[HN Gopher] RaidForums gets raided, alleged admin arrested
___________________________________________________________________
RaidForums gets raided, alleged admin arrested
Author : picture
Score : 196 points
Date : 2022-04-12 17:32 UTC (5 hours ago)
(HTM) web link (krebsonsecurity.com)
(TXT) w3m dump (krebsonsecurity.com)
| paulpauper wrote:
| Funny how there are so many logos on the seizure notice . they
| should have put a McDonald's logo too or maybe a service where a
| company can pay to have their logo put on there given how much
| traffic the sized domain probably got
| Jamie9912 wrote:
| including an anime girl in skimpy clothing
| Sirened wrote:
| don't want people to get it confused with the other
| raidforums which is represented by a very chastely dressed
| anime girl
| bonestamp2 wrote:
| Cyber Security companies might pay to be on there as a sponsor.
| ohcomments wrote:
| Guess the rabbit got caught by the turtle again due to showing
| off instead of just leading the damn race...
| [deleted]
| karmicthreat wrote:
| I wish the DOJ had a better designer for their domain seizure
| graphics.
| dddddaviddddd wrote:
| I enjoy how they incorporate the logo of the seized site on
| their notice.
| powersnail wrote:
| If I didn't read the news first, I'd never guessed that the
| image is actually made by a law enforcement agency. It looks
| like some script-kiddie's prank from 20 years ago.
|
| I like it though. A bit of punk spirit.
| xwdv wrote:
| No way, the whole point is to piss off the people who frequent
| those domains.
| rossdavidh wrote:
| Idea for a HN contest: design a better DOJ domain seizure
| graphic. Bonus points for features like "enter personal
| identifying information here to be notified when your favorite
| illegal site is back online".
|
| ...although I guess they did that last part for a while before
| they changed the graphic.
| navbaker wrote:
| "Show HN: I trained a GAN to generate DOJ seizure graphics!"
| mindcrime wrote:
| Somebody should seize the DOJ website and replace it with a cDc
| logo or something...
|
| Or a redirect to phrack.org.
| jacquesm wrote:
| It sounds like the 'somebody' would be angling for an
| extended stay in a room without a view as well.
| robocat wrote:
| https://raid.lol/hn link for the lazy. The IRS:CI logo is
| better than I would expect for a government agency:
| https://en.wikipedia.org/wiki/IRS_Criminal_Investigation and
| perhaps it pays okay: Annual budget US$1.2 billion with ~3,300
| employees.
| sydthrowaway wrote:
| It's meant to be as garish as possible. It's the modern day
| equivalent of a branding iron. You got pwned!
| kodah wrote:
| Actually, you're spot on. They started doing these style of
| splash pages a few years after hacking groups did.
| sva_ wrote:
| I'd make a guess that they simply just hired those people
| (semi-voluntarily)
| cellis wrote:
| Quite a few former cyber criminals are on probation with
| three letter orgs...
| BlueTemplar wrote:
| Did he at least get swatted ?
| skilled wrote:
| Interesting tweet here[0] saying the site was used to phish
| credentials since late February this year.
|
| Also, who was hosting these guys? I remember in early 2000s (back
| when milw0rm was a thing) - a lot of sites like this struggled to
| stay online because nobody wanted to host them.
|
| Anyways, that's a pretty stupid way to go out. And, not just
| because he is at fault or whatever, it sounds like they turned
| that site into a capitalist enterprise and that's going to hurt
| more than the fact that he engaged in illegal activity in the
| first place.
|
| [0]: https://twitter.com/NatSecGeek/status/1513875386395987968
| twelventy wrote:
| > who was hosting these guys?
|
| Epik?
| ceva wrote:
| Am just curious how hackforums is still around?
| Jamie9912 wrote:
| They don't allow anything illegal
| [deleted]
| jacquesm wrote:
| "Coelho landed on the radar of U.S. authorities in June 2018,
| when he tried to enter the United States at the Hartsfield-
| Jackson International Airport in Atlanta. The government obtained
| a warrant to search the electronic devices Coelho had in his
| luggage and found text messages, files and emails showing he was
| the RaidForums administrator Omnipotent."
|
| Not really the sharpest knife in the drawer, to do things like
| this and then to go holidaying in the USA with incriminating
| stuff on your person...
|
| Story time:
|
| A guy I met who did stuff that _may_ have come to the attention
| of US authorities was on a plane that got diverted to the USA for
| a medical emergency. The guy obviously got very upset and needed
| to go to the bathroom, urgently, on the way there he spotted a
| mate of his. They didn 't like each other much but got to talk
| for a while and they both agreed that this was the end of the
| line. They both expected to be arrested upon landing because the
| passenger manifest was shared with the US authorities because of
| the overflight. The one remarked to the other: 'spending the rest
| of my life in jail is bad enough, but now I'm going to have to
| spend it with you and that is _so_ much worse '.
|
| The person who had the medical emergency was taken off the plane
| to go to hospital, the flight continued on its way, no
| disembarkation, no checks, nothing.
| oh_sigh wrote:
| I think that's because these people are on the business side of
| exploits, not the technical side. So really the most important
| quality to have is a lack of scruples, not any kind of insane
| technical talent which might inform proper infosec.
| vmception wrote:
| > Not really the sharpest knife in the drawer, to do things
| like this and then to go holidaying in the USA with
| incriminating stuff on your person...
|
| The US could have gone after him any time it wanted in nearly
| any country, including his home in Portugal. They actually
| arrested him in the UK.
|
| This issue with the warrant when he entered was a procedural
| thing that appeared out of convenience. They could have
| cooperated with Portugal to get the equivalent done there. They
| just saw this low hanging fruit flagged on a flight manifest
| and was like "sure why not".
| sofixa wrote:
| I don't know if Portugal is like that too, but e.g. France
| doesn't extradite French citizens ( that's why Polanski run
| away here). Also i think it's a general EU rule not to
| extradite to countries with risk of torture and execution,
| and the US are _experts_ at that. So it might not be as
| simple.
| jacquesm wrote:
| I don't care about the US perspective, I care about _his_
| perspective, and for the life of me I can 't imagine someone
| so incredibly convinced of their own ability to hide their
| tracks that they'd be involved in a multi-year effort like
| that and think it's smart to go visit the United States. It's
| not like that would be the first time someone got arrested on
| entry. If it can happen to the CEO of a large multinational
| it can happen to Joe Random Hacker at least as easily. The
| interesting thing is they didn't arrest him on the spot, but
| they might well have.
| Teandw wrote:
| He was running one of the most 'successful' illegal forums
| for what 7 years? When you get away with something for so
| long, especially in an 'industry' where you know every law
| enforcement in the world is after you, I can see why you
| would easily think you're invincible and never getting
| caught.
|
| He was incredibly convinced of his own ability to hide his
| tracks because technically up to that point, his ability to
| hide his tracks was good. A self fulfilling prophecy of
| sorts.
| jacquesm wrote:
| Either that or he was spotted long ago, judged to be
| untouchable because he was still a minor and they let it
| go until they could charge him as an adult.
|
| The indictment documents a pretty lengthy sting
| operation.
| TacticalCoder wrote:
| > Coelho landed on the radar of U.S. authorities in June 2018,
| when he tried to enter the United States at the Hartsfield-
| Jackson International Airport in Atlanta. The government
| obtained a warrant to search the electronic devices Coelho had
| in his luggage and found text messages, files and emails
| showing he was the RaidForums administrator Omnipotent
|
| I called complete, total and utter bullshit. That's a parallel
| construction if I ever saw one. Very few people get their
| devices searched (I know maybe one in 100) and, _oh-the-
| coincidence_ , this guy happens to be that "Omnipotent" admin
| of a cybercrime forum?
|
| Yeah. I've got a bridge to sell you too.
| rosndo wrote:
| > Very few people get their devices searched (I know maybe
| one in 100) and, oh-the-coincidence, this guy happens to be
| that "Omnipotent" admin of a cybercrime forum?
|
| That's not what the text really suggests. It very clearly
| states:
|
| > The government obtained a warrant
|
| Which obviously means that he wasn't randomly searched at the
| border, but the government knew who he was.
|
| It's not parallel construction, just poor wording by Krebs.
| jacquesm wrote:
| There is a chance of that.
| ev1 wrote:
| e: yeah, that makes sense I guess
| jacquesm wrote:
| But that's the whole beauty of parallel construction: you
| don't know if they found that out before or after...
| 349ecb77cd62 wrote:
| Teandw wrote:
| I think you may have just read the timeline of events
| incorrectly as what was said makes perfect sense?
|
| This was a multi-country investigation. The USA were likely
| already aware of Coelho so when he entered the US, he was
| then arrested by US authorities upon landing. It doesn't say
| his devices were searched there and then. It said a warrant
| was obtained to search his device, so they would needed to
| have a valid reason to apply for that warrant.
|
| You seem to be reading it as if they had no idea who he was
| and they randomly searched someone's electronic devices and
| just happened to be this guy. That's not what they're saying
| happened?
| vsareto wrote:
| I guess "landed on the radar" could be interpreted as the
| first time you get noticed by law enforcement.
| throwmeariver1 wrote:
| I bet he thought the exact same thing ;0)
| meowface wrote:
| Not to mention the following paragraph:
|
| >"In an attempt to retrieve his items, Coelho called the lead
| FBI case agent on or around August 2, 2018, and used the email
| address unrivalled@pm.me to email the agent," the government's
| affidavit states. Investigators found this same address was
| used to register rf.ws and raid.lol, which Omnipotent announced
| on the forum would serve as alternative domain names for
| RaidForums in case the site's primary domain was seized.
|
| I'm not surprised at all, though. These people tend not to be
| the brightest. If they were, they'd generally find legitimate
| employment, where they can still make very good money while
| also not constantly fearing arrest and imprisonment. Most of
| the people who operate and use these sites often don't have the
| ability to get even an entry-level infosec job.
| btown wrote:
| I imagine a lot of people think that just because they've
| used a WHOIS anonymization service through their registrar,
| domain registration isn't traceable back to their account. On
| the contrary, registrars make this incredibly straightforward
| for law enforcement to do: for instance, see
| https://www.godaddy.com/legal/agreements/subpoena-policy.
| It's a remarkably silly way to get busted.
| omegacharlie wrote:
| Some context for those that do not know. I believe some
| time ago raidforums.com was transferred from NameCheap to
| Cloudflare registrar (pre-seizure) and it was under data
| redaction with an address in the territory of Cyprus in
| Whois data. Some sort of attempt at P.O box or shell
| company voodoo is my guess.
|
| With Cloudflare registrar I would not be surprised if they
| were a cooperating party in this case.
| btown wrote:
| https://www.namecheap.com/legal/general/court-order-and-
| subp...
|
| https://www.cloudflare.com/media/pdf/transparency-
| report.pdf - and
| https://developers.cloudflare.com/registrar/why-choose-
| cloud... indicates Cloudflare retains "the registrant
| email on file for that domain."
|
| WHOIS redaction is extremely useful for shielding
| personal information from non-governmental entities! But
| US government entities have full access to any data the
| registrar has on file, regardless of whether they provide
| redaction services.
| xiphias2 wrote:
| I'm not so sure about it. Did you listen to the interview of
| Lex Fridman with Brett Johnson? He seems like an intelligent
| person who could easily get an infosec job and be extremely
| good at it from UX/social engineering point of view, but he
| was socialized from being a kid to disregard authority and
| steal from other people in every possible way.
|
| I'm sure he wouldn't let Coinbase get away with SMS 2nd
| factor authentication, something I can never forgive a
| company to do when there's big money on the line.
| PragmaticPulp wrote:
| > I'm not so sure about it. Did you listen to the interview
| of Lex Fridman with Brett Johnson? He seems like an
| intelligent person who could easily get an infosec job and
| be extremely good at it from UX/social engineering point of
| view, but he was socialized from being a kid to disregard
| authority and steal from other people in every possible
| way.
|
| Be very careful about taking infosec celebrities at face
| value.
|
| Social engineering is and always has been a core feature of
| black hat activities. When these people graduate from
| criminal activities to being keynote speakers and
| consultants, they take their social engineering skills and
| use them to build a personal brand.
|
| In other words: You were getting socially engineered
| through that podcast. Building an aura around himself is
| his business now ( https://www.anglerphish.com/speaking-
| consulting ).
|
| His story is interesting and you can't deny that he's
| become a great storyteller. But even he admitted that he
| wasn't the strongest on the technical side of things.
| meowface wrote:
| >I'm not so sure about it. Did you listen to the interview
| of Lex Fridman with Brett Johnson?
|
| I did. Excellent, captivating interview, but he repeatedly
| acknowledged he didn't know much about the tech stuff, and
| he said several incorrect technical things towards the end.
| I stand by my statement: I think it would've been difficult
| for him to get a (technical) infosec job at the time of his
| arrest, or now (assuming a world where he didn't have a
| criminal record). While listening to it, I actually thought
| he perfectly fit the archetype of cybercrime forum
| operators I'm used to coming across.
|
| He's certainly a great social engineer, and many other
| technically unskilled people in the cybercrime space also
| are. I'm definitely not discounting that ability. A lot of
| it comes down to brazenness; e.g. being confident and
| shameless enough to impersonate a law enforcement officer
| over the phone. There's still a lot of skill involved in
| being a con artist even then - you need affability and the
| gift of gab and all that - but it's not necessarily the
| kind of skill that's transferrable to technical expertise.
| There are many people with expertise in both areas, but
| also many who are exclusive to one.
| sonicggg wrote:
| They could find legitimate work, yes, but you're forgetting
| that they do it for the thrill. Just like people can be
| passionated for their careers, so can a black hat hacker or a
| scammer also find pleasure in his craft. Not saying it's the
| right thing, but I understand the appeal.
| baby wrote:
| dude, opsec is really really hard, the slightest mistake and
| it's over.
| sweetbitter wrote:
| It's only that hard if the person in question is dumb
| enough to be using a pseudonym instead of opting for
| anonymity, since having a name opens up your attack surface
| and chance to fail. Hosting a site or some kind of
| infrastructure that you have to actively interface with
| also counts towards this.
| tyingq wrote:
| >These people tend not to be the brightest.
|
| Well, for those that are bright, you don't hear anything at
| all. So it's hard to characterize all of them.
|
| I hear something similar on shows like Dateline about how
| not-bright the murderers are. Yet only about half of
| homicides are solved in the US every year.
| Firehawke wrote:
| Yeah, absolutely this. There's a bias towards the low end
| of the skill/intelligence curve as those guys get caught
| doing really stupid shit and end up in the news as a
| result.
|
| I was looking over Wikipedia articles on software piracy
| groups of the 1980s/90s the other day and it was really
| interesting how many of them died to either a blatantly
| stupid move on the part of one of their members/leadership
| resulting in the whole group dropping like dominoes, or a
| political split when the leadership could not agree on
| policy (especially during a leadership changeover)
|
| It was particularly interesting to see at least one major
| group collapse due to leadership getting nailed on
| phreaking charges, which spilled over to the entire group
| getting nabbed on the piracy.
|
| A few of the brightest in the scene got out when they found
| an opportune time, then disappeared. At least one or two of
| them are CEOs in big business, if the articles are to be
| believed. I bet one or more are reading this now, even!
| isk517 wrote:
| You only need to be slightly more intelligent than the
| people trying to track you in order to not get caught. I
| heard and read enough true crime stories to noticed that
| successful serial killers and incompetent law enforcement
| tend to go hand-in-hand.
| tyingq wrote:
| I would guess that things like search history, email
| records, cell phone records and security cameras are a
| huge crutch for police these days. So avoiding those
| things probably gets you most of the way there.
| jacquesm wrote:
| License plates, CCTV, purchase records, public transport
| etc.
|
| There are so many ways in which you could be tracked that
| the safe assumption is that you won't be able to avoid
| it.
| tyingq wrote:
| Which brings you back to asking why half don't get
| solved, I suppose.
| jacquesm wrote:
| In most countries: priorities.
| db65edfc7996 wrote:
| With all digital interactions recorded forever, it only takes
| a single idle mistake.
| at-fates-hands wrote:
| True.
|
| I always feel like the people who are involved in these
| illegal forums would have better OpsSec. The fact the feds
| got all of his electronic devices and within a few hours
| had plenty of damning information is always kind of
| shocking to me.
|
| I guess that's the difference between the real criminals
| who never get caught and others who get greedy or too lazy
| in covering their tracks.
| krzyk wrote:
| How is infosec job related to him?
|
| Legitimite employment might not give them the needed liberty
| to do what they see fit.
| meowface wrote:
| >Legitimite employment might not give them the needed
| liberty to do what they see fit.
|
| That's true; that's why I tried to qualify it with
| "generally". There certainly are some very intelligent,
| skilled people who are capable of finding legitimate
| employment and instead choose to immerse themselves in the
| criminal underworld, for various personal reasons. In
| practice, though, I've found them to be pretty rare.
|
| Even among the ones who do have a desire for ultimate
| liberty and who see themselves as above the law, most feel
| like the risks greatly outweigh the rewards. Some temporary
| liberty in exchange for likely many years of zero liberty
| in a prison cell isn't a great deal. Especially when it's
| so easy for them to get a comfortable, high-paying
| legitimate job. (Admittedly, this trade-off may differ in
| places outside the US, where good jobs may be scarce and
| criminal activity may pay very well and almost always go
| unpunished. Assuming one has no ethical compunction, at
| least. Or feels certain illegal actions are ethically
| justifiable, like how many hacktivists feel.)
| radicalbyte wrote:
| There was a big thread there of people trying to hack the EU-
| DCC using a leaked "signing key". The key was one of the
| example keys I've been giving non-technical people who are
| working on it and want to run the software locally.
|
| It was the blind leading the blind but a lot of fun to watch.
| vmception wrote:
| > It was the blind leading the blind but a lot of fun to
| watch.
|
| yeah, in places like that you get banned for offering
| alternate perspectives like telling them it doesn't have
| the significance they think it has
|
| better to just sell them infowars branded coffee mugs and
| move on.
| PheonixPharts wrote:
| > These people tend not to be the brightest. If they were,
| they'd generally find legitimate employment,
|
| A bit of survivorship bias at work here.
|
| Criminal activity is more so a function of risk tolerance
| than intelligence. However getting _caught_ is certainly a
| function of intelligence.
|
| So your impression is that most criminals you read about
| being apprehended are people that seem to make many stupid
| mistakes. But this stupidity is heavily correlated with being
| caught, not necessarily with being a criminal.
|
| That said there's probably also a (negative) correlation
| between extreme tolerance for risk and intelligence.
| hillsideduck wrote:
| I'd further add to that, that in this case the criminal was
| only 21 years old. To be honest it is to be expected to
| mess up at some point with this much pressure at that age.
| PaywallBuster wrote:
| for background: he's only 21, and he started the website at 14
| jacquesm wrote:
| Indeed. But that doesn't really matter in the eyes of the
| law, he's no longer a minor. If he had been a bit more clever
| he would have stopped doing any of that the day he turned 18.
| FerociousTimes wrote:
| It is not about law enforcement either. It's about debating
| whether he's the sharpest tool in the shed or not. I
| contend that running such a criminal enterprise is no easy
| feat for a teenager despite the rookie mistakes he
| committed.
| jacquesm wrote:
| It's not easy: that's why he got caught. And he got
| caught primarily because he started a criminal
| enterprise, which makes him not the sharpest tool in the
| shed, if he would have been he would have turned his
| talents to something both more lucrative and legal.
| PaywallBuster wrote:
| in a poor country where the average person makes < 1000
| EUR per month, how do you come up with 0.5M at 21?
| jacquesm wrote:
| You probably won't. But 0.5 M at 21 through illegal means
| is easy: just rob a money transport and call it a day,
| after all: who cares if you are going to be a criminal
| anyway.
|
| How you are going to _legally_ come up with money is the
| question and there are no real shortcuts there other than
| to get lucky. But with his skills properly applied he
| would have a much better chance at a nice life than he
| has today. Money doesn 't really matter much if you're in
| a jail cell.
| rosndo wrote:
| This guy was under the impression that what he was doing wasn't
| illegal.
|
| IANAL but the fact that he is being charged with access device
| fraud might suggest that DOJ had to engage in some mental
| gymnastics in order to charge this. E: I'll take that back
| since I actually read the indictment now, besides the usual
| raidforums fare he was also selling credit card data which
| would very much tend to attract access device fraud charges.
| Teandw wrote:
| He knew what he was doing was illegal. You don't go through
| all the steps he did to stop authorities taking down the
| website without knowing what you're doing is illegal.
| doldols wrote:
| What steps were those? How are they distinguishable from
| the steps you would take to protect your website from being
| taken down because of abuse reports from upset people?
|
| Trading in hacked data might not be illegal unless it's
| credit card information, but your average hosting provider
| probably isn't going to care about such nuances.
| jacquesm wrote:
| > Trading in hacked data might not be illegal unless it's
| credit card information
|
| Dangerous nonsense. Trafficking in stolen data is
| illegal, please read the full indictment.
| jacquesm wrote:
| I already said he wasn't the sharpest knife in the drawer.
| frontman1988 wrote:
| Cut him some slack he was literally a teen when he got
| arrested.
| jacquesm wrote:
| When I was a teen I did lots of stupid stuff but
| generally I was aware of where the line was and if and
| when it was crossed I was pretty careful about it
| (mostly: experimenting with 'modulated high frequency
| sine wave generation').
| rosndo wrote:
| What he was doing might very well have been legal had he
| just avoided payment information and stuck to stolen
| databases containing emails, phone numbers, passwords. That
| was the bulk of the trade on raidforums anyway.
|
| But yeah, definitely not the sharpest knife in the drawer.
| jacquesm wrote:
| > might very well have been legal had he just avoided
| payment information and stuck to stolen databases
| containing emails, phone numbers, passwords
|
| I suspect that you are wrong about this.
|
| https://en.wikipedia.org/wiki/Accessory_(legal_term)
|
| "Count 1: Conspiracy to Commit Access Device Fraud (18
| U.S.C. SSSS 1029(b)(2)and 3559(g)(1))
|
| Count 2: Access Device Fraud -- Using or Trafficking in
| an Unauthorized Access Device (18 U.S.C. SSSS
| 1029(a)(2)and 2)
|
| Count 3: Access Device Fraud -- Possession of Fifteen or
| More Unauthorized Access Devices (18 U.S.C. SSSS
| 1029(a)(3)and 2)
|
| Counts 4-5: Access Device Fraud -- Unauthorized
| Solicitation (18 U.S.C. SSSS 1029(a)(6)and 2)
|
| Count 6: Aggravated Identity Theft (18 U.S.C. SSSS
| 1028A(a)(l)and 2)"
|
| If this sticks he will be gone for a long, long time,
| and, crucially, he handed over the the evidence himself
| so no amount of 'it wasn't me' is going to help here.
| rosndo wrote:
| Accessory after the fact:
|
| > Whoever, knowing that an offense against the United
| States has been committed, receives, relieves, comforts
| or assists the offender in order to hinder or prevent his
| apprehension, trial or punishment, is an accessory after
| the fact.
|
| It's not obvious at all that selling e.g. the leaked
| Linkedin database would be illegal in any way. You
| wouldn't retroactively become an accessory to the
| original crime.
|
| Of course, that stopped mattering the moment he started
| trafficking in stolen payment card information...
| jacquesm wrote:
| A reminder not to take legal advice from HN.
| cellis wrote:
| Also important to keep in mind he ( most likely ) wasn't
| aware of US law. Not sure how Portugal classifies
| businesses such as these, but we know how e.g. Russia
| differs in this regard.
| jacquesm wrote:
| Yes, true, but that's exactly why if you aren't aware of
| something or unsure of something you play it safe. The
| number of people that got busted like this is large
| enough that I'm 100% sure that he was aware that this
| wasn't a legal operation, in fact he went to some length
| to hide his identity, which shows at least minimal
| awareness of this.
| [deleted]
| ribosometronome wrote:
| Sounds like he was already on their radar if they were
| able/desired to obtain a warrant to search his devices.
| rossdavidh wrote:
| ...or even just spent the time to do it. But, not too
| surprising that they don't want to divulge everything that
| led them to him.
| joshcryer wrote:
| According to another article they arrested / detained
| several other people during this bust. I am guessing an
| inside agent got them to meet up. Only Coelho was stupid
| enough to have his devices unlocked / easily scoured. Using
| his admin email didn't help. Who even does that? Even my 75
| year old mom knew to use her trash email for signing up for
| crap.
| sofixa wrote:
| So they even need a warrant? I was under the impression that
| no US constitutional protections apply to foreigners, and
| when entering the country you need a visa or equivalent
| preauthorisation, and there you certainly agree they can do
| whatever they want with you.
| RajT88 wrote:
| I am always surprised at how often people who know each other
| randomly run into each other in an airport.
|
| I mean, what are the odds?
|
| I only had it happen once, but it was nuts. A guy from my
| previous company I ran into randomly in Frankfurt while I was
| on my way to India. He lives in California, I live in Chicago.
| _We were on the same flight to Bangalore_. Our trips had
| nothing to do with each other, other than we both work in tech
| and were visiting tech companies. Neither of us traveled
| internationally all that often.
|
| I knew a half dozen folks with crazy "what are the odds"
| stories like that.
| [deleted]
| morsch wrote:
| Seems like a variation of the birthday paradox.
| layer8 wrote:
| Not exactly, because the scenario isn't "any two people on
| the plane" but "me and another person on the plane".
| paxys wrote:
| It is still not another _specific_ person, but anyone you
| know, which is a pretty large set.
| layer8 wrote:
| The birthday paradox is a paradox due to the quadratic
| odds. If you fix one person (yourself), the odds are only
| linear.
| PheonixPharts wrote:
| We can see the full paradox at work here. The parent
| clearly states:
|
| > how often people who know each other randomly run into
| each other in an airport.
|
| > I mean, what are the odds?
|
| This is explicitly stating "any two people" (and it's at
| an airport not a plane, so more people). But then follows
| up with changing the framing of question they're asking:
|
| > I only had it happen once, but it was nuts.
|
| The birthday paradox is only a paradox because we tend to
| think of birthdays in a very personal manner. So when we
| think of "any two people sharing a birthday" we
| immediately change this to "someone having my birthday",
| without realizing we've fundamentally changes the
| question we're asking.
| layer8 wrote:
| The OP however isn't surprised by the actual odds of any
| two people randomly running into each other, but by the
| fact that it happened to them or acquaintances. They
| actually don't know what the odds would be for the whole
| airport or plane. With the birthday paradox, on the other
| hand, the thing that people are surprised about is not
| how often it happens to them, but the actual odds for a
| given group size of people.
| brk wrote:
| I ran into someone who had interviewed at my company, we were
| bot on an inter-airport shuttle in I think Berlin. He was
| based in CA, I was in MA, and we weren't really in the same
| industry (his knowledge base was tangent to what we did, thus
| the interview), and not traveling for the same event.
|
| Have had a handful of similar scenarios, seeing someone I
| know when we are in a far-away random place. I think it had
| to do a lot with I was traveling frequently at the time (200K
| miles/year), to all kinds of random places.
| layer8 wrote:
| It's probably just a symptom of humans being very bad at
| estimating odds.
| Sirened wrote:
| teenagers even less so. He's _twenty one_ and has been
| running the site since he was thirteen years old.
| bombcar wrote:
| From what I read once, the chance is _significantly_ higher
| than you expect, something like if you are in a major
| airport, there 's a 50% chance someone you know is also at
| the same airport.
|
| This is because the group of people who travel _often_ is
| surprisingly small, and so overlap will happen much more
| likely than you think.
| baby wrote:
| I actually ran many times into people that I know, in
| different parts of the world. The weirdest one was running
| into some French dude I had met skiing in France on a boat in
| Thailand. It's a small world.
| _moof wrote:
| Hub-and-spoke routing + "it's not a small world, it's a small
| social class/industry/demographic/what-have-you" + the
| tendency for industries to cluster geographically.
|
| And what are the odds people meet in the first place? Those
| exact same factors are what make folks run into each other
| again later. It would actually be weird if you never ran into
| people you know.
|
| _> ...Bangalore. Our trips had nothing to do with each
| other, other than we both work in tech and were visiting tech
| companies._
|
| Bangalore is a tech city, and you both worked in tech. That's
| how you ran into each other.
| RajT88 wrote:
| > Bangalore is a tech city, and you both worked in tech.
| That's how you ran into each other.
|
| I'll throw you another curve ball:
|
| He was working in the same complex, and we'd run into each
| other at lunch.
|
| The project he was there for was one I would have been
| assigned to, if I hadn't left our previous company. (I was
| the #1 SME for that bit of software)
|
| Therefore, I would have been the one sent there anyways
| that week, and been in that area. I actually confirmed this
| with my old boss.
| bduerst wrote:
| Yep, and throw in that humans are just bad at estimating
| statistics.
|
| Like the _birthday paradox_ : If there are just 23 people
| in a room, then there's a 50% probability that two people
| share the same birthday.
| infiniteL0Op wrote:
| jacquesm wrote:
| When I flew a lot I would run into regulars and people that I
| knew at least a couple of times every year.
| TobyTheDog123 wrote:
| Infinitely hysterical that they couldn't find a version of the
| RaidForums logo without a scantily clad anime girl lying on top
| of it
| frontman1988 wrote:
| Amazing how the perp started the website at 14 and gradually
| turned it into the top data leaks site in the world. To be able
| to build a multi million dollar illegal marketplace and not get
| caught for 7 years was quite an achievement in itself. Alas you
| just have to slip once and the party's over.
| paulpauper wrote:
| not really. unless it involves contraband, terrorism, or kid
| porn, the feds will not care that much. they will get to it
| eventually but it is not a top priority. Also they need many
| years to built an airtight case.
| ourmandave wrote:
| _According to the DOJ, that early activity included 'raiding'...
|
| -- and 'swatting,' the practice of making false reports to public
| safety agencies of situations that would necessitate a
| significant, and immediate armed law enforcement response."_
|
| If he did swatting they need to lock him up for attempted murder.
| People die from that "prank".
| thrownaway89865 wrote:
| What are the legal implications of having registered on this
| forum once with a personal email account but not having ever
| engaged in any transaction or downloading any leaked data, just
| lurking a few threads of nothing interesting at most.
|
| Asking for a friend, of course...
| jacquesm wrote:
| Your name will end up on a list.
|
| Such lists can be queried by those that are properly connected,
| typically LE/three (and in some countries four) letter agencies
| if your name ever turns up in some other context and then it
| might be given some weight, but other than that I wouldn't
| expect anything to come of it assuming that you are telling the
| truth. Such inter-service requests for information on
| particular individuals are pretty regular but someone first has
| to ask for you by name, and in a country with proper privacy
| protections typically a judge would have to sign off on such a
| broad request, but these mechanisms are not always perfect.
|
| Reading threads isn't a crime, but hanging out in places where
| lots of criminals hang out doesn't help you in the association
| department.
| ianhawes wrote:
| Hard to say, but rest assured that countless "white hat"
| infosec companies have also signed up and probably purchased
| stolen databases in furtherance of their own business
| activities.
| sq_ wrote:
| > Please delete this post as this means I am in big trouble.
|
| Interesting comment on Krebs' article... Probably a joke, but
| doesn't imply great intelligence among the people involved with
| RaidForums if not.
| lettergram wrote:
| > an extremely popular English-language cybercrime forum that
| sold access to more than 10 billion consumer records stolen in
| some of the world's largest data breaches since 2015. The DOJ
| also charged the alleged administrator of RaidForums -- 21-year-
| old Diogo Santos Coelho, of Portugal -- with six criminal counts,
| including conspiracy, access device fraud and aggravated identity
| theft.
|
| Some thing doesn't add up
| Teandw wrote:
| What doesn't add up?
| lettergram wrote:
| This admin would have been 14 when this was started. Why now
| and why him?
| cwkoss wrote:
| This is pretty funny, imo:
|
| ---
|
| Not all of those undercover buys went as planned. One incident
| described in an affidavit by prosecutors (PDF) appears related to
| the sale of tens of millions of consumer records stolen last year
| from T-Mobile, although the government refers to the victim only
| as a major telecommunications company and wireless network
| operator in the United States.
|
| [...]
|
| The government says the victim firm hired a third-party to
| purchase the database and prevent it from being sold to
| cybercriminals. That third-party ultimately paid approximately
| $200,000 worth of bitcoin to the seller, with the agreement that
| the data would be destroyed after sale. "However, it appears the
| co-conspirators continued to attempt to sell the databases after
| the third-party's purchase," the affidavit alleges.
|
| ---
|
| T-mobile paid 200k and got precisely nothing from it.
| cm2187 wrote:
| With the added benefit of poisoning the well for the next
| hacker who tries to sell the data back to the company.
___________________________________________________________________
(page generated 2022-04-12 23:00 UTC)