151: Chris Rock
Chris Rock is known for being a security researcher. But he’s also a black hat incident responder. He tells us about a job he did in the middle east.
https://x.com/chrisrockhacker
Sponsors
Support for this show comes from Varonis. Do you wonder what your company’s ransomware blast radius is? Varonis does a free cyber resilience assessment that tells you how many important files a compromised user could steal, whether anything would beep if they did, and a whole lot more. They actually do all the work – show you where your data is too open, if anyone is using it, and what you can lock down before attackers get inside. They also can detect behavior that looks like ransomware and stop it automatically. To learn more visit www.varonis.com/darknet.
Support for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free.
Support for this show comes from Flare. Flare automates monitoring across the dark & clear web to detect high-risk exposure, before threat actors have a chance to leverage it. Their unified solution makes it easy to rapidly identify risks across thousands of sources, including developers leaking secrets on public GitHub Repositories, threat actors selling infected devices on dark web markets, and targeted attacks being planned on illicit Telegram Channels. Visit http://try.flare.io/darknet-diaries to learn more.
Listen and follow along
Transcript
Just a content warning from the top here.
There's quite a few swear words in this one.
I don't know, do these content warnings even help anyone?
Let me know if you like knowing if there's swear words coming up or not.
Someone who's been on my radar for the last decade is a guy named Chris Rock.
Not that Chris Rock, a different Chris Rock, a white guy, an Australian.
And I know him as a security researcher.
But as soon as I got on the call with him, I started learning that he's way more than just a researcher.
Yeah, so I'm a public guy for my research, but not public for that side of the business.
So for me, for me, it's just a gig.
And whether it's
white or black, it makes no difference to me.
So I think that sort of
thing.
Wait, so have you done black hat gigs before?
Oh, shit, yeah.
This is the, I've been doing them since I was 11, 11 years old.
Like, this is the norm.
I know a lot of people, you know, on the white hat saying, oh, I used to be a black hat, and now I'm not.
I mean, for me, it's like, I don't give a shit whether it's white or black.
Are you a hacker?
Yes.
Hold on a sec.
But the black hat indicates that you're doing criminal activities.
So you don't give a shit if you're doing criminal activity.
No, not at all.
Not at all.
It's funny.
I meet with a lot of people who do the whole, you know, hacking is not a crime and all that sort of stuff.
It's all full of shit.
That's the public persona to keep their job safe.
But at the end of the day, when you have a beer with them and you talk shit, like that's it's all bullshit.
So I'm essentially transparent about what I do.
So what of what black hat stuff have you done?
Not when you were 11.
I mean, I'm sure you stole your mom's credit card or something, but that's small potatoes compared to when you're an adult, I suppose.
We've done everything, we've done
banks, we've done government, we've done telcos, you know, we've done you know, big oil companies just out of exploratory processes, like yeah, normal stuff.
I want to say normal stuff, normal for blackout people.
No, I don't, I'm not, I'm not tracking.
So, you're telling me you robbed a bank and then just like took the money, yeah,
Chris.
What are you doing?
I mean, for me, it's an exercise.
Like, it's just, you know, can you do it?
Yes, no, transfer.
And there's a lot of people around the world that will pay you to get into these banks and transfer money.
Yes.
You broke my brain here.
Sorry, buddy.
I don't even know where to go.
You've got multi-angles and look,
you may not be able to cover it all in this call like it's just an exploratory call
i mean the hard thing with you jack is you've got 30 something year old career that you've got to stick into an hour block it's not going to fit so it's uh okay have you ever been arrested no
How are you this good that you're able to rob banks and not get arrested?
It's not that I'm that good.
It's just you have to be stupid to get caught.
You know what I mean?
Like it's the world's your oyster.
I mean, we get bored.
bored we get raised in this world i mean i train forensics anti-forensics i mean it's just like the norm like it's i i feel sorry for the people that do get caught because men you shouldn't be hacking that you know that you know when you've got five years ten years experience like once you've done it for you know 20 plus years it's just easy
These are true stories from the dark side of the internet.
I'm Jack Resider.
This is Darknet Diaries.
This episode is sponsored by my friends at Black Hills Information Security.
Black Hills has earned the trust of the cybersecurity industry since John Strand founded it in 2008.
Through their anti-siphon training program, they teach you how to think like an attacker.
From SOC analyst skills to how to defend your network with traps and deceptions, it's hands-on, practical training built for defenders who want to level up.
Black Hills loves to share their knowledge through webcasts, blogs, zines, comics, and training courses all designed by hackers.
For hackers.
But do you need someone to do a penetration test to see where your defenses stand?
Or are you looking for 24-7 monitoring from their active SOC team?
Or maybe you're ready for continuous pen testing, where testing never stops and your systems stay battle-ready all the time.
Well, they can help you with all of that.
They've even made a card game, it's called Backdoors and Breaches.
The idea is simple: it teaches people cybersecurity while they play.
Companies use it to stress test their defenses, teachers use it in the classroom to train the next generation.
And if you're curious, there's a free version online that you can try right now.
And this fall, they're launching a brand new competitive edition of Backdoors and Breaches, where you and your friends can go head-to-head hacking and defending just like the real thing.
Check it all out at blackhillsinfosec.com slash darknet.
That's blackhillsinfosec.com slash darknet.
This show is sponsored by DeleteMe.
DeleteMe makes it easy, quick, and safe to remove your personal data online at a time when surveillance and data breaches are common enough to make everyone vulnerable.
Delete Me knows your privacy is worth protecting.
Sign up and provide DeleteMe with exactly what information you want deleted and their experts will take it from there.
DeleteMe is always working for you, constantly monitoring and removing the personal information you don't want on the internet.
They're even on the lookout for new data leaks that might re-release info about you.
Privacy is a super important topic for me.
So a year ago, I signed up.
DeleteMe immediately got busy scouring the internet looking for my name and gave me reports of what they found.
Then they got busy deleting things.
It was great to have someone on my team when it comes to protecting my privacy.
Take control of your data and keep your private life private by signing up up for Delete Me.
Now at a special discount for my listeners, get 20% off your Delete Me plan when you go to join deleteme.com slash darknet diaries and use promo code dd20 at checkout.
The only way to get 20% off is to go to joindeleetme.com slash darknet diaries and enter code dd20 at checkout.
That's joinedeleteme.com slash darknet diaries code dd20.
All right, so who are you and what do you do?
So my name is Chris Rock.
I'm
51 now.
So my career started when my parents bought me
my first computer, which then it wasn't even a computer, but it was the Atari 2600.
And from there, it went to Commodore 64 and Amiga and then IBM Clone.
So I was born at the right time for computers, loved hacking.
I'm on, you know, I consider myself on the spectrum, like I prefer the company of computers than people so for me it's you know spending 16 20 hours a day in front of a computer is natural and i've done it since i was you know 10 11 years old so you spend that much time in front of something um you become good at it so i've spent my whole you know the last 40 years on a keyboard um
then i went to university at 18 um didn't like uni it was coding i hate coding so
dropped out of uni uni wasn't really for me so then i went into the uh into the sector um so it was it slash really it 80 then security 20 but i went into the banking sector so i spent the next 10 years in banks in australian banks of which you could probably tell from my accent 10 years in banks and then um someone said to me you know what do you want to do now i said you know what i want to do some pen testing and then then i set up my own pen testing company so i did pen testing for another 10 years after that around the world and then um one of my customers from pen testing wanted a seam solution i said look i can help you out i I can stitch some open source products together like Elastic and stuff like that.
And I did that and they really loved it.
And then they said, why don't you give it to the rest of the world so they can have a look at it?
Which was essentially the platform that I'm running now, Seamonster version 1.
So we rolled that out.
It got a lot of traction.
And essentially, that's my full-time gig.
I am the CISO of Sea Monster, S-I-E-Monster.
What a Seam does is it collects all the security logs of an organization and alerts when there's a security incident.
And Chris made his own called Seam Monster, which came about because he was breaking into companies and saying things like, oh, well, if you had logging turned on, you could have seen me.
And those companies were like, well, set up logging so we can see you.
So he's got quite a bit of experience in both the offensive and defensive side of cybersecurity.
So while I was talking to Chris, he started telling me about a job that he had in the Middle East.
And I'm not even sure what kind of job this was.
It's not exactly a penetration test, and it's not exactly an incident response.
Research and engagement is probably a better word for it.
So when i was doing pen testing people would say chris you seem like a guy that would do outside activities and then i would get approached for these outside activities and then you know around the world to you know hack into this person hack into this company you know get these secrets and that sort of stuff so essentially uh both paths i i work in so through word of mouth there's someone in the middle east who needs a hacker's help and heard that chris is the guy to call for these sort of things so he calls him up and says, can we meet?
Usually they do it in person.
So in this case, I flew to a neutral area.
So I flew to Istanbul in Turkey and then met over dinner to talk about the exercise that he put forward.
That's quite a, I mean, already I'm intrigued, right?
Because it's like,
hey, we have this job.
If you want more details, meet me in Turkey.
Yeah, it's and I say it off the cuff because that's natural for me.
And I know a lot of pen testers don't see that side of the world.
They see it in a forensics report or incident response.
But once you live it and you go through it,
it's very interesting.
Well, like it's, you know,
Jackie, you know, I'll use you in the example.
You know, you get paid every week/slash/fortnight/slash whatever, and you get your paycheck, tax comes out of it, stuff like that.
But when you're on that other side, you know, it doesn't work like that, obviously.
You know, there's no tax, but you've got to get your money, and things are expensive, burner phones, you know, burner laptops, crypto, peer-to-peer money, and getting your money washed, all that sort of stuff, different world.
It's a great learning curve, but a lot of us don't get to experience that sort of stuff.
Well, yeah, what is this engagement?
Tell me more about how this was pitched to you and
what's the job and stuff.
Yeah, so I met this guy, we'll just call him Mike.
I met Mike, and Mike worked for a company and they were rich Middle Easterners who
essentially he was one of five brothers and each of the brothers was worth about a billion dollars.
But he was only worth $200 million.
So he was like the poor loser of the family.
So I know that sounds really weird, but he had to take bigger risks to compete with his brothers to get to that billionaire status.
And that's why
he would engage hackers to assist him with his business activities.
So in this case, it was put forward to me that one of his subsidiaries, he thought that they were stealing money and then moving that money to another company, another offshore company,
and also the IP from that company.
So he asked where they'd be interested
in finding out whether it was true and then to recover as much money as possible.
We're dealing with a few mega-rich billionaires from the Middle East here, but the one brother isn't quite a billionaire yet, and he's keen on hiring a hacker's help to investigate where some of this money went.
In this exercise, It was a cash deal.
I mean, I was offered gold in a briefcase, which is pretty fucking useless getting gold overseas.
But
you get offered different types of currencies.
Gold in a briefcase is what they're saying.
I know.
When I heard that story, first of all, I thought it was just a shit story.
But no, they had cash ready to go
for the exercise.
But if they said I prefer gold, I could get gold.
So, you know, being not a native from that part of the world, it was pretty useless for me.
Okay, so did you meet with this multi-millionaire directly in Turkey?
No, you always go through an agent.
So, I don't want to sound rude, but when you're dealing with Middle Easterns, you don't actually deal with the Middle Eastern guys.
You deal with, oh, I'll say, you deal with a white guy because they don't want to have any direct link to the foreigner.
So,
I met with an agent of the rich guy, and he was from South Africa.
He,
him, and I discussed what was required, the targets.
Chris, this is not a normal incident response or engagement or exercise or whatever it is you called it like when when when when i hear that they wanted this extra layer between like the client and you it makes me think that they want like plausible deniability so like if you get caught they can be like we don't have any aussies on our payroll and it's not i'm not sure who you have but
that's that's not our problem and and they'll just leave you in the dust like do you see it that way too
so the answer is yes you were spot on it was essentially one level removed.
And the reason I hesitated with my language before about talking about white guy, we refer to them as skirt wearers.
So, you know, like the Middle Eastern with their, you know, the long garb that they wear.
So it was your skirt wearer will not meet a Western guy.
So there's always a Western guy dealing with a Western guy.
That's the language that we would use for these sort of assignments.
So since this client has heard that Chris has done some mercenary type work before, they wanted him to come investigate this theft, see if he can help them build a case against the guy who took it.
Spot on.
And there's parts of the world that essentially are the Wild West.
So Middle East, for example, they do not give two shits about the law or that sort of stuff.
So if they need, if you need to hack into a bank to get their money returned, they'll do it.
If you need to hack into a company, do it.
It's normal.
And when you're dealing with government-sponsored stuff, it's normal activity for them.
So
don't put your American brain on it.
It's think of it as like the Wild West.
Now, typically with a penetration test, you are given a scope, you know, like you can hack into this stuff, but don't hack into that stuff.
But he wasn't given a scope.
He was told, by any means necessary, conduct your investigation.
And on a typical incident response, you'd be given some internal network access or at least access to some logs or documents to comb through to figure out what happened.
But here's the problem.
All this company knew was that they gave this money to an investment firm and they didn't get what they expected.
So they wanted Chris to pretty much do the incident response by getting into that investment firm and combing through their logs and documents to try to find proof that they did misappropriate this money or steal money or steal intellectual property.
So really, all they gave Chris was this suspected company's name and the people who worked there.
They were like, here's our suspects.
We don't have any other details.
No,
we got a list of names, so those eight names, and what information they knew about them, whether it be phone numbers, personal email addresses, working email addresses, name of the company, nothing else.
It was completely then,
you know, earn your fucking money and get in by any means necessarily.
So the names that you were given are the employees that work there?
Some in the company and some outside of the company because the theory was that money was going into this company and then going out to another company, another investment firm that was essentially going to steal the IP from the subsidiary and then launch another iteration of that with the IP and the funds that was coming from the original investment company.
And so what are your first steps?
What do you get going?
What do you do?
Yeah, so the first step, so we had a number of targets.
It wasn't a single target.
We had essentially eight targets on our list.
So essentially, we essentially map out the person, you know, the internet dumb research on who this person is,
how they live their lives, you know, LinkedIn, you know, social media, all that sort of stuff, getting that sort of information, obviously phone numbers, email addresses, physical addresses, and stuff like that.
And then plan an attack.
Like, who are we going to go after first?
Are we going to go after the prime target first?
I'll use the guy, Bob, you know, Bob and Alice is an easy one to use.
So in this case, we were the prime target was Bob, but we had all these other targets like Alice and Jane and all that sort of stuff.
And maybe we don't go after Bob first.
Maybe we map out these other people first.
So when we do an exercise like this, and we're talking big money, when we do exercises like this, we own, we don't just send like a blind email and then just like, oh, you know, they're on to us or we got in successfully.
So we'll essentially own their whole world.
So we talk about level one, level two, level three.
So level one is their inner circle.
You know, in this case, Bob's wife, Bob's kids, all that sort of stuff.
Then you have a layer two, you know, things like accountants, lawyers, gyms, all that sort of stuff.
That's level two.
And then you have the three, like the
affiliates on the outside.
So we might target, in this case, we would target level three, level two first.
And when I say target as in own emails, so you can actually, if we sent an email to Bob, he would reply to it and wouldn't think it's dodgy, if that makes sense.
Not from, you know, dodgyidiot at gmail.com.
It's actually a real person.
So we would, you know, target level three, level two.
And then once we're comfortable with all those assets, now I know that sounds like you're very exhaustive, but when you're doing these sort of gigs, those level two, level three come in handy down the track.
Whoa, this guy's serious.
I've told you many times, don't open attachments on emails or click on links from text from people you just don't know.
But what Chris is doing is he's targeting people this guy, Bob, did know, getting into their emails and their network first, so that when it's time to target Bob, he'll be sent an email from someone he does know and perhaps even a document that he's been expecting.
Like, for instance, if you get an email from your doctor with the lab results included, that would likely be an attachment that you would think is safe to open.
This is the kind of stuff that Chris was trying to do to avoid any suspicion that Bob is being hacked into or spied on.
This, to me, has a level of sophistication that I'm impressed by.
Yeah, so what made you interested in Bob as opposed to the other seven?
Bob was the boss.
So he was the CEO.
So essentially, he's target number one one on our list.
Like, you know, if you've got like a deck of American deck of cars, he's like the ace of hearts, if that makes sense.
Okay, so you were going to start with him.
And if you need more information, you go down the line with the other one.
Actually, no, we didn't reverse order.
Remember, I talked about we do like level three first, level two, level one.
So we essentially start bottom up because we want to have, you don't want to send like a blind email.
You need to understand, you need to read the emails and get the personality of Bob before you approach Bob.
So you need to know, you know, if Bob's dealing with Jane, what's the normal language flow between Bob and Jane?
So you compromise Jane, you get the,
you know, the from emails from Bob.
So you can see language and
what time of the day emails get sent, you know, that sort of stuff.
So we do not do the first target until last, if that makes sense.
So as Chris gets to know more about Bob, he starts hacking into everyone around Bob.
Their emails, their computers, their phones, their locations.
This allows him to see who's in Bob's orbit and how does communication look between them.
And at the time, Chris had some really nice vulnerabilities in Adobe PDF Reader and would send emails to someone and getting them to open the PDF.
And that would allow him to install a remote access Trojan and get access to their computer.
Yeah, so in that case, the Adobe was enough to get, you know, probably four or five of the eight people
and also the Citi.
So
a lot of the fantasy listeners will know that, you know, once you've got remote shell, this pretty much came over at that stage, things like key loggers and stuff like that.
But the more complex things that we did is
we didn't have access to the investment firm that Bob was moving assets to or IP to.
So it was time for plan B.
Plan A was to hack into the laptops of the employees of that company, but even though he could get the Trojan installed, he just couldn't get a connection into their machine when they were in the office.
So we wouldn't get the shell, we wouldn't get the shell returned to us.
So it was either some sort of egress backfiltering that we couldn't get an open shell.
So we would have PDFs being clicked on, but we couldn't get a remote session from the target.
So we had to.
Walk me through what's supposed to happen here.
Is it Metasploit that you've used?
So yes and no.
In this case, we would use Metasploit as a pen tester, but we would do our own custom PDFs that we would run against AV.
So we would upload it against Virus Total to make sure nothing picked it up.
And so we would send the PDF off
that when it was double-clicked, it would then remote connect back to to us on a port 443 or whatever that we thought would get back through an egress port back to us that would then essentially have a listener like Metasploit, but we would have our own listeners listening in this case.
He wanted to get into the company's network.
He was hoping there he'd find some file servers or something which could offer him more evidence of what got taken.
And this company was a small investment company and didn't have a dedicated office, but instead was working out of a co-working type space, kind of like we work.
But to break into an office in another country, you really need to come prepared.
You need all the plans, plan A, plan B, plan C, and escape routes too.
This isn't a mock exercise.
This is playing for keeps and potentially very dangerous.
The first plan never works.
Like, it's just one of those things in life that never works.
So, Elifidaz is like, man, you know, that was the one in chance.
So, you're right.
Multi-gear.
It's one of those things you have to plan for the worst.
The goal was to get access to this company's network.
But where's that company's network?
And how do you get into it without being caught?
This is where the more you know about that company, the better.
He discovered this company had a Wi-Fi network set up in the building.
And what's more, is the Wi-Fi they were running was using WEP encryption.
This was years ago when WEP wasn't so uncommon.
Today we use WPA, which is much more secure, but WEP had some vulnerabilities.
If you could get a radio near the WEP Wi-Fi router, you could intercept enough beacons and packets to get on their Wi-Fi network.
So that was the goal.
Get in the building, get within range of their Wi-Fi router, and plant a device to listen to and capture the web packets.
We actually had to do custom-built stuff.
So, you know, I got an Italian motherboard.
It was like the tiniest motherboard at the time, and then built up my own Linux stack with Wi-Fi hacking and things like, you know, PuTTY and reverse shell tools like Plink and stuff like that that we would use that we would plant close to the VC firm.
So he loads up his kit full of cool gadgets and flies over to that country.
You got any sort of way you dress up when you go out to these things?
Just
look, black or blue suit with a white shirt and tie.
Like it's just
even if it's 50 degree heat, like in QA, that's what you wear.
That's not what a black hat hacker looks like.
I know, I know.
exactly right.
And then so, yeah, so hoodie, all that sort of stuff, that doesn't command respect over there, but suit guy over there in their eyes, respect.
He goes to the office building and starts planning out how to get in.
That's the easy part.
A white guy in a suit with a laptop, with a, you know, someone holding lots of books, someone will open the door for them.
You know what I mean?
Like, it's one of those pen testing stories that you've probably heard a million of.
But that works in the US or even in Australia.
But if you're a white guy walking into a place with a bunch of people that don't look the same,
now you're out of place.
Your thinking's right, but when a white so let me let me show you, Middle Eastern companies like a Western are in there because these people have been trained outside of the Middle East.
We trust them.
They've been to, you know, Cambridge and MIT, all this stuff.
So it comes with an inherent trust.
So you're right, Jack.
Your thinking is, oh, you know, the white guy sticks out of place, but no, over there, a white guy does, you do what they say.
Because if you've done any work in the middle east they employ you know the best german engineers and and the best you know english uh you know financiers and stuff like that it's it's not unusual for a white guy to come in pretty much run the show if that makes sense so he's led in the building no problem and it's a co-working space which means there's a lot of small businesses working out of this building and he can use that to his advantage because everyone is used to seeing strangers roaming around getting access to the building was really easy because it was like you said it was a co-working space and then finding out that they were on a floor that had one of those communal kitchens like for us it was like easy as i didn't have to get past you know a receptionist or someone what are you doing here it was essentially you know a guy making a coffee pulling the microwave forward sticking something behind it and then boom we had a device planted in to get this last vc firm you said we a few times who who else is on your team yeah when you we talk we're not talking about owning level three level two level one targets i mean there might be 20 targets behind the scenes so we're talking about you know bob's doctor bob's lawyer bob's accountant bob's gym um You know, in extreme cases, things like Bob's bank.
You can't do that all by yourself.
I mean, that would be a year-long exercise and it's not worth the effort.
So I always work in a team to do these activities just to make that load easy, if that makes sense.
Okay.
So it was fairly uneventful getting in, but he managed to slip in, go into their kitchen, go behind their microwave, plug in this little computer with an antenna, and then slip out of the building.
Now him or his team can access this little device remotely because it has its own cell connection so that he can just access it from anywhere in the world.
Their first goal is to get on the Wi-Fi network.
To do that, they're going to have to crack the web protocol.
They log into that little device and fire up a tool called AirCrackNG.
What this does is it intercepts as many Wi-Fi packets as it can.
If you think about it, Wi-Fi is wireless, so the packets are just flying through the air all over the place.
It's pretty easy to tune your antenna to just see them and grab them.
Today's modern WPA protocols make it so even though you can grab the packets out of the air, you can't see what's in them.
But with web encryption, there are vulnerabilities in which you could grab enough packets to be able to decipher it and get into the Wi-Fi yourself, which is what they did.
After running AirCrackNG long enough, they got their little device on the Office Wi-Fi, which now they have a little machine on the inside giving them an inside look into their network.
A network scan shows them a few devices that are there.
And then they look at what ports are open on those systems.
And then they can guess what devices those might be.
They find a file server which employees were using to store documents and such and remember this is an investment firm so they're managing a lot of money and have to maintain relationships with people and know which businesses they are invested in.
So all this must be documented somewhere and this file server was exactly where it all was.
That's correct.
And then we had access to file servers and stuff like that and email servers and that's how we got into that company that we couldn't get in through the whole remote PDF stuff.
At this point Chris has a huge amount of visibility into this investment firm and the suspects who might be stealing this money and intellectual property.
He's got a ridiculous amount of listeners in place, full access to their network.
Like he can look at all the files on their file servers and email servers, full access to some of the suspects' computers through remote access Trojans that were put on there.
He's able to see every email in and out.
And he also has key loggers on their computers.
So you can see what their usernames and passwords were.
But he also has access to emails and computers with people around the suspects, family members, friends, doctors.
he's also looking to see what kind of bank accounts these people have just in case he needs to get in there and take a look to see where money's going so with all this access he starts finding stuff that the client might be interested in on file service you'd start seeing folders like a folder and then we're talking about in the investment firm you would see like uh you know bobs and then you would see things like ip and stuff like that which we would then run past our client saying is this the sort of stuff that you're worried about leaking into somebody else's hands and then we would send that to our handler who'd say yes no yes, keep targeting that sort of stuff.
So, you start starting building a picture.
And I mean, this exercise went for a long time.
I don't want to exaggerate, but I think this one went for nine plus months on this exercise.
It was just a continual string.
So, over that time, you're reading every email back and forth.
Um, and so you would get all that sort of information and learning how they speak and how they think, and proper language.
So, you start piecing the puzzles together on what this guy is actually doing.
And because
I'll say this polite, we don't give a shit what he's doing.
It's essentially, here's what he's doing, client.
Is this what you want?
Is this what you suspected?
There's no emotion.
Like we didn't give a fuck.
It's just a job.
And then we would give that, say, yes, no.
How do you want us to proceed?
And then go from there.
The client kept telling him he's on the right track.
Keep finding more details and send them over.
And like you said, he maintained his access for quite a while as he gathered all this info.
But he doesn't want his presence to be detected.
So he has to be very careful not to be seen.
So essentially what we would do with a black hat exercise, we might compromise, say, eight targets around the world, and the last hop would be from the home country.
So, for example, we might compromise a hotel in Pakistan and an Airbnb in India and then another country.
Now, these countries don't participate, they don't do forensics with each other, like they're essentially at war with each other.
So you would hop your traffic across seas and then the last hop would be, in this case, it was a Q8 So essentially the last hop before the target would be a Q80 IP and we actually owned the telco at that stage in Q8 So it was a essentially didn't really matter just looked like an ATT.
What?
My gosh just to just to log into their Gmail you're like wait We can't do it from Australia.
Let's let's get over there and log in from there.
I'll tell you what I got a plan first we're gonna hack into an Airbnb in Pakistan Then we're gonna hop over from there to hack into a telecom provider in that country.
And then from the telecom provider, that's when we're going.
That sounds so crazy.
Yeah.
And so it's a great, so when you talk about like it, when people talk about like a little black book, we would essentially have a network of these compromised targets, not the telcos, let's leave the telco.
We would have a network of a path we could use when we want to do a hack job.
We're not doing it from the local McDonald's or from your home, for example.
So we would have this rotating list of our own proxies, not tour or anything like that.
We're our own targeted proxies that do the hops that we want.
Like we definitely want to do India, Pakistan, Sri Lanka, Bangladesh, because, like I said, they hate each other.
So there's no, oh, can you give us your disc for, you know, for this activity?
Like, it's not going to happen.
So we would use, you know, the
wars of the world to benefit us.
So that would be our black book of targets.
So we always have, and when we're not working, we would essentially find these targets for our next assignment.
So you always have that little black book of, like you talked about before, tools.
We would have compromised targets around the world that we were going to bounce off.
The telco was just happened to be something that I love working.
I love hacking telco.
So it was one of those things that was going to come in handy.
Gosh, so to carry out a task like this, he has to spend quite a bit of time and resources finding vulnerable systems around the world so he can hack into them only to use that system to jump over to another computer in the world.
This way, it's impossible for anyone to track his route back to where he came from.
But also, think about the fact that he has that little computer behind the microwave in the office that he's targeting.
It's on the same Wi-Fi as the people in that office.
So he could use that computer to log into things like Gmail, which would appear to be the same IP those people are typically logging in from, making Gmail think this is normal activity and not alert the user.
After a while, Chris had collected and delivered enough evidence that the client called the police.
Yeah, so the evidence was essentially what they suspected, that both money that had been sent to the company to build the company was being moved to both personal accounts and to
the outside investment firm, as well as IP that was created in the business.
The subsidiary was being moved to another investment firm as essentially our collateral, our moat, for example.
This is the data.
And how do you find that?
What was that smoking gun?
That was freaking everywhere.
That was everywhere.
These guys were operating like, again, the Wild West are operating emails, both Gmail, both company emails, file servers,
everything.
It was just that evidence was everywhere.
It just took a while to put it all together and connect the dots.
Yeah, and remember, that was not our job.
Our job was to present what we found, and then they were to go, is this your, because we don't care.
Like I said before, I don't want to sound non-echelon, but is this your shit?
Yes, no.
Do you want us to find more shit?
No, we have all the shit we need.
Go do your job.
I mean, that's how.
we operate because again it's not personal we don't care what the information is is this the right shit or or are we on the wrong track?
We just need to know.
Now,
the payment for this, was it sufficient?
Because I can imagine them saying, here's a briefcase of money.
And then you're like, well, dude, okay, we've been working on this for three months.
If you want us to keep more, we need another briefcase.
Yeah, we don't, how we operate is we will have a initial fee, a finalization fee, and then we will have what we call an ongoing fee.
So, you know, the jobs like this we'd like to have over within a month.
So initial fee, completion fee.
But if you want us to continue monitor
these eight people and this outside company, you're going to have to have a like a monthly charge, almost like a subscription model, where they would pay to just find out what's going on in these people's lives.
So you don't want them to think they're idiots.
So
you'll put a quote in front of them and they'll say, we agree to that quote.
You better stand by that quote.
You know what I mean?
Like if you want referral jobs going forward, like if you said half a mill or a mil or two mil, whatever you quote, that you stick to that.
You don't say we need more.
Like, you make it crystal clear.
Um, because this is again, this is repeat business
that you want.
Yeah, I'm just starting to put the picture together of like
how much you
charge versus how much they're losing.
It's worth more to them to pay a million or two million to you.
And if they're going to recover, what?
How much money do you think was being stolen here?
In this case, I know exactly how much money was being stolen.
I think it was 2.5 US or or 2.75 usd a million dollars in this case but you got to think um
when if when you're in business jack i know you're in business but when you when you're working with a customer their initial first year spend might be let's say it's half a million dollars for the initial spend once they see how useful you are and then you do repeat business it's like it's an investment firm they're always investing shit so they're always wanting to use your services down the track so you might do it's a bit like a drug dealer like you might give them a taster for half a million the next job's going to be worth two like you know i mean Like, you just, they know your work, they know your style, and then you know you're going to get repeat business with
higher stakes.
I mean, he's dealing with wealthy people here, billionaires, oil money.
Yeah, if he can prove that he's the go-to person to these folks, yeah, these could be long-term customers of his.
And in this case, they were very happy with him.
They got enough evidence to take action on this, thief.
They then got lawyers involved from their side.
They had to be really careful about what they presented to the lawyers, but it was, we believe, XYZ,
and then get the police to arrest
the ringleader Wob at that moment.
So that was essentially their goal to get him in jail because they took it personally.
That they were, like I said to you, you've got to treat them with respect.
And if you disrespect them, then they get really a motive.
And then for them, jail was the worst case of action for them.
Okay.
Story's over, right?
You found the thief.
They put him in jail.
Yeah, so Jack, the story's not over there.
This is where it gets exciting.
Stay with us.
We're going to take an ad break, but it's going to get exciting after that.
This episode is sponsored by Vanta.
In today's fast-changing digital world, proving your company is trustworthy isn't just important for growth, it's essential.
That's why Vanta is here.
Vanta helps companies of all sizes get compliant fast and stay that way with industry-leading AI, automation, and continuous monitoring.
So whether you're a startup tackling your first to SOC2 or ISO 27001 or an enterprise managing vendor risk, Vanta's trust management platform makes it quicker, easier, and more scalable.
Vanta also helps you complete security questionnaires up to five times faster so you can win bigger deals sooner.
The results?
According to a recent IDC study, Vanta customers slashed over $500,000 a year in costs and are three times more productive.
Establishing trust isn't optional.
Vanta makes it automatic.
Visit vanta.com/slash darknet to sign up for a free demo today.
That's vanta vanta.com slash darknet.
There was enough evidence to prove that this guy Bob stole the money and the intellectual property, but they told Chris they were worried about the money.
The customer worried that Bob was going to use that money as a defense.
He was going to, you know, know, get on all these bloody Shapiro lawyers to fight his case and use the funds that he'd stolen to fund that exercise.
So they asked Chris, get us back that stolen money.
Do your job as a hacker by any means necessary and return the money to us, which in my opinion is crazy because why not just have the police return the money?
They didn't want to wait because you're thinking American system, not Middle Eastern system.
They didn't want to fuck around with that sort of stuff.
They didn't want to go through, we want the money, you know, we want this, we want, you know, and then put a brief together, stuff like that.
They don't roll that way.
So, his objective was clear: get into this guy's bank account while he's in jail and move the money out.
This job has essentially turned into a bank heist at this point, and it seems to me that Chris doesn't have any moral concerns about robbing a bank.
No, no, no, and Jack, I've listened to a lot of your sessions, and that comes up quite a lot.
I don't have that boundary.
Does that make sense?
So, for me, well, so, so, okay, so this doesn't make sense just economically, right?
So, if somebody pays you $50,000 to go get a million dollars out of a bank account, why don't you just go get the million dollars and be like, you know what?
I'm forget you, I'm just going to go steal my own money.
I don't need,
and that's actually happened on jobs before where you take your share as well.
But you, you
so, in our case, remember, we were returning the funds.
We didn't return the funds and a little bit extra.
Yes, we could have taken money from somebody else's account, but that raises flags in case.
So, we were essentially returning the money that was stolen so there's no actual victim does that make sense the money was returned to the rightful person um but um
yeah it does make sense okay okay and remember we're after repeat work and word of mouth which is how how you work over there
it's like building a business
okay
so you accept this uh this job to get the money back now um how'd you do it how'd you get the money back We compromised the bank, which was pretty easy.
So we essentially used the same sort of techniques of, you know, PDFs inside, going to the core banking system, finding out, you know, the internal where their
internet banking like web servers were, replacing the front page to actually log all the usernames and passwords and two factors.
And then we would have a log file of all the username, passwords, and two factor.
So what he just said was that he found a bank employee, sent them a phishing email, got them to open a PDF, which planted a Trojan on their computer, and then he was able to get into their computer.
From there, he hopped into the server of the bank's network.
And from that, he was able to find the front-end web server for the online banking.
And he configured the online banking sites so that anyone who logged in, their username and password would be stored in a log file so that he could see it.
But on top of that, he was also logging two-factor authentication codes that people were entering.
This is incredible.
Well, he's only trying to get access to a single user account.
He's basically accessed all the bank users who logged in during that window while he was watching.
I just can't believe this guy.
I suppose the question is, why are you surprised, Chat?
You talk to people, you know, for years and you know the pen tests that are out there that people can talk about.
It's fucking normal.
Like you do not, you do know, but you don't believe, you would not believe how shit banks are locally and internationally.
Like the shit security that they have out there that it's just, you know, if there was more bad people in the world, there'd be more banks getting done.
I guess maybe that's why I'm surprised is because the hackers of the world is the immune system for all these banks, right?
And so, well, you got a shit security bank.
So, okay, well, there's a million hackers out there that are going to fix that for you real quick.
Yeah, exactly right.
And the thing is, Jack, you might have a million hackers.
You know, 800,000 of those are just like new to the industry, you know, the zero to five.
And then you, you know, if you then look at the, like the bell curve of people who go into banks, you know, there's, there's, you know, I'll just say a thousand for argument's sake, but it's a smaller number that you need to protect against.
But Jack, I've seen some banks there where I've gone in and I've gone into AD and have a look at, you know, Joe Smith, and it has the description of where they work.
And what they put in the description was the user's password.
So, you know, password one or password two thousand in clear text in the descriptive field of the LDAP field.
Because when someone rang up and said, oh, I forgot my password, they would just read out the description field from the LDAP.
And I couldn't fucking believe it.
So they would have everyone's password on a list and just read off it.
And anyone knows anything about LDAP, you can just query that.
But that's the shit that we see as a pen tester and as a black hat.
Well, we've done banks, Jack, where we've seen other hackers in the bank itself.
Like it's just fucking hackers right beside us.
And you're like, hey, I recognize you.
I've seen you at DEF CON.
Exactly right.
And the beauty of stuff like that is you work around each other.
No one wants to lose.
This is like that Beastie Boys video, Paul Revere, you know, that song where they're just hanging out at the bar and then suddenly the one guy's like, I'm going to rob this place.
You want you in?
Yeah, I'm in.
Let's do good.
It's exactly like.
And you don't know why they're there.
You don't know if it's government.
You know if it's other hackers or whatever it is.
You just work around each other.
The beauty is if you do find...
tools that they're using, you take a copy of those tools because we can then use those tools to plant on another target site so they get the blame for it, not us.
So, you know, you look at the techniques that they're using, whether, you know, today we use APT group stuff like signatures, you'll create those those signatures and you'll plant them somewhere else.
So you might, you know,
compromise a target, you know, format the dis
before you format the disc, throw the tools on, format it.
And then all of a sudden, you know, someone, some, you know, Deloitte's guy, you know, runs in case and goes, oh, I can see sort of the deleted toolkit.
It must be this group.
And then they get to blame for it.
Oh my gosh.
Did you hear that?
If Chris really wants to hide his tracks, he'll plant evidence on servers, which makes it look like some nation state hackers were there, which throws off investigators who are on his trail.
And he only knows what tools that some of these other hackers use because in the past, he spotted them on the same servers that he's hacked into and watched what they've done.
Okay, so
you got to the web page.
You were able to see this target, Bob's username, password, two-factor authentication code.
And were you able to log in and transfer his money out with this?
No, because when you did a transfer, it then asked for your two-factor authentication code again.
Now,
the problem we had is fucking Bob's in jail at this stage, so he doesn't have access to his texts.
Oh, right.
How's he going to do online banking from jail?
They managed to get his username and password, and we're able to log into his account before he went to jail.
But there's this problem with the 2FA code now.
So
when you go to wire the money out, it asks you for another two-factor authentication.
Correct.
This bank did, yes.
And you didn't have a way to get that second one.
No, because we'd had the session live, so we kept that session live so it wouldn't log us out when we got access before we went to jail.
But when it then asked for another transfer, it did like a oh, you need another code to do that transfer, so we couldn't move that money out.
God,
you're insane.
Okay, so plan A failed.
Um, how do you how do you do it?
Yeah, so so plan a filed, and I don't want to sound like a glass is half full, but it was enough to prove that the money was, or not the whole money, but a good proportion of the money was still there.
Bob obviously had some expenses.
So So at this stage, remember, we'd already compromised the bank itself.
So it was just essentially going in as essentially as a teller.
When you're a bank teller, you're God.
You can do whatever the fuck you want.
And if bank teller doesn't have the rights, you can be treasurer.
You already own the bank.
You can move up horizontally, vertically to get the guys access to move the money.
Huh.
Interesting.
If he can pose as a bank teller, get the access they have, they have the power to conduct any transfer they want.
And keep in mind, Chris spent 10 years working in the banking sector, so he knows exactly how banks operate.
Well, step one, comb through the directory of employees, find which ones are the tellers, then find which ones have remote access to the bank where they can do like work from home stuff, maybe like phone support or something, then grab their username and hash and crack the hash, and now you can log in as that teller and move money around, which is exactly what he did.
As a teller, he transferred Bob's money out into another account.
So remember, we talked about 2.75 and I was fumbling over
2.75 and 2.5.
Essentially, we recovered the 2.5, but the original was 2.75.
$2.5 million were taken from that guy's account while he was in jail.
Crazy.
This is a black hat bank robbery type stuff.
Now I'm starting to put it all together on what he means when he says he doesn't care if he does illegal black hat type hacking.
He's like a mercenary hacker for hire, you know?
And maybe that makes him gray hat, where yes, it's illegal, but he's helping someone fight a bad guy.
But what I don't get is why the bank didn't raise alarm bells from all this.
Like if $2.5 million got transferred out of the bank in a very suspicious manner, you'd think they'd launch a full-on investigation, like bring in the teller who did this transfer and ask them a bunch of questions and look through the security logs for any unusual activity.
And if they notice all the usernames and passwords are being stored in the logs, then that's a data breach that should be disclosed to their customers and maybe impact their share price or something.
Yeah, so you raised good points.
In my world, there's people to make transfers disappear.
So in my world, I can contact, I've got bank accounts that I can use that can be scrubbed on the other end in the Swift network to say that that didn't exist.
And then it goes through a laundry process where that money's cleaned over a nine-month period so that money gets returned.
So in there, the answer to your question is,
in Bob's case, no one gave a shit.
Bob had money in his account and body, money was returned.
So there is no victim.
Does that make sense?
Like, Bob stole the money, money got returned.
There's no one who injured the bank.
Where's my money?
Huh.
Since nobody complained the money was stolen, then maybe nobody ever investigated this.
Which means they don't have to hide the money trail either.
Like, he was preparing to wire the money to a bank where he can launder it and have it come out clean.
But since this money rightfully belonged to the client, they didn't think he needed to go through all the hassle of cleaning the money.
No, in this case, it didn't need to.
It was just transferred back to the investment firm.
So it was just like from Bob to investment firms.
It's been returned.
It's been misallocated, misappropriated, and it's been returned.
How wild.
Somehow this all slipped past the bank.
I mean, perhaps later they saw this, but never came public about it or reversed the transfer.
And maybe it was because Bob was in jail and never complained about it.
Or maybe they wanted to avoid embarrassment of being hacked.
Or maybe it was because they saw where the money went and it was to a very influential person who they didn't want to disturb or ask questions about.
Or maybe they did ask that person questions and that person simply said, yeah, the money was stolen by Bob, who's now in jail.
And here's the police report.
Thank you so much for reversing the charge.
It's this whole thing's just got my brain up in knots.
This method here, we could have created a fake teller and then, you know, just, you know, just done a copy user and then replace and then just done the transfer that way.
But we knew we didn't have to.
The fact that the customer just wanted their money returned to their bank account, not a washing station, like a laundromat, then it was just,
that it was just, it gives a shit.
Like, we didn't have to do any, we don't have to delete the user, we don't have to delete the transaction.
I guess what I'm wondering also is like, if this is, if this is going back to the appropriate person, then why can't, I mean, the person,
your client is a very influential person in the region.
Why can't they just go to the bank and be like, listen, I found the guy who stole this money.
We need to reverse the charge.
Just do this.
This is a legitimate reverse.
That's a great question.
All I can tell you is what we were told.
We were told
they feared that that money was going to be used, if the money was there, which it was, the money was going to be used as in a court process, like it was going to be a string-out two to three-year court trial, and they were going to use those funds.
So the time that they got that money back, they wouldn't have, you know, the bank said, you know, you need a court order.
Can you prove it?
Blah, blah, blah.
They were worried about that.
Now, whether they could have just, you know, overridden that, I don't know, but in their head, that's what they were worried about.
So keep in mind who we're dealing with here.
This guy, we're calling Bob, has the guts to steal money from an investment firm owned by a super rich guy.
Even though Bob got caught, he's still pretty smart.
So he's probably got a plan for when all this goes wrong.
So it's important for Chris to keep eyes on him as he goes to jail so he watches who Bob is messaging and what's he up to.
Look, he's a kind of guy that I actually have respect for this guy because he's pretty cunning.
And because I've been reading his emails, I knew him so well inside and out.
You know what it's like when you're reading, or maybe a Nojack, but you know, when you read someone's emails, you know,
you have a relationship with them, whether they don't know it, but you actually know them inside and out.
So, you know, Bob's quite crafty, but Bob used the I am ill card and he worked with his doctor to get a bail hearing that he could get out on bail while this case was going forward.
So he was sentenced in jail for a week, and then
the doctors wrote, you know, my client is sick note, which we could verify because we talked about level two and level three.
We had access to his doctor, so we could actually see what was going on.
That he used his doctor to get to get in to get
out of jail after two weeks in jail.
What happened is we were reading some of the emails when he was in jail, obviously, and then outside of jail, and his language changed.
He almost like he was putting it on.
You know, like when you're an actor, you act, and when you're not an actor, you look like an idiot.
And Bob was essentially looked like he was acting in his emails.
And I said to the customer,
this is not normal emails that he's sending out.
He was going on fishing trips.
He was planning a fishing trip.
And, and you know, the kind of never been fishing.
You know what I mean?
It was all these sort of, I'm going to be here at this time.
And it was, it was too much information that the thing, I think, you know, he's on.
He knows that you're, we're reading his emails and he's, he's putting it on.
And I said, look, watch, this guy's a flight risk.
And they since he went, no, no, no, he's fine.
We've got his passport and blah, blah, blah.
So because Chris had such a deep level of visibility into Bob, he watched him closely to see where he was going.
Bob didn't actually go fishing.
He was was smuggled across the border in a bloody burka.
And we tracked his headers of his IP saying, look, the guy's not even in the fucking country anymore.
You guys think he's there.
He's not.
He's in Amman.
So, you know, all this shit talk about, we've got your passport.
He's not going anywhere.
And he actually escaped the system on a second passport.
Because this was in real time over maybe a 12-hour period, I'll say 24-hour period, essentially, The guy was moving fast, you know,
car,
he was in a car.
We later found out that he was in a boot, and then he went into the back seat with a burker, and then he hopped a border, and then got an, he had another passport, and then used that.
But because we had the IP headers, we could see where he actually was.
Like he was, I'm not saying he's stupid because a lot of people don't, in that world, don't understand IP headers, but you were in his phone?
No, he was sending emails out from his device.
I will make that clear.
Normally we do get into phones, but this case wasn't a phone.
It was just email headers, not IP.
Don't get me wrong, and I
don't normally talk about this but sometimes we'll send a ping packet so
you get the odd SMS and you know
Jack you'll get an SMS and you'll click on it you know your UPS mail is late you'll click on it and go oh it's just some fucking scam it's asking for my username password but what it does is just tracks your location from your phone
we use that a couple of times on this project but it wasn't a tool that was it was needed does that make sense we had enough from the ip headers that we didn't need a GPS location.
Once Bob left the country, there was nothing Chris's client could really do about it.
So they said, thanks for letting us know.
I guess that's it then.
Here's your final payment.
That's the end of the engagement.
Weird question.
Have you ever killed anybody?
Only virtually.
Yeah, virtually.
Oh, the answer is going to be no on this podcast, Jack.
Have I birthed now, have I birthed anybody?
That's another story.
You have many kids.
I have many kids.
I have many kids.
See, the thing that put Chris Rock on my radar is a talk he gave at DEF CON in 2015 titled, I will kill you.
And in this talk, he explains exactly how to use hacking to kill someone.
Part of my career as, you know,
pen tester, mercenary, you know, scene founder is research.
And one of my first DEF CON talks was I was watching the news in Australia and
one of the news reports was a hospital accidentally sent out 200 death notices instead of 200 discharge notices.
And I went, what the fuck?
How is that even possible?
And then that led me down the rabbit warren of researching the death industry, the medical component and the funeral director component on how the system has moved online and the flaws that involved where you could actually physically create a real person, like a fake person, and how you could kill them.
Okay, so walk us through this step by step, how to kill someone.
Yeah, so in America, I'd say it's very similar around the world, but in the US,
they used to have a paper-based system where the funeral director would fill out half form on how the person died or where the person died, like where they're buried and all that sort of stuff, next of kin.
And the doctor would fill out the first part of the form, which is the cause of death and
those sort of details, name of the victim, and then how they died.
That one piece of paper would go into essentially the birth, deaths, and marriages system, and then that person would be declared dead.
What's happened now is that's moved online.
So essentially when somebody dies, the process is the doctor will log on to a US system called EDRS, so log on with their username and password, and actually put in what caused the person to die,
a polymer embolism or whatever, a heart failure, that sort of stuff.
And then that information would then pass to the funeral director.
A funeral director would complete their part, again, username and password to log in, and that would form
essentially the death certificate in the edrs system now the flaw in the system is both the medical and the funeral director component is essentially if if you want to be registered to declare people dead you essentially put in what you your license number your medical license number and your office address now if anyone's looked up a doctor before to see if they're a real doctor that all this shit's online there's databases all around the world to say whether your doctor's licensed to practice their registration number and their office number so you could register yourself as a doctor and then you could then, you could actually kill somebody off the first part.
And again, with the funeral director component, it's pretty much the same as a doctor where you can declare yourself a funeral director and form the second part of that form and to kill somebody off and get essentially a death certificate.
And why would you want to kill someone?
Well,
there's multiple reasons why you want to kill someone.
First of all,
you know, if you want to kill your parents, for example, like, you know, you're waiting for their will, but they're not giving you the money.
You could actually kill kill them off.
You could kill your boss, you know, your boss is being an arsehole, you could kill him just to fuck with them.
Or if you're under investigation, so you know, you've got prosecution and judge and all that sort of stuff, you could actually kill them off to make their life more difficult.
Oh my gosh,
you're ridiculous.
And so
you're saying this flaw in the death system can also be done in the birth system?
Yes, so it's exactly the same.
Well, it's a different system, but exactly the same as ERS for deaths.
And you need two parties.
So you need the doctor or midwife and you need the parents.
So, you know, the name of the child, the weight of the child, and stuff like that.
So the two parts would then make the birth certificate, very similar to the funeral director and the doctor making the death certificate.
And if you have a home birth, you may not even have a midwife.
So it's something actually done by the parents.
And so once you have
an online system, you have a birth certificate.
That person's then born.
So in theory, you can create fake children.
And then when they hit a certain age, you could kill them off and get their life insurance and build up their credit and all that sort of stuff.
Do both of the things.
Well, I really like this idea of making a fake persona to use as a second identity in case
I've embezzled some money from a Middle Eastern millionaire and I need to leave the country.
Exactly, Jack.
And you think, and why have one when you can have 100?
So you can have 100 fake people that have different, you know, credit.
And so if you screw up your life and you go to jail and you have to come out and you go get another job or whatever you have another clean identity like another virtual id um and it's real like it's not it's not that like someone entered it in the back end it's actually registered person that you can have um you know i suggest you keep yourself looking young because you might create someone who's zero and then um but there's little flaws in the system as well and i i may have mentioned that um they don't want people going through life without being recorded so you have up till the age of five um to get yourself registered.
So if you have, you can take five years off your virtual person by registering five years after they're born because they want to capture people as they go into the school system and they don't want them to be prevented from going to school or getting driver's license or stuff like that.
So you can, you don't have to register a baby at zero.
You can register them at five as well.
You know, when I saw you do this talk at DEF CON, I was so surprised that the governments haven't like knocked on your door and said, hey, would you shut up about this?
You can't just go making, killing people and making babies that are not real.
You're teaching people to do bad things.
Yeah, so the government haven't done shit even since my talk.
Now, my talk was done nine years ago, Jack.
So those same flaws exist today.
Nothing's changed.
If you're intrigued to know more about how to kill someone like a hacker, go to YouTube and type in Chris Rock DEF CON.
He actually has given three talks at DEF CON and they're all phenomenal.
In the second talk, he explains how to overthrow a government.
And I have a sticking suspicion that he's actually done it or was very much involved with overthrowing a government in the past.
Let me know if you liked him and you want me to have him back on and tell that story.
And his other talk is about how to bypass radio jammers in case someone is trying to jam your cell phone, and he'll show you how to get through it anyway.
A big thanks to Chris Rock for coming on the show and giving us a good story.
Come join our Discord.
You can talk to a lot of people who are fans of the show, but it's also my favorite place to hang out.
You can find us at discord.gg/slash Darknet Diaries.
And on November 19th, we're going to be doing a t-shirt giveaway so you can win some cool Darknet Diaries swag.
So come on over to Discord.
This episode was created by me, the script Kiddi It, Jack Recider.
Our editor is the Captain Backspace, Tristan Ledger.
Mixing done by Proximity Sound, and our intro music is by the mysterious Breakmaster Cylinder.
Hey, Siri, why am I so bad at women?
My name is Alexa.
Damn it.
This is Darknet Diaries.