Darknet Diaries

174: Pacific Rim

For six years, Sophos fought a secret cyber war against a state-backed hacking group targeting its firewalls. This forced Sophos to drastically change tactics to properly secure their firewalls. Was it ethical? Was it effective? They disrupted nine zero-day attacks, exposed who was hacking them, and forced the hackers to change tactics. But at what cost? You have to listen to one of the most audacious corporate cyber defenses ever conducted. SPONSORS Support for this show comes from ThreatLocker® [https://www.threatlocker.com/]. ThreatLocker® is a Zero Trust Endpoint Protection Platform that strengthens your infrastructure from the ground up. With ThreatLocker® Allowlisting and Ringfencing™, you gain a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker® provides Zero Trust control at the kernel level that enables you to allow everything you need and block everything else, including ransomware! Learn more at www.threatlocker.com [https://www.threatlocker.com/]. This show is sponsored by Meter [https://www.meter.com/], the company building networks from the ground up. Meter delivers a complete networking stack - wired, wireless, and cellular - in one solution that’s built for performance and scale. Alongside their partners, Meter designs the hardware, writes the firmware, builds the software, manages deployments, and runs support. Learn more at meter.com [https://www.meter.com/]. Support for this show comes from Drata [https://drata.com/darknetdiaries]. Drata is the trust management platform that uses AI-driven automation to modernize governance, risk, and compliance, helping thousands of businesses stay audit-ready and scale securely. Learn more at drata.com/darknetdiaries [https://drata.com/darknetdiaries]. SOURCES * https://news.sophos.com/en-us/2024/10/31/pacific-rim-timeline/ [https://news.sophos.com/en-us/2024/10/31/pacific-rim-timeline/] * https://www.justice.gov/archives/opa/pr/seven-hackers-associated-chinese-government-charged-computer-intrusions-targeting-perceived [https://www.justice.gov/archives/opa/pr/seven-hackers-associated-chinese-government-charged-computer-intrusions-targeting-perceived] * https://www.fbi.gov/wanted/cyber/guan-tianfeng [https://www.fbi.gov/wanted/cyber/guan-tianfeng]

173: Tarjeteros

In the streets of the Dominican Republic, a new economy thrives in the shadows. It’s built not on tourism or sugar, but on stolen data. They call them tarjeteros. And they are making a lot of money from stolen credit cards. This is a story about one group of tarjeteros who came to the US, and let loose on New York city. SPONSORS Support for this show comes from ThreatLocker® [https://www.threatlocker.com/]. ThreatLocker® is a Zero Trust Endpoint Protection Platform that strengthens your infrastructure from the ground up. With ThreatLocker® Allowlisting and Ringfencing™, you gain a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker® provides Zero Trust control at the kernel level that enables you to allow everything you need and block everything else, including ransomware! Learn more at www.threatlocker.com [https://www.threatlocker.com/]. This show is sponsored by Maze [http://mazehq.com/darknet]. Maze uses AI agents to triage and remediate cloud vulnerabilities by figuring out what’s actually exploitable, not just what’s theoretically risky. They remove the noise, prioritize vulns that matter, and manage remediation, so your team stops wasting time on meaningless vulns. Visit MazeHQ.com/darknet [http://mazehq.com/darknet] for more information. Support for this show comes from Privacy.com [https://privacy.com/darknet]. Privacy allows you to create virtual spending cards instantly to use for purchases. Get your $5 sign-up bonus at privacy.com/darknet [https://privacy.com/darknet]. You can use it on your first purchase! Privacy has a free plan with no transaction fees for domestic purchases. Protect your financial identity online with virtual cards.

172: SuperBox

What if there was a device which gave you endless movies and TV shows without ads? Ok great sign me up! In this episode we interview “D3ada55”, who found such a device, but as she gazed into it, she discovered it gazing back at her. SPONSORS Support for this show comes from ThreatLocker® [https://www.threatlocker.com/]. ThreatLocker® is a Zero Trust Endpoint Protection Platform that strengthens your infrastructure from the ground up. With ThreatLocker® Allowlisting and Ringfencing™, you gain a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker® provides Zero Trust control at the kernel level that enables you to allow everything you need and block everything else, including ransomware! Learn more at www.threatlocker.com [https://www.threatlocker.com/]. This episode is sponsored by Meter [https://www.meter.com/], the company building networks from the ground up. Meter delivers a complete networking stack - wired, wireless, and cellular - in one solution that’s built for performance and scale. Alongside their partners, Meter designs the hardware, writes the firmware, builds the software, manages deployments, and runs support. Learn more at meter.com [https://www.meter.com/]. This episode is sponsored by Exaforce [https://exaforce.com/darknet-diaries]. Exaforce was created to handle the complete security operations workflow - detect, triage, investigate, respond. Exabots autonomously manage every stage, eliminating gaps between alert and action that slow down traditional security operations. And how it works is simple too: the exabots ingest all security data and then semantically connects it to understand the full context of security events and how they relate to each other. Learn more at exaforce.com/darknet-diaries [https://exaforce.com/darknet-diaries].

171: Melody Fraud

What if the music charts you see aren’t real? What if the numbers that define success can be manufactured? We talked to Andrew, a man who has spent his career on both sides of this battle. He once profited from the loopholes in streaming platforms, but now, his job is to close them. This episode will change the way you understand music streaming platforms from now on. SPONSORS Support for this show comes from ThreatLocker® [https://www.threatlocker.com/]. ThreatLocker® is a Zero Trust Endpoint Protection Platform that strengthens your infrastructure from the ground up. With ThreatLocker® Allowlisting and Ringfencing™, you gain a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker® provides Zero Trust control at the kernel level that enables you to allow everything you need and block everything else, including ransomware! Learn more at www.threatlocker.com [https://www.threatlocker.com/]. Support for this show comes from Adaptive Security [https://www.adaptivesecurity.com/]. Deepfake voices on a Zoom call. AI-written phishing emails that sound exactly like your CFO. Synthetic job applicants walking through the front door. Adaptive is built to stop these attacks. They run real-time simulations, exposing your teams to what these attacks look like to test and improve your defences. Learn more at adaptivesecurity.com [https://www.adaptivesecurity.com/]. This episode is sponsored by Meter [https://www.meter.com/], the company building networks from the ground up. Meter delivers a complete networking stack - wired, wireless, and cellular - in one solution that’s built for performance and scale. Alongside their partners, Meter designs the hardware, writes the firmware, builds the software, manages deployments, and runs support. Learn more at meter.com [https://www.meter.com/].

170: Phrack

Phrack is legendary. It is the oldest, and arguably the most prestigious, underground hacking magazine in the world. It started in 1985 and is still running today. In this episode we interview the Phrack staff to hear some stories about what it’s like running a hacker magazine for 40 years. phrack.org [https://phrack.org/] SPONSORS Support for this show comes from ThreatLocker® [https://www.threatlocker.com/]. ThreatLocker® is a Zero Trust Endpoint Protection Platform that strengthens your infrastructure from the ground up. With ThreatLocker® Allowlisting and Ringfencing™, you gain a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker® provides Zero Trust control at the kernel level that enables you to allow everything you need and block everything else, including ransomware! Learn more at www.threatlocker.com [https://www.threatlocker.com/]. Support for this show comes from Drata [https://drata.com/darknetdiaries]. Drata is the trust management platform that uses AI-driven automation to modernize governance, risk, and compliance, helping thousands of businesses stay audit-ready and scale securely. Learn more at drata.com/darknetdiaries [https://drata.com/darknetdiaries]. This episode is sponsored by Meter [https://www.meter.com/], the company building networks from the ground up. Meter delivers a complete networking stack - wired, wireless, and cellular - in one solution that’s built for performance and scale. Alongside their partners, Meter designs the hardware, writes the firmware, builds the software, manages deployments, and runs support. Learn more at meter.com [https://www.meter.com/].