The internet is the new frontier of crime. The systems we depend on for our daily lives, business and national security are under assault. Cybercriminals break ...
Information stealing malware is one of the most common ways that organizations end up infiltrated by malicious hackers. For several years, one type of infostealer called Raccoon Stealer ruled them all. If a computer was infected with Raccoon Stealer, all data – ranging from login credentials, payment card data, cryptocurrency accounts, session tokens – are vacuumed up from the machine and sent off to the hackers. Raccoon Stealer was dead easy to use and didn’t require coding knowledge. This meant that anyone could start stealing data from other people’s computers. It also had great customer service. But the elusive operator of Raccoon made critical mistakes – including a revealing photograph on Instagram – that jeopardized his business and himself.
Participants:
Quentin Bourge, Lead Cybercrime Analyst, Threat Detection
& Research Team, Sekoia.io
Jeremy Kirk, Executive Editor, Cyber Threat Intelligence,
Intel 471
--------
39:50
Ep. 7: Tank
In 2006, a new type of malware appeared on the scene. Its name was Zeus. It was enormously profitable for its cybercriminal developers, who used it to steal tens of millions of dollars from businesses and organizations of all sizes. Those behind the scheme had honed a new model: cybercrime-as-as-service, where individuals focus on their specialities – creating malware, employing money mules, acting as system administrators. Zeus frustrated victims and left some in ruins. It defeated security processes in financial systems. And it led law enforcement along trails that that went from small businesses in America to Eastern Ukraine and Russia. Sometimes, the trails ran cold. But eventually, one threat actor’s luck ran out.
Participants:
Jason Passwaters, CEO and Co-Founder, Intel 471
Jim Craig, Senior Director, Intelligence Collection Management, Intel 471
Jeremy Kirk, Executive Editor, Cyber Threat Intelligence, Intel 471
--------
59:38
Ep. 6: Crypto Heist
The online game Axie Infinity is colorful and eye catching. It resembles Pokemon and is filled with cute digital creatures. To play the game, players use virtual currency to buy and sell these creatures and can earn it by battling each other. In 2021, the company behind Axie Infinity was worth $3 billion and backed by Silicon Valley dollars. But this virtual world and the enormous amount of virtual money in this world came into the sights of an adversary. In a matter of minutes in March 2022, Axie Infinity saw nearly $600 million worth of virtual currency stolen from its wallets. The hackers weren’t just cybercriminals. They were nation-state hackers from North Korea. But investigators were hot on their heels.
Participants:
Erin Plante, Vice President, Investigations, Chainalysis
Jeremy Kirk, Executive Editor, Cyber Threat Intelligence,
Intel 471
--------
40:09
Ep. 5: Botnet Breakup
Over many years, a cybercriminal gang likely based in Russia built a huge network of interconnected, hacked computers. They did this one inbox at a time. They sent spam messages with fake documents and malicious links, tricking people into opening malicious software. The network of hacked computers was called Qakbot, or QBot. The botnet was used by cybercriminal gangs to infiltrate computers, steal their data, conduct financial crime and deploy ransomware. But in 2023, law enforcement hacked the hackers. They cut Qakbot off from the cybercriminal group that controlled it. They also removed Qakbot from hundreds of thousands of infected computers, a mission that stretched across the internet. But the battle against this group continues.
Participants:
Selena Larson, Senior Threat Intelligence Analyst, ProofpointJeremy Kirk, Executive Editor, Cyber Threat Intelligence, Intel 471
--------
37:11
Ep. 4: The XBox One Hack
In the early 2010s, a group of malicious hackers had a goal: to build a Durango, which was the code name for Microsoft’s next-generation gaming console eventually known as the XBox One. They did this by stealing reams of data: authentication keys, personal data, login credentials and proprietary gaming documents. Arman Sadri was on the fringes of the group. He was a gaming hacker who taught himself programming languages such C# and C++ and how to hack games like Call of Duty. He sold gaming cheats, or mods. His eventual goal was a legitimate job in the games industry. Eventually, Microsoft hired him to debug XBox games, which was a dream job. But it was the start of his life unravelling. Microsoft fired him. The FBI wasn’t long behind him. Arman didn’t recognize when he’d gone too deep, and his years-long dalliance on the edge with computers led him to a place from which he’s still recovering.
Participants:
Arman Sadri, Founder, The Good Hackers
Jeremy Kirk, Executive Editor, Cyber Threat Intelligence, Intel 471
The internet is the new frontier of crime. The systems we depend on for our daily lives, business and national security are under assault. Cybercriminals break into organizations from the other side of the world, exploiting software flaws and weaknesses. The effects of these attacks are devastating, resulting in billions of dollars in damages, a loss of privacy and a loss of confidence. Cybercrime Exposed is a podcast from Intel 471 that explores how malicious hackers undermine the computer systems we trust, and what we can do to stop them.
Ireland