@@AncientSlugThrower All the identifying information mentioned in the video could be from a machine dedicated to black hat activities. There is no mention of selfies or anything actually personal. They linked him through other crimes he was already suspected of committing
"a stupid man will make mistakes and never learn, a dumb man will make mistakes and learn from its experience, a smart man will live his life worrying about not making mistakes, and a wise man will learn lessons from the mistakes of other men"
The hacker accidentally uploading their home directory is a plot twist that would be called "unbelievable", "lazy wiriting" and similar if it would happen in a movie/show. Literally can't write that stuff.
@@Sombre____ That's beyond lazy. Just having a pre-configured and clean image without any PII or login credentials to spin up a new VM for a new hack is not hard, doesn't take much effort or time...
@@SmolSpodermonero is battle tested by governments, and crypto cannot ever be made illegal because it's not regulated in the first place, "illegality" simply means places like binance wont be trading it anymore
More users in Monero enhance security by creating a larger and more decentralized network, making it difficult for malicious actors to gain control or manipulate the system@@SmolSpoder
@@Sykxezn Mint is my personal favorite too. So much better than windows. I'd be 100% Linux nowadays if I didn't need Windows for work & a few games I play occasionally with relatives. Mint is so smooth and straightforward, I have nothing but respect for the developers
Could've gone for a bank or insurances or any other scummy business, but no his "pressure point" were real people. And obviously the Company doesn't give a fuck about their patients privacy. This was a goner from the start.
Literally the worst crime you could commit. I remember hearing about a few ransomware worms hitting some hospital's networks. Once the attackers found out the hospital's were hit, they gave them the keys to decrypt their infected systems.
If this guy wasn't such a showman, and had just contacted vastaamo directly, they probably would have paid right up if it meant it stayed out of the news and the data didn't get released. As soon as the media picks it up, they can't pay because it would be a PR nightmare. Makes you wonder how many companies are extorted by hackers without egos and we never even hear about it.
If im not wrong there a lot of hacker did contact the company first but they ignore it cuz authorities like cops always suggest to ignore or not to pay them This is why a lot of them goes to media social and post the threat
There's no quarantee that a ransomer doesn't continue asking for money even after you pay since there is no way to quarantee that he would delete the files. So paying them is completely useless.
overconfidence I'd assume. The hacker just ran the command to zip the data and didn't bother to double check. After all, if you call yourself a true hacker, there's no way you could make a mistake, right?
You only hear about the dumb hackers getting caught through their idiocy. WAY MORE fishing attacks happen every year than you think but it's all a bit hush-hush.
Yup lol. Can't say I'm surprised that a hacker that decided that this makes a great target, turned out to be dumb enough to essentially broadcast his name and identity in blinking neon letters to Finnish authorities. If he was hellbent on picking a morally disgusting target, though, he could've at least tried thinking for half a second when deciding how best to extort said target. but no. rather than contacting them privately first to give them the opportunity to "save face" this idiot went straight to image boards to boast about his leet hax. good job dumbass, now why are they going to care if stolen patient records are published or not? they're pretty much fucked facing a massive PR disaster either way now so they have no incentive to care. they already demonstrated they don't give a shit about their patients wellbeing or confidentiality. but they might've been willing to pay to avoid the public debacle...if he had bothered asking. but there really is no excuse for the type of target he chose and especially for extorting patients directly. potential targets are literally everywhere in almost every sector of the economy, because executives ALWAYS target IT/cybersecurity when cost cutting. they're viewed as "nonessential expenditures" and slashing them never harms whatever the business' core profit-making strategy is....... until, of course, it does.
8:24 - We went from "Alright, the guy got a bit cheeky and impatient" to "How was this man even smart enough to hack the database in the first place?" in an instant. Good lord, how does this even happen?
Well it wasn't even much of a hack, as the server the db was running on was even indexed by Google and had no firewall, and also had default passwords, like admin admin or something along those lines. So literally anybody who came across the servers adress and decided to try default logins had access to the entire db :D
@@SongOfDeer Basically yes. It was some of the most grossly negligent handling of confidential data in Finnish history. Their security was basically: surely nobody will find the address for our publicly accessible server. Fucking brilliant.
@@hyde4004this careless out of sight out of mind type set up seems to be the internet as a whole? Like if the internet was physical, the bigger corporations would be in buildings made of cardboard and duct tape, while the small dudes and singular users are going to be having fortresses that go invisible with such crazy tech. It’s crazy how much more people neglect when certain circumstances change from physical to digital, I guess the doors that aren’t passed through much are left wide open?
This thing was so bad, that the Government allowed the "injured party" (i.e people who were customers of Vastaamo) to change their social security number free of charge.
At least double check the archive before publicly uploading it. I am assuming he just accidentally forgot to add the right folder at the end of the path when archiving. I would of noticed when just a bunch of document files were taking a lot longer to archive than it should. Edit: Also, you should always double check commands you are running before doing them especially when it comes to modifying/managing files. You never know if a command you think you are running is safe but a typo accidently makes it dangerous.
Unless you use a specific GUI application to do it, TAR files are generally created from the command line. TAR files are created from the 'current working directory', so you have to tell Terminal/Command Prompt to go to a particular folder before telling it to archive. If you don't do this, you will get everything from the root onwards. Then at the end you'd just have one giant file which is too much of a pain to try to extract in order to check. Kind of an easy mistake to make.
One of the biggest mistakes he made (along with the tar fuck up) was that he talked to the police. I read the interrigation documents and were baffeled to see that there were pages after pages on him just casually talking and smart-assing with the police, leading him to straight up admit many of the links in the picture shown in the video. As Finland has a robust western justice system where you need to have proven then suspicion beyond a reasonable doubt I think it might even have been very unlikely to get him convicted without him talking so much.
Indeed. On some legal systems, the confession to Police is already proof. On others, only the confession to a judge is a proof, however, spelling the beans to the police make they go after more proof easily
Finland is run by the Far Left and NWO Globalists. This hacker only got 6 years for terrorizing half his country thanks to the Far Left-Wing appointed Finnish court officials. That's why he wasn't scared to talk. Far Leftists want to destroy all capitalist countries on earth per Marx's writings. They view this hacker as a "fellow traveler."
I was expecting "text doesn't take much space, the archive was 11GB because it contained imagery like CT scans", I really did NOT expect "it contained his entire home folder" hahah brilliant plot twist Why would he not double check the contents, and if you are gonna make a database of mostly text-based records available on Tor why on earth would you not gzip your tar, has this guy ever used a Unix-like OS before or what 😂
@@counterleo Uploading his entire home folder. At this point he might as well have ripped the hard drive out of his computer and mailed it to YLE (the local news network).
It's kind of alarming knowing that there's companies that aren't securing our data properly. My buddy just got a job somewhere doing some IT work. He told me there's thousands of social security #s unencrypted stored as plain text, along with names and addresses on his company's server.
4:16 yulilawlta, towrilawlty..... 🤣 damn, he really took the pronunciation to the next level. One of our great joys is foreigners trying to pronounce anything in Finnish.
I could give you a literal documentaries worth of information on this guy and used to know zeekill for years. We lost contact about the time he started to become somewhat known after his lizard squad antics. He used to hang out with the Team Avolition crowd quite often and was an absolute demon of chaos and laughter. Towards the end, he really started to push things a bit far, swatting his opps, and streaming it in the community teamspeak. During that era, he along with Aurora and a few others I believe had one of the largest botnets in existence at the time. Edit: Just to be clear, while I considered zeekill a close friend at one point the crimes he's up to now are beyond "the lulz" or mostly innocent trolling we did.
Things I learned from this video: the entire population of Finland is 500 and 5 people sitting in the same room have styled themselves as hackers so annoying your housemates can lead to an embarrassing whoopsie the second you walk away from the keyboard
Up in the north, in Lappi region, the Sami people keep their IT infrastructure mounted to their reindeer herds so they can run away when the feds come looking
I ordered the PDFs involving this case from the national bureau of investigation here in Finland. There's some pretty interesting stuff in the documents. There were some American FBI agents working on the case and i found out that i had previously underestimated the feds' capability for cracking ciphers.
Used to know a guy that stole video games from BestBuy to resell them. Somehow he started spending money WAY outside his income range at the same store he was stealing from. Often criminals want to get caught
The Dunning-Kruger effect is a cognitive bias in which people wrongly overestimate their knowledge or ability in a specific area. This tends to occur because a lack of self-awareness prevents them from accurately assessing their own skills.
Was watching a two year old video of yours regarding kax17 and the tor network. While I am good enough at self teaching that I can probably get it right with some research (and already have pretty decent understanding of how networks operate), I would love an in depth series on how tor works and how to participate with proper due diligence/OPSEC (both as a relay as well as an exit note, for the bravest out there). It would definitely help with getting more people to act as relays, which I feel is a great endeavor. Hell depending on how this year goes and how much time I can throw at learning the ins and outs of tor, I might even start a channel and do it myself, just for the cause
How the hell do you not notice an archive being 11GB while uploading it through tor? The only way he could have missed it being that big if he uploaded it through clearnet with a very fast connection. Uploading through tor would have taken several hours if not days. He would definitely have noticed it was taking that long. So i have to conclude he uploaded it through a clearnet connection so they would have likely got him anyway even if it was just the records
I sent an 8 MB PDF file as my full application to an office and they just could find the motivation letter on top of it. People are as dumm as the last quarter of a pig.
The Dunning-Kruger effect is a cognitive bias in which people wrongly overestimate their knowledge or ability in a specific area. This tends to occur because a lack of self-awareness prevents them from accurately assessing their own skills.
Are you seriously telling me that this dude managed to steal enough sensitive data from that multi million dollar company to make it ultimately go bankrupt but at the same time he was dumb enough to upload an archive containing his entire home folder? How is that even possible?
It's kinda ironical how someone cam be smart enough to do all that, and yet dumb enough to not triple-check the archive they're uploading. Heck, I triple-check archives for assignments. 😭
If you ever saw Wonder Woman, the first one, she kills the villain and they kept fighting and she didn't understand why. It is because of economics. They are paid and unless they individually suffer economic loss, they won't understand to stop because the authorities they choose to obey haven't told them to stop.
Sounds like a weird interpretation. Could also just be a cultural thing. Maybe in Wonder Woman's world, they will leave the world with dignity and surrender to the more powerful individual after they "lost." But she encounters someone who continues to fight even after they've been proven inferior. That would puzzle anyone.
@@jevvf3246 I think the point was that she thought all of the war was happening because of an evil god having his way, but the reality is that the war was happening because of human greed or whatever.
KRP is claiming a method to fully trace Monero. Of course they "won't disclose the tracing method" so I think it is probably BS for the most part. You're right bad opsec plus the reverse trace of Bitcoin in some manner.
The Finnish tax authority also claims that they will know if you're hiding crypto profits from them. Which they absolutely don't because the country is way too small to pressure any exchanges to share their records, which is why there haven't been any data sharing agreements.. And if you aren't trading on any public exchanges, lmao good luck. Government is just trying to scare people. Situation might be changing in 2024 though with new EU regulations for public exchanges.
Condolences to the victims of the attack (though Vastaamo should've done better in the first place), but holy fuck is compressing your home directory accidentally a major screw up when you're committing a crime.
Lets say the guy have 1 BTC. 1 hour swap to Monero 1 BTC in Monero (minus fees) few hours to swap back to BTC 1 BTC (minus fees) Amount + timing tracing, super easy. To solve this, when swapinf back to BTC, the guy would need to split the coins in multiple transactions over many days, with random timings. (Also not use a KYC exchange like Bin@nc€
@@DxBlackboth can be true at the same time. There are multiple teams working on cases. And Finnish authorities say they did "trace" monero. Didnt matter in the end though because hackerman suffers from the 'tisms.
9 місяців тому
That is trivially possible if they find which exchange he used.
Uploaded his home drive to the internet along with the evidence of his crime.... that's an impressive level of self-snitching. They sure don't make "criminal masterminds" like they used to.
This is a problem with doing stuff on the command line all the time, it's very easy to accidentally .tar up your entire home folder by forgetting a parameter or whatever. You'd never do this with a GUI.
Hacker: I have all your medical info! Me: Okay. Hacker: I am in your bank account!! Me: Have fun. Hacker: I have access to your WOW account! Me: I will hunt you down.
I love how the feds like to act like they out smarted a master criminal, when they just got him from dumb luck lol Like "see!! See!! We are smarter !!!!"
Now that's what I call a smooth segue into the merch store advert.
9 місяців тому+7
This is exactly why I tell people that "just use Monero" is a bad advice. If you are not careful it won't help you. Also this specific mistake wouldn't have happened if he used a separate Qubes VM. (But Qubes itself is not a silver bullet either.)
Probably would have been less embarrassing to just rip out the entire hard drive and mail it to YLE (the Finnish news network) because at least he could play it off as turning himself in.
@MartinHabovstiak “wouldn’t have happened if he used a separate Qubes VM” I’m not really sure what difference Qubes would have made here over the proxmox-based virtualization environment used. The leaked /root directory belongs to a semi-disposable hacking VM that was being used by a bunch of people.
Glad they caught the peace of s**t, imagine blackmailing people having psychotherapy for what is likely very private and often painful events in their life.
There were so many more stupid mistakes he did. He had his servers/instances, that he attacked Vastaamo from, in Finland. So they were quickly seized by the authorities. And it was very easy to connect all of those servers together because they had the same admin users names, password hashes, ssh keys. And it was enough for the whole tower of cards to crumble after a single server were connected to the guy via logins/ips/financials/logs (!!!). Such a staggering incompetency!
In CTI the heatmap analysis is very important for us to recognize patterns, similarity between codes and it's origins, behaviors etc most cyber criminals are pretty braindead, I infilitrate the darknet communities for research purposes and reporting. Hacking is a double edged sword, there's a large number of security professionals that just blend in attempting to get shell access to their systems and many times it's honestly surprisingly easy, default port configurations and outdated/bad services that can be metasploited or just with well known enumeration tools.
How do you manage to tar your home directory and not notice it? Surely you would be suspicious that the file upload is taking longer than expected too, right?
Yeah especially since database dumps tends to be pretty compact in size for the data they convey. I was looking at some dead site dump of 90GB with 2 million entries and the actual database was 180mb with the rest being media files.
@@ra2enjoyer708 The vastaamo files are just plain text files, there are somewhere around 30,000 of them and they take up approximately 250 MB of disk space.
Rule 1 of Crime: Don't talk about the crime
Rule 2 of crime: do not talk about crime
If only I knew rule number 3 😢
Self Snitching
>Uploads video to TikTok
don't upload to UA-cam@@Kenword69420
the fact he would actually post his user folder to the internet really shows how sloppy this pos is
In the end Everyone making errors.
Imagine trying anything like this on your daily driver. Holy cow.
Before he even said it, i thought, "11GB?" and instantly started laughing out loud muttering "He tar'd his entire drive, didn't he?"
its wild - WILD - omg the mortification
@@AncientSlugThrower All the identifying information mentioned in the video could be from a machine dedicated to black hat activities. There is no mention of selfies or anything actually personal. They linked him through other crimes he was already suspected of committing
“Only a fool learns from his own mistakes. The wise man learn from the mistakes of others”- Otto Von Bismark
...of course this suggests that everyone is a fool.
or that you aren't in uncharted territories lol @@DxBlack
"a stupid man will make mistakes and never learn, a dumb man will make mistakes and learn from its experience, a smart man will live his life worrying about not making mistakes, and a wise man will learn lessons from the mistakes of other men"
I learn from the mistakes of people who take my advice
This man you quote is clearly not a scientist
The hacker accidentally uploading their home directory is a plot twist that would be called "unbelievable", "lazy wiriting" and similar if it would happen in a movie/show. Literally can't write that stuff.
I don't understand why he didn't use a virtual machine in the first place ... Lazy ?
@@Sombre____ That's beyond lazy. Just having a pre-configured and clean image without any PII or login credentials to spin up a new VM for a new hack is not hard, doesn't take much effort or time...
If I was law enforcement I would probably go "hah nice lure, I'm not gonna fall for that" and not even bother with that lead
Reality is often bat shit crazy because fiction needs to make sense.
We humans hated deus makima
And it would be all of those things lmao
I think the login for vastaamo was something like admin admin. No wonder they got extorted.
In some sources they mentioned root:root as the credentials
Don't think people would openly talk about their deepest secrets if they knew the dialog was stored on such a database..
I lock my door using toothpick, the most secure lock in the world.
root root
I think a great root login would be, "rootie toot toot, rootie toot toot, we're the boys from the institute"
Whoops, probably gave it away....
Mf was finnish before he even started
Ha ha
I'm disappointed at myself for laughing at this
😂
Lmfao
best comment
Poor Monero-chan getting her reputation damaged with this blunder.
@@SmolSpodermonero is battle tested by governments, and crypto cannot ever be made illegal because it's not regulated in the first place, "illegality" simply means places like binance wont be trading it anymore
@@SmolSpoderstriessand effect?
More users in Monero enhance security by creating a larger and more decentralized network, making it difficult for malicious actors to gain control or manipulate the system@@SmolSpoder
@@SmolSpodertry Linux Mint out, one of the easiest things I used even easier than windows 11 (less repeated places for the same things like settings)
@@Sykxezn Mint is my personal favorite too. So much better than windows. I'd be 100% Linux nowadays if I didn't need Windows for work & a few games I play occasionally with relatives.
Mint is so smooth and straightforward, I have nothing but respect for the developers
Scamming sick people who are already spending money they dont have on saving their own lives? How low can you go?
I know right.
Exactly. Well put!
All that to keep the baby fat on his face he'd lose if he just got a job like the rest of us. 😁
Starting to consider Snowden was wrong.
Could've gone for a bank or insurances or any other scummy business, but no his "pressure point" were real people. And obviously the Company doesn't give a fuck about their patients privacy. This was a goner from the start.
Literally the worst crime you could commit. I remember hearing about a few ransomware worms hitting some hospital's networks. Once the attackers found out the hospital's were hit, they gave them the keys to decrypt their infected systems.
If this guy wasn't such a showman, and had just contacted vastaamo directly, they probably would have paid right up if it meant it stayed out of the news and the data didn't get released. As soon as the media picks it up, they can't pay because it would be a PR nightmare. Makes you wonder how many companies are extorted by hackers without egos and we never even hear about it.
Well, a fair amount of the time the hacker collects a bug bounty instead.
The more damming the hack, the higher the bounty.
If im not wrong there a lot of hacker did contact the company first but they ignore it cuz authorities like cops always suggest to ignore or not to pay them
This is why a lot of them goes to media social and post the threat
He did many noob mistakes... thats all,..
@@hanro50 a bug bounty payout is nothing compared to what u can get from a company off of ransomware so why would they do that
There's no quarantee that a ransomer doesn't continue asking for money even after you pay since there is no way to quarantee that he would delete the files. So paying them is completely useless.
why is it ALWAYS someone telling on themselves????
Self snitching has been the best aid to law enforcement since the beginning.
overconfidence I'd assume. The hacker just ran the command to zip the data and didn't bother to double check. After all, if you call yourself a true hacker, there's no way you could make a mistake, right?
@@konrad94886 That seems plausible.
Quirks about working directories and not being organized
You only hear about the dumb hackers getting caught through their idiocy. WAY MORE fishing attacks happen every year than you think but it's all a bit hush-hush.
The finngolian is obviously a social engineer or a skid and not a hacker.
Deserved arrest. Don't fuck with peoples mental health records or private data like that.
Absolutely.
Yup lol. Can't say I'm surprised that a hacker that decided that this makes a great target, turned out to be dumb enough to essentially broadcast his name and identity in blinking neon letters to Finnish authorities.
If he was hellbent on picking a morally disgusting target, though, he could've at least tried thinking for half a second when deciding how best to extort said target. but no. rather than contacting them privately first to give them the opportunity to "save face" this idiot went straight to image boards to boast about his leet hax. good job dumbass, now why are they going to care if stolen patient records are published or not? they're pretty much fucked facing a massive PR disaster either way now so they have no incentive to care. they already demonstrated they don't give a shit about their patients wellbeing or confidentiality. but they might've been willing to pay to avoid the public debacle...if he had bothered asking.
but there really is no excuse for the type of target he chose and especially for extorting patients directly. potential targets are literally everywhere in almost every sector of the economy, because executives ALWAYS target IT/cybersecurity when cost cutting. they're viewed as "nonessential expenditures" and slashing them never harms whatever the business' core profit-making strategy is....... until, of course, it does.
@accelerationquanta5816 Your communism is cringe
Therapy is a meme
@@lv1543 you: science is a meme
meanwhile you are here on a computer enjoying the benefits of it.
tarred his home folder? he was surely stoned to do that.
without a doubt, prob something stronger tbh
Vodka
Just the fact he doesn't notice he was uploading a several gigabyte file suggests he was smoking something
Adderal
probably was drunk.
Hack snitches telling all their business, sitting in the court and be their own star witness.
do you see the perpetrator? yeah i’m right here
@@refficial Fuck around, get the whole server sent up for years, uh
@@refficialfuck around get the whole hacking group sent up for years
r.i.p mf doom
@@placeholder4988 ALL CAPS WHEN YOU SPELL THE MAN NAME
8:24 - We went from "Alright, the guy got a bit cheeky and impatient" to "How was this man even smart enough to hack the database in the first place?" in an instant. Good lord, how does this even happen?
Well it wasn't even much of a hack, as the server the db was running on was even indexed by Google and had no firewall, and also had default passwords, like admin admin or something along those lines. So literally anybody who came across the servers adress and decided to try default logins had access to the entire db :D
@@hyde4004 So everybody involved was an absolute muppet; brilliant!
There is always weak DB in the wild. Not everyone take safety seriously. Lazy admin make easy password. You just need to find on of those DB.
@@SongOfDeer Basically yes. It was some of the most grossly negligent handling of confidential data in Finnish history. Their security was basically: surely nobody will find the address for our publicly accessible server. Fucking brilliant.
@@hyde4004this careless out of sight out of mind type set up seems to be the internet as a whole? Like if the internet was physical, the bigger corporations would be in buildings made of cardboard and duct tape, while the small dudes and singular users are going to be having fortresses that go invisible with such crazy tech. It’s crazy how much more people neglect when certain circumstances change from physical to digital, I guess the doors that aren’t passed through much are left wide open?
This thing was so bad, that the Government allowed the "injured party" (i.e people who were customers of Vastaamo) to change their social security number free of charge.
Their security policy was probably "it won't happen to us".
"We would be considered paranoid if we thought this could happen which would recuse us from conducting the therapy."
As someone from Finland following these news years ago, it basically was.
"Why would anyone want to target us? We're not that important, so no one will bother"
Normalcy bias
The probability of a double-ransomware attack is low, but never zero.
How do you accidentally tar your whole home folder, upload it, and not notice that it's way bigger than expected?
Being too drunk and straight out of the sauna.
Right?
At least double check the archive before publicly uploading it. I am assuming he just accidentally forgot to add the right folder at the end of the path when archiving. I would of noticed when just a bunch of document files were taking a lot longer to archive than it should.
Edit: Also, you should always double check commands you are running before doing them especially when it comes to modifying/managing files. You never know if a command you think you are running is safe but a typo accidently makes it dangerous.
He didn't use a separate pc for his hacking stuff it seems
Unless you use a specific GUI application to do it, TAR files are generally created from the command line. TAR files are created from the 'current working directory', so you have to tell Terminal/Command Prompt to go to a particular folder before telling it to archive. If you don't do this, you will get everything from the root onwards. Then at the end you'd just have one giant file which is too much of a pain to try to extract in order to check. Kind of an easy mistake to make.
heard a hundred thousand facepalms when he said he uploaded his f'ing home folder
this part actually made my eyes twitch with cringe, it was sooo bad 😵💫😵💫😵💫
Vastaamo wasn't an online therapy service, they were a therapist center with multiple locations in alot of major cities in Finland.
They did offer online therapy too.
One of the biggest mistakes he made (along with the tar fuck up) was that he talked to the police. I read the interrigation documents and were baffeled to see that there were pages after pages on him just casually talking and smart-assing with the police, leading him to straight up admit many of the links in the picture shown in the video. As Finland has a robust western justice system where you need to have proven then suspicion beyond a reasonable doubt I think it might even have been very unlikely to get him convicted without him talking so much.
The biggest mistake his mother made was seeing that pregnancy into term. He ruined so many lives.
Indeed. On some legal systems, the confession to Police is already proof. On others, only the confession to a judge is a proof, however, spelling the beans to the police make they go after more proof easily
Finland is run by the Far Left and NWO Globalists. This hacker only got 6 years for terrorizing half his country thanks to the Far Left-Wing appointed Finnish court officials. That's why he wasn't scared to talk. Far Leftists want to destroy all capitalist countries on earth per Marx's writings. They view this hacker as a "fellow traveler."
When I'm in a shilling monero competition and my opponent is mental outlaw
Shilling is a strong word. He alone won't significantly change the price over the span of a few months
Fan of the project ≠ shill
Was the video true or not? It doesn't matter if he is defending monero if his defense is true.
He right tho
What's better than monero for conceilability?
"archive contained his entire home folder"
my live reaction:
AAAAAAAAAWWWW!!!
EEEEEEEEEEEWWWW!!!
😂😂
"tracing monero" never was easier
so traced now like never will it never not be traced. much tech they are
"hey guys i also included my ssh keys, IP addresses to all my servers, and cute pics of me in my programming socks"
I was expecting "text doesn't take much space, the archive was 11GB because it contained imagery like CT scans", I really did NOT expect "it contained his entire home folder" hahah brilliant plot twist
Why would he not double check the contents, and if you are gonna make a database of mostly text-based records available on Tor why on earth would you not gzip your tar, has this guy ever used a Unix-like OS before or what 😂
@@counterleo Uploading his entire home folder. At this point he might as well have ripped the hard drive out of his computer and mailed it to YLE (the local news network).
My live reaction was more like "HUUUUUH?!?! WHY THOUGH?!?!" 😂
Very often, the weakest point in a system is with the interface between the keyboard and the chair.
lmaoooo nice way of expression dude
It's kind of alarming knowing that there's companies that aren't securing our data properly. My buddy just got a job somewhere doing some IT work. He told me there's thousands of social security #s unencrypted stored as plain text, along with names and addresses on his company's server.
The place I work for does this too, it's so fucked...
doesn't surprise me
@@DingoYabukireport them to the FCC
Yeah I'm 99% sure that's been illegal for quite awhile now. Even storing passwords as plain text is fking BAD, let alone SS#.. easy payday.
Inefficent protection of valuable data is REALLY BAD
4:16 yulilawlta, towrilawlty..... 🤣 damn, he really took the pronunciation to the next level. One of our great joys is foreigners trying to pronounce anything in Finnish.
Toi oli kyl niin teurastettu lausunta et toon tosta clipin soundboardiin :D
root:roottista :-DDD
you speak a fake elvish monstrosity of a language
because yall don't use ü and confuse everybody with your y, also since when is finland a federation?
huutista :DD
"Uploaded his home folder in the tar file" im deceased ☠️
💀💀💀
the weakest link of cybersecurity is the human
Always has been
To hack a psychotherapy clinic… how evil thank god the hacker had bad opsec
Now there's a guy who would have been way better off actually using the services of that company instead of hacking them.
Glad Monero isn't compromised and it was just an idiot criminal using BTC instead of XMR to begin with
compromised? wym by that
@@yandelross8780 As in the private ledger being readable or something like that.
I could give you a literal documentaries worth of information on this guy and used to know zeekill for years. We lost contact about the time he started to become somewhat known after his lizard squad antics. He used to hang out with the Team Avolition crowd quite often and was an absolute demon of chaos and laughter. Towards the end, he really started to push things a bit far, swatting his opps, and streaming it in the community teamspeak. During that era, he along with Aurora and a few others I believe had one of the largest botnets in existence at the time.
Edit: Just to be clear, while I considered zeekill a close friend at one point the crimes he's up to now are beyond "the lulz" or mostly innocent trolling we did.
Shoutout to vinnie omari
Thought I was the only one who knew about him and the lizard squad thing,
I just have one question, the one everyone's asking. Was he a drinker? Cause how tf do you upload the home folder of the server to tor as a tar 😭
@@incinncityI didn't really know him as an addict, but I do remember him ordering multiple thousand dollar bottles of wine on a stolen credit card.
Things I learned from this video: the entire population of Finland is 500 and 5 people sitting in the same room have styled themselves as hackers so annoying your housemates can lead to an embarrassing whoopsie the second you walk away from the keyboard
Guy after posting entire home folder: “WAIT WAIT WAIT WAIT!!! NO NO NO NO!!!”
"Whoopsie doodle"
More like "EI SAATANA, MITÄ MINÄ OLEN TEHNYT?"
It's so over...
How do you mean?
what's over?
They know shut it down shut it all down!
Yea bud hope you didn't tell your therapist anything that ya should've took to the grave 💀
Finnish language has got to narrow it down to about 35 people + a particularly well read reindeer.
Up in the north, in Lappi region, the Sami people keep their IT infrastructure mounted to their reindeer herds so they can run away when the feds come looking
sudo tar /home: I gonna end this man's while career
I knew you'd have a video on this the moment I saw how brightly the headlines were glowing
6:13 ..."which makes things much easier for... authorities" while showing the Coffeezilla background set, nice touch
“How did you catch me guys??? - You left your wallet with ID”
I ordered the PDFs involving this case from the national bureau of investigation here in Finland. There's some pretty interesting stuff in the documents. There were some American FBI agents working on the case and i found out that i had previously underestimated the feds' capability for cracking ciphers.
Could you publish the PDF for the others ?
I agree, please upload them!
"whoopsie" indeed!
Dare I say, there are no doubt hackers who *don't* make these mistakes, and they are the ones who don't end up in court!
I had to pause to laugh for 10 seconds on that one! Lizard boy can hack but tar is hard.
Used to know a guy that stole video games from BestBuy to resell them. Somehow he started spending money WAY outside his income range at the same store he was stealing from. Often criminals want to get caught
You can hide the hand that steals but not the hand that spends.
How do you get money way outside your range shoplifting video games? Hot items don't sell for full retail, nor is it a high volume market.
Did he really earn that much from just selling stolen games tho?
@@Dzeividz I think it was $30k over 6 months in 2009 money. Inflation adjusted that"s like $100k per year plus his hourly rate at BBY
@@NicholasHenkey So he worked at the store. That changes the story substantially.
How dumb(or drunk because finland) you have to be to upload your home folder.
My thoughts exactly.
what did you want him to do? im just curious
A real life vampire, I can’t believe it
Posting your user folder on the internet is kind of like if you robbed a bank and then ran straight to a police station
The Dunning-Kruger effect is a cognitive bias in which people wrongly overestimate their knowledge or ability in a specific area. This tends to occur because a lack of self-awareness prevents them from accurately assessing their own skills.
Uncanny to see a cool channel cover a story from here, your subscriber count might as well be 10% of our population.
Was watching a two year old video of yours regarding kax17 and the tor network. While I am good enough at self teaching that I can probably get it right with some research (and already have pretty decent understanding of how networks operate), I would love an in depth series on how tor works and how to participate with proper due diligence/OPSEC (both as a relay as well as an exit note, for the bravest out there). It would definitely help with getting more people to act as relays, which I feel is a great endeavor. Hell depending on how this year goes and how much time I can throw at learning the ins and outs of tor, I might even start a channel and do it myself, just for the cause
How the hell do you not notice an archive being 11GB while uploading it through tor? The only way he could have missed it being that big if he uploaded it through clearnet with a very fast connection. Uploading through tor would have taken several hours if not days. He would definitely have noticed it was taking that long. So i have to conclude he uploaded it through a clearnet connection so they would have likely got him anyway even if it was just the records
Or he was on something.
He looks like he would be most of the time
tbh he could've gotten a bulletproof vps
he prolly either:
- hosted the files locally in his home, and exposed an onion service
- whatever you said
my ass would rather get a vps I bought with xmr because tor is well, slow@@CupoChinoMusic
I sent an 8 MB PDF file as my full application to an office and they just could find the motivation letter on top of it. People are as dumm as the last quarter of a pig.
The Dunning-Kruger effect is a cognitive bias in which people wrongly overestimate their knowledge or ability in a specific area. This tends to occur because a lack of self-awareness prevents them from accurately assessing their own skills.
Some people are too proud to stay quiet.
I love the supposedly finnish b roll footage you have in the background
Are you seriously telling me that this dude managed to steal enough sensitive data from that multi million dollar company to make it ultimately go bankrupt but at the same time he was dumb enough to upload an archive containing his entire home folder? How is that even possible?
Zeekill was handed every success in a golden platter by his betters
It's kinda ironical how someone cam be smart enough to do all that, and yet dumb enough to not triple-check the archive they're uploading. Heck, I triple-check archives for assignments. 😭
Not hackers, but “script kiddies”. Dude didn’t even understand how folders and archive files work.
No he was just drunk and high
Well the glowies always win because evil is actually very motivated.
If you ever saw Wonder Woman, the first one, she kills the villain and they kept fighting and she didn't understand why. It is because of economics. They are paid and unless they individually suffer economic loss, they won't understand to stop because the authorities they choose to obey haven't told them to stop.
woww marvel cinematic universe is soo deep bro the only way i understand concepts is through a superhero lense.@@brettlaw4346
Sounds like a weird interpretation. Could also just be a cultural thing. Maybe in Wonder Woman's world, they will leave the world with dignity and surrender to the more powerful individual after they "lost." But she encounters someone who continues to fight even after they've been proven inferior. That would puzzle anyone.
But the glowies aren't 100% evil, just saying
@@jevvf3246 I think the point was that she thought all of the war was happening because of an evil god having his way, but the reality is that the war was happening because of human greed or whatever.
""I always mess up some mundane detail" -- Michael Bolton, Office Space
This. IS A FUCK
You know it's gonna be a good cybersecurity video when it's got an anime waifu on the thumbnail
And/or wojak
Zips usually only depend on about 32K of history. A partial download of a zip will also be mostly readable, for the downloaded part.
It was cool to see Tony Soprano again after all these years.
KRP is claiming a method to fully trace Monero. Of course they "won't disclose the tracing method" so I think it is probably BS for the most part. You're right bad opsec plus the reverse trace of Bitcoin in some manner.
krp?
@@㘭Koach Red Pill (rip)
@@㘭 KRP = Keskusrikospoliisi (National Bureau of Investigation) They are/were in charge of this investigation
The Finnish tax authority also claims that they will know if you're hiding crypto profits from them.
Which they absolutely don't because the country is way too small to pressure any exchanges to share their records, which is why there haven't been any data sharing agreements.. And if you aren't trading on any public exchanges, lmao good luck. Government is just trying to scare people. Situation might be changing in 2024 though with new EU regulations for public exchanges.
@@㘭 "Keskusrikospoliisi"=Central Criminal Police. Finlands FBI
if you uploaded your entire home directory you deserve to go to jail and toss salads
Note to self: when commiting criminal activities, do not send home folder to the victims.
Yo your shirts have gotten a lot better in design. I would really consider buying one or two to support the channel. Keep up the great work.
It's amazing how someone can be so smart, yet so stupid.
You really don't need to be that smart for stuff like this probably just a script kiddie
@@TheEsotericProgrammerwoah, whats wrong?
So he wouldve gotten away with it but then self snitched, they never learn do they
Ancient Finnish proverb: Never speak of your crimes, not even in the sauna
Welp, expect this case to be used against monero's privacy from now until were' all dead now.
Not checking the resulting tar, at least the file size, is just stunningly idiotic. Dude was just arrogant
This gotta be the craziest opsec oopsie ever..
I work with Linux for almost ten years and still have to check man tar every time. I feel this guy so much...
Condolences to the victims of the attack (though Vastaamo should've done better in the first place), but holy fuck is compressing your home directory accidentally a major screw up when you're committing a crime.
This guy had more tar then a pack of Newport cigarettes
Rule 1 - all cryptography is traceable if you have enough money to pay the people that are able to trace it
I can't even imagine the perkele that ensued when he realized he uploaded his homework folder to the net.
Rule of thumb: if it is a significant hack and it points toward Finland, it's always Julius.
At least he is the guy who always takes the fall haha
You already answered your question they probably reversed / back tracked the original Bitcoin to Monero conversion in some way, perhaps.
Dude, they got his home folder. The dude literally GAVE them the best route to find him, not via monero.
Lets say the guy have 1 BTC.
1 hour swap to Monero
1 BTC in Monero (minus fees)
few hours to swap back to BTC
1 BTC (minus fees)
Amount + timing tracing, super easy.
To solve this, when swapinf back to BTC, the guy would need to split the coins in multiple transactions over many days, with random timings. (Also not use a KYC exchange like Bin@nc€
@@DxBlackboth can be true at the same time. There are multiple teams working on cases. And Finnish authorities say they did "trace" monero. Didnt matter in the end though because hackerman suffers from the 'tisms.
That is trivially possible if they find which exchange he used.
What a dingus, serves him right releasing that kind of patient data.
This guy was part of the Christmas psn ddos attack back in the 2014
They need to put him under the prison for that lol I was trying to play cod zombies that day
Uploaded his home drive to the internet along with the evidence of his crime.... that's an impressive level of self-snitching. They sure don't make "criminal masterminds" like they used to.
As usual. It's never the hardware or software but the wetware.
, 😂😂😂😂😂
This is a problem with doing stuff on the command line all the time, it's very easy to accidentally .tar up your entire home folder by forgetting a parameter or whatever. You'd never do this with a GUI.
Hacker: I have all your medical info!
Me: Okay.
Hacker: I am in your bank account!!
Me: Have fun.
Hacker: I have access to your WOW account!
Me: I will hunt you down.
world of warcraft?
By the way your info was so useful that I disabled adblock to support you :)
I love how the feds like to act like they out smarted a master criminal, when they just got him from dumb luck lol
Like "see!! See!! We are smarter !!!!"
They are smarter. The guy is dumb it hurts to watch.
Finland is a Republic, not a Federation.
@@ArchOfficial bet your fun at parties lol
@@johnnyhellfire6 I'm not, but at least I don't have Americanization brainrot.
@@ArchOfficial and at least I get laid, so I guess we are even...
It's like so bad it doesn't feel like a failure it feels like he made it on purpose
"Learn from other people's mistakes, because you won't be here long enough to make them all on your own." -- Eleanor Roosevelt & Mark Twain
doesn't surprise me this guy was also in the lizard squad thing
Now that's what I call a smooth segue into the merch store advert.
This is exactly why I tell people that "just use Monero" is a bad advice. If you are not careful it won't help you.
Also this specific mistake wouldn't have happened if he used a separate Qubes VM. (But Qubes itself is not a silver bullet either.)
this wouldn't have happened if he just didn't upload his entire home folder to the dark net
Probably would have been less embarrassing to just rip out the entire hard drive and mail it to YLE (the Finnish news network) because at least he could play it off as turning himself in.
@@Moonstone-Redux HAHAHA you're right mate
@MartinHabovstiak “wouldn’t have happened if he used a separate Qubes VM” I’m not really sure what difference Qubes would have made here over the proxmox-based virtualization environment used.
The leaked /root directory belongs to a semi-disposable hacking VM that was being used by a bunch of people.
I love these. It reminds me of watching Cops on tv as a kid. but with cyber crime instead of drug addicts.
@5:57 mytäjäisistä! Torihommia
Cool cats know where the action is - Xeventy's presale is where it's at. Exciting times ahead!
Thank you for covering this. I had a lot of questions about this case you answered
So... so many tec things out there and not a single to prevent me from being stupid? Shame
Glad they caught the peace of s**t, imagine blackmailing people having psychotherapy for what is likely very private and often painful events in their life.
oops sec
oopsec
oppseggs
Ope-sec@@MentalOutlaw
@@MentalOutlaw Secopp
poopsex
There were so many more stupid mistakes he did. He had his servers/instances, that he attacked Vastaamo from, in Finland. So they were quickly seized by the authorities. And it was very easy to connect all of those servers together because they had the same admin users names, password hashes, ssh keys. And it was enough for the whole tower of cards to crumble after a single server were connected to the guy via logins/ips/financials/logs (!!!).
Such a staggering incompetency!
He got caught also because of payments to onlyfans and social media posts.
In CTI the heatmap analysis is very important for us to recognize patterns, similarity between codes and it's origins, behaviors etc most cyber criminals are pretty braindead, I infilitrate the darknet communities for research purposes and reporting.
Hacking is a double edged sword, there's a large number of security professionals that just blend in attempting to get shell access to their systems and many times it's honestly surprisingly easy, default port configurations and outdated/bad services that can be metasploited or just with well known enumeration tools.
How do you manage to tar your home directory and not notice it? Surely you would be suspicious that the file upload is taking longer than expected too, right?
Yeah especially since database dumps tends to be pretty compact in size for the data they convey. I was looking at some dead site dump of 90GB with 2 million entries and the actual database was 180mb with the rest being media files.
@@ra2enjoyer708 The vastaamo files are just plain text files, there are somewhere around 30,000 of them and they take up approximately 250 MB of disk space.
the whole Bible is about 1/3 the size of a normal jpeg so yeah