All things Hacker/Cyber/Espionage/NK shenanigans/Etc.

I could not find an appropriate place to post this

One of the worst breaches of all time happened earlier this last year with snowflake. If you want the tldr, here is google’s assessment: https://cloud.google.com/blog/topics/threat-intelligence/unc5537-snowflake-data-theft-extortion. Snowflakes statement: Detecting and Preventing Unauthorized User Access - Cybersecurity - Snowflake

Basically, someone (maybe a US soldier) got broad access to snowflake credentials that allowed them to access many, many corporate and govt accounts which contained extraordinarily sensitive data.

This has been a historic year for data breaches, a historic year for cybercrime (much of it aided by AI, as was predicted), and our enemies are absolutely capitalizing while we just stand here with our thumbs up our asses. What’s incredible about this breach, and Krebs is very rarely wrong, is that it seems to be coming from inside the house. Anyone with a confidential clearance this high to have the kind of credentials this person has been claiming (with success) should be easy to sniff out, but they are not, suggesting high capabilities. My working theory is a NK plant. NK has also had a lot of success by putting plants in US tech companies as well, which is why a lot of these breaches have been happening (in my view).

If you don’t know the long technical backstory, the United States is in a protracted and ongoing cyber war against a swath of enemy states - chiefly Russia, Iran, China, and NK. NK/China seem to have the most advanced nation state capabilities so far (unless you want to count private Israeli companies that sell services to other nation states, but I won’t go into detail on that here) and NK’s capabilities are IMO very impressive for a nation that does not have broad access to the web. I have a theory that this will become a prominent part of the next 4-8 years of the trump/trump-adjacent administrations as they deal with the rest of the world. Either we deal with this threat, which we are already losing badly to (and not just outright hacks, misinformation wars too), or we lose entirely. Every other country in the world has figured this out except maybe some European nations. This thread is for this stuff and will be a dump for anything interesting I find I can post publicly or related to the ongoing cyber threat of AI + the privacy crisis we are now facing that basically no one knows about.

was some dumb 20 year old script kiddie, krebs was right, was a soldier that was selling military contractor credentials and tried to extort the incoming president and the current vice president with phone call logs he’d obtained from verizon, then taunted intelligence agencies, caught less than 30 days after he made a small mistake. these kids are typically recruited or radicalized by much worse players, would be curious to see how him and his associates had been radicalized. These kids do not understand that anonymity online is not a real thing, if someone sufficiently powerful and determined wants to get you they will, srcurity researchers are targeted all the time. when you then go piss off those people in addition to threatening some of the most powerful people in the world, of course they’re going to find you. these kids also dont understand the ramifications of some of this stuff goes on for decades and is a huge mess, not to mention the death toll stuff like this typically incurs. dont have a lot of anything but disgust for these types, they’re usually just out for glory and make paltry sums compared to the risks they are taking.

havkers used to be more principled I feel like, these kids on a technical level are actually extremely incompetent, and the scum of the earth. one thing going on right now are gangs of ‘hackers’ that are extorting young kids into sexual material or committing self harm or violence to animals or other people, then selling it on the dark web. why? because kids are dumb and believe anything and are the most vulnerable. scum.