Mutt
Professional
- Messages
- 1,199
- Reaction score
- 852
- Points
- 113
CYBERSECURITY OFFICER VS. CARDER.
Hello! Today in our studio we have a former hacker, carder and cybercriminal. And also the regional director of Kaspersky Lab. It was not for nothing that we invited these two personalities, because they both make up two sides of the same coin: cybersecurity and cybercrime. What will they say about how to protect your personal data on the network, what hacking methods exist, how hackers are found and how hackers get into complex banking systems. We touched on this topic for a reason, because Stupidmadworld's channel was recently stolen.
Cybersecurity Officer:
Good afternoon, dear viewers, my name is Evgeny Pitolin, I am the managing director of Kaspersky Lab in Central Asia and the CIS.
Carder:
Hello, I will not say my name, I do not want to say where I live. About three years ago, we learned how to hack Paypal and withdraw money from bank cards in the form of goods.
Interviewer:
So this is stupid carding, you could say? So you hacked other people's accounts, ordered some stuff, where? On eBay, Computer Universe, somewhere else?
Carder:
Yes, Computer Universe was in Germany, eBay was in the UK. In general, we ordered from any stores, from any stores that sold online.
Interviewer:
How does this happen? You certainly don't order to your personal address somewhere? So that's stupid?
Carder:
There are drops for all this. These are specially hired people who don't even know what they're doing. They are simply asked to accept the parcel and send it where it needs to go. They don't ask unnecessary questions, they get the money.
Interviewer:
Well, who are these people? Are they homeless? They could be students, they could be ordinary housekeepers,
Carder:
To whom some company simply tells that they are expanding their range of activities, this is how they transfer goods.
Interviewer:
Well, that is, they think that they work at a normal job, but in fact they are sending it to scammers.
Carder:
Yes.
Interviewer:
Isn't there a risk that they will contact you through the drop?
Carder:
The drop itself doesn't know who you are. It sends it to your address. It's not that it sends you to the address, but that's how it all works. You send it to the drop, the drop sends it all to the buyer. The buyer distributes it all to some stores, sells it somewhere himself. Often on forums you can buy some things, electronics stolen for 70 or 60 percent.
Interviewer:
As you know, our channel was recently hijacked, at the moment, at the time of recording this video, the channel has not yet been restored. Yesterday we received a message that it will take about a few weeks to restore the channel, although before that they said a few days, but that is not the point. We have not yet familiarized ourselves with the results of YouTube's investigation into how we were attacked, how we were hacked, but in my Google account I can already see the information that our manager's computer was hacked.
Most likely, some spyware was installed on his PC, perhaps, although in fact the manager is making excuses in every possible way,
Cybersecurity Officer:
He didn't even touch anything, didn't click anything, everything came by itself.
Interviewer:
Well, actually, yes, I also checked my mail and there are no phishing letters or any links to software. Well, there are bloggers who were also hacked at about the same time as us, and they said that they were directly offered to install some software there, like cloud gaming, install it, people installed it and a few hours later they lost their channels. We didn't have anything like that. From your point of view, how could a hack happen, and secondly, what are the most common methods of hacking?
Cybersecurity Officer:
Well, my green friend Meduri Kuma, who sends his regards to everyone, and I, of course, blame your manager on the one hand, but on the other hand, we can't help but sympathize with him or you, because the situation you described is classic. And in fact, the problems of one specific blogger, I apologize, or some Instagram diva, for example, or just any trendsetter, are very understandable in this regard, but not even that scary.
Imagine that these same cases have actually happened in Kazakhstan over the past few years with some large banks. As a rule, when a manager says that he did nothing, well, this is not always so, I will say honestly, most likely he saw some trusted file there, this is basically what happens there, such a Dvordov document, some other link, that is, this happens constantly and unfortunately the key problem of all this is happening, it is exactly one, the lack of sufficient cyber literacy among users multiplied by some such lack of critical thinking, because it would seem that 2020, people have been deceived billions of times, a huge number of lawsuits, fraudulent schemes have been uncovered, Sergei Mavrodi is no longer with us, but people still believe that the Nigerian uncle
left an inheritance, that it is necessary to transfer money urgently here and now to get these billions, that there are some fantastic schemes, that it is possible to raise money like this in a second, and this is a terrible secret, so of course this person shared it only with him. And the second important point is, of course, our, well, you know, such a constant Russian or CIS vegetable, a classic human delusion sounds like this, this will never happen to me.
This is not my topic, no one needs me, I am small, inconspicuous, these criminals there are somewhere huge stealing billions, and who needs my unfortunate photos, who needs a document on my phone, who needs 5 thousand tenge in my account. The classic Soviet joke about five old ladies already a ruble, this is in fact a clear story of criminals. They do not care at all, big, small, how much you earn, how much money you can raise, how much of what can be taken from you, because you ...
They take quantity. Absolutely. Firstly, they take quantity, secondly, you as a digital personality already have significance. And in fact, here are colleagues from YouTube or Google who will conduct an investigation. You understand that returning your access is 3 minutes, in fact, technically. In fact, what takes time in these investigations, they will actually understand, look, research, and who was this digital personality, who got access, was it you, was it your employee, was it a fraudster, is anything known about this fraudster, and so on.
That is, the problem is deeper, and it is that our digital personality has long been, like this, in a second can cease to be ours. You 100% had defactor authentication enabled, that is, SMS messages came, there is something else. But, perhaps you know, or maybe you don’t, that for a long time now, for example, there have been a bunch of virus programs for Android that can hide SMS messages.
That is, you can basically think that everything is safe with you, nothing is happening, but in fact there is a virus on your phone. And if the account was linked to this manager, then there is a virus on his phone, he just won’t show you the SMS.
Interviewer:
It seems to me that this is already in the realm of fantasy, if you make a specifically targeted attack on a specific person, then yes, all these methods are justified, but as practice shows, this is just some kind of wave. Somewhere they took a login, password, then logged into the account, but bypassed two-factor authentication how? If you, for example, forgot your phone number, if you do not have access to your smartphone, Google allows you to generate one-time keys.
And the scammers logged in using the login, password, generated one-time keys, turned off two-factor authentication and felt at home in our account.
Cybersecurity Officer:
Absolutely right. I will even say more that there are very interesting cases, when, for example, there is antivirus protection on the servers, it seems to control everything, but if the attackers bypass the protection of the server itself, which is embedded by the manufacturer and, in fact, gain access from it, they do the same thing that you just said, only in corporate protection. That is, in fact, the story is that one antivirus, even if you have it, is never enough in principle.
That is, you already need to protect as many factors as possible, and SMS is also not a panacea, because, yes, a one-time rule can go to another infected device, but some of your correct device, which was stolen from you. And regarding the fact that it is a targeted attack, well, yes, every blogger, as far as I remember, has many hundreds of thousands of subscribers, and, in fact, you are an opinion leader, you are a transcender. Everything you write can actually be both good and bad, so you are a worthy target for a targeted attack, you must admit.
As it was with Twitter now, 20-30-50 accounts of big stars were hacked, stars were extracted. Send me one bitcoin, you will get two. In fact, it is very strange, I always say about criminals who in the 20th century still physically steal ATMs, that is, they physically try to steal, that these are the dumbest criminals, the slowest pokes that can be.
So, in fact, the criminals who hacked Twitter, well, that's it, the entire world of cybersecurity professionals is sitting there and thinking, well, what kind of people are these, what in general, that is, having the ability to simply collapse the financial markets, having the ability, well, in essence, to start a third world war from the Twitter of some president of some country, yes, a big one, they stole 100 thousand dollars in bitcoins, well, like, what was that, right?
Interviewer:
Recently, my Google account was hijacked along with my YouTube channel, naturally, I don't know who it was, how they got access to the data. Please tell us, using your own example, how hacks usually happen. For example, you have a goal and a specific person, and you somehow get in touch with him, or you buy a database somewhere. How is this personal data obtained?
Carder:
Well, in fact, there is a whole group of programmers who write viruses, stealers they are called, which pump out all the information from your computer, including browser history, some passwords, some cookies, even make a screenshot of the desktop, and all the text documents that were on the desktop, they also pump them out for you. And with their help you get the data you need to access your account.
Interviewer:
So most often it is a virus after all? Yes. How does a virus get onto the owner's computer? On the owner's device? Is it a computer or a smartphone, what is it most often?
Carder:
Well, mostly computers. There are a lot of ways, and the most common is how to download free cheats for Minecraft.
Interviewer:
So the guy downloads a rar archive with cheats, installs it, and along with that, a virus program gets onto his computer.
Carder:
Yes.
Interviewer:
And if he has an antivirus, will that help?
Carder:
Well, in some cases it helps, but some guys are cooler than any antivirus. And you can even bypass them. Without hackers, there would be no antivirus.
Interviewer:
Just look, PayPal also has some good guys, and the system is well protected, many people set up two-factor authentication, complex passwords, how much does this help people and how much does it put a spoke in the wheel of hackers, what are the difficulties in stealing money?
Carder:
Sometimes even two-factor doesn't help. Two-factor is a kind of protection, really. If you have the IP address of this person, and you have a proxy with this IP address, then the system itself will see as if you are the owner of this account.
Interviewer:
So you emulate the screen resolution, but I know that hackers emulate the screen resolution, location, IP substitution, and so on, and so the system seems to think that everything is okay and lets you through as one of their own, right?
Carder:
Yes, we even go through a long check of our proxy, our IP addresses, so that there are no clear traces anywhere.
Interviewer:
What means of anonymity do hackers use most often? VPN, what else?
Carder:
VPN, Tor, proxy, virtual machines.
Interviewer:
Did you have a computer on Kali Linux or just regular Windows? Regular Windows. Because I read before that, I thought, wow, Kali Linux, so many tools for hacking. Well, probably, it’s more for some kind of highly specialized people who attack the state, the banking systems. Have you ever attacked banks?
Carder:
Yes, an Israeli bank.
Interviewer:
There was a time. And what, and how?
Carder:
Well, we once got information from a good computer where there was banking data. Well, we went into the bank account, there was about 27-28 thousand dollars.
Interviewer:
We pulled out all the money from there. Okay, so you have a login, a password, you go into the bank account.
Carder:
What's next? First of all, to protect myself, I need to hide my real location. I use a proxy server that is as close as possible to the victim's computer. Of course, I have the same screen resolution. I may even install the same operating system as the victim had. And I go in and import my cookie files that I stole from him. And they let me in even without a login and password. It was as if the autofill worked and I got through right away? Yes, and the problem with Europe and America is that they have to pay for additional protection in the form of SMS.
Interviewer:
Regular SMS notifications.
Carder:
Yes, regular SMS notifications. And what's the advantage of the CIS, is that we have such a system, and it's free, at that.
Interviewer:
Returning to our conversation about the most popular hacking methods. You mentioned textile files, for example, some Word documents.
Cybersecurity Officer:
All in all, here is the most typical one, this is a trick, here is the first, second, of course we are all very careless when it comes to our digital communications in principle, but I am sure that either you or your managers use Wi-Fi one hundred percent not only in your office, which is probably protected, but also in a restaurant, at the airport, somewhere else. Yes, public Wi-Fi, especially, you know, in a situation where you ask the waiter what the password is, he says, without a password, that’s it, you can’t use this Wi-Fi.
The same thing as if you just open your wallet at that very moment, put its contents on the table, turn on your computer with the login turned on, the password entered and go somewhere, from that place altogether.
Interviewer:
Won’t a VPN service protect this?
Cybersecurity Officer:
A VPN service, of course, can protect, but, you know, there’s an interesting story with a VPN service. Well, you may have read the news last week about how a VPN service, firstly, lost a huge database of its clients with logins, passwords, and browsing history. But the thing is that it not only lost this database, but it also declared for many years that it does not collect anything.
And you understand that when it comes to VPN, this is not your likes on Facebook, right? Well, this is a classic joke about a system administrator, yes, he goes If he got to the site, it is not there, I find everything in the cache. You understand, yes, that in fact, speaking about sensitive things in our lives, the statistics of your VPN use, it seems to me, well, just a visit to a proctologist, probably, its results, maybe, can be more sensitive for public disclosure, because you understand why people use VPN, especially in our countries, including.
That's why the second important reason is this thirst for freebies, which leads us to the endless use of everything unlicensed, everything illegitimate, everything free and, accordingly, fraudulent. The third very big reason is the exponentially increased and generally increased by an order of magnitude consumption of multimedia content.
Everyone is working remotely, working there, watching a movie, a series, watching a movie, a series. Previously, we had a little time, now we have all the time in the world, basically. And people began to watch movies and content much more, since you can't in the cinema, Nothing comes out in the cinema, all new examples began to appear in online services, and where do people go? To torrents. The amount of malicious content, programs, files that disguise themselves as new movies has increased dozens of times.
We recently made a report for the first quarter, in Russia, in Kazakhstan, the number of requests for multimedia content increased by 40-50-70%, and attackers began to fake these pages 300-400 times more. There are many technical reasons, it's banal phishing, it's the lack of protective equipment, or some free protective equipment that doesn't work at all and only collects your data, it's a certain
increased interest in multimedia content, where a large number of malware are hidden, and it's such an uncritical approach to using a truly public network. These are probably the main points that lead to the mess that exists around, and one of them definitely led to the loss of your channel.
Carder:
In fact, when I first learned about social engineering, such a boom went through my head. Any system can be hacked, despite its super-cool protection, through a person. Any data that you want to extract, you can easily extract from any person. How do you bypass such complex systems as two-factor authentication in Gmail, or even two-factor authentication on bitcoins? It's simple. You just need to call the operator, introduce yourself, say that you are the owner, that you can forward the call to my computer or phone.
So the device was lost. There is a very large gaming system, called CS GO Empire. They usually spin skins there. Well, and you sell skins in CS, buy them, play roulette there. And we lured YouTubers there, pulled out their logins and passwords, pulled out all the money from their accounts, from Steam. And YouTubers who play CS usually have a lot of money from skins.
We made fake messages, as the CS Going Bar administrators introduced themselves. And in this way they were taken on as sponsors, all their clothes and money were taken from them. The biggest protection is passwords.Google.Com. They just made a separate tab in Google Chrome so that you could see all the passwords that are currently synchronized. For example, if you pulled out some passwords from the victim's computer, yesterday, for example, the victim could burn it today and change it.
But if you have already logged into this Gmail account, your current passwords are always saved.
Interviewer:
Before we recorded this interview, you said that you yourself had recently been hacked, 300 bucks were stolen there. How did this happen? How did you even fall for it?
Carder:
I myself, like an idiot, fell for the stealer, I downloaded a parser from among the groups on Steam to look for rich people, and somehow came across the stealer. I was sitting at the service station with the guys, the car was being fixed, and I received notifications, here is your account trying to log into several accounts. I immediately started running home, deleting all the cookies, changing all the passwords.
Interviewer:
So you were browsing hacker forums, looking for hacker software, and suddenly this hacker software had a virus. Kaspersky Lab investigates cyber attacks. How does this happen and in our case, can it be investigated by you?
Cybersecurity Officer:
Of course, we investigate cyber attacks. In general, this is probably a very interesting thing on the one hand, on the other hand, it is extremely complex and quite labor-intensive, because the investigation, in fact, consists of several blocks. The very first one, well, probably the first one, is what needs to be done in the next 2-4 hours after the incident has occurred, is to make a disk image, yes, that is, roughly speaking, how is it in a classic investigation?
Collect evidence, yes, examine the crime scene, yes, fence everything off, sprinkle powder on fingerprints, yes, there is forensics, well, we have all watched TV series about the police and New York, and not so, and then everything. Collect digital fingerprints. Collecting digital fingerprints, in fact, this is a digital science, digital forensics or digital forensics. It is present, in Kazakhstan we have already trained a number of very talented specialists and the public private sector.
I hope that there will be many more of these people, because this is an incredibly interesting science. And in general, one of our strategic tasks is to improve the quality of human capital in the field of cybersecurity, so that each large organization, so that the state would have many more teams of these digital investigators, this is incredibly interesting. What is their job?
Interviewer:
Okay, so we created a disk image, then we scan this disk image for spyware threats or what?
Cybersecurity Officer:
We make a disk image, yes, accordingly, then you transfer this image to us, and we begin to investigate. Of course, there are many nuances. First, we need to understand, well, really, what happened. What kind of program was launched, or the scope of the programs, how they got there, what traces they left, if any, and, accordingly, what happened in general, what led to this. This is the first such block. The second important point, well, probably, it concerns you less in the sense that you are less interested in this than the state.
This, undoubtedly, is a story related to the attribution of the attack. That is, who is behind this attack, what group it could be, who might be interested in this, this especially concerns, first of all, well, attacks on the state. Because now cyberterrorism, cyberwarfare, it is very strong and for many large groups existing in the world there is already practically documented evidence that they are sponsored, yes, that is, actually, that they are supported by cyber intelligence of other states.
This is really such an important story, so here, of course, in the context of interaction with the state, it is important to understand what attribution can theoretically be to whom this is interesting. The third very important point is, undoubtedly, to understand what needs to be done to prevent this from happening. Because here is an interesting fact, especially if we are talking about attacks on financial organizations, on states, at the moment of detection the attack is not over yet. And you see some initial result, and as a rule the person is like, well, like okay, everything has already been stolen from me, I relaxed.
And such a person calmly waits until they help him or not. We have had a lot of cases when we are called, we come and understand that the criminals are still here. We had a very interesting fight, which lasted for several weeks, like in a game about the mafia, the mafia falls asleep, the city wakes up, that is, we do some block of work, conditionally fall asleep, although we do not fall asleep in reality, and the attackers come at night and start trying to do something further, day-night, day-night, so for several weeks, it is an incredibly interesting fight, it is a cyberpunk detective, in fact, at this moment, by the way, when I say that the fight is not over yet, and the confrontation is not over, a lot of mistakes are made by the employees, because, again, everyone thinks, well, everything has already happened, all the criminals have already left, but no.
And then they, the employees, start discussing the details of the attack via corporate mail, which is infected, via corporate Wi-Fi messengers, to the corporate one, which is also infected. And what are they going to do now? That is, roughly speaking, you call the police, and you have a criminal sitting in the closet. And like, what are they going to do now? Where are they going to go? Well, that is, these are the processes.
Therefore, it is very, very important at this stage of the attack to correctly develop internal communications, we also help with this, this is also a very important part of the investigation. Then there is another very important part of the investigation, which is not entirely technical, but incredibly important in our countries, this is the correct chain of communications outward, because in the case of your channel personally, probably, the public effect, except for the image, is not very big,
but in the case of an attack on a financial organization, in the case of an attack on the state, you understand that there can be a colossal public reaction in the case of, say, a man-made disaster or theft of funds from bank clients. And what about us? Classic reaction number one, which occurs if there is some kind of cyber attack, denial, complete closure, lack of any information, people begin to make up their own minds. Well, you understand. And this is a huge problem, which also needs to be addressed in building public communications during a cyber attack.
This is a very important part for the state and for financial organizers for the market as a whole, we also help to work with this.
Interviewer:
Keep your clients informed, post enough.
Cybersecurity Officer:
The amount of information to keep people calm, but not enough for the attackers to draw any conclusions about what is happening. That is, science, public communication, essentially crisis PR at the time of a cyberattack, this is an endlessly important thing that almost no one deals with in our country.
Carder:
There was a situation once, we got access to a Gmail account, we go to Google Drive, there on the guy's Google Drive there are photos with his mistress. Jem has such, quite intimate in nature. Well, without thinking twice, we went to his Facebook, look, he has a wife. Somewhere around 40-50 years old, somewhere around that time. Fake and I wrote to his wife on Facebook, we said, here we have evidence that your husband is cheating on you.
Are you interested in this? Of course, I was interested in this. And the guy, through social engineering, forced her to pay us one and a half or two thousand dollars for these photos.
Interviewer:
And in the end, you sent these photos to your wife?
Cybersecurity Officer:
Of course. You need to constantly work on increasing your cybergram. That is, we have a special platform for employees. Any citizen of the Republic of Kazakhstan can take a training course. Register, go through it. And there we have this interesting functionality of demo fixing mailings. That is, roughly speaking, you have trained and live your life peacefully, as if everything is normal. Like, a person can distinguish between phishing and normal. Yes, three days later, for example, you receive a phishing letter, a safe phishing letter, and if the employee clicked on this link, he receives a notification like “sorry, go retrain.”
We had a case in one of the banks several years ago, when an employee trained four times in a month and a half and clicked on this link. Well, it means that on the fourth time, ECHARs decided to part ways with him, because this employee, well, in fact, is a full-fledged hole inside Citibank.
Speaker?:
Here.
Cybersecurity Officer:
Therefore, the first thing you do is calm down, and you can’t calm down. That is, you need to insure yourself as much as possible at this moment and do everything possible to clean out this infection. Yes, in general, because otherwise, well, all actions would be meaningless. This is especially offensive when, well, you know, there is such a practice on the roads. Often, for example, you are driving at an increased speed, yes, a policeman stopped you, I fined you. Most people press the pedal with such a moral right.
Well, that’s it, I’ve already paid my fine, I can drive on, now I’m a good guy. And let's say you're stopped by the police again in 5 kilometers. You usually tell him, like, well, listen, I've already suffered, let's somehow let me go. And, for example, he says, well, okay, fine, go ahead. But this doesn't work with cybercriminals. So if you paid him money, which I emphasize again should never be done, you should never negotiate with cyberterrorists. Accordingly, you paid him money, you were, let's say, decrypted, tomorrow it will be even more offensive if it happens again, agree.
And this will definitely happen. So you definitely can't relax.
Interviewer:
Here's another interesting fact in this regard, they didn't call us, they didn't write to us, they didn't demand any money for blocking the channel. There is an autoblogger DC Off, they called him directly on the phone, said so-so, your channel is with us, pay us 50 thousand rubles, and he paid. Naturally, they didn't return his channel. Absolutely. Yes, and I am sure that if I had received a letter or a similar call, I would not have given the money. Because I understand that if I pay money now, they will receive this money, naturally, nothing will happen to me, they will not return the channel to me, and they will receive an incentive to continue to engage in such activities.
And when you do not pay criminals, you simply stop similar cases in other people. Yes, you are absolutely right.
Cybersecurity Officer:
This is the right approach. You should never negotiate with terrorists. But basically, of course, at this point the indromeche begins to cry, like, look, we have important data here, that's all. Yes, guys, but usually, of course, we feel sorry for the users, we provide moral support, but now we are having a slightly tough discussion with you, so I will say, well guys, what did you do before, all these years, when they told you from all the screens, from all the holes, guys, let's be
defend ourselves, come on, look, here's an antivirus, at least a free one, some real version from any, from any manufacturer, as if officially download and try. No, why? I'm fine with me. This is the next classic scenario, this is the next misconception, I'm the right one, I always only go to the right sites, I don't watch porn, for some reason everyone has this problem, I don't go to porn sites, everything will be fine with me. Guys, all the most interesting things are not on porn sites, yes.
Here was an interesting case, this is of course an example of a targeted attack, but here's a very direct, very interesting case, imagine. Here's a small organization, and there, it means, a lawyer works there. Here's a lawyer, just such a correct one, I only go to the right site for work, and they really have three main sites there, a conditional dilett, some other legal system and a legal forum, on which he has existed for a very long time, some questions, they have their own communities, their own atmospheres, as they say, and so on.
Well, that's it, the attackers decided to attack this company, and chose this lawyer as an entry point. For 3 months they watch what he does, they established contact on the forum, answered some of his questions. I don't know, maybe they googled, involved a lawyer, something else. And at some point he asks a really difficult question, they take a break, are silent for a day, someone answers something, and in the end they write a long post-year.
Look, we helped you, we collected such and such, there is such a legal practice, use it, everything is collected in the archive. And, of course, he opens this archive 100%, because in his universe, he is a good guy, there is no situation in his universe now where he is wrong, because he is not on a steam site, he clearly does his job on a resource that is 100% legitimate for him.
And, in fact, as I say, only the dumbest criminals steal ATMs live, in the same way, in fact, only completely unsavvy users encounter a problem on phishing sites, really, basically everything happens on a completely legitimate story that is infected. Just now we did another investigation on online stores in the CIS, in Russia, which are also infected with phishing viruses.
And this is reality, you go to a legitimate store and the store owner simply does not even know that something is happening there. And it is not even always on the title page, just an additional script is placed on some pages, you just go to the wrong place and pay to the wrong place.
Interviewer:
Have you ever carried out any targeted attacks? For example, you know that in such and such a house, in such and such a city, a certain rich guy lives and your goal is to somehow hack him. Has this ever happened?
Carder:
I had friends who did this, they dealt with gold. Most often, the goods were sent in the form of electronics, in the form of some clothes that could be easily sold for gold. Of course, it’s hard to work with this, because it’s both hard to buy and hard to sell for a normal price. Some guys in Germany, in Dusseldorf, were tracking down a rather rich guy. I don’t know why, but he really loved gold.
And he was constantly buying himself, his wife, his children some gold jewelry. And they were constantly hanging around his house, hacked his Wi-Fi, hacked his email, found his IP address and through his IP address ordered a pretty good amount of gold for 30-40 thousand dollars. And, of course, delivery... To another address? No, the delivery came to him. Because when such large sums come in, the system starts to panic a little. Like, why is such a large sum going to another address?
They would order to his address, make a fake ID, a photo of this drop, but this dude's data. And they would pick up the package from there themselves. From his house? Yeah. They would just wait near his house. And when the package arrived, they would pick it up.
Interviewer:
How much did you make per month, approximately?
Carder:
Well, give or take. Well, let's not by months, but rather by weeks. About a thousand dollars. A thousand bucks a week. What did you spend this money on? On a lot of things. Mostly I bought materials for work, somehow put up more protection for myself, and I skipped work more often.
Interviewer:
What's the largest amount you've ever made at once?
Carder:
Eight thousand dollars. What was that? It was booking. We learned how to book hotels and plane tickets for fairly large amounts and once it happened that we pulled out 8,000 bucks on Booking. There are a lot of hotels that work with carders because everyone on Booking is worried about their rating. For example, some hotel in Vietnam uses the services of carders so that they order through Booking. Book rooms, thereby increasing their rating. One time we came across some good materials with And we checked about 20 or 30 people into this hotel.
What is the material? The material is data from the victim's computer.
Interviewer:
So this is a huge database from one computer or from many computers? From many computers. You use this data to book rooms in the hotel, and the hotel is also interested in this. Do they get money or do they not get money?
Carder:
They take a certain percentage.
Interviewer:
Oh, they take a percentage and get a good review for it. Yes. How do you even get to hackers?
Carder:
If you start working with larger sums, of course, they will take an interest in you if you work 200-300 bucks a couple of days. Who needs that? Well, who, for example, some cop from Germany, an investigator, will go and see this dude from Moscow who is pumping out 200-300 bucks. Who needs that? Nobody wants to do that. If they did, of course, it would be problematic, but now it is so easy that even any schoolchild can learn it.
Interviewer:
Since it is so easy, since it is so profitable, why did you quit? Why don’t you do it anymore?
Carder:
I don’t know. I’m kind of tired of it. I understand that I won’t be able to do this my whole life and I can’t really brag about it, because I can’t.
Interviewer:
What do you mean you’re tired? How can you get tired of a lot of money?
Carder:
Well, it’s the same thing if you sell drugs. You’ll stumble into it someday.
Interviewer:
Well, what is it? Conscience? Is it the reluctance to get caught?
Carder:
More like the reluctance to get caught.
Interviewer:
So, there is still this factor, yes, when you get scared that there is about to be a knock at your door, hello, so-and-so, so-and-so.
Carder:
Of course, when we pulled out 8 thousand on Booking, I probably sat for about a month, and from time to time the thought crept into my mind that I would be caught someday. There was one situation when I was working in Italy, then Italy was a new horizon for us, and Italy has such a stupid, of course, protection system, like a taxpayer code.
We found a site where you can simply generate this code, we ordered clothes from there, I remember I ordered two drones and forgot to clean up my tracks, that is, so that the person would not find out that money had been stolen from his card, or that some invoices from stores had arrived, that goods had arrived, we simply blacklisted all of this at the post office, the person simply did not receive any messages. And one day I forgot to clean it up, and literally a day later a guy called me, said that the cops had come to him, they said that you were doing something bad, accepting some parcels, they had probably been tracking him for several days already, well, they got caught because I simply did not delete the message.
And in the end there was this girl, she got a prison term.
Interviewer:
She got a prison term?
Carder:
Yes.
Interviewer:
What do you mean, she got jailed?
Carder:
Yes.
Interviewer:
Did you help her in any way, do anything, or did you just disappear right away?
Carder:
Of course, he leaked. These drops are dying like flies. Every day a new drop. Of course, there was another, more brutal story. It probably left a very strong imprint on my head, because by then I already understood that I was doing something really bad. It had to do with booking. We were booking a lot of rooms in some little-known hotel, and then the guy blew it, and the guy who worked at the hotel, he blew it, that a lot of visitors were coming to him, and the rooms were still empty, because they were just booking rooms, but no one showed up.
He, of course, called the police. And since the owner of the hotel was into all this bullshit, and in Spain, guys with guns were moving around at the time, they, in short, killed this guy.
Interviewer:
The one who ratted us out?
Carder:
Yeah. The employee? The one who just called the cops.
Interviewer:
Holy shit.
Carder:
And who killed him? The hotel owners, who I knew. We even had a Telegram group where we discussed it all, and then I just uploaded a video of this guy being killed. And it was horrible.
Interviewer:
Did that change anything in you?
Carder:
Well, that was when I really went nuts, so to speak. I got scared, because, well, what if I go further, further, further, further, and that’s it, and they’ll catch me, or the cops will catch me, or someone from the cartel will just stab me.
Cybersecurity Officer:
The most convenient way to get a virus on Android, convenient, the most comfortable, you know which one?
Interviewer:
Well, download some game.
Cybersecurity Officer:
Google Play.
Interviewer:
Well, yeah, from Google Play.
Cybersecurity Officer:
Because security control as such, well, it’s not absent, of course, but it’s minimal. That is, it’s impossible to describe how much infection, how many malicious programs are on Google Play. And the funniest thing is that they do all of this quite legitimately. For example, if you start searching in Google for a flashlight, or a calculator, or some other simple functions, you will find an application there, well, probably several hundred. It would seem, why the hell make 100 applications and a calculator there, but people do it, okay, they have the right, that's it.
But if at that moment, when the installation occurs, you do not know what rights the program requests, you will never know that the program requests data to your contacts, to your calls, to cookies, to saved files, to its location, to correspondence, to everything, to everything, to everything.
Interviewer:
In my opinion, starting with Android 10, the permission is displayed right on the screen.
Cybersecurity Officer:
There is a warning, yes, in fact, iOS, of course, does more in this direction, but still, believe me.
Interviewer:
There are probably just people who will allow it, allow it automatically.
Cybersecurity Officer:
Absolutely, just like with the operating system, that is, we have admin rights on Microsoft Windows on 90% of computers, although they are not needed in principle in constant mode, they are not needed at all. But here is another legitimate scenario, that is, there are many more real ways to get infected in a legitimate, understandable environment.
Carder:
The most primitive thing I did was I was engaged in fraud on stashes. What is that? I introduced myself as a drug dealer and sold non-existent addresses to clients.
Interviewer:
Well, yeah, he clearly won't go to the police.
Carder:
At first, I was throwing drugs at us, then we started working on films. We created accounts on Badoo or Tinder, VKontakte, Odnoklassniki. We put some beautiful girls and wrote to all sorts of men in their 40s and 50s. We even had a girl who recorded voice messages to send to them. We invited them to the cinema in this way and told them to book tickets. Tickets cost us 2-3 thousand rubles.
The guys would send the money for a long time.
Interviewer:
Do you see any reaction from the person after that, when he realizes that he was screwed? This is my favorite thing to watch, actually.
Carder:
The reaction of this person, sometimes I feel sorry for such people, I may return their money to them if there is a really heartbreaking story, but most often they just bombard me.
Cybersecurity Officer:
What else exists, let's say, several years ago several groups of scammers posted for a while on all websites related to diseases, to childhood diseases, to some charitable foundations, they created a bunch of announcements on behalf of supposedly charitable foundations, foreign, Russian, that there are some special new programs to help sick children, which means, accordingly, you are qualified to get into these programs, send us your medical history, diagnoses, photos, and we have, well, that is, completely, I have all the information and we will help you.
It is probably not necessary to say that none of the parents received any help for sick children, but what happened next, literally a few months later These same scammers began to post on, again, all social networks, forums, announcements about helping sick children. And if, relatively speaking, the average person cannot make anamnesis of that, some diagnoses, correct medical histories, then here this is not even necessary.
They are alive, they are real people, they just have different details. And so a huge number of scammers took advantage of the real story of sick children to collect money. This is probably one of the most disgusting scenarios that exists in this story, and what should we do? Well, what, not help people? No, that's wrong. People need to be helped. But if you see an ad that touched your soul. It doesn't matter, a sick child, a sick dog, anyone, you want to help, do one simple thing.
Copy the payment details, the phone number from the ad and enter it in the search engine Yandex, Google, Bing, Yahoo, any. If at least once this detail, this phone number appears in another ad, that's it, I give you a 100% guarantee that this is a scammer. A very simple case, but no one does this.
Interviewer:
As practice has shown, two-factor authentication is not a panacea for hacking. Well, in general, as my friends recommended to me online, what can be done to avoid falling for the tricks of scammers via mail. Because we most often communicate with our advertisers via mail, and I was told that you can install a Linux virtual machine, install a small server and place your mail on it. To what extent can these measures really serve as a panacea, and is it possible to hack something like this?
Cybersecurity Officer:
I'll start from the end. Everything can be hacked. Any antivirus company, any security company that tells you We guarantee 100% protection, our products will work 100% of the time, are either fools or liars, but if in the first case it's 50 to 50, then in the second it's 99 to 1 that people are simply misleading you. There is never 100% protection, and there is not a single technological solution that would guarantee 100% protection.
But it seems to me that for your business, after all, a multimedia one, which is maximally tied to you as an individual, the key risk vector is the protection of your digital identity. Therefore, device protection, critical thinking, protection of financial transactions, this is what is needed most. And the whole server story, well, taking into account the mobility of your business and multimedia, it seems to me that it does not suit you very well there. That scenario with the sandbox, conditionally, yes, which your friends described there, it is probably more suitable, well, and for larger ones, or for, say, a more research organization that has its own cybersecurity service and its own cyber investigators.
Moreover, I will tell you that any solution for mail protection, as a rule, if poorly implemented, and I have rarely seen a good one, it leads to the fact that mail will take a very long time to arrive and leave. That is, as if to say, you sent a letter, the person did not receive it, but he needed it 20 seconds ago.
You're like, well, when, when, when, faster, faster, and eventually you'll start turning them off. You, as a modern, multimedia person with a billion things to do, simply won't have the physical time for this story. So this is the solution for you, your solution here, now, on your device and in your head.
Interviewer:
You also mentioned that, firstly, you spent money to buy new client data, and secondly, to upgrade your protection. How does this happen? What do you consider a protection upgrade? Is there an ultimate way to protect your device so that no one can hack you at all?
Carder:
How did I protect myself from being found? There is a lot of different software, there is also the same virtual machine that is used by absolutely everyone. I had a browser that hid all the data about you, helped you set up a proxy in several sessions more easily, that is, you could simultaneously process the data of ten clients. What kind of browser is that? Sphere, yes, it's called Sphere. It costs somewhere around 150-300 dollars a month, I think.
Interviewer:
And what else, antivirus programs, maybe you bought some?
Carder:
No, I don't even have an antivirus on my computer. Still haven't? Still haven't. Why? Well, because the main vulnerability of any system is a person. Maybe there will be some kind of super protection on the computer, you might not get through, but with a person you can do anything. Pull out any passwords, any data you need, even a maiden name, mother's name, so that later you can answer a secret question in the same Jemail.
Interviewer:
But do you still somehow protect your personal data today? Do you store it somewhere, maybe in some secret notebook. Well, it's impossible to remember all the data on your cards, all the data, PIN codes, all the passwords, for example, where do you, for example, store it?
Carder:
Well, I just keep the most essential data on a piece of paper.
Interviewer:
And do you write it down by hand every time?
Carder:
Well, over the years I've just learned to do it automatically. I just keep it all in my head. Even my bank card details, it's all in my head.
Interviewer:
For example, could your antivirus have warned us about an attack or even prevented it?
Cybersecurity Officer:
Well, look, if we talk about protection for small organizations, just like these small, mobile, multimedia ones, then we have a large block of products there, which is called Small Office Security, which is tailored specifically for this story, and your conditionally small server capacities, and your work devices, phishing, everything else, this will, of course, be maximally protected from this. But I emphasize once again, there is no 100% protection, neither our product, nor any other can guarantee you 100% protection, because at the end of the chain you are still standing.
You can have an antivirus and everything else, but if you inserted the flash drive again, pressed cancel, if you, which by the way still happens very often, this may be a question of contacting your manager, if the antivirus tells you, don’t go there, it’s dangerous, he says, no, well this is my favorite site, I go to it every day, get lost, like, yes, but no antivirus will protect you in this story, you understand, that’s it. And so Small Security for work devices, for mobile devices, works great, and of course Secure Connection, yes, Secure Communication Channel, what used to be called VPN in common parlance.
But you also come home, and there are your family members on the same Wi-Fi network, from their infected devices, you kind of dive with them, in fact, I'll give you an example now, you dive without pants into a lake with piranhas, that's about the same story. That is, you kind of walk around in a protective suit and with a machine gun, come home, take off the suit, take off your swimming trunks and jump into a pool with piranhas. That's about the same thing.
That is, if you've protected yourself, and in the same Wi-Fi network, for example, your brother or your mother is sitting there with a smartphone, where she's caught 50 phishing programs every day on this smartphone, it's useless.
Interviewer:
And finally, give some advice to YouTubers on how to avoid being scammed. How can you prevent your YouTube channel from being hijacked?
Carder:
It's enough to just read more. You may receive offers of sponsorship, where they will ask you to download some file, where an agreement is signed about being sponsored. This agreement may be encrypted with a virus, from which all your data can be pulled out. Check all this. Just in case, you can install a regular antivirus.
Interviewer:
Thank you, Evgeny, for coming today with your Mishka. We are not made of nothing either, we also have our own mascot.
Cybersecurity Officer:
Thank you. Take care of yourself and be healthy.
Interviewer:
Oh, and by the way, a question, what can you say about Kaspersky antivirus?
Carder:
My whole family uses Kaspersky, it is actually a very good antivirus, but its protection is more complicated, I often couldn’t even download anything from the Internet, because Kaspersky simply deleted it, but it protects very well.
Hello! Today in our studio we have a former hacker, carder and cybercriminal. And also the regional director of Kaspersky Lab. It was not for nothing that we invited these two personalities, because they both make up two sides of the same coin: cybersecurity and cybercrime. What will they say about how to protect your personal data on the network, what hacking methods exist, how hackers are found and how hackers get into complex banking systems. We touched on this topic for a reason, because Stupidmadworld's channel was recently stolen.
Cybersecurity Officer:
Good afternoon, dear viewers, my name is Evgeny Pitolin, I am the managing director of Kaspersky Lab in Central Asia and the CIS.
Carder:
Hello, I will not say my name, I do not want to say where I live. About three years ago, we learned how to hack Paypal and withdraw money from bank cards in the form of goods.
Interviewer:
So this is stupid carding, you could say? So you hacked other people's accounts, ordered some stuff, where? On eBay, Computer Universe, somewhere else?
Carder:
Yes, Computer Universe was in Germany, eBay was in the UK. In general, we ordered from any stores, from any stores that sold online.
Interviewer:
How does this happen? You certainly don't order to your personal address somewhere? So that's stupid?
Carder:
There are drops for all this. These are specially hired people who don't even know what they're doing. They are simply asked to accept the parcel and send it where it needs to go. They don't ask unnecessary questions, they get the money.
Interviewer:
Well, who are these people? Are they homeless? They could be students, they could be ordinary housekeepers,
Carder:
To whom some company simply tells that they are expanding their range of activities, this is how they transfer goods.
Interviewer:
Well, that is, they think that they work at a normal job, but in fact they are sending it to scammers.
Carder:
Yes.
Interviewer:
Isn't there a risk that they will contact you through the drop?
Carder:
The drop itself doesn't know who you are. It sends it to your address. It's not that it sends you to the address, but that's how it all works. You send it to the drop, the drop sends it all to the buyer. The buyer distributes it all to some stores, sells it somewhere himself. Often on forums you can buy some things, electronics stolen for 70 or 60 percent.
Interviewer:
As you know, our channel was recently hijacked, at the moment, at the time of recording this video, the channel has not yet been restored. Yesterday we received a message that it will take about a few weeks to restore the channel, although before that they said a few days, but that is not the point. We have not yet familiarized ourselves with the results of YouTube's investigation into how we were attacked, how we were hacked, but in my Google account I can already see the information that our manager's computer was hacked.
Most likely, some spyware was installed on his PC, perhaps, although in fact the manager is making excuses in every possible way,
Cybersecurity Officer:
He didn't even touch anything, didn't click anything, everything came by itself.
Interviewer:
Well, actually, yes, I also checked my mail and there are no phishing letters or any links to software. Well, there are bloggers who were also hacked at about the same time as us, and they said that they were directly offered to install some software there, like cloud gaming, install it, people installed it and a few hours later they lost their channels. We didn't have anything like that. From your point of view, how could a hack happen, and secondly, what are the most common methods of hacking?
Cybersecurity Officer:
Well, my green friend Meduri Kuma, who sends his regards to everyone, and I, of course, blame your manager on the one hand, but on the other hand, we can't help but sympathize with him or you, because the situation you described is classic. And in fact, the problems of one specific blogger, I apologize, or some Instagram diva, for example, or just any trendsetter, are very understandable in this regard, but not even that scary.
Imagine that these same cases have actually happened in Kazakhstan over the past few years with some large banks. As a rule, when a manager says that he did nothing, well, this is not always so, I will say honestly, most likely he saw some trusted file there, this is basically what happens there, such a Dvordov document, some other link, that is, this happens constantly and unfortunately the key problem of all this is happening, it is exactly one, the lack of sufficient cyber literacy among users multiplied by some such lack of critical thinking, because it would seem that 2020, people have been deceived billions of times, a huge number of lawsuits, fraudulent schemes have been uncovered, Sergei Mavrodi is no longer with us, but people still believe that the Nigerian uncle
left an inheritance, that it is necessary to transfer money urgently here and now to get these billions, that there are some fantastic schemes, that it is possible to raise money like this in a second, and this is a terrible secret, so of course this person shared it only with him. And the second important point is, of course, our, well, you know, such a constant Russian or CIS vegetable, a classic human delusion sounds like this, this will never happen to me.
This is not my topic, no one needs me, I am small, inconspicuous, these criminals there are somewhere huge stealing billions, and who needs my unfortunate photos, who needs a document on my phone, who needs 5 thousand tenge in my account. The classic Soviet joke about five old ladies already a ruble, this is in fact a clear story of criminals. They do not care at all, big, small, how much you earn, how much money you can raise, how much of what can be taken from you, because you ...
They take quantity. Absolutely. Firstly, they take quantity, secondly, you as a digital personality already have significance. And in fact, here are colleagues from YouTube or Google who will conduct an investigation. You understand that returning your access is 3 minutes, in fact, technically. In fact, what takes time in these investigations, they will actually understand, look, research, and who was this digital personality, who got access, was it you, was it your employee, was it a fraudster, is anything known about this fraudster, and so on.
That is, the problem is deeper, and it is that our digital personality has long been, like this, in a second can cease to be ours. You 100% had defactor authentication enabled, that is, SMS messages came, there is something else. But, perhaps you know, or maybe you don’t, that for a long time now, for example, there have been a bunch of virus programs for Android that can hide SMS messages.
That is, you can basically think that everything is safe with you, nothing is happening, but in fact there is a virus on your phone. And if the account was linked to this manager, then there is a virus on his phone, he just won’t show you the SMS.
Interviewer:
It seems to me that this is already in the realm of fantasy, if you make a specifically targeted attack on a specific person, then yes, all these methods are justified, but as practice shows, this is just some kind of wave. Somewhere they took a login, password, then logged into the account, but bypassed two-factor authentication how? If you, for example, forgot your phone number, if you do not have access to your smartphone, Google allows you to generate one-time keys.
And the scammers logged in using the login, password, generated one-time keys, turned off two-factor authentication and felt at home in our account.
Cybersecurity Officer:
Absolutely right. I will even say more that there are very interesting cases, when, for example, there is antivirus protection on the servers, it seems to control everything, but if the attackers bypass the protection of the server itself, which is embedded by the manufacturer and, in fact, gain access from it, they do the same thing that you just said, only in corporate protection. That is, in fact, the story is that one antivirus, even if you have it, is never enough in principle.
That is, you already need to protect as many factors as possible, and SMS is also not a panacea, because, yes, a one-time rule can go to another infected device, but some of your correct device, which was stolen from you. And regarding the fact that it is a targeted attack, well, yes, every blogger, as far as I remember, has many hundreds of thousands of subscribers, and, in fact, you are an opinion leader, you are a transcender. Everything you write can actually be both good and bad, so you are a worthy target for a targeted attack, you must admit.
As it was with Twitter now, 20-30-50 accounts of big stars were hacked, stars were extracted. Send me one bitcoin, you will get two. In fact, it is very strange, I always say about criminals who in the 20th century still physically steal ATMs, that is, they physically try to steal, that these are the dumbest criminals, the slowest pokes that can be.
So, in fact, the criminals who hacked Twitter, well, that's it, the entire world of cybersecurity professionals is sitting there and thinking, well, what kind of people are these, what in general, that is, having the ability to simply collapse the financial markets, having the ability, well, in essence, to start a third world war from the Twitter of some president of some country, yes, a big one, they stole 100 thousand dollars in bitcoins, well, like, what was that, right?
Interviewer:
Recently, my Google account was hijacked along with my YouTube channel, naturally, I don't know who it was, how they got access to the data. Please tell us, using your own example, how hacks usually happen. For example, you have a goal and a specific person, and you somehow get in touch with him, or you buy a database somewhere. How is this personal data obtained?
Carder:
Well, in fact, there is a whole group of programmers who write viruses, stealers they are called, which pump out all the information from your computer, including browser history, some passwords, some cookies, even make a screenshot of the desktop, and all the text documents that were on the desktop, they also pump them out for you. And with their help you get the data you need to access your account.
Interviewer:
So most often it is a virus after all? Yes. How does a virus get onto the owner's computer? On the owner's device? Is it a computer or a smartphone, what is it most often?
Carder:
Well, mostly computers. There are a lot of ways, and the most common is how to download free cheats for Minecraft.
Interviewer:
So the guy downloads a rar archive with cheats, installs it, and along with that, a virus program gets onto his computer.
Carder:
Yes.
Interviewer:
And if he has an antivirus, will that help?
Carder:
Well, in some cases it helps, but some guys are cooler than any antivirus. And you can even bypass them. Without hackers, there would be no antivirus.
Interviewer:
Just look, PayPal also has some good guys, and the system is well protected, many people set up two-factor authentication, complex passwords, how much does this help people and how much does it put a spoke in the wheel of hackers, what are the difficulties in stealing money?
Carder:
Sometimes even two-factor doesn't help. Two-factor is a kind of protection, really. If you have the IP address of this person, and you have a proxy with this IP address, then the system itself will see as if you are the owner of this account.
Interviewer:
So you emulate the screen resolution, but I know that hackers emulate the screen resolution, location, IP substitution, and so on, and so the system seems to think that everything is okay and lets you through as one of their own, right?
Carder:
Yes, we even go through a long check of our proxy, our IP addresses, so that there are no clear traces anywhere.
Interviewer:
What means of anonymity do hackers use most often? VPN, what else?
Carder:
VPN, Tor, proxy, virtual machines.
Interviewer:
Did you have a computer on Kali Linux or just regular Windows? Regular Windows. Because I read before that, I thought, wow, Kali Linux, so many tools for hacking. Well, probably, it’s more for some kind of highly specialized people who attack the state, the banking systems. Have you ever attacked banks?
Carder:
Yes, an Israeli bank.
Interviewer:
There was a time. And what, and how?
Carder:
Well, we once got information from a good computer where there was banking data. Well, we went into the bank account, there was about 27-28 thousand dollars.
Interviewer:
We pulled out all the money from there. Okay, so you have a login, a password, you go into the bank account.
Carder:
What's next? First of all, to protect myself, I need to hide my real location. I use a proxy server that is as close as possible to the victim's computer. Of course, I have the same screen resolution. I may even install the same operating system as the victim had. And I go in and import my cookie files that I stole from him. And they let me in even without a login and password. It was as if the autofill worked and I got through right away? Yes, and the problem with Europe and America is that they have to pay for additional protection in the form of SMS.
Interviewer:
Regular SMS notifications.
Carder:
Yes, regular SMS notifications. And what's the advantage of the CIS, is that we have such a system, and it's free, at that.
Interviewer:
Returning to our conversation about the most popular hacking methods. You mentioned textile files, for example, some Word documents.
Cybersecurity Officer:
All in all, here is the most typical one, this is a trick, here is the first, second, of course we are all very careless when it comes to our digital communications in principle, but I am sure that either you or your managers use Wi-Fi one hundred percent not only in your office, which is probably protected, but also in a restaurant, at the airport, somewhere else. Yes, public Wi-Fi, especially, you know, in a situation where you ask the waiter what the password is, he says, without a password, that’s it, you can’t use this Wi-Fi.
The same thing as if you just open your wallet at that very moment, put its contents on the table, turn on your computer with the login turned on, the password entered and go somewhere, from that place altogether.
Interviewer:
Won’t a VPN service protect this?
Cybersecurity Officer:
A VPN service, of course, can protect, but, you know, there’s an interesting story with a VPN service. Well, you may have read the news last week about how a VPN service, firstly, lost a huge database of its clients with logins, passwords, and browsing history. But the thing is that it not only lost this database, but it also declared for many years that it does not collect anything.
And you understand that when it comes to VPN, this is not your likes on Facebook, right? Well, this is a classic joke about a system administrator, yes, he goes If he got to the site, it is not there, I find everything in the cache. You understand, yes, that in fact, speaking about sensitive things in our lives, the statistics of your VPN use, it seems to me, well, just a visit to a proctologist, probably, its results, maybe, can be more sensitive for public disclosure, because you understand why people use VPN, especially in our countries, including.
That's why the second important reason is this thirst for freebies, which leads us to the endless use of everything unlicensed, everything illegitimate, everything free and, accordingly, fraudulent. The third very big reason is the exponentially increased and generally increased by an order of magnitude consumption of multimedia content.
Everyone is working remotely, working there, watching a movie, a series, watching a movie, a series. Previously, we had a little time, now we have all the time in the world, basically. And people began to watch movies and content much more, since you can't in the cinema, Nothing comes out in the cinema, all new examples began to appear in online services, and where do people go? To torrents. The amount of malicious content, programs, files that disguise themselves as new movies has increased dozens of times.
We recently made a report for the first quarter, in Russia, in Kazakhstan, the number of requests for multimedia content increased by 40-50-70%, and attackers began to fake these pages 300-400 times more. There are many technical reasons, it's banal phishing, it's the lack of protective equipment, or some free protective equipment that doesn't work at all and only collects your data, it's a certain
increased interest in multimedia content, where a large number of malware are hidden, and it's such an uncritical approach to using a truly public network. These are probably the main points that lead to the mess that exists around, and one of them definitely led to the loss of your channel.
Carder:
In fact, when I first learned about social engineering, such a boom went through my head. Any system can be hacked, despite its super-cool protection, through a person. Any data that you want to extract, you can easily extract from any person. How do you bypass such complex systems as two-factor authentication in Gmail, or even two-factor authentication on bitcoins? It's simple. You just need to call the operator, introduce yourself, say that you are the owner, that you can forward the call to my computer or phone.
So the device was lost. There is a very large gaming system, called CS GO Empire. They usually spin skins there. Well, and you sell skins in CS, buy them, play roulette there. And we lured YouTubers there, pulled out their logins and passwords, pulled out all the money from their accounts, from Steam. And YouTubers who play CS usually have a lot of money from skins.
We made fake messages, as the CS Going Bar administrators introduced themselves. And in this way they were taken on as sponsors, all their clothes and money were taken from them. The biggest protection is passwords.Google.Com. They just made a separate tab in Google Chrome so that you could see all the passwords that are currently synchronized. For example, if you pulled out some passwords from the victim's computer, yesterday, for example, the victim could burn it today and change it.
But if you have already logged into this Gmail account, your current passwords are always saved.
Interviewer:
Before we recorded this interview, you said that you yourself had recently been hacked, 300 bucks were stolen there. How did this happen? How did you even fall for it?
Carder:
I myself, like an idiot, fell for the stealer, I downloaded a parser from among the groups on Steam to look for rich people, and somehow came across the stealer. I was sitting at the service station with the guys, the car was being fixed, and I received notifications, here is your account trying to log into several accounts. I immediately started running home, deleting all the cookies, changing all the passwords.
Interviewer:
So you were browsing hacker forums, looking for hacker software, and suddenly this hacker software had a virus. Kaspersky Lab investigates cyber attacks. How does this happen and in our case, can it be investigated by you?
Cybersecurity Officer:
Of course, we investigate cyber attacks. In general, this is probably a very interesting thing on the one hand, on the other hand, it is extremely complex and quite labor-intensive, because the investigation, in fact, consists of several blocks. The very first one, well, probably the first one, is what needs to be done in the next 2-4 hours after the incident has occurred, is to make a disk image, yes, that is, roughly speaking, how is it in a classic investigation?
Collect evidence, yes, examine the crime scene, yes, fence everything off, sprinkle powder on fingerprints, yes, there is forensics, well, we have all watched TV series about the police and New York, and not so, and then everything. Collect digital fingerprints. Collecting digital fingerprints, in fact, this is a digital science, digital forensics or digital forensics. It is present, in Kazakhstan we have already trained a number of very talented specialists and the public private sector.
I hope that there will be many more of these people, because this is an incredibly interesting science. And in general, one of our strategic tasks is to improve the quality of human capital in the field of cybersecurity, so that each large organization, so that the state would have many more teams of these digital investigators, this is incredibly interesting. What is their job?
Interviewer:
Okay, so we created a disk image, then we scan this disk image for spyware threats or what?
Cybersecurity Officer:
We make a disk image, yes, accordingly, then you transfer this image to us, and we begin to investigate. Of course, there are many nuances. First, we need to understand, well, really, what happened. What kind of program was launched, or the scope of the programs, how they got there, what traces they left, if any, and, accordingly, what happened in general, what led to this. This is the first such block. The second important point, well, probably, it concerns you less in the sense that you are less interested in this than the state.
This, undoubtedly, is a story related to the attribution of the attack. That is, who is behind this attack, what group it could be, who might be interested in this, this especially concerns, first of all, well, attacks on the state. Because now cyberterrorism, cyberwarfare, it is very strong and for many large groups existing in the world there is already practically documented evidence that they are sponsored, yes, that is, actually, that they are supported by cyber intelligence of other states.
This is really such an important story, so here, of course, in the context of interaction with the state, it is important to understand what attribution can theoretically be to whom this is interesting. The third very important point is, undoubtedly, to understand what needs to be done to prevent this from happening. Because here is an interesting fact, especially if we are talking about attacks on financial organizations, on states, at the moment of detection the attack is not over yet. And you see some initial result, and as a rule the person is like, well, like okay, everything has already been stolen from me, I relaxed.
And such a person calmly waits until they help him or not. We have had a lot of cases when we are called, we come and understand that the criminals are still here. We had a very interesting fight, which lasted for several weeks, like in a game about the mafia, the mafia falls asleep, the city wakes up, that is, we do some block of work, conditionally fall asleep, although we do not fall asleep in reality, and the attackers come at night and start trying to do something further, day-night, day-night, so for several weeks, it is an incredibly interesting fight, it is a cyberpunk detective, in fact, at this moment, by the way, when I say that the fight is not over yet, and the confrontation is not over, a lot of mistakes are made by the employees, because, again, everyone thinks, well, everything has already happened, all the criminals have already left, but no.
And then they, the employees, start discussing the details of the attack via corporate mail, which is infected, via corporate Wi-Fi messengers, to the corporate one, which is also infected. And what are they going to do now? That is, roughly speaking, you call the police, and you have a criminal sitting in the closet. And like, what are they going to do now? Where are they going to go? Well, that is, these are the processes.
Therefore, it is very, very important at this stage of the attack to correctly develop internal communications, we also help with this, this is also a very important part of the investigation. Then there is another very important part of the investigation, which is not entirely technical, but incredibly important in our countries, this is the correct chain of communications outward, because in the case of your channel personally, probably, the public effect, except for the image, is not very big,
but in the case of an attack on a financial organization, in the case of an attack on the state, you understand that there can be a colossal public reaction in the case of, say, a man-made disaster or theft of funds from bank clients. And what about us? Classic reaction number one, which occurs if there is some kind of cyber attack, denial, complete closure, lack of any information, people begin to make up their own minds. Well, you understand. And this is a huge problem, which also needs to be addressed in building public communications during a cyber attack.
This is a very important part for the state and for financial organizers for the market as a whole, we also help to work with this.
Interviewer:
Keep your clients informed, post enough.
Cybersecurity Officer:
The amount of information to keep people calm, but not enough for the attackers to draw any conclusions about what is happening. That is, science, public communication, essentially crisis PR at the time of a cyberattack, this is an endlessly important thing that almost no one deals with in our country.
Carder:
There was a situation once, we got access to a Gmail account, we go to Google Drive, there on the guy's Google Drive there are photos with his mistress. Jem has such, quite intimate in nature. Well, without thinking twice, we went to his Facebook, look, he has a wife. Somewhere around 40-50 years old, somewhere around that time. Fake and I wrote to his wife on Facebook, we said, here we have evidence that your husband is cheating on you.
Are you interested in this? Of course, I was interested in this. And the guy, through social engineering, forced her to pay us one and a half or two thousand dollars for these photos.
Interviewer:
And in the end, you sent these photos to your wife?
Cybersecurity Officer:
Of course. You need to constantly work on increasing your cybergram. That is, we have a special platform for employees. Any citizen of the Republic of Kazakhstan can take a training course. Register, go through it. And there we have this interesting functionality of demo fixing mailings. That is, roughly speaking, you have trained and live your life peacefully, as if everything is normal. Like, a person can distinguish between phishing and normal. Yes, three days later, for example, you receive a phishing letter, a safe phishing letter, and if the employee clicked on this link, he receives a notification like “sorry, go retrain.”
We had a case in one of the banks several years ago, when an employee trained four times in a month and a half and clicked on this link. Well, it means that on the fourth time, ECHARs decided to part ways with him, because this employee, well, in fact, is a full-fledged hole inside Citibank.
Speaker?:
Here.
Cybersecurity Officer:
Therefore, the first thing you do is calm down, and you can’t calm down. That is, you need to insure yourself as much as possible at this moment and do everything possible to clean out this infection. Yes, in general, because otherwise, well, all actions would be meaningless. This is especially offensive when, well, you know, there is such a practice on the roads. Often, for example, you are driving at an increased speed, yes, a policeman stopped you, I fined you. Most people press the pedal with such a moral right.
Well, that’s it, I’ve already paid my fine, I can drive on, now I’m a good guy. And let's say you're stopped by the police again in 5 kilometers. You usually tell him, like, well, listen, I've already suffered, let's somehow let me go. And, for example, he says, well, okay, fine, go ahead. But this doesn't work with cybercriminals. So if you paid him money, which I emphasize again should never be done, you should never negotiate with cyberterrorists. Accordingly, you paid him money, you were, let's say, decrypted, tomorrow it will be even more offensive if it happens again, agree.
And this will definitely happen. So you definitely can't relax.
Interviewer:
Here's another interesting fact in this regard, they didn't call us, they didn't write to us, they didn't demand any money for blocking the channel. There is an autoblogger DC Off, they called him directly on the phone, said so-so, your channel is with us, pay us 50 thousand rubles, and he paid. Naturally, they didn't return his channel. Absolutely. Yes, and I am sure that if I had received a letter or a similar call, I would not have given the money. Because I understand that if I pay money now, they will receive this money, naturally, nothing will happen to me, they will not return the channel to me, and they will receive an incentive to continue to engage in such activities.
And when you do not pay criminals, you simply stop similar cases in other people. Yes, you are absolutely right.
Cybersecurity Officer:
This is the right approach. You should never negotiate with terrorists. But basically, of course, at this point the indromeche begins to cry, like, look, we have important data here, that's all. Yes, guys, but usually, of course, we feel sorry for the users, we provide moral support, but now we are having a slightly tough discussion with you, so I will say, well guys, what did you do before, all these years, when they told you from all the screens, from all the holes, guys, let's be
defend ourselves, come on, look, here's an antivirus, at least a free one, some real version from any, from any manufacturer, as if officially download and try. No, why? I'm fine with me. This is the next classic scenario, this is the next misconception, I'm the right one, I always only go to the right sites, I don't watch porn, for some reason everyone has this problem, I don't go to porn sites, everything will be fine with me. Guys, all the most interesting things are not on porn sites, yes.
Here was an interesting case, this is of course an example of a targeted attack, but here's a very direct, very interesting case, imagine. Here's a small organization, and there, it means, a lawyer works there. Here's a lawyer, just such a correct one, I only go to the right site for work, and they really have three main sites there, a conditional dilett, some other legal system and a legal forum, on which he has existed for a very long time, some questions, they have their own communities, their own atmospheres, as they say, and so on.
Well, that's it, the attackers decided to attack this company, and chose this lawyer as an entry point. For 3 months they watch what he does, they established contact on the forum, answered some of his questions. I don't know, maybe they googled, involved a lawyer, something else. And at some point he asks a really difficult question, they take a break, are silent for a day, someone answers something, and in the end they write a long post-year.
Look, we helped you, we collected such and such, there is such a legal practice, use it, everything is collected in the archive. And, of course, he opens this archive 100%, because in his universe, he is a good guy, there is no situation in his universe now where he is wrong, because he is not on a steam site, he clearly does his job on a resource that is 100% legitimate for him.
And, in fact, as I say, only the dumbest criminals steal ATMs live, in the same way, in fact, only completely unsavvy users encounter a problem on phishing sites, really, basically everything happens on a completely legitimate story that is infected. Just now we did another investigation on online stores in the CIS, in Russia, which are also infected with phishing viruses.
And this is reality, you go to a legitimate store and the store owner simply does not even know that something is happening there. And it is not even always on the title page, just an additional script is placed on some pages, you just go to the wrong place and pay to the wrong place.
Interviewer:
Have you ever carried out any targeted attacks? For example, you know that in such and such a house, in such and such a city, a certain rich guy lives and your goal is to somehow hack him. Has this ever happened?
Carder:
I had friends who did this, they dealt with gold. Most often, the goods were sent in the form of electronics, in the form of some clothes that could be easily sold for gold. Of course, it’s hard to work with this, because it’s both hard to buy and hard to sell for a normal price. Some guys in Germany, in Dusseldorf, were tracking down a rather rich guy. I don’t know why, but he really loved gold.
And he was constantly buying himself, his wife, his children some gold jewelry. And they were constantly hanging around his house, hacked his Wi-Fi, hacked his email, found his IP address and through his IP address ordered a pretty good amount of gold for 30-40 thousand dollars. And, of course, delivery... To another address? No, the delivery came to him. Because when such large sums come in, the system starts to panic a little. Like, why is such a large sum going to another address?
They would order to his address, make a fake ID, a photo of this drop, but this dude's data. And they would pick up the package from there themselves. From his house? Yeah. They would just wait near his house. And when the package arrived, they would pick it up.
Interviewer:
How much did you make per month, approximately?
Carder:
Well, give or take. Well, let's not by months, but rather by weeks. About a thousand dollars. A thousand bucks a week. What did you spend this money on? On a lot of things. Mostly I bought materials for work, somehow put up more protection for myself, and I skipped work more often.
Interviewer:
What's the largest amount you've ever made at once?
Carder:
Eight thousand dollars. What was that? It was booking. We learned how to book hotels and plane tickets for fairly large amounts and once it happened that we pulled out 8,000 bucks on Booking. There are a lot of hotels that work with carders because everyone on Booking is worried about their rating. For example, some hotel in Vietnam uses the services of carders so that they order through Booking. Book rooms, thereby increasing their rating. One time we came across some good materials with And we checked about 20 or 30 people into this hotel.
What is the material? The material is data from the victim's computer.
Interviewer:
So this is a huge database from one computer or from many computers? From many computers. You use this data to book rooms in the hotel, and the hotel is also interested in this. Do they get money or do they not get money?
Carder:
They take a certain percentage.
Interviewer:
Oh, they take a percentage and get a good review for it. Yes. How do you even get to hackers?
Carder:
If you start working with larger sums, of course, they will take an interest in you if you work 200-300 bucks a couple of days. Who needs that? Well, who, for example, some cop from Germany, an investigator, will go and see this dude from Moscow who is pumping out 200-300 bucks. Who needs that? Nobody wants to do that. If they did, of course, it would be problematic, but now it is so easy that even any schoolchild can learn it.
Interviewer:
Since it is so easy, since it is so profitable, why did you quit? Why don’t you do it anymore?
Carder:
I don’t know. I’m kind of tired of it. I understand that I won’t be able to do this my whole life and I can’t really brag about it, because I can’t.
Interviewer:
What do you mean you’re tired? How can you get tired of a lot of money?
Carder:
Well, it’s the same thing if you sell drugs. You’ll stumble into it someday.
Interviewer:
Well, what is it? Conscience? Is it the reluctance to get caught?
Carder:
More like the reluctance to get caught.
Interviewer:
So, there is still this factor, yes, when you get scared that there is about to be a knock at your door, hello, so-and-so, so-and-so.
Carder:
Of course, when we pulled out 8 thousand on Booking, I probably sat for about a month, and from time to time the thought crept into my mind that I would be caught someday. There was one situation when I was working in Italy, then Italy was a new horizon for us, and Italy has such a stupid, of course, protection system, like a taxpayer code.
We found a site where you can simply generate this code, we ordered clothes from there, I remember I ordered two drones and forgot to clean up my tracks, that is, so that the person would not find out that money had been stolen from his card, or that some invoices from stores had arrived, that goods had arrived, we simply blacklisted all of this at the post office, the person simply did not receive any messages. And one day I forgot to clean it up, and literally a day later a guy called me, said that the cops had come to him, they said that you were doing something bad, accepting some parcels, they had probably been tracking him for several days already, well, they got caught because I simply did not delete the message.
And in the end there was this girl, she got a prison term.
Interviewer:
She got a prison term?
Carder:
Yes.
Interviewer:
What do you mean, she got jailed?
Carder:
Yes.
Interviewer:
Did you help her in any way, do anything, or did you just disappear right away?
Carder:
Of course, he leaked. These drops are dying like flies. Every day a new drop. Of course, there was another, more brutal story. It probably left a very strong imprint on my head, because by then I already understood that I was doing something really bad. It had to do with booking. We were booking a lot of rooms in some little-known hotel, and then the guy blew it, and the guy who worked at the hotel, he blew it, that a lot of visitors were coming to him, and the rooms were still empty, because they were just booking rooms, but no one showed up.
He, of course, called the police. And since the owner of the hotel was into all this bullshit, and in Spain, guys with guns were moving around at the time, they, in short, killed this guy.
Interviewer:
The one who ratted us out?
Carder:
Yeah. The employee? The one who just called the cops.
Interviewer:
Holy shit.
Carder:
And who killed him? The hotel owners, who I knew. We even had a Telegram group where we discussed it all, and then I just uploaded a video of this guy being killed. And it was horrible.
Interviewer:
Did that change anything in you?
Carder:
Well, that was when I really went nuts, so to speak. I got scared, because, well, what if I go further, further, further, further, and that’s it, and they’ll catch me, or the cops will catch me, or someone from the cartel will just stab me.
Cybersecurity Officer:
The most convenient way to get a virus on Android, convenient, the most comfortable, you know which one?
Interviewer:
Well, download some game.
Cybersecurity Officer:
Google Play.
Interviewer:
Well, yeah, from Google Play.
Cybersecurity Officer:
Because security control as such, well, it’s not absent, of course, but it’s minimal. That is, it’s impossible to describe how much infection, how many malicious programs are on Google Play. And the funniest thing is that they do all of this quite legitimately. For example, if you start searching in Google for a flashlight, or a calculator, or some other simple functions, you will find an application there, well, probably several hundred. It would seem, why the hell make 100 applications and a calculator there, but people do it, okay, they have the right, that's it.
But if at that moment, when the installation occurs, you do not know what rights the program requests, you will never know that the program requests data to your contacts, to your calls, to cookies, to saved files, to its location, to correspondence, to everything, to everything, to everything.
Interviewer:
In my opinion, starting with Android 10, the permission is displayed right on the screen.
Cybersecurity Officer:
There is a warning, yes, in fact, iOS, of course, does more in this direction, but still, believe me.
Interviewer:
There are probably just people who will allow it, allow it automatically.
Cybersecurity Officer:
Absolutely, just like with the operating system, that is, we have admin rights on Microsoft Windows on 90% of computers, although they are not needed in principle in constant mode, they are not needed at all. But here is another legitimate scenario, that is, there are many more real ways to get infected in a legitimate, understandable environment.
Carder:
The most primitive thing I did was I was engaged in fraud on stashes. What is that? I introduced myself as a drug dealer and sold non-existent addresses to clients.
Interviewer:
Well, yeah, he clearly won't go to the police.
Carder:
At first, I was throwing drugs at us, then we started working on films. We created accounts on Badoo or Tinder, VKontakte, Odnoklassniki. We put some beautiful girls and wrote to all sorts of men in their 40s and 50s. We even had a girl who recorded voice messages to send to them. We invited them to the cinema in this way and told them to book tickets. Tickets cost us 2-3 thousand rubles.
The guys would send the money for a long time.
Interviewer:
Do you see any reaction from the person after that, when he realizes that he was screwed? This is my favorite thing to watch, actually.
Carder:
The reaction of this person, sometimes I feel sorry for such people, I may return their money to them if there is a really heartbreaking story, but most often they just bombard me.
Cybersecurity Officer:
What else exists, let's say, several years ago several groups of scammers posted for a while on all websites related to diseases, to childhood diseases, to some charitable foundations, they created a bunch of announcements on behalf of supposedly charitable foundations, foreign, Russian, that there are some special new programs to help sick children, which means, accordingly, you are qualified to get into these programs, send us your medical history, diagnoses, photos, and we have, well, that is, completely, I have all the information and we will help you.
It is probably not necessary to say that none of the parents received any help for sick children, but what happened next, literally a few months later These same scammers began to post on, again, all social networks, forums, announcements about helping sick children. And if, relatively speaking, the average person cannot make anamnesis of that, some diagnoses, correct medical histories, then here this is not even necessary.
They are alive, they are real people, they just have different details. And so a huge number of scammers took advantage of the real story of sick children to collect money. This is probably one of the most disgusting scenarios that exists in this story, and what should we do? Well, what, not help people? No, that's wrong. People need to be helped. But if you see an ad that touched your soul. It doesn't matter, a sick child, a sick dog, anyone, you want to help, do one simple thing.
Copy the payment details, the phone number from the ad and enter it in the search engine Yandex, Google, Bing, Yahoo, any. If at least once this detail, this phone number appears in another ad, that's it, I give you a 100% guarantee that this is a scammer. A very simple case, but no one does this.
Interviewer:
As practice has shown, two-factor authentication is not a panacea for hacking. Well, in general, as my friends recommended to me online, what can be done to avoid falling for the tricks of scammers via mail. Because we most often communicate with our advertisers via mail, and I was told that you can install a Linux virtual machine, install a small server and place your mail on it. To what extent can these measures really serve as a panacea, and is it possible to hack something like this?
Cybersecurity Officer:
I'll start from the end. Everything can be hacked. Any antivirus company, any security company that tells you We guarantee 100% protection, our products will work 100% of the time, are either fools or liars, but if in the first case it's 50 to 50, then in the second it's 99 to 1 that people are simply misleading you. There is never 100% protection, and there is not a single technological solution that would guarantee 100% protection.
But it seems to me that for your business, after all, a multimedia one, which is maximally tied to you as an individual, the key risk vector is the protection of your digital identity. Therefore, device protection, critical thinking, protection of financial transactions, this is what is needed most. And the whole server story, well, taking into account the mobility of your business and multimedia, it seems to me that it does not suit you very well there. That scenario with the sandbox, conditionally, yes, which your friends described there, it is probably more suitable, well, and for larger ones, or for, say, a more research organization that has its own cybersecurity service and its own cyber investigators.
Moreover, I will tell you that any solution for mail protection, as a rule, if poorly implemented, and I have rarely seen a good one, it leads to the fact that mail will take a very long time to arrive and leave. That is, as if to say, you sent a letter, the person did not receive it, but he needed it 20 seconds ago.
You're like, well, when, when, when, faster, faster, and eventually you'll start turning them off. You, as a modern, multimedia person with a billion things to do, simply won't have the physical time for this story. So this is the solution for you, your solution here, now, on your device and in your head.
Interviewer:
You also mentioned that, firstly, you spent money to buy new client data, and secondly, to upgrade your protection. How does this happen? What do you consider a protection upgrade? Is there an ultimate way to protect your device so that no one can hack you at all?
Carder:
How did I protect myself from being found? There is a lot of different software, there is also the same virtual machine that is used by absolutely everyone. I had a browser that hid all the data about you, helped you set up a proxy in several sessions more easily, that is, you could simultaneously process the data of ten clients. What kind of browser is that? Sphere, yes, it's called Sphere. It costs somewhere around 150-300 dollars a month, I think.
Interviewer:
And what else, antivirus programs, maybe you bought some?
Carder:
No, I don't even have an antivirus on my computer. Still haven't? Still haven't. Why? Well, because the main vulnerability of any system is a person. Maybe there will be some kind of super protection on the computer, you might not get through, but with a person you can do anything. Pull out any passwords, any data you need, even a maiden name, mother's name, so that later you can answer a secret question in the same Jemail.
Interviewer:
But do you still somehow protect your personal data today? Do you store it somewhere, maybe in some secret notebook. Well, it's impossible to remember all the data on your cards, all the data, PIN codes, all the passwords, for example, where do you, for example, store it?
Carder:
Well, I just keep the most essential data on a piece of paper.
Interviewer:
And do you write it down by hand every time?
Carder:
Well, over the years I've just learned to do it automatically. I just keep it all in my head. Even my bank card details, it's all in my head.
Interviewer:
For example, could your antivirus have warned us about an attack or even prevented it?
Cybersecurity Officer:
Well, look, if we talk about protection for small organizations, just like these small, mobile, multimedia ones, then we have a large block of products there, which is called Small Office Security, which is tailored specifically for this story, and your conditionally small server capacities, and your work devices, phishing, everything else, this will, of course, be maximally protected from this. But I emphasize once again, there is no 100% protection, neither our product, nor any other can guarantee you 100% protection, because at the end of the chain you are still standing.
You can have an antivirus and everything else, but if you inserted the flash drive again, pressed cancel, if you, which by the way still happens very often, this may be a question of contacting your manager, if the antivirus tells you, don’t go there, it’s dangerous, he says, no, well this is my favorite site, I go to it every day, get lost, like, yes, but no antivirus will protect you in this story, you understand, that’s it. And so Small Security for work devices, for mobile devices, works great, and of course Secure Connection, yes, Secure Communication Channel, what used to be called VPN in common parlance.
But you also come home, and there are your family members on the same Wi-Fi network, from their infected devices, you kind of dive with them, in fact, I'll give you an example now, you dive without pants into a lake with piranhas, that's about the same story. That is, you kind of walk around in a protective suit and with a machine gun, come home, take off the suit, take off your swimming trunks and jump into a pool with piranhas. That's about the same thing.
That is, if you've protected yourself, and in the same Wi-Fi network, for example, your brother or your mother is sitting there with a smartphone, where she's caught 50 phishing programs every day on this smartphone, it's useless.
Interviewer:
And finally, give some advice to YouTubers on how to avoid being scammed. How can you prevent your YouTube channel from being hijacked?
Carder:
It's enough to just read more. You may receive offers of sponsorship, where they will ask you to download some file, where an agreement is signed about being sponsored. This agreement may be encrypted with a virus, from which all your data can be pulled out. Check all this. Just in case, you can install a regular antivirus.
Interviewer:
Thank you, Evgeny, for coming today with your Mishka. We are not made of nothing either, we also have our own mascot.
Cybersecurity Officer:
Thank you. Take care of yourself and be healthy.
Interviewer:
Oh, and by the way, a question, what can you say about Kaspersky antivirus?
Carder:
My whole family uses Kaspersky, it is actually a very good antivirus, but its protection is more complicated, I often couldn’t even download anything from the Internet, because Kaspersky simply deleted it, but it protects very well.
