Cloned Boy
Professional
- Messages
- 1,160
- Reaction score
- 883
- Points
- 113
HACKERS' HOUSES AND CARS.
Famous carder Sergey Pavlovich continues his conversation with Sergey Nikitin, deputy head of the computer forensics laboratory at Group-IB, the main Russian private fighter against hackers and other cybercriminals, and in the sixth episode of the series we talk about the houses and cars of top Russian hackers and carders, about hackers' computers, about the youngest and oldest cybercriminals ever detained by Group-IB in cooperation with law enforcement agencies, about female hackers, we tell the story of a bisexual hacker and much, much more.
Enjoy reading!
Contents:
What happened when we filmed the first 3 episodes with you?
Pavlovich:
Well, and we continue, because he has come now for a long time, and we will chain him to the radiator and will not let him go for a long time. So let's now, perhaps, on the questions of our viewers, what happened after we filmed 3 interviews with you.
Nikitin:
So, when we released the third episode, yes, just on the days when the third episode was coming out, I was brought in as a specialist to participate in operational activities in one of the regions of Russia, for obvious reasons, since the investigation is still ongoing, I cannot name what kind of virus was used there, it was a hacker group that used some kind of virus and, in general, we flew out, it was a business trip, a search is taking place, it was all quite funny there, SOBR officers broke the windows, climbed through assault ladders.
Pavlovich:
You're going to write in the comments again, yes, he's so bloodthirsty, in short, he says, there's a search there, so let's blow it up, they've already written.
Nikitin:
Yes-yes-yes. No, well, blowing it up is always cool, yes, so that there are no victims, of course. By the way, yes, I can answer, I joked about the eye, yes, that they can remove the eye. In fact, I was saying this because, I said, look, in the Moscow region, yes, there in the region, look how much I worked with law enforcement, their level, I mean in terms of some violations, some forceful actions, it's very civilized, that is, no one was beaten or fed in my presence.
Pavlovich:
On the way out, in whispers and coffee.
Nikitin:
Yes, there was no such cruelty, and on the contrary, very often the cases fell apart right before my eyes, because people worked absolutely within the legal framework, did not influence people by force in any way, and then they went into denial. And you would have harshed it. No, I was talking about the fact that in the regions it is very dangerous in what way? That is, you always need to maintain a certain balance, to understand.
"You always need to compare: tell the password yourself or something terrible will happen to you."
Nikitin:
Of course, I understand, you served 10 years, this is a huge loss of life, but if you see that you have some inadequate law enforcement officer, and he can make you disabled, you always need to compare, tell the password or something terrible will happen to you, because in the regions this can happen. A bottle, yes.
About passwords and gaining access to data on the phone
Nikitin:
We have all seen this in the media, but I have heard many times, for example, that in some regions experts have no problem with iPhone passwords.
I'm like, have they somehow learned to hack them or something? They're like, no, but they always say it simply. And it's clear that no one in their right mind would just say that, because in other regions there are huge problems with that.
Pavlovich:
By the way, you reminded me about passwords. Yesterday there was a tender, the media literally mentioned November 10, a million dollars for the purchase of equipment for obtaining information from phones from the FSB. The tender was announced yesterday.
Nikitin:
Yes, yes, this is a well-known story, there are many manufacturers of economic software, some of which we also use to conduct our research. Expensive? Not all of them. Expensive? I'll tell you now, but it's tens of thousands of dollars, about that. And they don't supply everyone either.
Pavlovich:
And who are the developers?
Nikitin:
Which countries? There are Russian developers, very good ones, and Israel, i.e. Israel is very strong in this. That's when I was talking about the NSO group, who are there, and there is also Slebrite, the Slebrite company, which just hacked the iPhone of the terrorist that the FBI asked, who blew up someone in the States, and they also have a powerful complex. But our guys, who are also mobile forensic experts, are also very, very good. And that's what I mean, about bloodthirstiness.
I mean, always compare the risk to your health with the risk to your freedom. Be careful with this, because, let's say, these good and healthy certified police officers, they may be mostly found in Moscow, St. Petersburg, but somewhere very far away, in the regions, everything can go completely wrong. And this is precisely the question of encryption, I joked about it there."
"They broke the windows, knocked out the double-glazed windows, and it turned out that the guys were working as system administrators"
Nikitin:
Yes, they broke the windows, knocked out the double-glazed windows, and it turned out that the guys who work there, they work for a salary. That is, they simply received a fixed cost per month and they were paid.
Pavlovich:
Well, like programmers.
Nikitin:
Yes, they were paid. They were more like admins there, in fact, they worked as system administrators. And they were paid a fixed rate, a fairly large salary for that region.
Pavlovich:
Well, two or three thousand dollars. Nikitin: No, that is, a cool salary there was considered to be something like 90 thousand rubles.
Pavlovich:
Let's google where 90 thousand rubles are, we'll figure out the region.
Were you at the arrest as an expert?
Nikitin:
It was funny when a person is brought in for questioning with a lawyer, everything is civilized, an investigator. And I participated in translating all the slang.
Pavlovich:
Were you officially an expert?
Nikitin:
Yes, that is, I was brought in, I was included in all the protocols and so on. The person who was brought in, he looks at me and says, I know you. Excellent episode. People about. I really liked it. I watched 2 episodes. I say, and today the third one came out. He's like, ooo, I'll have to watch it. Pavlovich: You'll watch it in a couple of years.
Nikitin:
That's right. And I mean that somewhere in the questions I've already seen that you think if a real hacker is watching you. Well, that really does happen.
"The ways of the Lord are mysterious..."
Pavlovich:
The ways of the Lord are mysterious.
Nikitin:
Yes, I can say that I'm surprised by the rather positive, let's say, attitude, and the guys really liked the episodes.
They say it's cool, and just to the question of bloodthirstiness, I think it's always interesting when it's some kind of intellectual confrontation, engineering, and very often, when I was called as an expert in court, that is, there are defendants, they are accused of something, they are the authors, let's say, of some malware, we start talking to them,
and we always treat each other with great respect, they understand that I understand what they were doing, well, it's always mutual, and they understand that I only treat technical things, that is, they left some traces there, or their virus is cool, let's say, there are developers there, they really had excellent software products, they are coolly written, and this inspires respect.
"Illegally searching for digital evidence is a very bad idea"
Nikitin:
Of course, they used them for criminal purposes, which is bad, but the product itself, that is, engineering-wise, it is a completely normal story, but torturing someone, illegally obtaining digital evidence is a very bad idea, because whenever it starts in the state, it ends with the fact that the evidence is simply not needed, that is, why torture someone to find out if a person can simply be tortured, and he will write frankly even what happened and did not happen, yes, and it does not matter, it was, it was not, and so on, because the methods are already completely illegal and the result gives the second option, and suddenly there will be nothing there, and the second option always gives the best result.
Therefore, in this sense, be careful, well, and if somewhere.
Pavlovich:
If you see me, then tell me, I am a subscriber to People Pro and perhaps 10% with Koschukhov will be in actions and in terms. But you raised the issue, you arrived, there were guys there who were essentially admins, that is, how, I will simply explain from my practice, I had an article, for example, 222 in Belarus, this is the distribution of dumps there, that is, I sold dumps, but there is a question of qualification, that is, if I resold and knew that they would simply resell further along the chain, this is simply trading in stolen cards there.
But if I say, just look, such a collision breaks through, yes, a hint life hack, if I say that I knew that from them specifically those to whom I sold, they, this link following me, that they would write these dumps on the cards and go to the ATM, steal money, then I no longer have distribution of stolen data there,
and aiding and abetting in theft, part four, at that time it was already from 6 to 15, by the way, now it has been lowered to 12 in Belarus, but in Belarus it is better not to do it at all. Here is a question about qualification, as I will simply say. And in the case of these admins of yours, let's say, if they were asked questions there, that is, did you know what you were doing or did not know, will this somehow affect their term?
Nikitin:
It will affect, yes, but here, by the way, one of the questions was what to do if they came there, and I have nothing on my computer. Here you need to understand that no one gets it for free, that is, for free. Usually, when a court order has already been signed, this is the area of housing, there has already been a whole history of this case. First from the investigator, then to his boss, he checked it, then to the prosecutor's office. Because if somewhere there are not enough grounds, they will return everything and also give this investigator a dressing down.
And in fact, despite the stories about incredible lawlessness there and so on, we have a huge number of cases falling apart at this preliminary stage. And that is why we have such a huge number of guilty verdicts, because this case, it goes through a bunch of checks many times before it goes to court. And there, in fact, is such a circular sex in the sense that each boss checks his subordinate very, very strictly.
And if anything, there is a supervisory body of the prosecutor's office that checks in court and so on.
"If they are going to search your home, it means that they have something else on you"
Nikitin:
And, of course, if they are already going to search your home, it means that they definitely have something other than what you encrypted on your computer. Well, this is just one of the thoughts. Testimony, evidence. Yes-yes-yes. That is, there must be something else. Maybe some money transfers, somewhere else there is a light. Some kind of financial trail, or someone's accomplice gave everyone away, yes, and he told there, everything had already been confiscated from him, everything was described, and so on.
And these guys, they had direct access to all these administrative panels on their computers, i.e. they definitely saw what it was and knew what they were doing, but in fact they didn't really deny it. They were like, damn, well, we guessed that they would come to us, you can't just get that kind of money, and they all didn't have any special education, there was one guy who had just returned from the army, he was simply offered a job by a friend, etc.
And they were all exchanging videos, yours I mean. And I thought, like Zyuba. No-no-no, not like Zyuba.
Did these hackers pay taxes?
Nikitin:
And they were like, well, yeah, but we earned a lot. They registered as self-employed. Now there is a new status. And they paid taxes. And they paid taxes. Yes, really. They paid taxes. Freelancers. That is, they converted their sbitkov into money, paid taxes from these. And many of them, like, I'm saving up for a mortgage, like, I need some normal income, because I pay taxes.
Pavlovich:
Well, in short, they are the most spoiled guys yet.
Nikitin:
Absolutely not spoiled, by the way, we discussed that this is a problem of the opportunity to realize yourself, that is, in the regions they say how much you received, well, this much, they say, like, our local plant managers, they earn less, well, officially, at least, I mean salaries and so on, that is, for this city these are very large salaries, they thought about buying apartments, starting a family and so on and so forth.
Pavlovich:
They will probably be charged as accomplices, right?
Nikitin:
Yes, but I'm not sure that they will get real prison terms.
Pavlovich:
Do you have any witnesses?
Nikitin:
No, there are no witnesses, they will probably get suspended sentences because this is the first time, they all have no criminal record, etc.
Pavlovich:
Have you found the organizers?
"These guys were hired workers, although the group itself was earning millions of dollars."
Nikitin:
The organizers, well, the case is ongoing, yes, that is, these are still threads that are being lost, but these guys are actually hired workers, although this group, it was earning millions of dollars.
Pavlovich:
Well, when you see the organizers, say hello, and here's this bottle of vodka to Carder. No, I'm kidding, I don't wish to get anyone into trouble, whether it's enough or not, so it's better to do business. If you are able to create such products, already highly engineered, technological, then it is simply easier, in my opinion, to engage in legal business, and there will be no risk that, although I do not like this phrase, you will someday sit down
to drink.
"I do not work on Russia - and they do not come to me in the morning"
Nikitin:
Yes, and I hope that, perhaps, somehow this whole quarantine story, which is now launching remote work, will help guys from the regions to work legally remotely somewhere here, in Moscow, and also receive some decent salary, so that they do not have to do this. Because they are all like that, well, we understood that this would end someday, we thought that if we do not work in Russia, then nothing will happen.
Pavlovich:
Let's also talk about this myth, by the way. Many are sure, I don't remember whether we raised it before or not, but it won't hurt that I don't steal from Russian citizens, from Russian companies, that is, I don't work a couple of hours and they won't come to me in the morning.
Nikitin:
Unfortunately, it doesn't work, because in this case, the couple practically didn't work, but there can still be requests through Interpol, there can be random victims in Russia, for example, it could be that some office in Holland was hacked, and this is a large international company, it has Russian offices, and the general network there is also infected with something, there are already applicants in Russia, and this is always a big risk.
Therefore, this is absolutely not a guarantee of anything. If this can be qualified under computer articles, it is absolutely unimportant how it all works. It is not a guarantee, those who do not work for the couple can also come to them.
Pavlovich:
And how did they get caught?
Nikitin:
Is this known and can we talk about it? I can't tell, unfortunately. Again, of course, I know, I wrote in the comments that you are telling some old cases, I am telling about cases where people have already been convicted and all the appeals have been done and it is as if no investigative secrets or terms are in effect, you can talk about them openly, and it is as if everything is clear there, how it works.
Naturally, there are a lot of more recent cases, but they are still in the process, and I am there as a procedural person and cannot just tell.
Pavlovich:
There were a lot of comments under the videos, fortunately they told so much, but I can imagine how much more they kept silent, that's how much you know in total from this series.
The youngest and oldest cybercriminals and hackers that you caught
Pavlovich:
And the youngest and the oldest, older cybercriminal that you caught, and who were they? Hackers, carders?
Nikitin:
Yes, so, in fact, the youngest were guys 18-19-20 years old, that also happened. And these were mainly botnets, these were also Android botnets. Mainly, yes, this was the theft of card data, but not dumps, but codes, CVV, one-time passwords, that's the story.
Pavlovich:
But 18-19, you say, there were no younger ones?
Nikitin:
No younger ones, I don't remember any younger ones, I don't remember any younger ones, there were no minors. Yes, yes, yes. But I remember, there was a search of a young guy, he was 20, I think, so they came to him, he was there with two girls, he absolutely didn't expect this story, he was talking to someone else on camera, he jumped on the laptop, broke the screen in half.
What's the point. Well, yes, it didn't help them at all, but he was just young, hot-blooded, and didn't panic. And as for the oldest ones, there are especially financial scammers who, for example, know how to organize cash-outs, left-wing LLCs, all these chains, all the documentation, and they cooperate, for example, with some hacker group. And they, I don't know, in the 90s they made some kind of one-day firms.
And they go through a group. There are 50 plus, of course.
Are there any female hackers?
Pavlovich:
And what about girls?
Nikitin:
There are girls too, but less often. There are a lot of girls who are used as drops, couriers, carriers, stuff like that. To be honest, I can't remember any technoreics of girls. There are probably some, but there are just fewer of them in reality.
Well, I think there are quite a few, but in my practice I don't remember, I remember specifically some organizational things, i.e. there were girls who organized drops, that's what happened.
Pavlovich:
Well, in these webcams there are a lot of girls among the administrators, in brothels there are also girls, they are often these administrators.
The story of the bisexual hacker
Nikitin:
So yes, in general, and by the way, from other interesting stories, in terms of the fact that when very young guys get access to a huge amount of money, they often go crazy, someone gets hooked on drugs of all kinds, there was one guy who participated in all sorts of orgies, he actually organized them, but he was bisexual, and this was used against him.
Pavlovich:
This will come in handy for him in prison.
Nikitin:
This was used against him, because they showed him his own photos with a dick in his mouth, and said that he would go to the Air Force like that, he immediately, naturally, voluntarily told everything that was needed, because after all, in the former USSR it was a taboo topic, it is still very strong in prisons.
It was funny because then there was another guy, also bisexual, and I think it has something to do with the incredible amount of money they get, they can, as I understand it, order any escorts they want, and it quickly gets boring, and they don't know what they want, maybe men, maybe something else. Well, it's in terms of some kind of humor, but these are like two real cases.
Pavlovich:
You reminded me of a joke, there's an old prisoner in the prison environment who says that in this life you have to try everything, even in the ass, well, after that you die.
Girl - hacker №2 in the world
Pavlovich:
By the way, I know girls-hackers, I know two, well, at least, and one of them, for example, Scorpio Drinkman, yes, I consider him number one hacker in the world, well, I just saw more than once what he did, yes, and the Americans consider him so, here are 12 years,
but by the way, he will be released soon enough, maybe next year, and I know, here he is number one in my personal rating, and I know one girl, she is number two in her skills, and perhaps now number one in the world, I can’t say yet what she did, but it will soon be in the entire American press and the international press as well, but that will be later.
How hackers live, about hackers' houses, apartments and cars
Pavlovich:
What did the holes, huts, apartments, dens, mansions of the hackers you detained look like?
Nikitin:
Very different, in fact, it depends a lot on the people. And it's quite funny, many hackers, they really just had wads of cash lying around at home, and they lived in a rented apartment, without wallpaper on the wall, some kind of absolutely dirty entrance, and at the same time they could drive some x5, but they lived in really terrible conditions, they ordered some kind of food there
by delivery, but the apartments themselves are terrible, and the main problem is that it is very difficult to legalize income and, for example, it is difficult to buy some really cool real estate. But there were scammers who, for example, rented very expensive real estate in elite areas of Moscow, in all sorts of elite residential complexes. I remember very well a search of one guy. We go in, so the first two or three floors are underground parking.
And then above this underground parking there is a courtyard, and the towers of this same private complex are already sticking out of it. That is, the residents of this house, they are on three floors above the street, and they walk in their courtyard there. And it is not so easy to get there. Here. And he rented an apartment there for some unthinkable amount of money, like 250 or 300 thousand a month. We simply found rental agreements with him. Here. And, then, we go into the lobby of this building. And
there is a reception, like in a five-star hotel, leather chairs, coolers, escalators. The man simply rented an apartment there.
Arrests from the regions
Nikitin:
I've seen all sorts of arrests from the regions, it often happens there that they take guys, they're very young, and they have some kind of aesthetics of bandits from the 90s, some gold chains, icons, gold-plated pistols, some kind of absolute nonsense, foreign cars, some kind of restored Mercedes from 1995.
Bandit style. Yes, yes, yes, bandit style. And again, here are the cars, almost, this is such a characteristic feature. There was one guy, he had the best car, damn, you can't tear it off now, I think he had a Lamborghini.
Hackers' car park
Nikitin:
He delivered it to the place from tri-tracking by helicopter, raced there, and then returned it, because he couldn't drive it out of the speed bumps, it was very low, that is, there was such a whole delivery. And all sorts of BMW X, all sorts of M, X6M, X5M, it often happens that...
Pavlovich:
Well, basically, as I understand it, BMW, right, from your story?
Nikitin:
Yes. It's like in that movie "The Transporter", the good guy had an Audi, and all the bad guys had BMWs, or vice versa,
Pavlovich:
I don't remember anymore.
Nikitin:
I don't remember either. Yes, almost many hackers have BMWs and Bimmers, i.e. BMW motorcycles are also popular.
Pavlovich:
I had 3 or 4 BMWs,
Nikitin:
You see, a popular brand.
Pavlovich:
Of all my cars, that is, I had one Audi, several Mercedes, 3 or 4, but I still had more BMW.
Nikitin:
That's why expensive cars and very different housing, but as a rule not their own, that is, rented, but some hackers, they had a lot of money, they were so super stingy and rented cheaper there, further away, better here and just sat on this money, like Koschei over gold, pining away. They put it aside for a rainy day.
It's always very sad when there are pregnant women or small children, and you can see that young guys, they just started a family, maybe they divorced children, because he started earning at least something, what incentive, these are still the regions, so of course it's sad.
"Very often cool computers"
Nikitin:
Very often cool computers, that is, this is just such a characteristic feature.
Pavlovich:
Home or laptops?
Nikitin:
Yes, home. Mainly these little towers, there, where there might be...
Pavlovich:
There's nitrogen and other stuff there.
Nikitin:
Yes, yes, yes, there's just super backlighting, there's 800 SSD, 3 video cards, it all glows and shimmers. Some kind of super chair, really cool, some kind of gun there, yes. There are three monitors or two, or a big one, round, and that's it. And around there are some scraps, half-eaten chips, dirt there, some kind of sofa there, and so on. That is, they've sort of equipped themselves with a place, and around there is hell.
There's, I don't know, some kind of mold. In general, they're actually very different, but, let's say, it's mainly very noticeable that there are cars, yes, and some kind of equipment. And, let's say, all this money came and went for them easily. That is, a lot of people start playing there, placing all kinds of bets, something else, donating, for example, a bunch of stuff. There are accounts in games, where you can see that a person, I don’t know, poured millions of rubles into some online browser game, just because he could.
Well, that is, no matter how he earned it, this money, yes, it’s easy for him to spend it. That’s why, in general, very, very different, let’s say, holes, well, and the people themselves, of course, are also different, that’s it. But I haven’t come across any palaces like that, because, probably, palaces are not so easy to rent, or maybe their owners check more who they want to settle there, I mean landlords.
At most, expensive apartments are rented.
In which cities are there more hackers?
Pavlovich:
And by geography, for example, have you caught the most cybercriminals, hackers, and so on, Moscow, St. Petersburg – large cities, or is the overwhelming majority of these regions?
Nikitin:
In fact, everything. Probably, very small cities are more of an exception. Yes, my story there was about a didoser, where they have some kind of chicken factory and a mine, well, that's more of an exception. But basically, these are some regional or district centers, yes, well, well, and Moscow and St. Petersburg.
The largest amounts of money
Pavlovich:
And the top ones in terms of damages and everything there in terms of wealth are Moscow and St. Petersburg or the regions?
Nikitin:
Well, in terms of damages, probably, the company is mainly Moscow, of course, there is simply more money here, and at some point there was Yekaterinburg, just specifically for cashing out, simply one of the one, for some reason they withdrew a huge amount of money there, and at some points we already came to clients there, we were like - your money was withdrawn through Yekaterinburg. They were like - how do you know? Can you already find them? We were like - no, it just always happens like that.
That is, in short, the Ural capital, it is like that ...
Famous carder Sergey Pavlovich continues his conversation with Sergey Nikitin, deputy head of the computer forensics laboratory at Group-IB, the main Russian private fighter against hackers and other cybercriminals, and in the sixth episode of the series we talk about the houses and cars of top Russian hackers and carders, about hackers' computers, about the youngest and oldest cybercriminals ever detained by Group-IB in cooperation with law enforcement agencies, about female hackers, we tell the story of a bisexual hacker and much, much more.
Enjoy reading!
Contents:
- What happened when we filmed the first 3 episodes with you?
- "You always have to weigh up whether you tell the password yourself or something terrible will happen to you."
- About passwords and access to data on the phone
- "They broke the windows, knocked out the double-glazed windows, it turned out that the guys were working as system administrators"
- Were you at the arrest as an expert?
- "The ways of the Lord are mysterious..."
- "Illegally searching for digital evidence is a very bad idea"
- "If they come to search your home, it means there is something else on you"
- Did these hackers pay taxes?
- "These guys were hired workers, although the group itself was earning millions of dollars."
- "I don't work on .RU - and they don't come to me in the morning"
- The Youngest and Oldest Cybercriminals and Hackers You've Caught
- Are there any girl hackers?
- The story of a bisexual hacker
- The girl is the #2 hacker in the world
- How hackers live, about hackers' houses, hackers' apartments and cars
- Detentions from the regions
- Hackers' Car Park
- "Very often cool computers"
- Which cities have more hackers?
- The largest sums of money
What happened when we filmed the first 3 episodes with you?
Pavlovich:
Well, and we continue, because he has come now for a long time, and we will chain him to the radiator and will not let him go for a long time. So let's now, perhaps, on the questions of our viewers, what happened after we filmed 3 interviews with you.
Nikitin:
So, when we released the third episode, yes, just on the days when the third episode was coming out, I was brought in as a specialist to participate in operational activities in one of the regions of Russia, for obvious reasons, since the investigation is still ongoing, I cannot name what kind of virus was used there, it was a hacker group that used some kind of virus and, in general, we flew out, it was a business trip, a search is taking place, it was all quite funny there, SOBR officers broke the windows, climbed through assault ladders.
Pavlovich:
You're going to write in the comments again, yes, he's so bloodthirsty, in short, he says, there's a search there, so let's blow it up, they've already written.
Nikitin:
Yes-yes-yes. No, well, blowing it up is always cool, yes, so that there are no victims, of course. By the way, yes, I can answer, I joked about the eye, yes, that they can remove the eye. In fact, I was saying this because, I said, look, in the Moscow region, yes, there in the region, look how much I worked with law enforcement, their level, I mean in terms of some violations, some forceful actions, it's very civilized, that is, no one was beaten or fed in my presence.
Pavlovich:
On the way out, in whispers and coffee.
Nikitin:
Yes, there was no such cruelty, and on the contrary, very often the cases fell apart right before my eyes, because people worked absolutely within the legal framework, did not influence people by force in any way, and then they went into denial. And you would have harshed it. No, I was talking about the fact that in the regions it is very dangerous in what way? That is, you always need to maintain a certain balance, to understand.
"You always need to compare: tell the password yourself or something terrible will happen to you."
Nikitin:
Of course, I understand, you served 10 years, this is a huge loss of life, but if you see that you have some inadequate law enforcement officer, and he can make you disabled, you always need to compare, tell the password or something terrible will happen to you, because in the regions this can happen. A bottle, yes.
About passwords and gaining access to data on the phone
Nikitin:
We have all seen this in the media, but I have heard many times, for example, that in some regions experts have no problem with iPhone passwords.
I'm like, have they somehow learned to hack them or something? They're like, no, but they always say it simply. And it's clear that no one in their right mind would just say that, because in other regions there are huge problems with that.
Pavlovich:
By the way, you reminded me about passwords. Yesterday there was a tender, the media literally mentioned November 10, a million dollars for the purchase of equipment for obtaining information from phones from the FSB. The tender was announced yesterday.
Nikitin:
Yes, yes, this is a well-known story, there are many manufacturers of economic software, some of which we also use to conduct our research. Expensive? Not all of them. Expensive? I'll tell you now, but it's tens of thousands of dollars, about that. And they don't supply everyone either.
Pavlovich:
And who are the developers?
Nikitin:
Which countries? There are Russian developers, very good ones, and Israel, i.e. Israel is very strong in this. That's when I was talking about the NSO group, who are there, and there is also Slebrite, the Slebrite company, which just hacked the iPhone of the terrorist that the FBI asked, who blew up someone in the States, and they also have a powerful complex. But our guys, who are also mobile forensic experts, are also very, very good. And that's what I mean, about bloodthirstiness.
I mean, always compare the risk to your health with the risk to your freedom. Be careful with this, because, let's say, these good and healthy certified police officers, they may be mostly found in Moscow, St. Petersburg, but somewhere very far away, in the regions, everything can go completely wrong. And this is precisely the question of encryption, I joked about it there."
"They broke the windows, knocked out the double-glazed windows, and it turned out that the guys were working as system administrators"
Nikitin:
Yes, they broke the windows, knocked out the double-glazed windows, and it turned out that the guys who work there, they work for a salary. That is, they simply received a fixed cost per month and they were paid.
Pavlovich:
Well, like programmers.
Nikitin:
Yes, they were paid. They were more like admins there, in fact, they worked as system administrators. And they were paid a fixed rate, a fairly large salary for that region.
Pavlovich:
Well, two or three thousand dollars. Nikitin: No, that is, a cool salary there was considered to be something like 90 thousand rubles.
Pavlovich:
Let's google where 90 thousand rubles are, we'll figure out the region.
Were you at the arrest as an expert?
Nikitin:
It was funny when a person is brought in for questioning with a lawyer, everything is civilized, an investigator. And I participated in translating all the slang.
Pavlovich:
Were you officially an expert?
Nikitin:
Yes, that is, I was brought in, I was included in all the protocols and so on. The person who was brought in, he looks at me and says, I know you. Excellent episode. People about. I really liked it. I watched 2 episodes. I say, and today the third one came out. He's like, ooo, I'll have to watch it. Pavlovich: You'll watch it in a couple of years.
Nikitin:
That's right. And I mean that somewhere in the questions I've already seen that you think if a real hacker is watching you. Well, that really does happen.
"The ways of the Lord are mysterious..."
Pavlovich:
The ways of the Lord are mysterious.
Nikitin:
Yes, I can say that I'm surprised by the rather positive, let's say, attitude, and the guys really liked the episodes.
They say it's cool, and just to the question of bloodthirstiness, I think it's always interesting when it's some kind of intellectual confrontation, engineering, and very often, when I was called as an expert in court, that is, there are defendants, they are accused of something, they are the authors, let's say, of some malware, we start talking to them,
and we always treat each other with great respect, they understand that I understand what they were doing, well, it's always mutual, and they understand that I only treat technical things, that is, they left some traces there, or their virus is cool, let's say, there are developers there, they really had excellent software products, they are coolly written, and this inspires respect.
"Illegally searching for digital evidence is a very bad idea"
Nikitin:
Of course, they used them for criminal purposes, which is bad, but the product itself, that is, engineering-wise, it is a completely normal story, but torturing someone, illegally obtaining digital evidence is a very bad idea, because whenever it starts in the state, it ends with the fact that the evidence is simply not needed, that is, why torture someone to find out if a person can simply be tortured, and he will write frankly even what happened and did not happen, yes, and it does not matter, it was, it was not, and so on, because the methods are already completely illegal and the result gives the second option, and suddenly there will be nothing there, and the second option always gives the best result.
Therefore, in this sense, be careful, well, and if somewhere.
Pavlovich:
If you see me, then tell me, I am a subscriber to People Pro and perhaps 10% with Koschukhov will be in actions and in terms. But you raised the issue, you arrived, there were guys there who were essentially admins, that is, how, I will simply explain from my practice, I had an article, for example, 222 in Belarus, this is the distribution of dumps there, that is, I sold dumps, but there is a question of qualification, that is, if I resold and knew that they would simply resell further along the chain, this is simply trading in stolen cards there.
But if I say, just look, such a collision breaks through, yes, a hint life hack, if I say that I knew that from them specifically those to whom I sold, they, this link following me, that they would write these dumps on the cards and go to the ATM, steal money, then I no longer have distribution of stolen data there,
and aiding and abetting in theft, part four, at that time it was already from 6 to 15, by the way, now it has been lowered to 12 in Belarus, but in Belarus it is better not to do it at all. Here is a question about qualification, as I will simply say. And in the case of these admins of yours, let's say, if they were asked questions there, that is, did you know what you were doing or did not know, will this somehow affect their term?
Nikitin:
It will affect, yes, but here, by the way, one of the questions was what to do if they came there, and I have nothing on my computer. Here you need to understand that no one gets it for free, that is, for free. Usually, when a court order has already been signed, this is the area of housing, there has already been a whole history of this case. First from the investigator, then to his boss, he checked it, then to the prosecutor's office. Because if somewhere there are not enough grounds, they will return everything and also give this investigator a dressing down.
And in fact, despite the stories about incredible lawlessness there and so on, we have a huge number of cases falling apart at this preliminary stage. And that is why we have such a huge number of guilty verdicts, because this case, it goes through a bunch of checks many times before it goes to court. And there, in fact, is such a circular sex in the sense that each boss checks his subordinate very, very strictly.
And if anything, there is a supervisory body of the prosecutor's office that checks in court and so on.
"If they are going to search your home, it means that they have something else on you"
Nikitin:
And, of course, if they are already going to search your home, it means that they definitely have something other than what you encrypted on your computer. Well, this is just one of the thoughts. Testimony, evidence. Yes-yes-yes. That is, there must be something else. Maybe some money transfers, somewhere else there is a light. Some kind of financial trail, or someone's accomplice gave everyone away, yes, and he told there, everything had already been confiscated from him, everything was described, and so on.
And these guys, they had direct access to all these administrative panels on their computers, i.e. they definitely saw what it was and knew what they were doing, but in fact they didn't really deny it. They were like, damn, well, we guessed that they would come to us, you can't just get that kind of money, and they all didn't have any special education, there was one guy who had just returned from the army, he was simply offered a job by a friend, etc.
And they were all exchanging videos, yours I mean. And I thought, like Zyuba. No-no-no, not like Zyuba.
Did these hackers pay taxes?
Nikitin:
And they were like, well, yeah, but we earned a lot. They registered as self-employed. Now there is a new status. And they paid taxes. And they paid taxes. Yes, really. They paid taxes. Freelancers. That is, they converted their sbitkov into money, paid taxes from these. And many of them, like, I'm saving up for a mortgage, like, I need some normal income, because I pay taxes.
Pavlovich:
Well, in short, they are the most spoiled guys yet.
Nikitin:
Absolutely not spoiled, by the way, we discussed that this is a problem of the opportunity to realize yourself, that is, in the regions they say how much you received, well, this much, they say, like, our local plant managers, they earn less, well, officially, at least, I mean salaries and so on, that is, for this city these are very large salaries, they thought about buying apartments, starting a family and so on and so forth.
Pavlovich:
They will probably be charged as accomplices, right?
Nikitin:
Yes, but I'm not sure that they will get real prison terms.
Pavlovich:
Do you have any witnesses?
Nikitin:
No, there are no witnesses, they will probably get suspended sentences because this is the first time, they all have no criminal record, etc.
Pavlovich:
Have you found the organizers?
"These guys were hired workers, although the group itself was earning millions of dollars."
Nikitin:
The organizers, well, the case is ongoing, yes, that is, these are still threads that are being lost, but these guys are actually hired workers, although this group, it was earning millions of dollars.
Pavlovich:
Well, when you see the organizers, say hello, and here's this bottle of vodka to Carder. No, I'm kidding, I don't wish to get anyone into trouble, whether it's enough or not, so it's better to do business. If you are able to create such products, already highly engineered, technological, then it is simply easier, in my opinion, to engage in legal business, and there will be no risk that, although I do not like this phrase, you will someday sit down
to drink.
"I do not work on Russia - and they do not come to me in the morning"
Nikitin:
Yes, and I hope that, perhaps, somehow this whole quarantine story, which is now launching remote work, will help guys from the regions to work legally remotely somewhere here, in Moscow, and also receive some decent salary, so that they do not have to do this. Because they are all like that, well, we understood that this would end someday, we thought that if we do not work in Russia, then nothing will happen.
Pavlovich:
Let's also talk about this myth, by the way. Many are sure, I don't remember whether we raised it before or not, but it won't hurt that I don't steal from Russian citizens, from Russian companies, that is, I don't work a couple of hours and they won't come to me in the morning.
Nikitin:
Unfortunately, it doesn't work, because in this case, the couple practically didn't work, but there can still be requests through Interpol, there can be random victims in Russia, for example, it could be that some office in Holland was hacked, and this is a large international company, it has Russian offices, and the general network there is also infected with something, there are already applicants in Russia, and this is always a big risk.
Therefore, this is absolutely not a guarantee of anything. If this can be qualified under computer articles, it is absolutely unimportant how it all works. It is not a guarantee, those who do not work for the couple can also come to them.
Pavlovich:
And how did they get caught?
Nikitin:
Is this known and can we talk about it? I can't tell, unfortunately. Again, of course, I know, I wrote in the comments that you are telling some old cases, I am telling about cases where people have already been convicted and all the appeals have been done and it is as if no investigative secrets or terms are in effect, you can talk about them openly, and it is as if everything is clear there, how it works.
Naturally, there are a lot of more recent cases, but they are still in the process, and I am there as a procedural person and cannot just tell.
Pavlovich:
There were a lot of comments under the videos, fortunately they told so much, but I can imagine how much more they kept silent, that's how much you know in total from this series.
The youngest and oldest cybercriminals and hackers that you caught
Pavlovich:
And the youngest and the oldest, older cybercriminal that you caught, and who were they? Hackers, carders?
Nikitin:
Yes, so, in fact, the youngest were guys 18-19-20 years old, that also happened. And these were mainly botnets, these were also Android botnets. Mainly, yes, this was the theft of card data, but not dumps, but codes, CVV, one-time passwords, that's the story.
Pavlovich:
But 18-19, you say, there were no younger ones?
Nikitin:
No younger ones, I don't remember any younger ones, I don't remember any younger ones, there were no minors. Yes, yes, yes. But I remember, there was a search of a young guy, he was 20, I think, so they came to him, he was there with two girls, he absolutely didn't expect this story, he was talking to someone else on camera, he jumped on the laptop, broke the screen in half.
What's the point. Well, yes, it didn't help them at all, but he was just young, hot-blooded, and didn't panic. And as for the oldest ones, there are especially financial scammers who, for example, know how to organize cash-outs, left-wing LLCs, all these chains, all the documentation, and they cooperate, for example, with some hacker group. And they, I don't know, in the 90s they made some kind of one-day firms.
And they go through a group. There are 50 plus, of course.
Are there any female hackers?
Pavlovich:
And what about girls?
Nikitin:
There are girls too, but less often. There are a lot of girls who are used as drops, couriers, carriers, stuff like that. To be honest, I can't remember any technoreics of girls. There are probably some, but there are just fewer of them in reality.
Well, I think there are quite a few, but in my practice I don't remember, I remember specifically some organizational things, i.e. there were girls who organized drops, that's what happened.
Pavlovich:
Well, in these webcams there are a lot of girls among the administrators, in brothels there are also girls, they are often these administrators.
The story of the bisexual hacker
Nikitin:
So yes, in general, and by the way, from other interesting stories, in terms of the fact that when very young guys get access to a huge amount of money, they often go crazy, someone gets hooked on drugs of all kinds, there was one guy who participated in all sorts of orgies, he actually organized them, but he was bisexual, and this was used against him.
Pavlovich:
This will come in handy for him in prison.
Nikitin:
This was used against him, because they showed him his own photos with a dick in his mouth, and said that he would go to the Air Force like that, he immediately, naturally, voluntarily told everything that was needed, because after all, in the former USSR it was a taboo topic, it is still very strong in prisons.
It was funny because then there was another guy, also bisexual, and I think it has something to do with the incredible amount of money they get, they can, as I understand it, order any escorts they want, and it quickly gets boring, and they don't know what they want, maybe men, maybe something else. Well, it's in terms of some kind of humor, but these are like two real cases.
Pavlovich:
You reminded me of a joke, there's an old prisoner in the prison environment who says that in this life you have to try everything, even in the ass, well, after that you die.
Girl - hacker №2 in the world
Pavlovich:
By the way, I know girls-hackers, I know two, well, at least, and one of them, for example, Scorpio Drinkman, yes, I consider him number one hacker in the world, well, I just saw more than once what he did, yes, and the Americans consider him so, here are 12 years,
but by the way, he will be released soon enough, maybe next year, and I know, here he is number one in my personal rating, and I know one girl, she is number two in her skills, and perhaps now number one in the world, I can’t say yet what she did, but it will soon be in the entire American press and the international press as well, but that will be later.
How hackers live, about hackers' houses, apartments and cars
Pavlovich:
What did the holes, huts, apartments, dens, mansions of the hackers you detained look like?
Nikitin:
Very different, in fact, it depends a lot on the people. And it's quite funny, many hackers, they really just had wads of cash lying around at home, and they lived in a rented apartment, without wallpaper on the wall, some kind of absolutely dirty entrance, and at the same time they could drive some x5, but they lived in really terrible conditions, they ordered some kind of food there
by delivery, but the apartments themselves are terrible, and the main problem is that it is very difficult to legalize income and, for example, it is difficult to buy some really cool real estate. But there were scammers who, for example, rented very expensive real estate in elite areas of Moscow, in all sorts of elite residential complexes. I remember very well a search of one guy. We go in, so the first two or three floors are underground parking.
And then above this underground parking there is a courtyard, and the towers of this same private complex are already sticking out of it. That is, the residents of this house, they are on three floors above the street, and they walk in their courtyard there. And it is not so easy to get there. Here. And he rented an apartment there for some unthinkable amount of money, like 250 or 300 thousand a month. We simply found rental agreements with him. Here. And, then, we go into the lobby of this building. And
there is a reception, like in a five-star hotel, leather chairs, coolers, escalators. The man simply rented an apartment there.
Arrests from the regions
Nikitin:
I've seen all sorts of arrests from the regions, it often happens there that they take guys, they're very young, and they have some kind of aesthetics of bandits from the 90s, some gold chains, icons, gold-plated pistols, some kind of absolute nonsense, foreign cars, some kind of restored Mercedes from 1995.
Bandit style. Yes, yes, yes, bandit style. And again, here are the cars, almost, this is such a characteristic feature. There was one guy, he had the best car, damn, you can't tear it off now, I think he had a Lamborghini.
Hackers' car park
Nikitin:
He delivered it to the place from tri-tracking by helicopter, raced there, and then returned it, because he couldn't drive it out of the speed bumps, it was very low, that is, there was such a whole delivery. And all sorts of BMW X, all sorts of M, X6M, X5M, it often happens that...
Pavlovich:
Well, basically, as I understand it, BMW, right, from your story?
Nikitin:
Yes. It's like in that movie "The Transporter", the good guy had an Audi, and all the bad guys had BMWs, or vice versa,
Pavlovich:
I don't remember anymore.
Nikitin:
I don't remember either. Yes, almost many hackers have BMWs and Bimmers, i.e. BMW motorcycles are also popular.
Pavlovich:
I had 3 or 4 BMWs,
Nikitin:
You see, a popular brand.
Pavlovich:
Of all my cars, that is, I had one Audi, several Mercedes, 3 or 4, but I still had more BMW.
Nikitin:
That's why expensive cars and very different housing, but as a rule not their own, that is, rented, but some hackers, they had a lot of money, they were so super stingy and rented cheaper there, further away, better here and just sat on this money, like Koschei over gold, pining away. They put it aside for a rainy day.
It's always very sad when there are pregnant women or small children, and you can see that young guys, they just started a family, maybe they divorced children, because he started earning at least something, what incentive, these are still the regions, so of course it's sad.
"Very often cool computers"
Nikitin:
Very often cool computers, that is, this is just such a characteristic feature.
Pavlovich:
Home or laptops?
Nikitin:
Yes, home. Mainly these little towers, there, where there might be...
Pavlovich:
There's nitrogen and other stuff there.
Nikitin:
Yes, yes, yes, there's just super backlighting, there's 800 SSD, 3 video cards, it all glows and shimmers. Some kind of super chair, really cool, some kind of gun there, yes. There are three monitors or two, or a big one, round, and that's it. And around there are some scraps, half-eaten chips, dirt there, some kind of sofa there, and so on. That is, they've sort of equipped themselves with a place, and around there is hell.
There's, I don't know, some kind of mold. In general, they're actually very different, but, let's say, it's mainly very noticeable that there are cars, yes, and some kind of equipment. And, let's say, all this money came and went for them easily. That is, a lot of people start playing there, placing all kinds of bets, something else, donating, for example, a bunch of stuff. There are accounts in games, where you can see that a person, I don’t know, poured millions of rubles into some online browser game, just because he could.
Well, that is, no matter how he earned it, this money, yes, it’s easy for him to spend it. That’s why, in general, very, very different, let’s say, holes, well, and the people themselves, of course, are also different, that’s it. But I haven’t come across any palaces like that, because, probably, palaces are not so easy to rent, or maybe their owners check more who they want to settle there, I mean landlords.
At most, expensive apartments are rented.
In which cities are there more hackers?
Pavlovich:
And by geography, for example, have you caught the most cybercriminals, hackers, and so on, Moscow, St. Petersburg – large cities, or is the overwhelming majority of these regions?
Nikitin:
In fact, everything. Probably, very small cities are more of an exception. Yes, my story there was about a didoser, where they have some kind of chicken factory and a mine, well, that's more of an exception. But basically, these are some regional or district centers, yes, well, well, and Moscow and St. Petersburg.
The largest amounts of money
Pavlovich:
And the top ones in terms of damages and everything there in terms of wealth are Moscow and St. Petersburg or the regions?
Nikitin:
Well, in terms of damages, probably, the company is mainly Moscow, of course, there is simply more money here, and at some point there was Yekaterinburg, just specifically for cashing out, simply one of the one, for some reason they withdrew a huge amount of money there, and at some points we already came to clients there, we were like - your money was withdrawn through Yekaterinburg. They were like - how do you know? Can you already find them? We were like - no, it just always happens like that.
That is, in short, the Ural capital, it is like that ...
