Not totally convinced they are incompetent. Why bother wasting time with security if you don't need it? I'm not convinced that Iranian police are that active in prosecuting phisers and I suspect it's the kind of place where, if they do go after you, they don't bother with your digital security and just induce a confession. Still, I might want to do a bit more to ensure anonymity in case my malware accidentally hit a bigwig.
@@petergerdes1094 Well, leaking your entire phone online is certainly incompetence. And letting others into your private chatrooms is stupid even if you’re only worried about competitors finding your exploits and contacts
Plenty of money to be made outsmarting them - and they're not going to call the cops on you. Have at it if you think you're up to the task. An influx of money will be helpful to cover your energy bills once winter fully arrives.
@@SamTheEnglishTeacher Tbh, I was thinking the same. Getting an anonymous SIM from Czech Republic, is not hard, then find them, get into the groups, get some data and take some money, repeat. The cards will be closed, the VPN you use from a live system without leaving traces is somewhere in Europe and police can do nothing. But that would only somebody do, who has no morale.
APT != OpSec Kings. The time-to-deliver and operation lifespan are important factors when deciding what to secure. And any red team is almost always shit at playing blue team.
I agree. They are not advanced, nor persistent (on the one target). They are a threat to home users though, so it's still fun to see them get a taste of their own medicine.
You shouldn't say the Gaza strip actor is doing malicious activity. The USA is aiding a holocaust in the Gaza strip, so the actor you are talking about is probably engaging in self-defence.
That isn't really true that the US is doing that it is the unelected fascist deep state that needs to be gotten rid of. The police, glowy alphabet fascists, and pretend federal evil Nazis that didn't learn not to use economic warfare after it caused WW2 are all evil fascist criminals that aren't allowed to exist in this country because they are not elected.
Awesome presentation and entertaining. I wish it was twice as long.
Agreed!
well... technically you could play it at half speed, it would be twice as long...
my gf also wishes that it was tiwce as long :/
Great presentation, which deserved more time!
Great work & a very good presentation
Brilliant talk!
It’s insane that people as incompetent as these "hackers" are actually somewhat successful.
Not totally convinced they are incompetent. Why bother wasting time with security if you don't need it? I'm not convinced that Iranian police are that active in prosecuting phisers and I suspect it's the kind of place where, if they do go after you, they don't bother with your digital security and just induce a confession.
Still, I might want to do a bit more to ensure anonymity in case my malware accidentally hit a bigwig.
@@petergerdes1094 Well, leaking your entire phone online is certainly incompetence. And letting others into your private chatrooms is stupid even if you’re only worried about competitors finding your exploits and contacts
Plenty of money to be made outsmarting them - and they're not going to call the cops on you. Have at it if you think you're up to the task. An influx of money will be helpful to cover your energy bills once winter fully arrives.
@@SamTheEnglishTeacher Tbh, I was thinking the same. Getting an anonymous SIM from Czech Republic, is not hard, then find them, get into the groups, get some data and take some money, repeat. The cards will be closed, the VPN you use from a live system without leaving traces is somewhere in Europe and police can do nothing.
But that would only somebody do, who has no morale.
@@Spelter question I have is how to find these groups in the first place? Especially at scale?
37:37 Obligatory "That's the kind of thing an idiot would use as their luggage combination!"
So uh, this isn't really APTs, is it now?
APT != OpSec Kings.
The time-to-deliver and operation lifespan are important factors when deciding what to secure.
And any red team is almost always shit at playing blue team.
The P doesn't stand for professional, they just need to be persistently active to count as APT
it's open source APT 🤣
I agree. They are not advanced, nor persistent (on the one target). They are a threat to home users though, so it's still fun to see them get a taste of their own medicine.
Now they are basic destroyed jokes
wow 🔥🔥🔥🔥🔥🔥🔥🔥
Murat can't Atak
At least Iranian phisers are inclusive ;-)
You shouldn't say the Gaza strip actor is doing malicious activity. The USA is aiding a holocaust in the Gaza strip, so the actor you are talking about is probably engaging in self-defence.
Most of the victims were themselves from Gaza according to the talk at 6:09... I don't think that can be considered as self defense...
@@ilaisegev8452 Well that's a shame. They should be hacking the USA instead!
He wears a small hat what did you expect?
@@shlomogreengoy your name is literally Shlomo Goy, based
That isn't really true that the US is doing that it is the unelected fascist deep state that needs to be gotten rid of. The police, glowy alphabet fascists, and pretend federal evil Nazis that didn't learn not to use economic warfare after it caused WW2 are all evil fascist criminals that aren't allowed to exist in this country because they are not elected.
.bash_history would be a treat