SlideShare a Scribd company logo

Alan kakareka. insight into russian black market

Yury Chemerkin
Yury Chemerkin
Technology
1 of 36
Download to read offline
INSIGHT INTO RUSSIAN BLACK MARKET
sh-3.2# whoami • Alan Kakareka, CISSP, GSNA, GSEC, CEH, MCP, MCDST, Net+, Sec+ • Masters degree in science from Florida International University • CTO and founder of Demyo, Inc. • Based in Miami, Florida, USA. Demyo, Inc.
AND I ENJOY GREEN LETTERS ON BLACK BACKGROUND Demyo, Inc.
WHAT ARE THE MOST DANGEROUS COUNTRIES? Demyo, Inc.
WHAT ARE THE MOST DANGEROUS COUNTRIES? Demyo, Inc.
WHERE ALL THE GOODIES ARE? • Unknown – Unknown: • Forums, various websites • Known – Known: • IM, typically ICQ Demyo, Inc.
LETS TAKE A LOOK AT 2 UNDERGROUND FORUMS • https://exploit.in/forum/ - pretty small • https://forum.antichat.ru/- one of the bigger ones Demyo, Inc.
SMALL VS BIG Example: rdot.org Demyo, Inc.
HTTPS://EXPLOIT.IN/FORUM • 341k messages, 35k users. Demyo, Inc.
HOW MANY OF ALL MESSAGES ARE SALE / BUY / TRADE? Roughly 10-15% of all messages are related to sell / buy / trade Another 90% is how to program this, how to hack this, how to solve this kind of issue, etc. Demyo, Inc.
LETS SEE WHAT CAN WE BUY? Demyo, Inc.
HOW ABOUT ROOT ACCESS TO MYSQL.COM Demyo, Inc.
ANYBODY WANTS TO GUESS THE PRICE? Demyo, Inc.
LATER ON IN THE NEWS…. Demyo, Inc.
AUCTION SYSTEM FOR SERVING MALWARE - “VDELE” Demyo, Inc.
SOFTWARE TO BUILD YOUR OWN BOTNET – “ANDROMEDA BOTNET” Demyo, Inc.
ALSO AVAILABLE • Credit card numbers • Paypal accounts • Online banking accounts • Email spamming services • Cell phone spamming services (by text messages) and / or calls • 0-day exploits (rarely) • Custom malware, spyware, tools • Plain hacking services • DDOS • Full identity (CC + SSN + DOB + address + email with password + online banking credentials + mothers maiden name + dogs name + etc.) Demyo, Inc.
0-DAY EXPLOITS (RARELY) • If a black hat has 0-day it is much more profitable do something with it than selling it • If you are white hat hacker, sell it to company’s who are buying bugs like ZDI Demyo, Inc.
HTTPS://FORUM.ANTICHAT.RU/ • 2 million messages, 104k users Demyo, Inc.
HOW MANY MESSAGES ARE RELATED TO BUY / SELL / TRADE Almost 10% of all messages are related to trading Demyo, Inc.
HOW DO THEY TRUST EACH OTHER? VS Demyo, Inc.
ANOTHER WAY IS BY ENDORSING FROM THE FORUM OWNER Demyo, Inc.
MEANS OF PAYMENT • No paypal….. WHY???? • Webmoney • Liberty Reserve • Yandex Money • BitCoin – not so much • F2F – almost never • Most popular is WEBMONEY Demyo, Inc.
CLOSED SECTIONS • Typically there are 3 access levels • 1st level – make some useful posts • 2nd level – get to know somebody and post some sensitive data • 3rd level – be well known in community, post some real goodies Demyo, Inc.
LIMITING ACCESS ONLY TO HIGHER PROFILE PEOPLE Demyo, Inc.
PRICES… • How much is this, how much is that? • Depends what language you speak • If you ask in Russian – 100 bucks • If you ask in English – 200 bucks Demyo, Inc.
ACTUAL PRICING • Private virustotal.com service – 40 USD / month, unlimited amount of files • Why do you need a private virustotal.com service? When virustotal.com is free??? • 1 million SPAM emails in inbox – 200 USD • DDOS – 100 to 400 USD a day, depending on traffic amount. • DDOS sales/discussions are getting forbidden in many public Russian forums, why??? • CC – 0.1 USD to 5 USD depending on amount and/or quality Demyo, Inc.
ACTUAL PRICING • Paypal – 1% to 10% of the balance, also depending on account type and other factors • Online Banking – 1% to 10% percent of the balance, depending on the bank, account type and other factors • Email:pass combo – FREE, unless it is sorted, verified for validity, and is bundled with other accounts • Full identity (CC + SSN + DOB + address + email with password + online banking credentials + mothers maiden name + dogs name + etc.) – about 100 USD • Many, many, many other types of services and goods – agreed price Demyo, Inc.
OTHER FACTORS • Paypal and Online Banking – 1% to 10% of the balance depending on account type and other factors. • User logs in into his • User logs in into his account once every 6 account daily months • Password to users email • Password to users email is not available  is available as well • This particular bank • This particular bank DOES NOT allow online DOES allow online transfers transfers Demyo, Inc.
HOW MANY RUSSIAN RESOURCES ARE THERE? • A LOT OF THEM • http://forum.xakep.ru/default.aspx 1,5 million messages • http://hackzona.ru/ • https://forum.k0d.cc/index1.php • http://www.hack-info.ru/index.php • https://forum.xeksec.com/ • http://aferizm.ru/ • http://grabberz.com/forum.php • http://forum.kriminala.net/index.php • http://www.xaker.name/forvb/index.php • And so on…. Demyo, Inc.
HOW TO FIND RUSSIAN RESOURCES • Russian search engines • http://www.yandex.ru/ • http://www.rambler.ru/ • Classic Google dork • ‘Site:ru hacking’ Or….. Demyo, Inc.
HOW TO FIND RUSSIAN RESOURCES
WRAPPING UP • Yeah we are wrapping up 
QUESTIONS? AND CONTACT INFO • Email: almaz@demyo.com • Phone: +1 201 665 6666 • LinkedIn: Almantas Kakareka • Twitter: @DemyoSec • www.demyo.com

Recommended

Internet Quiz
Internet QuizInternet Quiz
Internet Quizlockyerj
 
The Market for Cyber Weapons - NATO Cooperative Cyber Defence Centre of Exce...
The Market for Cyber Weapons - NATO Cooperative Cyber Defence Centre of Exce... The Market for Cyber Weapons - NATO Cooperative Cyber Defence Centre of Exce...
The Market for Cyber Weapons - NATO Cooperative Cyber Defence Centre of Exce...SignalSEC Ltd.
 
Webapplicationsecurity05 2010 100601100553 Phpapp02
Webapplicationsecurity05 2010 100601100553 Phpapp02Webapplicationsecurity05 2010 100601100553 Phpapp02
Webapplicationsecurity05 2010 100601100553 Phpapp02Rafel Ivgi
 
0Day Hunting A.K.A. The Story of a Proper CPE Test by Balazs Bacsay
0Day Hunting A.K.A. The Story of a Proper CPE Test by Balazs Bacsay0Day Hunting A.K.A. The Story of a Proper CPE Test by Balazs Bacsay
0Day Hunting A.K.A. The Story of a Proper CPE Test by Balazs BacsayShakacon
 
Alfonso De Gregorio - Vulnerabilities and Their Surrounding Ethical Questions...
Alfonso De Gregorio - Vulnerabilities and Their Surrounding Ethical Questions...Alfonso De Gregorio - Vulnerabilities and Their Surrounding Ethical Questions...
Alfonso De Gregorio - Vulnerabilities and Their Surrounding Ethical Questions...HackIT Ukraine
 
Vulnerability Intelligence and Assessment with vulners.com
Vulnerability Intelligence and Assessment with vulners.comVulnerability Intelligence and Assessment with vulners.com
Vulnerability Intelligence and Assessment with vulners.comAlexander Leonov
 
Advanced Persistent Threats (APTs) - Information Security Management
Advanced Persistent Threats (APTs) - Information Security ManagementAdvanced Persistent Threats (APTs) - Information Security Management
Advanced Persistent Threats (APTs) - Information Security ManagementMayur Nanotkar
 
Spot the Web Vulnerability
Spot the Web VulnerabilitySpot the Web Vulnerability
Spot the Web VulnerabilityMiroslav Stampar
 

Recommended

Internet Quiz
Internet QuizInternet Quiz
Internet Quizlockyerj
 
The Market for Cyber Weapons - NATO Cooperative Cyber Defence Centre of Exce...
The Market for Cyber Weapons - NATO Cooperative Cyber Defence Centre of Exce... The Market for Cyber Weapons - NATO Cooperative Cyber Defence Centre of Exce...
The Market for Cyber Weapons - NATO Cooperative Cyber Defence Centre of Exce...SignalSEC Ltd.
 
Webapplicationsecurity05 2010 100601100553 Phpapp02
Webapplicationsecurity05 2010 100601100553 Phpapp02Webapplicationsecurity05 2010 100601100553 Phpapp02
Webapplicationsecurity05 2010 100601100553 Phpapp02Rafel Ivgi
 
0Day Hunting A.K.A. The Story of a Proper CPE Test by Balazs Bacsay
0Day Hunting A.K.A. The Story of a Proper CPE Test by Balazs Bacsay0Day Hunting A.K.A. The Story of a Proper CPE Test by Balazs Bacsay
0Day Hunting A.K.A. The Story of a Proper CPE Test by Balazs BacsayShakacon
 
Alfonso De Gregorio - Vulnerabilities and Their Surrounding Ethical Questions...
Alfonso De Gregorio - Vulnerabilities and Their Surrounding Ethical Questions...Alfonso De Gregorio - Vulnerabilities and Their Surrounding Ethical Questions...
Alfonso De Gregorio - Vulnerabilities and Their Surrounding Ethical Questions...HackIT Ukraine
 
Vulnerability Intelligence and Assessment with vulners.com
Vulnerability Intelligence and Assessment with vulners.comVulnerability Intelligence and Assessment with vulners.com
Vulnerability Intelligence and Assessment with vulners.comAlexander Leonov
 
Advanced Persistent Threats (APTs) - Information Security Management
Advanced Persistent Threats (APTs) - Information Security ManagementAdvanced Persistent Threats (APTs) - Information Security Management
Advanced Persistent Threats (APTs) - Information Security ManagementMayur Nanotkar
 
Spot the Web Vulnerability
Spot the Web VulnerabilitySpot the Web Vulnerability
Spot the Web VulnerabilityMiroslav Stampar
 
Corp Web Risks and Concerns
Corp Web Risks and ConcernsCorp Web Risks and Concerns
Corp Web Risks and ConcernsPINT Inc
 
part 3 cyber crimes
part 3 cyber crimes part 3 cyber crimes
part 3 cyber crimes Bharati Vidyapeeth New Law College,Pune
 
Digital survival guide
Digital survival guideDigital survival guide
Digital survival guideAlex Stonehill
 
م.50-مبادرة#تواصل_تطوير-م.أشرف صلاح الدين إبراهيم-كيف تبقى آمناً وتحمى معلوما...
م.50-مبادرة#تواصل_تطوير-م.أشرف صلاح الدين إبراهيم-كيف تبقى آمناً وتحمى معلوما...م.50-مبادرة#تواصل_تطوير-م.أشرف صلاح الدين إبراهيم-كيف تبقى آمناً وتحمى معلوما...
م.50-مبادرة#تواصل_تطوير-م.أشرف صلاح الدين إبراهيم-كيف تبقى آمناً وتحمى معلوما...Egyptian Engineers Association
 
Cybersecurity additional activities
Cybersecurity additional activitiesCybersecurity additional activities
Cybersecurity additional activitiesYumonomics
 
Securing and Safeguarding Your Library Setup
Securing and Safeguarding Your Library SetupSecuring and Safeguarding Your Library Setup
Securing and Safeguarding Your Library SetupBrian Pichman
 
Creating a digital toolkit for users: How to teach our users how to limit the...
Creating a digital toolkit for users: How to teach our users how to limit the...Creating a digital toolkit for users: How to teach our users how to limit the...
Creating a digital toolkit for users: How to teach our users how to limit the...Justin Denton
 
From russia final_bluehat10
From russia final_bluehat10From russia final_bluehat10
From russia final_bluehat10F _
 
The Seven Hackers v6
The Seven Hackers v6The Seven Hackers v6
The Seven Hackers v6Tom Gilheany, MBA, CISSP
 
Securing & Safeguarding Your Library Setup.pptx
Securing & Safeguarding Your Library Setup.pptxSecuring & Safeguarding Your Library Setup.pptx
Securing & Safeguarding Your Library Setup.pptxBrian Pichman
 
Digital Natives? Basics of Information Literacy
Digital Natives? Basics of Information LiteracyDigital Natives? Basics of Information Literacy
Digital Natives? Basics of Information LiteracySarah Uthoff
 
Thoughts on Defensive Development for Sitecore
Thoughts on Defensive Development for SitecoreThoughts on Defensive Development for Sitecore
Thoughts on Defensive Development for SitecorePINT Inc
 
Rayane hazimeh building trust in the digital age teenagers and students
Rayane hazimeh building trust in the digital age teenagers and studentsRayane hazimeh building trust in the digital age teenagers and students
Rayane hazimeh building trust in the digital age teenagers and studentsRayanehaz
 
protecting your digital personal life
protecting your digital personal lifeprotecting your digital personal life
protecting your digital personal lifeNathan Lesser
 
Cyber Security Motivation
Cyber Security MotivationCyber Security Motivation
Cyber Security MotivationSuman Thapaliya
 
Internet Safety for 1950s Adults and Beginners
Internet Safety for 1950s Adults and BeginnersInternet Safety for 1950s Adults and Beginners
Internet Safety for 1950s Adults and BeginnersRajesh Soundararajan
 
Devnexus 2017 Cybercrime and the Developer: How do you make a difference?
Devnexus 2017 Cybercrime and the Developer: How do you make a difference?Devnexus 2017 Cybercrime and the Developer: How do you make a difference?
Devnexus 2017 Cybercrime and the Developer: How do you make a difference?Steve Poole
 
Go Local or Go Global? (Do Both) Startup Grind 2014
Go Local or Go Global? (Do Both) Startup Grind 2014Go Local or Go Global? (Do Both) Startup Grind 2014
Go Local or Go Global? (Do Both) Startup Grind 2014Dave McClure
 
Cyber Security Awareness October 2014
Cyber Security Awareness October 2014Cyber Security Awareness October 2014
Cyber Security Awareness October 2014Donald E. Hester
 
Chapter-5.pptx
Chapter-5.pptxChapter-5.pptx
Chapter-5.pptxShreyaKushwaha28
 
Security Vulnerability Notice SE-2012-01-PUBLIC [Security vulnerabilities in ...
Security Vulnerability Notice SE-2012-01-PUBLIC [Security vulnerabilities in ...Security Vulnerability Notice SE-2012-01-PUBLIC [Security vulnerabilities in ...
Security Vulnerability Notice SE-2012-01-PUBLIC [Security vulnerabilities in ...Yury Chemerkin
 
Red october. detailed malware description
Red october. detailed malware descriptionRed october. detailed malware description
Red october. detailed malware descriptionYury Chemerkin
 

More Related Content

Similar to Alan kakareka. insight into russian black market

Corp Web Risks and Concerns
Corp Web Risks and ConcernsCorp Web Risks and Concerns
Corp Web Risks and ConcernsPINT Inc
 
Digital survival guide
Digital survival guideDigital survival guide
Digital survival guideAlex Stonehill
 
م.50-مبادرة#تواصل_تطوير-م.أشرف صلاح الدين إبراهيم-كيف تبقى آمناً وتحمى معلوما...
م.50-مبادرة#تواصل_تطوير-م.أشرف صلاح الدين إبراهيم-كيف تبقى آمناً وتحمى معلوما...م.50-مبادرة#تواصل_تطوير-م.أشرف صلاح الدين إبراهيم-كيف تبقى آمناً وتحمى معلوما...
م.50-مبادرة#تواصل_تطوير-م.أشرف صلاح الدين إبراهيم-كيف تبقى آمناً وتحمى معلوما...Egyptian Engineers Association
 
Cybersecurity additional activities
Cybersecurity additional activitiesCybersecurity additional activities
Cybersecurity additional activitiesYumonomics
 
Securing and Safeguarding Your Library Setup
Securing and Safeguarding Your Library SetupSecuring and Safeguarding Your Library Setup
Securing and Safeguarding Your Library SetupBrian Pichman
 
Creating a digital toolkit for users: How to teach our users how to limit the...
Creating a digital toolkit for users: How to teach our users how to limit the...Creating a digital toolkit for users: How to teach our users how to limit the...
Creating a digital toolkit for users: How to teach our users how to limit the...Justin Denton
 
From russia final_bluehat10
From russia final_bluehat10From russia final_bluehat10
From russia final_bluehat10F _
 
Securing & Safeguarding Your Library Setup.pptx
Securing & Safeguarding Your Library Setup.pptxSecuring & Safeguarding Your Library Setup.pptx
Securing & Safeguarding Your Library Setup.pptxBrian Pichman
 
Digital Natives? Basics of Information Literacy
Digital Natives? Basics of Information LiteracyDigital Natives? Basics of Information Literacy
Digital Natives? Basics of Information LiteracySarah Uthoff
 
Thoughts on Defensive Development for Sitecore
Thoughts on Defensive Development for SitecoreThoughts on Defensive Development for Sitecore
Thoughts on Defensive Development for SitecorePINT Inc
 
Rayane hazimeh building trust in the digital age teenagers and students
Rayane hazimeh building trust in the digital age teenagers and studentsRayane hazimeh building trust in the digital age teenagers and students
Rayane hazimeh building trust in the digital age teenagers and studentsRayanehaz
 
protecting your digital personal life
protecting your digital personal lifeprotecting your digital personal life
protecting your digital personal lifeNathan Lesser
 
Cyber Security Motivation
Cyber Security MotivationCyber Security Motivation
Cyber Security MotivationSuman Thapaliya
 
Internet Safety for 1950s Adults and Beginners
Internet Safety for 1950s Adults and BeginnersInternet Safety for 1950s Adults and Beginners
Internet Safety for 1950s Adults and BeginnersRajesh Soundararajan
 
Devnexus 2017 Cybercrime and the Developer: How do you make a difference?
Devnexus 2017 Cybercrime and the Developer: How do you make a difference?Devnexus 2017 Cybercrime and the Developer: How do you make a difference?
Devnexus 2017 Cybercrime and the Developer: How do you make a difference?Steve Poole
 
Go Local or Go Global? (Do Both) Startup Grind 2014
Go Local or Go Global? (Do Both) Startup Grind 2014Go Local or Go Global? (Do Both) Startup Grind 2014
Go Local or Go Global? (Do Both) Startup Grind 2014Dave McClure
 
Cyber Security Awareness October 2014
Cyber Security Awareness October 2014Cyber Security Awareness October 2014
Cyber Security Awareness October 2014Donald E. Hester
 

Similar to Alan kakareka. insight into russian black market (20)

Corp Web Risks and Concerns
Corp Web Risks and ConcernsCorp Web Risks and Concerns
Corp Web Risks and Concerns
 
part 3 cyber crimes
part 3 cyber crimes part 3 cyber crimes
part 3 cyber crimes
 
Digital survival guide
Digital survival guideDigital survival guide
Digital survival guide
 
م.50-مبادرة#تواصل_تطوير-م.أشرف صلاح الدين إبراهيم-كيف تبقى آمناً وتحمى معلوما...
م.50-مبادرة#تواصل_تطوير-م.أشرف صلاح الدين إبراهيم-كيف تبقى آمناً وتحمى معلوما...م.50-مبادرة#تواصل_تطوير-م.أشرف صلاح الدين إبراهيم-كيف تبقى آمناً وتحمى معلوما...
م.50-مبادرة#تواصل_تطوير-م.أشرف صلاح الدين إبراهيم-كيف تبقى آمناً وتحمى معلوما...
 
Cybersecurity additional activities
Cybersecurity additional activitiesCybersecurity additional activities
Cybersecurity additional activities
 
Securing and Safeguarding Your Library Setup
Securing and Safeguarding Your Library SetupSecuring and Safeguarding Your Library Setup
Securing and Safeguarding Your Library Setup
 
Creating a digital toolkit for users: How to teach our users how to limit the...
Creating a digital toolkit for users: How to teach our users how to limit the...Creating a digital toolkit for users: How to teach our users how to limit the...
Creating a digital toolkit for users: How to teach our users how to limit the...
 
From russia final_bluehat10
From russia final_bluehat10From russia final_bluehat10
From russia final_bluehat10
 
The Seven Hackers v6
The Seven Hackers v6The Seven Hackers v6
The Seven Hackers v6
 
Securing & Safeguarding Your Library Setup.pptx
Securing & Safeguarding Your Library Setup.pptxSecuring & Safeguarding Your Library Setup.pptx
Securing & Safeguarding Your Library Setup.pptx
 
Digital Natives? Basics of Information Literacy
Digital Natives? Basics of Information LiteracyDigital Natives? Basics of Information Literacy
Digital Natives? Basics of Information Literacy
 
Thoughts on Defensive Development for Sitecore
Thoughts on Defensive Development for SitecoreThoughts on Defensive Development for Sitecore
Thoughts on Defensive Development for Sitecore
 
Rayane hazimeh building trust in the digital age teenagers and students
Rayane hazimeh building trust in the digital age teenagers and studentsRayane hazimeh building trust in the digital age teenagers and students
Rayane hazimeh building trust in the digital age teenagers and students
 
protecting your digital personal life
protecting your digital personal lifeprotecting your digital personal life
protecting your digital personal life
 
Cyber Security Motivation
Cyber Security MotivationCyber Security Motivation
Cyber Security Motivation
 
Internet Safety for 1950s Adults and Beginners
Internet Safety for 1950s Adults and BeginnersInternet Safety for 1950s Adults and Beginners
Internet Safety for 1950s Adults and Beginners
 
Devnexus 2017 Cybercrime and the Developer: How do you make a difference?
Devnexus 2017 Cybercrime and the Developer: How do you make a difference?Devnexus 2017 Cybercrime and the Developer: How do you make a difference?
Devnexus 2017 Cybercrime and the Developer: How do you make a difference?
 
Go Local or Go Global? (Do Both) Startup Grind 2014
Go Local or Go Global? (Do Both) Startup Grind 2014Go Local or Go Global? (Do Both) Startup Grind 2014
Go Local or Go Global? (Do Both) Startup Grind 2014
 
Cyber Security Awareness October 2014
Cyber Security Awareness October 2014Cyber Security Awareness October 2014
Cyber Security Awareness October 2014
 
Chapter-5.pptx
Chapter-5.pptxChapter-5.pptx
Chapter-5.pptx
 

More from Yury Chemerkin

Security Vulnerability Notice SE-2012-01-PUBLIC [Security vulnerabilities in ...
Security Vulnerability Notice SE-2012-01-PUBLIC [Security vulnerabilities in ...Security Vulnerability Notice SE-2012-01-PUBLIC [Security vulnerabilities in ...
Security Vulnerability Notice SE-2012-01-PUBLIC [Security vulnerabilities in ...Yury Chemerkin
 
Red october. detailed malware description
Red october. detailed malware descriptionRed october. detailed malware description
Red october. detailed malware descriptionYury Chemerkin
 
Comment crew indicators of compromise
Comment crew indicators of compromiseComment crew indicators of compromise
Comment crew indicators of compromiseYury Chemerkin
 
Appendix g iocs readme
Appendix g iocs readmeAppendix g iocs readme
Appendix g iocs readmeYury Chemerkin
 
Appendix f (digital) ssl certificates
Appendix f (digital) ssl certificatesAppendix f (digital) ssl certificates
Appendix f (digital) ssl certificatesYury Chemerkin
 
Appendix e (digital) md5s
Appendix e (digital) md5sAppendix e (digital) md5s
Appendix e (digital) md5sYury Chemerkin
 
Appendix d (digital) fqd ns
Appendix d (digital) fqd nsAppendix d (digital) fqd ns
Appendix d (digital) fqd nsYury Chemerkin
 
6071f3f4 40e6-4c7b-8868-3b0b21a9f601
6071f3f4 40e6-4c7b-8868-3b0b21a9f6016071f3f4 40e6-4c7b-8868-3b0b21a9f601
6071f3f4 40e6-4c7b-8868-3b0b21a9f601Yury Chemerkin
 
Zane lackey. security at scale. web application security in a continuous depl...
Zane lackey. security at scale. web application security in a continuous depl...Zane lackey. security at scale. web application security in a continuous depl...
Zane lackey. security at scale. web application security in a continuous depl...Yury Chemerkin
 
Windows 8. important considerations for computer forensics and electronic dis...
Windows 8. important considerations for computer forensics and electronic dis...Windows 8. important considerations for computer forensics and electronic dis...
Windows 8. important considerations for computer forensics and electronic dis...Yury Chemerkin
 
The stuxnet computer worm. harbinger of an emerging warfare capability
The stuxnet computer worm. harbinger of an emerging warfare capabilityThe stuxnet computer worm. harbinger of an emerging warfare capability
The stuxnet computer worm. harbinger of an emerging warfare capabilityYury Chemerkin
 
Stuxnet. analysis, myths, realities
Stuxnet. analysis, myths, realitiesStuxnet. analysis, myths, realities
Stuxnet. analysis, myths, realitiesYury Chemerkin
 
Stuxnet redux. malware attribution & lessons learned
Stuxnet redux. malware attribution & lessons learnedStuxnet redux. malware attribution & lessons learned
Stuxnet redux. malware attribution & lessons learnedYury Chemerkin
 
Sophos ransom ware fake antivirus
Sophos ransom ware fake antivirusSophos ransom ware fake antivirus
Sophos ransom ware fake antivirusYury Chemerkin
 
Six months later – a report card on google’s demotion of pirate sites
Six months later – a report card on google’s demotion of pirate sitesSix months later – a report card on google’s demotion of pirate sites
Six months later – a report card on google’s demotion of pirate sitesYury Chemerkin
 
Security in the cloud planning guide
Security in the cloud planning guideSecurity in the cloud planning guide
Security in the cloud planning guideYury Chemerkin
 
Security configuration recommendations for apple i os 5 devices
Security configuration recommendations for apple i os 5 devicesSecurity configuration recommendations for apple i os 5 devices
Security configuration recommendations for apple i os 5 devicesYury Chemerkin
 
Render man. hacker + airplanes = no good can come of this
Render man. hacker + airplanes = no good can come of thisRender man. hacker + airplanes = no good can come of this
Render man. hacker + airplanes = no good can come of thisYury Chemerkin
 

More from Yury Chemerkin (20)

Security Vulnerability Notice SE-2012-01-PUBLIC [Security vulnerabilities in ...
Security Vulnerability Notice SE-2012-01-PUBLIC [Security vulnerabilities in ...Security Vulnerability Notice SE-2012-01-PUBLIC [Security vulnerabilities in ...
Security Vulnerability Notice SE-2012-01-PUBLIC [Security vulnerabilities in ...
 
Red october. detailed malware description
Red october. detailed malware descriptionRed october. detailed malware description
Red october. detailed malware description
 
Comment crew indicators of compromise
Comment crew indicators of compromiseComment crew indicators of compromise
Comment crew indicators of compromise
 
Appendix g iocs readme
Appendix g iocs readmeAppendix g iocs readme
Appendix g iocs readme
 
Appendix f (digital) ssl certificates
Appendix f (digital) ssl certificatesAppendix f (digital) ssl certificates
Appendix f (digital) ssl certificates
 
Appendix e (digital) md5s
Appendix e (digital) md5sAppendix e (digital) md5s
Appendix e (digital) md5s
 
Appendix d (digital) fqd ns
Appendix d (digital) fqd nsAppendix d (digital) fqd ns
Appendix d (digital) fqd ns
 
6071f3f4 40e6-4c7b-8868-3b0b21a9f601
6071f3f4 40e6-4c7b-8868-3b0b21a9f6016071f3f4 40e6-4c7b-8868-3b0b21a9f601
6071f3f4 40e6-4c7b-8868-3b0b21a9f601
 
Jp3 13
Jp3 13Jp3 13
Jp3 13
 
Zane lackey. security at scale. web application security in a continuous depl...
Zane lackey. security at scale. web application security in a continuous depl...Zane lackey. security at scale. web application security in a continuous depl...
Zane lackey. security at scale. web application security in a continuous depl...
 
Windows 8. important considerations for computer forensics and electronic dis...
Windows 8. important considerations for computer forensics and electronic dis...Windows 8. important considerations for computer forensics and electronic dis...
Windows 8. important considerations for computer forensics and electronic dis...
 
The stuxnet computer worm. harbinger of an emerging warfare capability
The stuxnet computer worm. harbinger of an emerging warfare capabilityThe stuxnet computer worm. harbinger of an emerging warfare capability
The stuxnet computer worm. harbinger of an emerging warfare capability
 
Stuxnet. analysis, myths, realities
Stuxnet. analysis, myths, realitiesStuxnet. analysis, myths, realities
Stuxnet. analysis, myths, realities
 
Stuxnet redux. malware attribution & lessons learned
Stuxnet redux. malware attribution & lessons learnedStuxnet redux. malware attribution & lessons learned
Stuxnet redux. malware attribution & lessons learned
 
Sophos ransom ware fake antivirus
Sophos ransom ware fake antivirusSophos ransom ware fake antivirus
Sophos ransom ware fake antivirus
 
Six months later – a report card on google’s demotion of pirate sites
Six months later – a report card on google’s demotion of pirate sitesSix months later – a report card on google’s demotion of pirate sites
Six months later – a report card on google’s demotion of pirate sites
 
Security in the cloud planning guide
Security in the cloud planning guideSecurity in the cloud planning guide
Security in the cloud planning guide
 
Security configuration recommendations for apple i os 5 devices
Security configuration recommendations for apple i os 5 devicesSecurity configuration recommendations for apple i os 5 devices
Security configuration recommendations for apple i os 5 devices
 
Render man. hacker + airplanes = no good can come of this
Render man. hacker + airplanes = no good can come of thisRender man. hacker + airplanes = no good can come of this
Render man. hacker + airplanes = no good can come of this
 
Msft oracle brief
Msft oracle briefMsft oracle brief
Msft oracle brief
 

Recently uploaded

Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsRoshan Dwivedi
 

Recently uploaded (20)

Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 

Alan kakareka. insight into russian black market

  • 2.
  • 3. sh-3.2# whoami • Alan Kakareka, CISSP, GSNA, GSEC, CEH, MCP, MCDST, Net+, Sec+ • Masters degree in science from Florida International University • CTO and founder of Demyo, Inc. • Based in Miami, Florida, USA. Demyo, Inc.
  • 4. AND I ENJOY GREEN LETTERS ON BLACK BACKGROUND Demyo, Inc.
  • 5. WHAT ARE THE MOST DANGEROUS COUNTRIES? Demyo, Inc.
  • 6. WHAT ARE THE MOST DANGEROUS COUNTRIES? Demyo, Inc.
  • 7. WHERE ALL THE GOODIES ARE? • Unknown – Unknown: • Forums, various websites • Known – Known: • IM, typically ICQ Demyo, Inc.
  • 8. LETS TAKE A LOOK AT 2 UNDERGROUND FORUMS • https://exploit.in/forum/ - pretty small • https://forum.antichat.ru/- one of the bigger ones Demyo, Inc.
  • 9. SMALL VS BIG Example: rdot.org Demyo, Inc.
  • 11. HOW MANY OF ALL MESSAGES ARE SALE / BUY / TRADE? Roughly 10-15% of all messages are related to sell / buy / trade Another 90% is how to program this, how to hack this, how to solve this kind of issue, etc. Demyo, Inc.
  • 12. LETS SEE WHAT CAN WE BUY? Demyo, Inc.
  • 13. HOW ABOUT ROOT ACCESS TO MYSQL.COM Demyo, Inc.
  • 14. ANYBODY WANTS TO GUESS THE PRICE? Demyo, Inc.
  • 15. LATER ON IN THE NEWS…. Demyo, Inc.
  • 16. AUCTION SYSTEM FOR SERVING MALWARE - “VDELE” Demyo, Inc.
  • 17. SOFTWARE TO BUILD YOUR OWN BOTNET – “ANDROMEDA BOTNET” Demyo, Inc.
  • 18. ALSO AVAILABLE • Credit card numbers • Paypal accounts • Online banking accounts • Email spamming services • Cell phone spamming services (by text messages) and / or calls • 0-day exploits (rarely) • Custom malware, spyware, tools • Plain hacking services • DDOS • Full identity (CC + SSN + DOB + address + email with password + online banking credentials + mothers maiden name + dogs name + etc.) Demyo, Inc.
  • 19. 0-DAY EXPLOITS (RARELY) • If a black hat has 0-day it is much more profitable do something with it than selling it • If you are white hat hacker, sell it to company’s who are buying bugs like ZDI Demyo, Inc.
  • 20.
  • 21. HTTPS://FORUM.ANTICHAT.RU/ • 2 million messages, 104k users Demyo, Inc.
  • 22. HOW MANY MESSAGES ARE RELATED TO BUY / SELL / TRADE Almost 10% of all messages are related to trading Demyo, Inc.
  • 23. HOW DO THEY TRUST EACH OTHER? VS Demyo, Inc.
  • 24. ANOTHER WAY IS BY ENDORSING FROM THE FORUM OWNER Demyo, Inc.
  • 25. MEANS OF PAYMENT • No paypal….. WHY???? • Webmoney • Liberty Reserve • Yandex Money • BitCoin – not so much • F2F – almost never • Most popular is WEBMONEY Demyo, Inc.
  • 26. CLOSED SECTIONS • Typically there are 3 access levels • 1st level – make some useful posts • 2nd level – get to know somebody and post some sensitive data • 3rd level – be well known in community, post some real goodies Demyo, Inc.
  • 27. LIMITING ACCESS ONLY TO HIGHER PROFILE PEOPLE Demyo, Inc.
  • 28. PRICES… • How much is this, how much is that? • Depends what language you speak • If you ask in Russian – 100 bucks • If you ask in English – 200 bucks Demyo, Inc.
  • 29. ACTUAL PRICING • Private virustotal.com service – 40 USD / month, unlimited amount of files • Why do you need a private virustotal.com service? When virustotal.com is free??? • 1 million SPAM emails in inbox – 200 USD • DDOS – 100 to 400 USD a day, depending on traffic amount. • DDOS sales/discussions are getting forbidden in many public Russian forums, why??? • CC – 0.1 USD to 5 USD depending on amount and/or quality Demyo, Inc.
  • 30. ACTUAL PRICING • Paypal – 1% to 10% of the balance, also depending on account type and other factors • Online Banking – 1% to 10% percent of the balance, depending on the bank, account type and other factors • Email:pass combo – FREE, unless it is sorted, verified for validity, and is bundled with other accounts • Full identity (CC + SSN + DOB + address + email with password + online banking credentials + mothers maiden name + dogs name + etc.) – about 100 USD • Many, many, many other types of services and goods – agreed price Demyo, Inc.
  • 31. OTHER FACTORS • Paypal and Online Banking – 1% to 10% of the balance depending on account type and other factors. • User logs in into his • User logs in into his account once every 6 account daily months • Password to users email • Password to users email is not available  is available as well • This particular bank • This particular bank DOES NOT allow online DOES allow online transfers transfers Demyo, Inc.
  • 32. HOW MANY RUSSIAN RESOURCES ARE THERE? • A LOT OF THEM • http://forum.xakep.ru/default.aspx 1,5 million messages • http://hackzona.ru/ • https://forum.k0d.cc/index1.php • http://www.hack-info.ru/index.php • https://forum.xeksec.com/ • http://aferizm.ru/ • http://grabberz.com/forum.php • http://forum.kriminala.net/index.php • http://www.xaker.name/forvb/index.php • And so on…. Demyo, Inc.
  • 33. HOW TO FIND RUSSIAN RESOURCES • Russian search engines • http://www.yandex.ru/ • http://www.rambler.ru/ • Classic Google dork • ‘Site:ru hacking’ Or….. Demyo, Inc.
  • 34. HOW TO FIND RUSSIAN RESOURCES
  • 35. WRAPPING UP • Yeah we are wrapping up 
  • 36. QUESTIONS? AND CONTACT INFO • Email: almaz@demyo.com • Phone: +1 201 665 6666 • LinkedIn: Almantas Kakareka • Twitter: @DemyoSec • www.demyo.com