lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-Id: <20110131221009.0F0DB6F42D@smtp.hushmail.com>
Date: Mon, 31 Jan 2011 23:10:08 +0100
From: mad.men@...hmail.com
To: full-disclosure@...ts.grok.org.uk
Subject: Travel letter #2; What we do for knowledge

Some epic's in this one as well :)

Hello all,
I am sitting in LAX right now. This last week I have been in 
Venezuela and Columbia.

A small part of this trip was the dubious distinction that has 
resulted from around two years of work to setup. I have spoken with 
two cartels in the area.

What makes Venezuela special is that they have non-extradition 
rights as far as the US is concerned. Cybercrime is illegal in 
country, but is actually (under the table) encouraged. The 
government is happy to support criminal groups acting in the US 
(And the UK and AU) from Ve. Basically, as long as nothing is done 
against the citizens of Ve, not criminal sanctions come against the 
cartels.

For this reason, they are actually willing to talk. I managed to 
have a good walkthrough of an operation.

One major aspect is rape videos from abduced foreign nationals and 
the other is child porn videos. I was surprised to learn just how 
many US, UK and AU "clients" these cartels manage. The interesting 
thing is that once they get bank or credit card details, they move 
to an extortion model. One that lasts many years. The dumb bastards 
who buy the videos and other child porn/rape videos are extorted. 
The cartels use the information they obtain to collect evidence of 
the crime.

On top of this, there is the usual crimeware stuff.

These groups are current and moving to more former drug cartels.
Interestingly, cybercrime is earning more than cocaine. The US 
market for coke is depressed and cybercrime has been turning more 
money for the groups I met with at least.

I plan on writing it up within the next few weeks and letting sans 
do what they will with this paper. Just a freebee. Not even seeking 
yet another Gold from this.

Regards,
Dr Craig S wright, GSE etc

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ