive Ticketmaster and AT&T data breaches this year was unmasked after picking a fight with Allison Nixon, the chief research officer at a cybersecurity firm.
He repeatedly threatened her and her company on Telegram, which were not even working on the Snowflake hack at the time.
“Why would he target a company that is not working on his case and specializes in identifying cybercriminals?” said Nixon. “It is just the stupidest thing ever.”
He repeatedly threatened her and her company on Telegram, which were not even working on the Snowflake hack at the time.
“Why would he target a company that is not working on his case and specializes in identifying cybercriminals?” said Nixon. “It is just the stupidest thing ever.”
He was thinking with his dick and his ego. I think that's the real mistake. Also, the usual rage at a woman.
posted by jenfullmoon at 3:20 PM on November 30 [5 favorites]
posted by jenfullmoon at 3:20 PM on November 30 [5 favorites]
Badass!
Fuck around, get sloppy, get tracked, and find out...
posted by Windopaene at 3:26 PM on November 30
Fuck around, get sloppy, get tracked, and find out...
posted by Windopaene at 3:26 PM on November 30
Fuck around, get sloppy, get tracked, and find out...
Very probably, but it’s worth remembering that perfect operational security is basically impossible – especially if you have a highly motivated and knowledgeable adversary gunning for you, as here.
posted by ryanshepard at 3:28 PM on November 30 [2 favorites]
Very probably, but it’s worth remembering that perfect operational security is basically impossible – especially if you have a highly motivated and knowledgeable adversary gunning for you, as here.
posted by ryanshepard at 3:28 PM on November 30 [2 favorites]
From this paywalled article from 404 Media:
In his typical blackmail attempts, Judische would contact the victim company, sometimes with the help of an intermediary, and offer to produce a video proving he deleted the stolen data in exchange for a hefty payment. If the company didn’t comply, Judische or others would dump the data online, making it publicly accessible.
But Judische often made terrible mistakes in those videos. In at least one case, the video showed his system’s hostname, which is basically how the computer identifies itself on a network. Armed with that information, Austin Larsen, a senior threat analyst with cybersecurity company Mandiant, identified where the server hosting some of Judische’s data was. Larsen provided information to relevant parties, they took down the server, which delayed Judische from publishing a victim’s stolen data, Larsen said.
posted by spork at 3:38 PM on November 30 [3 favorites]
In his typical blackmail attempts, Judische would contact the victim company, sometimes with the help of an intermediary, and offer to produce a video proving he deleted the stolen data in exchange for a hefty payment. If the company didn’t comply, Judische or others would dump the data online, making it publicly accessible.
But Judische often made terrible mistakes in those videos. In at least one case, the video showed his system’s hostname, which is basically how the computer identifies itself on a network. Armed with that information, Austin Larsen, a senior threat analyst with cybersecurity company Mandiant, identified where the server hosting some of Judische’s data was. Larsen provided information to relevant parties, they took down the server, which delayed Judische from publishing a victim’s stolen data, Larsen said.
posted by spork at 3:38 PM on November 30 [3 favorites]
lmao
posted by They sucked his brains out! at 3:55 PM on November 30
posted by They sucked his brains out! at 3:55 PM on November 30
He repeatedly threatened her and her company on Telegram, which were not even working on the Snowflake hack at the time.
“Why would he target a company that is not working on his case and specializes in identifying cybercriminals?” said Nixon. “It is just the stupidest thing ever.”
He went after her company because she is a woman executive in cybersecurity, and for guys like him hacking is like sexual assault
posted by jamjam at 4:04 PM on November 30 [2 favorites]
“Why would he target a company that is not working on his case and specializes in identifying cybercriminals?” said Nixon. “It is just the stupidest thing ever.”
He went after her company because she is a woman executive in cybersecurity, and for guys like him hacking is like sexual assault
Rapists and cybercriminals have enough in common that companies should borrow a page from rape prevention to protect themselves against cyberattack, said Terry Gudaitis, a former behavioral profiler for the Central Intelligence Agency, in an interview with Risk & Compliance Journal last week at the TechnoSecurity and Mobile Forensics conference in Myrtle Beach, S.C..And true to form, he left his DNA all over the place.
posted by jamjam at 4:04 PM on November 30 [2 favorites]
God gave man a penis and a brain but unfortunately God gave man only enough blood to run one at a time
posted by robbyrobs at 4:06 PM on November 30 [2 favorites]
posted by robbyrobs at 4:06 PM on November 30 [2 favorites]
I do not understand why this article needs to be illustrated with a photo of the woman targeted. Obviously it's not a private photo or anything, but why publish a photo at all? It's entirely irrelevant to the story.
posted by oneirodynia at 4:26 PM on November 30 [1 favorite]
posted by oneirodynia at 4:26 PM on November 30 [1 favorite]
« Older Thunderstruck on a Street Organ (SLYT)
He repeatedly threatened her and her company on Telegram, which were not even working on the Snowflake hack at the time.
Terry Pender, the writer, needs work on his misplaced modifiers. I literally did not understand the first sentence at first—a member of Nixon's team made a critical mistake? What? I had to stop and think about it.
The second one wasn't so bad. It's still pretty bad. Telegram were not even working on the Snowflake hack?
That said, this is an interesting story. I understand their reasons for not publicizing the mistake Waifu made, but I want to know what it was. I really want to know what it was. I love stories about security failures, social engineering, and the like. I would love to know what foolish mistake brought down this hacker. I welcome speculations, or the stories of the type of thing a person might do in this situation that would allow them to be identified.
posted by Well I never at 3:17 PM on November 30 [3 favorites]