[HN Gopher] RaidForums gets raided, alleged admin arrested ___________________________________________________________________ RaidForums gets raided, alleged admin arrested Author : picture Score : 196 points Date : 2022-04-12 17:32 UTC (5 hours ago) (HTM) web link (krebsonsecurity.com) (TXT) w3m dump (krebsonsecurity.com) | paulpauper wrote: | Funny how there are so many logos on the seizure notice . they | should have put a McDonald's logo too or maybe a service where a | company can pay to have their logo put on there given how much | traffic the sized domain probably got | Jamie9912 wrote: | including an anime girl in skimpy clothing | Sirened wrote: | don't want people to get it confused with the other | raidforums which is represented by a very chastely dressed | anime girl | bonestamp2 wrote: | Cyber Security companies might pay to be on there as a sponsor. | ohcomments wrote: | Guess the rabbit got caught by the turtle again due to showing | off instead of just leading the damn race... | [deleted] | karmicthreat wrote: | I wish the DOJ had a better designer for their domain seizure | graphics. | dddddaviddddd wrote: | I enjoy how they incorporate the logo of the seized site on | their notice. | powersnail wrote: | If I didn't read the news first, I'd never guessed that the | image is actually made by a law enforcement agency. It looks | like some script-kiddie's prank from 20 years ago. | | I like it though. A bit of punk spirit. | xwdv wrote: | No way, the whole point is to piss off the people who frequent | those domains. | rossdavidh wrote: | Idea for a HN contest: design a better DOJ domain seizure | graphic. Bonus points for features like "enter personal | identifying information here to be notified when your favorite | illegal site is back online". | | ...although I guess they did that last part for a while before | they changed the graphic. | navbaker wrote: | "Show HN: I trained a GAN to generate DOJ seizure graphics!" | mindcrime wrote: | Somebody should seize the DOJ website and replace it with a cDc | logo or something... | | Or a redirect to phrack.org. | jacquesm wrote: | It sounds like the 'somebody' would be angling for an | extended stay in a room without a view as well. | robocat wrote: | https://raid.lol/hn link for the lazy. The IRS:CI logo is | better than I would expect for a government agency: | https://en.wikipedia.org/wiki/IRS_Criminal_Investigation and | perhaps it pays okay: Annual budget US$1.2 billion with ~3,300 | employees. | sydthrowaway wrote: | It's meant to be as garish as possible. It's the modern day | equivalent of a branding iron. You got pwned! | kodah wrote: | Actually, you're spot on. They started doing these style of | splash pages a few years after hacking groups did. | sva_ wrote: | I'd make a guess that they simply just hired those people | (semi-voluntarily) | cellis wrote: | Quite a few former cyber criminals are on probation with | three letter orgs... | BlueTemplar wrote: | Did he at least get swatted ? | skilled wrote: | Interesting tweet here[0] saying the site was used to phish | credentials since late February this year. | | Also, who was hosting these guys? I remember in early 2000s (back | when milw0rm was a thing) - a lot of sites like this struggled to | stay online because nobody wanted to host them. | | Anyways, that's a pretty stupid way to go out. And, not just | because he is at fault or whatever, it sounds like they turned | that site into a capitalist enterprise and that's going to hurt | more than the fact that he engaged in illegal activity in the | first place. | | [0]: https://twitter.com/NatSecGeek/status/1513875386395987968 | twelventy wrote: | > who was hosting these guys? | | Epik? | ceva wrote: | Am just curious how hackforums is still around? | Jamie9912 wrote: | They don't allow anything illegal | [deleted] | jacquesm wrote: | "Coelho landed on the radar of U.S. authorities in June 2018, | when he tried to enter the United States at the Hartsfield- | Jackson International Airport in Atlanta. The government obtained | a warrant to search the electronic devices Coelho had in his | luggage and found text messages, files and emails showing he was | the RaidForums administrator Omnipotent." | | Not really the sharpest knife in the drawer, to do things like | this and then to go holidaying in the USA with incriminating | stuff on your person... | | Story time: | | A guy I met who did stuff that _may_ have come to the attention | of US authorities was on a plane that got diverted to the USA for | a medical emergency. The guy obviously got very upset and needed | to go to the bathroom, urgently, on the way there he spotted a | mate of his. They didn 't like each other much but got to talk | for a while and they both agreed that this was the end of the | line. They both expected to be arrested upon landing because the | passenger manifest was shared with the US authorities because of | the overflight. The one remarked to the other: 'spending the rest | of my life in jail is bad enough, but now I'm going to have to | spend it with you and that is _so_ much worse '. | | The person who had the medical emergency was taken off the plane | to go to hospital, the flight continued on its way, no | disembarkation, no checks, nothing. | oh_sigh wrote: | I think that's because these people are on the business side of | exploits, not the technical side. So really the most important | quality to have is a lack of scruples, not any kind of insane | technical talent which might inform proper infosec. | vmception wrote: | > Not really the sharpest knife in the drawer, to do things | like this and then to go holidaying in the USA with | incriminating stuff on your person... | | The US could have gone after him any time it wanted in nearly | any country, including his home in Portugal. They actually | arrested him in the UK. | | This issue with the warrant when he entered was a procedural | thing that appeared out of convenience. They could have | cooperated with Portugal to get the equivalent done there. They | just saw this low hanging fruit flagged on a flight manifest | and was like "sure why not". | sofixa wrote: | I don't know if Portugal is like that too, but e.g. France | doesn't extradite French citizens ( that's why Polanski run | away here). Also i think it's a general EU rule not to | extradite to countries with risk of torture and execution, | and the US are _experts_ at that. So it might not be as | simple. | jacquesm wrote: | I don't care about the US perspective, I care about _his_ | perspective, and for the life of me I can 't imagine someone | so incredibly convinced of their own ability to hide their | tracks that they'd be involved in a multi-year effort like | that and think it's smart to go visit the United States. It's | not like that would be the first time someone got arrested on | entry. If it can happen to the CEO of a large multinational | it can happen to Joe Random Hacker at least as easily. The | interesting thing is they didn't arrest him on the spot, but | they might well have. | Teandw wrote: | He was running one of the most 'successful' illegal forums | for what 7 years? When you get away with something for so | long, especially in an 'industry' where you know every law | enforcement in the world is after you, I can see why you | would easily think you're invincible and never getting | caught. | | He was incredibly convinced of his own ability to hide his | tracks because technically up to that point, his ability to | hide his tracks was good. A self fulfilling prophecy of | sorts. | jacquesm wrote: | Either that or he was spotted long ago, judged to be | untouchable because he was still a minor and they let it | go until they could charge him as an adult. | | The indictment documents a pretty lengthy sting | operation. | TacticalCoder wrote: | > Coelho landed on the radar of U.S. authorities in June 2018, | when he tried to enter the United States at the Hartsfield- | Jackson International Airport in Atlanta. The government | obtained a warrant to search the electronic devices Coelho had | in his luggage and found text messages, files and emails | showing he was the RaidForums administrator Omnipotent | | I called complete, total and utter bullshit. That's a parallel | construction if I ever saw one. Very few people get their | devices searched (I know maybe one in 100) and, _oh-the- | coincidence_ , this guy happens to be that "Omnipotent" admin | of a cybercrime forum? | | Yeah. I've got a bridge to sell you too. | rosndo wrote: | > Very few people get their devices searched (I know maybe | one in 100) and, oh-the-coincidence, this guy happens to be | that "Omnipotent" admin of a cybercrime forum? | | That's not what the text really suggests. It very clearly | states: | | > The government obtained a warrant | | Which obviously means that he wasn't randomly searched at the | border, but the government knew who he was. | | It's not parallel construction, just poor wording by Krebs. | jacquesm wrote: | There is a chance of that. | ev1 wrote: | e: yeah, that makes sense I guess | jacquesm wrote: | But that's the whole beauty of parallel construction: you | don't know if they found that out before or after... | 349ecb77cd62 wrote: | Teandw wrote: | I think you may have just read the timeline of events | incorrectly as what was said makes perfect sense? | | This was a multi-country investigation. The USA were likely | already aware of Coelho so when he entered the US, he was | then arrested by US authorities upon landing. It doesn't say | his devices were searched there and then. It said a warrant | was obtained to search his device, so they would needed to | have a valid reason to apply for that warrant. | | You seem to be reading it as if they had no idea who he was | and they randomly searched someone's electronic devices and | just happened to be this guy. That's not what they're saying | happened? | vsareto wrote: | I guess "landed on the radar" could be interpreted as the | first time you get noticed by law enforcement. | throwmeariver1 wrote: | I bet he thought the exact same thing ;0) | meowface wrote: | Not to mention the following paragraph: | | >"In an attempt to retrieve his items, Coelho called the lead | FBI case agent on or around August 2, 2018, and used the email | address unrivalled@pm.me to email the agent," the government's | affidavit states. Investigators found this same address was | used to register rf.ws and raid.lol, which Omnipotent announced | on the forum would serve as alternative domain names for | RaidForums in case the site's primary domain was seized. | | I'm not surprised at all, though. These people tend not to be | the brightest. If they were, they'd generally find legitimate | employment, where they can still make very good money while | also not constantly fearing arrest and imprisonment. Most of | the people who operate and use these sites often don't have the | ability to get even an entry-level infosec job. | btown wrote: | I imagine a lot of people think that just because they've | used a WHOIS anonymization service through their registrar, | domain registration isn't traceable back to their account. On | the contrary, registrars make this incredibly straightforward | for law enforcement to do: for instance, see | https://www.godaddy.com/legal/agreements/subpoena-policy. | It's a remarkably silly way to get busted. | omegacharlie wrote: | Some context for those that do not know. I believe some | time ago raidforums.com was transferred from NameCheap to | Cloudflare registrar (pre-seizure) and it was under data | redaction with an address in the territory of Cyprus in | Whois data. Some sort of attempt at P.O box or shell | company voodoo is my guess. | | With Cloudflare registrar I would not be surprised if they | were a cooperating party in this case. | btown wrote: | https://www.namecheap.com/legal/general/court-order-and- | subp... | | https://www.cloudflare.com/media/pdf/transparency- | report.pdf - and | https://developers.cloudflare.com/registrar/why-choose- | cloud... indicates Cloudflare retains "the registrant | email on file for that domain." | | WHOIS redaction is extremely useful for shielding | personal information from non-governmental entities! But | US government entities have full access to any data the | registrar has on file, regardless of whether they provide | redaction services. | xiphias2 wrote: | I'm not so sure about it. Did you listen to the interview of | Lex Fridman with Brett Johnson? He seems like an intelligent | person who could easily get an infosec job and be extremely | good at it from UX/social engineering point of view, but he | was socialized from being a kid to disregard authority and | steal from other people in every possible way. | | I'm sure he wouldn't let Coinbase get away with SMS 2nd | factor authentication, something I can never forgive a | company to do when there's big money on the line. | PragmaticPulp wrote: | > I'm not so sure about it. Did you listen to the interview | of Lex Fridman with Brett Johnson? He seems like an | intelligent person who could easily get an infosec job and | be extremely good at it from UX/social engineering point of | view, but he was socialized from being a kid to disregard | authority and steal from other people in every possible | way. | | Be very careful about taking infosec celebrities at face | value. | | Social engineering is and always has been a core feature of | black hat activities. When these people graduate from | criminal activities to being keynote speakers and | consultants, they take their social engineering skills and | use them to build a personal brand. | | In other words: You were getting socially engineered | through that podcast. Building an aura around himself is | his business now ( https://www.anglerphish.com/speaking- | consulting ). | | His story is interesting and you can't deny that he's | become a great storyteller. But even he admitted that he | wasn't the strongest on the technical side of things. | meowface wrote: | >I'm not so sure about it. Did you listen to the interview | of Lex Fridman with Brett Johnson? | | I did. Excellent, captivating interview, but he repeatedly | acknowledged he didn't know much about the tech stuff, and | he said several incorrect technical things towards the end. | I stand by my statement: I think it would've been difficult | for him to get a (technical) infosec job at the time of his | arrest, or now (assuming a world where he didn't have a | criminal record). While listening to it, I actually thought | he perfectly fit the archetype of cybercrime forum | operators I'm used to coming across. | | He's certainly a great social engineer, and many other | technically unskilled people in the cybercrime space also | are. I'm definitely not discounting that ability. A lot of | it comes down to brazenness; e.g. being confident and | shameless enough to impersonate a law enforcement officer | over the phone. There's still a lot of skill involved in | being a con artist even then - you need affability and the | gift of gab and all that - but it's not necessarily the | kind of skill that's transferrable to technical expertise. | There are many people with expertise in both areas, but | also many who are exclusive to one. | sonicggg wrote: | They could find legitimate work, yes, but you're forgetting | that they do it for the thrill. Just like people can be | passionated for their careers, so can a black hat hacker or a | scammer also find pleasure in his craft. Not saying it's the | right thing, but I understand the appeal. | baby wrote: | dude, opsec is really really hard, the slightest mistake and | it's over. | sweetbitter wrote: | It's only that hard if the person in question is dumb | enough to be using a pseudonym instead of opting for | anonymity, since having a name opens up your attack surface | and chance to fail. Hosting a site or some kind of | infrastructure that you have to actively interface with | also counts towards this. | tyingq wrote: | >These people tend not to be the brightest. | | Well, for those that are bright, you don't hear anything at | all. So it's hard to characterize all of them. | | I hear something similar on shows like Dateline about how | not-bright the murderers are. Yet only about half of | homicides are solved in the US every year. | Firehawke wrote: | Yeah, absolutely this. There's a bias towards the low end | of the skill/intelligence curve as those guys get caught | doing really stupid shit and end up in the news as a | result. | | I was looking over Wikipedia articles on software piracy | groups of the 1980s/90s the other day and it was really | interesting how many of them died to either a blatantly | stupid move on the part of one of their members/leadership | resulting in the whole group dropping like dominoes, or a | political split when the leadership could not agree on | policy (especially during a leadership changeover) | | It was particularly interesting to see at least one major | group collapse due to leadership getting nailed on | phreaking charges, which spilled over to the entire group | getting nabbed on the piracy. | | A few of the brightest in the scene got out when they found | an opportune time, then disappeared. At least one or two of | them are CEOs in big business, if the articles are to be | believed. I bet one or more are reading this now, even! | isk517 wrote: | You only need to be slightly more intelligent than the | people trying to track you in order to not get caught. I | heard and read enough true crime stories to noticed that | successful serial killers and incompetent law enforcement | tend to go hand-in-hand. | tyingq wrote: | I would guess that things like search history, email | records, cell phone records and security cameras are a | huge crutch for police these days. So avoiding those | things probably gets you most of the way there. | jacquesm wrote: | License plates, CCTV, purchase records, public transport | etc. | | There are so many ways in which you could be tracked that | the safe assumption is that you won't be able to avoid | it. | tyingq wrote: | Which brings you back to asking why half don't get | solved, I suppose. | jacquesm wrote: | In most countries: priorities. | db65edfc7996 wrote: | With all digital interactions recorded forever, it only takes | a single idle mistake. | at-fates-hands wrote: | True. | | I always feel like the people who are involved in these | illegal forums would have better OpsSec. The fact the feds | got all of his electronic devices and within a few hours | had plenty of damning information is always kind of | shocking to me. | | I guess that's the difference between the real criminals | who never get caught and others who get greedy or too lazy | in covering their tracks. | krzyk wrote: | How is infosec job related to him? | | Legitimite employment might not give them the needed liberty | to do what they see fit. | meowface wrote: | >Legitimite employment might not give them the needed | liberty to do what they see fit. | | That's true; that's why I tried to qualify it with | "generally". There certainly are some very intelligent, | skilled people who are capable of finding legitimate | employment and instead choose to immerse themselves in the | criminal underworld, for various personal reasons. In | practice, though, I've found them to be pretty rare. | | Even among the ones who do have a desire for ultimate | liberty and who see themselves as above the law, most feel | like the risks greatly outweigh the rewards. Some temporary | liberty in exchange for likely many years of zero liberty | in a prison cell isn't a great deal. Especially when it's | so easy for them to get a comfortable, high-paying | legitimate job. (Admittedly, this trade-off may differ in | places outside the US, where good jobs may be scarce and | criminal activity may pay very well and almost always go | unpunished. Assuming one has no ethical compunction, at | least. Or feels certain illegal actions are ethically | justifiable, like how many hacktivists feel.) | radicalbyte wrote: | There was a big thread there of people trying to hack the EU- | DCC using a leaked "signing key". The key was one of the | example keys I've been giving non-technical people who are | working on it and want to run the software locally. | | It was the blind leading the blind but a lot of fun to watch. | vmception wrote: | > It was the blind leading the blind but a lot of fun to | watch. | | yeah, in places like that you get banned for offering | alternate perspectives like telling them it doesn't have | the significance they think it has | | better to just sell them infowars branded coffee mugs and | move on. | PheonixPharts wrote: | > These people tend not to be the brightest. If they were, | they'd generally find legitimate employment, | | A bit of survivorship bias at work here. | | Criminal activity is more so a function of risk tolerance | than intelligence. However getting _caught_ is certainly a | function of intelligence. | | So your impression is that most criminals you read about | being apprehended are people that seem to make many stupid | mistakes. But this stupidity is heavily correlated with being | caught, not necessarily with being a criminal. | | That said there's probably also a (negative) correlation | between extreme tolerance for risk and intelligence. | hillsideduck wrote: | I'd further add to that, that in this case the criminal was | only 21 years old. To be honest it is to be expected to | mess up at some point with this much pressure at that age. | PaywallBuster wrote: | for background: he's only 21, and he started the website at 14 | jacquesm wrote: | Indeed. But that doesn't really matter in the eyes of the | law, he's no longer a minor. If he had been a bit more clever | he would have stopped doing any of that the day he turned 18. | FerociousTimes wrote: | It is not about law enforcement either. It's about debating | whether he's the sharpest tool in the shed or not. I | contend that running such a criminal enterprise is no easy | feat for a teenager despite the rookie mistakes he | committed. | jacquesm wrote: | It's not easy: that's why he got caught. And he got | caught primarily because he started a criminal | enterprise, which makes him not the sharpest tool in the | shed, if he would have been he would have turned his | talents to something both more lucrative and legal. | PaywallBuster wrote: | in a poor country where the average person makes < 1000 | EUR per month, how do you come up with 0.5M at 21? | jacquesm wrote: | You probably won't. But 0.5 M at 21 through illegal means | is easy: just rob a money transport and call it a day, | after all: who cares if you are going to be a criminal | anyway. | | How you are going to _legally_ come up with money is the | question and there are no real shortcuts there other than | to get lucky. But with his skills properly applied he | would have a much better chance at a nice life than he | has today. Money doesn 't really matter much if you're in | a jail cell. | rosndo wrote: | This guy was under the impression that what he was doing wasn't | illegal. | | IANAL but the fact that he is being charged with access device | fraud might suggest that DOJ had to engage in some mental | gymnastics in order to charge this. E: I'll take that back | since I actually read the indictment now, besides the usual | raidforums fare he was also selling credit card data which | would very much tend to attract access device fraud charges. | Teandw wrote: | He knew what he was doing was illegal. You don't go through | all the steps he did to stop authorities taking down the | website without knowing what you're doing is illegal. | doldols wrote: | What steps were those? How are they distinguishable from | the steps you would take to protect your website from being | taken down because of abuse reports from upset people? | | Trading in hacked data might not be illegal unless it's | credit card information, but your average hosting provider | probably isn't going to care about such nuances. | jacquesm wrote: | > Trading in hacked data might not be illegal unless it's | credit card information | | Dangerous nonsense. Trafficking in stolen data is | illegal, please read the full indictment. | jacquesm wrote: | I already said he wasn't the sharpest knife in the drawer. | frontman1988 wrote: | Cut him some slack he was literally a teen when he got | arrested. | jacquesm wrote: | When I was a teen I did lots of stupid stuff but | generally I was aware of where the line was and if and | when it was crossed I was pretty careful about it | (mostly: experimenting with 'modulated high frequency | sine wave generation'). | rosndo wrote: | What he was doing might very well have been legal had he | just avoided payment information and stuck to stolen | databases containing emails, phone numbers, passwords. That | was the bulk of the trade on raidforums anyway. | | But yeah, definitely not the sharpest knife in the drawer. | jacquesm wrote: | > might very well have been legal had he just avoided | payment information and stuck to stolen databases | containing emails, phone numbers, passwords | | I suspect that you are wrong about this. | | https://en.wikipedia.org/wiki/Accessory_(legal_term) | | "Count 1: Conspiracy to Commit Access Device Fraud (18 | U.S.C. SSSS 1029(b)(2)and 3559(g)(1)) | | Count 2: Access Device Fraud -- Using or Trafficking in | an Unauthorized Access Device (18 U.S.C. SSSS | 1029(a)(2)and 2) | | Count 3: Access Device Fraud -- Possession of Fifteen or | More Unauthorized Access Devices (18 U.S.C. SSSS | 1029(a)(3)and 2) | | Counts 4-5: Access Device Fraud -- Unauthorized | Solicitation (18 U.S.C. SSSS 1029(a)(6)and 2) | | Count 6: Aggravated Identity Theft (18 U.S.C. SSSS | 1028A(a)(l)and 2)" | | If this sticks he will be gone for a long, long time, | and, crucially, he handed over the the evidence himself | so no amount of 'it wasn't me' is going to help here. | rosndo wrote: | Accessory after the fact: | | > Whoever, knowing that an offense against the United | States has been committed, receives, relieves, comforts | or assists the offender in order to hinder or prevent his | apprehension, trial or punishment, is an accessory after | the fact. | | It's not obvious at all that selling e.g. the leaked | Linkedin database would be illegal in any way. You | wouldn't retroactively become an accessory to the | original crime. | | Of course, that stopped mattering the moment he started | trafficking in stolen payment card information... | jacquesm wrote: | A reminder not to take legal advice from HN. | cellis wrote: | Also important to keep in mind he ( most likely ) wasn't | aware of US law. Not sure how Portugal classifies | businesses such as these, but we know how e.g. Russia | differs in this regard. | jacquesm wrote: | Yes, true, but that's exactly why if you aren't aware of | something or unsure of something you play it safe. The | number of people that got busted like this is large | enough that I'm 100% sure that he was aware that this | wasn't a legal operation, in fact he went to some length | to hide his identity, which shows at least minimal | awareness of this. | [deleted] | ribosometronome wrote: | Sounds like he was already on their radar if they were | able/desired to obtain a warrant to search his devices. | rossdavidh wrote: | ...or even just spent the time to do it. But, not too | surprising that they don't want to divulge everything that | led them to him. | joshcryer wrote: | According to another article they arrested / detained | several other people during this bust. I am guessing an | inside agent got them to meet up. Only Coelho was stupid | enough to have his devices unlocked / easily scoured. Using | his admin email didn't help. Who even does that? Even my 75 | year old mom knew to use her trash email for signing up for | crap. | sofixa wrote: | So they even need a warrant? I was under the impression that | no US constitutional protections apply to foreigners, and | when entering the country you need a visa or equivalent | preauthorisation, and there you certainly agree they can do | whatever they want with you. | RajT88 wrote: | I am always surprised at how often people who know each other | randomly run into each other in an airport. | | I mean, what are the odds? | | I only had it happen once, but it was nuts. A guy from my | previous company I ran into randomly in Frankfurt while I was | on my way to India. He lives in California, I live in Chicago. | _We were on the same flight to Bangalore_. Our trips had | nothing to do with each other, other than we both work in tech | and were visiting tech companies. Neither of us traveled | internationally all that often. | | I knew a half dozen folks with crazy "what are the odds" | stories like that. | [deleted] | morsch wrote: | Seems like a variation of the birthday paradox. | layer8 wrote: | Not exactly, because the scenario isn't "any two people on | the plane" but "me and another person on the plane". | paxys wrote: | It is still not another _specific_ person, but anyone you | know, which is a pretty large set. | layer8 wrote: | The birthday paradox is a paradox due to the quadratic | odds. If you fix one person (yourself), the odds are only | linear. | PheonixPharts wrote: | We can see the full paradox at work here. The parent | clearly states: | | > how often people who know each other randomly run into | each other in an airport. | | > I mean, what are the odds? | | This is explicitly stating "any two people" (and it's at | an airport not a plane, so more people). But then follows | up with changing the framing of question they're asking: | | > I only had it happen once, but it was nuts. | | The birthday paradox is only a paradox because we tend to | think of birthdays in a very personal manner. So when we | think of "any two people sharing a birthday" we | immediately change this to "someone having my birthday", | without realizing we've fundamentally changes the | question we're asking. | layer8 wrote: | The OP however isn't surprised by the actual odds of any | two people randomly running into each other, but by the | fact that it happened to them or acquaintances. They | actually don't know what the odds would be for the whole | airport or plane. With the birthday paradox, on the other | hand, the thing that people are surprised about is not | how often it happens to them, but the actual odds for a | given group size of people. | brk wrote: | I ran into someone who had interviewed at my company, we were | bot on an inter-airport shuttle in I think Berlin. He was | based in CA, I was in MA, and we weren't really in the same | industry (his knowledge base was tangent to what we did, thus | the interview), and not traveling for the same event. | | Have had a handful of similar scenarios, seeing someone I | know when we are in a far-away random place. I think it had | to do a lot with I was traveling frequently at the time (200K | miles/year), to all kinds of random places. | layer8 wrote: | It's probably just a symptom of humans being very bad at | estimating odds. | Sirened wrote: | teenagers even less so. He's _twenty one_ and has been | running the site since he was thirteen years old. | bombcar wrote: | From what I read once, the chance is _significantly_ higher | than you expect, something like if you are in a major | airport, there 's a 50% chance someone you know is also at | the same airport. | | This is because the group of people who travel _often_ is | surprisingly small, and so overlap will happen much more | likely than you think. | baby wrote: | I actually ran many times into people that I know, in | different parts of the world. The weirdest one was running | into some French dude I had met skiing in France on a boat in | Thailand. It's a small world. | _moof wrote: | Hub-and-spoke routing + "it's not a small world, it's a small | social class/industry/demographic/what-have-you" + the | tendency for industries to cluster geographically. | | And what are the odds people meet in the first place? Those | exact same factors are what make folks run into each other | again later. It would actually be weird if you never ran into | people you know. | | _> ...Bangalore. Our trips had nothing to do with each | other, other than we both work in tech and were visiting tech | companies._ | | Bangalore is a tech city, and you both worked in tech. That's | how you ran into each other. | RajT88 wrote: | > Bangalore is a tech city, and you both worked in tech. | That's how you ran into each other. | | I'll throw you another curve ball: | | He was working in the same complex, and we'd run into each | other at lunch. | | The project he was there for was one I would have been | assigned to, if I hadn't left our previous company. (I was | the #1 SME for that bit of software) | | Therefore, I would have been the one sent there anyways | that week, and been in that area. I actually confirmed this | with my old boss. | bduerst wrote: | Yep, and throw in that humans are just bad at estimating | statistics. | | Like the _birthday paradox_ : If there are just 23 people | in a room, then there's a 50% probability that two people | share the same birthday. | infiniteL0Op wrote: | jacquesm wrote: | When I flew a lot I would run into regulars and people that I | knew at least a couple of times every year. | TobyTheDog123 wrote: | Infinitely hysterical that they couldn't find a version of the | RaidForums logo without a scantily clad anime girl lying on top | of it | frontman1988 wrote: | Amazing how the perp started the website at 14 and gradually | turned it into the top data leaks site in the world. To be able | to build a multi million dollar illegal marketplace and not get | caught for 7 years was quite an achievement in itself. Alas you | just have to slip once and the party's over. | paulpauper wrote: | not really. unless it involves contraband, terrorism, or kid | porn, the feds will not care that much. they will get to it | eventually but it is not a top priority. Also they need many | years to built an airtight case. | ourmandave wrote: | _According to the DOJ, that early activity included 'raiding'... | | -- and 'swatting,' the practice of making false reports to public | safety agencies of situations that would necessitate a | significant, and immediate armed law enforcement response."_ | | If he did swatting they need to lock him up for attempted murder. | People die from that "prank". | thrownaway89865 wrote: | What are the legal implications of having registered on this | forum once with a personal email account but not having ever | engaged in any transaction or downloading any leaked data, just | lurking a few threads of nothing interesting at most. | | Asking for a friend, of course... | jacquesm wrote: | Your name will end up on a list. | | Such lists can be queried by those that are properly connected, | typically LE/three (and in some countries four) letter agencies | if your name ever turns up in some other context and then it | might be given some weight, but other than that I wouldn't | expect anything to come of it assuming that you are telling the | truth. Such inter-service requests for information on | particular individuals are pretty regular but someone first has | to ask for you by name, and in a country with proper privacy | protections typically a judge would have to sign off on such a | broad request, but these mechanisms are not always perfect. | | Reading threads isn't a crime, but hanging out in places where | lots of criminals hang out doesn't help you in the association | department. | ianhawes wrote: | Hard to say, but rest assured that countless "white hat" | infosec companies have also signed up and probably purchased | stolen databases in furtherance of their own business | activities. | sq_ wrote: | > Please delete this post as this means I am in big trouble. | | Interesting comment on Krebs' article... Probably a joke, but | doesn't imply great intelligence among the people involved with | RaidForums if not. | lettergram wrote: | > an extremely popular English-language cybercrime forum that | sold access to more than 10 billion consumer records stolen in | some of the world's largest data breaches since 2015. The DOJ | also charged the alleged administrator of RaidForums -- 21-year- | old Diogo Santos Coelho, of Portugal -- with six criminal counts, | including conspiracy, access device fraud and aggravated identity | theft. | | Some thing doesn't add up | Teandw wrote: | What doesn't add up? | lettergram wrote: | This admin would have been 14 when this was started. Why now | and why him? | cwkoss wrote: | This is pretty funny, imo: | | --- | | Not all of those undercover buys went as planned. One incident | described in an affidavit by prosecutors (PDF) appears related to | the sale of tens of millions of consumer records stolen last year | from T-Mobile, although the government refers to the victim only | as a major telecommunications company and wireless network | operator in the United States. | | [...] | | The government says the victim firm hired a third-party to | purchase the database and prevent it from being sold to | cybercriminals. That third-party ultimately paid approximately | $200,000 worth of bitcoin to the seller, with the agreement that | the data would be destroyed after sale. "However, it appears the | co-conspirators continued to attempt to sell the databases after | the third-party's purchase," the affidavit alleges. | | --- | | T-mobile paid 200k and got precisely nothing from it. | cm2187 wrote: | With the added benefit of poisoning the well for the next | hacker who tries to sell the data back to the company. ___________________________________________________________________ (page generated 2022-04-12 23:00 UTC)