The first carder after God

[Jollier]

The Next Big Hacker. Max Butler - The Lord of Carding.

The time of the feds is over. The time of the carder has come. Now I will buy another hat at your expense. And yet it should be noted that the face of the Lord of Carding did exist, and it looks like he got hold of your card, but it is empty. It looks like fucking hobbit Frodo Baggins took the ring to Mordor and your empire went to hell. But you know, in reality, this is a typical old-school hacker face.

This is what you look like when you are outside the social mainstream. Alright, guys, Max Butler is in the building, let's go!

The year is 1971, Phoenix, Arizona. One fine day, Vietnam veteran Robert Butler and Natalie Skorubski decide to have some mischief. As a result, on July 10, 1972, the one whose name honest taxpayers are afraid to pronounce in vain was born. The child was named Max, and as soon as the little one took his first steps, the Butler family emigrated to Meridian, Idaho.

Max inherited his passion for computer hardware and technology from his father. Robert Butler was a fan of computer technology, and his house was literally bursting with an abundance of computer machines, to which the little ruler had free access. Max liked to click on the keys of a mechanical keyboard, in those days there was no membrane gayness and each computer had its own unique keystroke.

This is where real magic lies. You just press a key, but you feel like a part of something bigger. You can laugh at me, but every time I write a new story on my mechanics, I imagine myself as some third-rate writer from the past. It's a shame the carriage lever isn't used for line breaks anymore, but if my keyboard had one, I swear to God I'd jerk it off tirelessly.

By the way, that arrow on the key that you call Enter today first appeared on an electric typewriter from IBM called the IBM Electric Typewriter, and it did exactly the same thing it does today. Max Butler started programming in BASIC at the age of 8. And basically, I can end my story here, because it's clear who this guy will become. His parents drag him to the market to buy him some new junk. The guy goes into a tent and stands on the only safety island. It's a cut-off piece of cardboard, and stepping off it means stepping into the mud. And so he stands on that piece of cardboard and balances on it like a surfer on a board. He feels hurt and dreams of getting the hell out of there in his new crappy sneakers so he can drop by his rich kid friend's place and play Ulfenstein 3D with him. A fucking million years later, this guy creates a YouTube channel and gives it probably the most fucked up name in history: "The Last Stronghold of Safety."

But seriously, I always try to compare the main character with myself. This allows me to find an answer to a question that has been bothering me all my life. Why are some people given the ability to turn water into wine, while others can turn air into carbon dioxide and food into shit? Imagine a simple kid in a Punks Not Dead robe who goes surfing several times a year, but there is no sea anywhere near his city.

If you told me then that a bunch of gigs would listen to me and eagerly await my next episode, I would have laughed out loud. I don't know if I had a chance to become the best at anything, because those who don't understand life say that there is always a chance. The question is, did I deserve this chance? Fate is unpredictable, guys, but having a garage will not make you Steve Jobs, just as knowing programming languages will not elevate you to the level of Butler.

You can become good at something, you can become a professional in your field and even get on People Pro. But if Max Butler is in the building, then Pavlovich holds his beer, and Cybergrandfather recalculates his pension on the card. And the pension is big, because the palace in Gelendzhik is not Putin's.

At the age of 14, Max's parents divorced. His father moved to Boyce, and Max, his mother and younger sister Lisa remained in Meridian. Max was very upset by his parents' divorce and his psyche suffered from it. Sometimes he was too crazy, and at times he looked very depressed. He blew off his studies, demonstratively reading printouts of the FRAG magazine in class, which began to appear on the BBC in late 1985.

Initially, the magazine was dedicated to breaking into telephone systems and hacking. In fact, the merger of the two words "hack" and "freak" served as its name. It was FRAG that became Max's guide into the world of hacking. He admired the exploits of the magazine's editors-in-chief, delved into telephone fraud schemes, studied modem data exchange protocols in networks such as TL-net and Timenet.

And this reminded me of Steve Woznick, who read about the telephone wizard Captain Crunch in Esquire and was inspired to become like him. For Woznick, it all ended with the creation of a blue box, but Max knew no bounds. Did he know that he was doing something illegal? Of course he did. His favorite magazine covered the war between hackers and the feds.

So in 1989, Robert Morris decided to find out how many computers were connected to ARPANET. But due to an error in the code, his program took down the entire network. Morris got off with a scare then, but that same year Kevin Mitnick was arrested for another hack and sentenced to one year in prison. Max needed to start somewhere, and he got into phreaking, repeating the schemes from Frak magazine.

And what else was there to do to entertain yourself? Time passed slowly back then, you could spend half a day calling the right BBS. But still, as they say, the sun shone brighter in the second Warcraft. Advanced schoolchildren used their knowledge of phreaking, often for other purposes, and the asses of their classmates who did not find popularity, or, in common parlance, suckers, suffered from it.

Armed with blue boxes, they made international calls at the expense of the sucker they needed, whose parents were very surprised by the phone bill at the end of the month. And try to prove to your ancestors that you did not call Mexico or have phone sex. These were cruel pranks in the days of impunity, when getting a year for a cybercrime was considered something unimaginable.

Max Butler was always a cut above his peers. He used phreaking to find phone numbers for modems belonging to companies that he could later use for his own purposes. And although his goals and ambitions were great, his skills were still not enough to remain unnoticed. So one day, the Federal came to school and accused Max of illegal manipulation, presenting evidence of his guilt.

But since Max was still a minor, he managed to avoid serious problems. Earlier, I said that Max was always a head taller than his peers. This definition does not have a figurative meaning when talking about him. Broad-shouldered, with a mohawk on his head, a two-meter guy looked more like a punk than a computer geek. But the image of a reckless thug was given away by the nerds hanging out with him, who in turn respected and feared their friend at the same time.

Most likely, this was the only school in the world where gopniks avoided nerds, because they knew that otherwise they would be picked out by the butler and told about the zero-day vulnerability. One day, while walking with his friend John, Max noticed a strange key on his keychain. It was a duplicate of the key that John and his friends had previously copied from the key they had stolen in the school's chemistry lab.

Then the friends found out that this key could open almost all the doors of the school, and they decided to keep it a secret from Max so that he wouldn't do anything stupid. But John knew that if he lied now and Max found out the truth later, then you would be guaranteed denial of service to your organs, since few people managed to survive a DDoS slap from Max.

Not wanting to die young, John told Max the secret of the key and then heard a brilliant plan from the future ruler of Carding. The plan was as follows: they were supposed to destroy the school and steal reagents from the chemistry lab. And then I thought again, maybe I had a chance after all? No, what nonsense. The plan was executed 100%, the teenagers scratched the walls, sprayed fire extinguishers in the corridors and stole the chemicals that Max put in the back seat of his Nissan.

The next day, a police officer came to the school, and everyone who had two legs was questioned. Everyone knew whose handiwork this was, but they kept quiet. The children were guided by God's main commandment, "Do not hand over your neighbor to the trash." But Judas was found after all. It turned out to be John himself.

During interrogation, he told everything. The cop checked Max's car and found yellow iodine stains on the seat. Max said it was his sperm, but the cop didn't believe him, he knew perfectly well what it looked like, wiping it off his boss's desk every day. Max was charged with property damage and planned theft. He was sent to a clinic for two weeks, where he was diagnosed with bipolar disorder. The final sentence was probation.

Max's mother was extremely upset with her son's behavior, and the recent school pogrom was the last straw for her. Max was sent to Boise to be with his father, where he had to attend the only Catholic high school in the state, Bishop Kelly. The father was happy about his son's move, he refused to believe his diagnosis and forbade him from taking the prescribed medications, fearing that Max would become addicted to them.

Robert temporarily got his son a job at his Hi-Tech Systems store, where Max worked tirelessly. He assembled computers and delivered them to customers. Max dreamed of entering the Carnegie Mellan Institute or the Massachusetts Institute of Technology, and his father fully supported his decision. It seemed that he had pulled himself together and learned to control himself, but there was something that could shake his mental balance.

You know, every superhero has a vulnerability. Superman has Kryptonite, Spider-Man and Teal Chloride, Cybergrandfather has Navalny. And Max's weakness was an obsession with those who pee only while sitting. He met his first Kryptonite at a Boise dance club. She was a gorgeous blonde with blue eyes, graduated in 1972.

I don’t know what it was about a six-foot-tall disco dancer that captivated her, but the girl happily accepted the offer. The beauty’s name was Amy, and she was the kind of girl you wouldn’t want to share with anyone. Valuing every minute spent with her, Max didn’t notice how he fell head over heels in love. They spent days together, playing PlayStation, rocking their father’s bed, and swearing eternal love to each other.

Amy was going to enroll at Boise State University, and Max followed her, abandoning his dream of going to the MFA. He easily passed the exams and entered the computer science department, while simultaneously enrolling in courses in calculus, chemistry, and data structuring. Like all students, he was given an account on the institute’s local network, and he was one of the first to want to hack it.

Max was interested in access to teachers' accounts. Together with a new friend, they hung out in the server room, hooked up to the terminal, the unfortunate students wrote and responded to letters on behalf of teachers, quickly changing accounts of teachers' e-mails. Another entertainment for Max was the popular at that time multiplayer game Tiny Mat, written by a student of Carnegie Mallan University James Aspnes.

In fact, Tiny Mat is a cut-down version of the game Monster, which was written in Pascal by Richard Skrenta for VAX computers in 1988. If you remember, Skrenta is the same joker who created one of the first computer viruses, the L-cloner. Introducing TinyMat, you can compare it to Ultima Online, but with one exception, TinyMat did not have a graphical interface and in fact, except for the text on the screen, you could not see anything else.

Movement around the locations and any interaction with the world was carried out by means of text commands, and the main feature of the game was a chat, thanks to which the game gained wild popularity among students. Using the pseudonym Lord Max, Butler plunged headlong into the fairy-tale world of Tiny Math. Looking at the screen, he imagined himself as a powerful wizard, capable of defeating any evil.

But he sorely missed his beloved, even in this imaginary world. Max managed to persuade Emmy to join the game, where she became known under the nickname Cymoril. He was wildly happy that Emmy shared his passions, but one day the Fuck-wizard saw that Cymoril was flirting with other players, who in turn also imagined themselves as knights, kings, dragon tamers and other crap. Max began to throw tantrums, he forbade her to communicate with anyone except him, both in the game and in real life. Max continued to call Emmy from time to time. He whined into the phone, asking her to come back, but each time, receiving a negative answer, he exploded and switched to direct threats and insults. On October 30, 1990, Max called Emmy and told her that he wanted to see her in person to end the relationship on a friendly note. She thought he had finally realized everything, but in reality it was just another attempt to get her back.

He equated her communication with other men with cheating and asked Emmy not to play Tiny Math anymore. In general, the ice was broken, not wanting to listen to this nonsense any longer, Cymorill, being in the same location with the great wizard A.K. Lord Max, wrote that she no longer wanted to continue a relationship with him and was arguing over some game.

Max's reaction was immediate and very painful. "We swore to spend our lives together, and now we both have to die," he wrote in the chat, later adding a detailed description of how exactly he would kill her. All this Santa Barbara happened in front of other players. Seeing a direct threat, some of them called the police to warn about a possible murder. When Amy entered the threshold of the house, Max said that she should not be afraid of him, and he persuaded her to go to his bedroom. The bed was unmade and they sat on the floor to talk about their feelings. Amy told him about a guy she had met in secret. His name was Chet and he lived in North Carolina. Their relationship had gone beyond the game, they were exchanging photos via email and talking on the phone. Max was trying to control his feelings, barely holding back tears. He said he felt betrayed. Max asked for Chad's phone number. He took out his phone and dialed his enemy. Hearing Chad's voice, Amy snatched the phone from Max and confessed her love to him. "I'll kill you!" Max screamed. He threw Amy to the floor and grabbed her throat with his hands. "Fine! Then go ahead and kill me! What are you waiting for?" she said. A moment later, he picked her up and dragged her out the door. "Leave now," he said. "Leave, I don't want to kill you, but I might change my mind." Amy quickly got into her car and sped away. On the way home, she was replaying what had happened in her head. Lost in thought, she failed to see the car in front of her and crashed into it at full speed. Both cars were smashed to pieces, but fortunately no one was seriously injured. When Amy's parents found out about the situation at Max's house, they began to worry about her life. A week after the incident, Amy went to the police and Max was arrested. Max argued with his friends that Amy was exaggerating. According to her version, Max kept her in his room by force for an hour, and his hands were regularly on her throat, which almost choked her. Max insisted the opposite, he only stroked Emmy's throat with his fingers for a minute, but he did not have the strength to hold her, and she could easily leave at any time. She also claimed that after the incident, Max continued to call her with threats, but Max denied this too. He said he had never had any contact with her after he kicked her out of the house that fateful day. Unlike Max, who was genuinely concerned about what happened, Amy was using him to avoid getting into trouble for her accident.

The district attorney offered Max a condition - to serve 45 days in a correctional facility or be released on bail. He also should not come closer than 50 feet to Amy. But his sentence was suspended for a month, and one day, while walking down the street near the institute, he met Amy and Chad walking hand in hand. "Hi," Max said, "you have no right to come near me." Max was not supposed to come closer to Amy, and therefore the condition was violated. The prosecutor put Max behind bars, accusing him of assault and recognizing his hands as a deadly weapon. The prosecution offered Max another condition. He would serve only 9 months in prison if he admitted to strangling Amy. But Max refused, and after a three-day trial, the jury found him guilty. On May 13, 1991, Judge Deborah Bale sentenced Butler to five years in prison. In '93, in his second year in prison, the Idaho Supreme Court amended the law to say that hands and other body parts are not deadly weapons. Max was delighted to appeal and hoped for a quick release. But imagine his despair when the court denied his request a week later? Technically, he was innocent, but thanks to his stupid lawyer who didn't raise the issue in time, Max was forced to rot within four walls. All you have in prison is time, and it moves extremely slowly there. I can compare it to the murder of Commissioner Cottani. His death is the end result, his release, but it kills him for so long that you involuntarily start thinking, bitch, when are you finally going to die? And while you sit and wait for Cottani to die, you have to find something to do to keep yourself from breaking down, believe me, this is extremely important. One writes a word processor, the second a book that sells well, and Max publishes a cyberpunk magazine called Maximum Vision on a typewriter. Butler was released in April 1995, he was full of optimism, they moved to the suburbs of Seattle with his father, and despite his criminal record and lack of a diploma, Max got a job at a no-name company CompuServe. Max spent all his time in local ghettos, repairing residents' antediluvian computers and connecting the Internet. At that time, about 19 thousand sites were already registered on the Internet. The very first of them, info.Cern.Ch, appeared in April 1991. This site described what the World Wide Web was, how to install a web server, how to get a browser, and so on. The author of this simple site was Tim Berners Lee. He is the creator of the World Wide Web, the URL identifier, the HTTP protocol, and the HTML language. Max Butler was a hard worker, he never stayed in one place for long. So one evening he stumbled upon an RC chat where all sorts of speculators hung out, who earned a reputation by pirating music, paid software and games.

Amy was in a bad mood, “have you forgotten what we had,” he snapped. Chad wanted to interject, but his balls were too small. Max was very furious, he turned around and ran to his car, parked on the next street. The roar of the engine was heard. Having caught up with the loving couple, Max rushed past Emmy and Chad at high speed, miraculously not hitting them.

Seeing his brothers in mind, Max joined the crowd under the nickname Ghost23. To gain credibility with his new online friends, Butler found an unsecured FTP server at an ISP in Little Tony, Colorado, and copied software such as NetX Ray, LabLink, and Symantec PC Anywhere. Ghost 23 distributed links to the stolen software to loud applause from chat members.

But, to Max's great regret, the Colorado provider did not kick. The admins noticed a decrease in bandwidth and suspicious downloads to the servers of CompuServe. Bellevue, where Max was just starting his career. The next day, his career at CompuServe was interrupted and Butler left the company's office in three slippers. Two were on his feet, and one was in his ass. But do you think that stopped the little train?

Of course not. Each time, failing, to the delight of the gods, he tried to start everything from scratch. The heavenly creators were glued to the screen, greedily devoured popcorn and, bursting with laughter, said, "Come on, Max, try again, and we'll laugh." And Max tried again. One day, Max came to his father and said, "Dad, I'm no longer welcome in this city, I'm leaving for San Francisco.

"Go, my son, this is your life, and I respect whatever you decide," said his father. "Yeah, maybe it was a little bit different, but this is my story, so fuck off." Max Butler truly believed that in order to start over, he needed to be reborn with a new name. In prison, he was known as Max Vision, short for the magazine Max published while incarcerated.

Before leaving for San Francisco, Butler changed his documents and became Max Ray Vision, but as the old saying goes, you can take the Max Vision out of Butler, but you can never take the Butler out of Max Vision. No need for applause, I spent all the power of my two higher educations to paraphrase a famous aphorism. Sure, I'm still a long way from my teacher, but you know, he's the guy who blurted out some bullshit about his book, and everyone believed in some sacred meaning hidden behind a set of letters.

And now we wander through its issues, hoping to see an ad for a book that doesn't need advertising and is selling great. I call it the Pavlovich effect. The Pavlovich effect is a form of verbal explanation in which the thought goes beyond the boundaries of reason, breaking the pattern, forcing the brain to temporarily stop in order to comprehend what was said.

In the right hands, the Pavlovich effect is a binary weapon. But you can't just wave it around; you have to use it wisely. For example, you can point at Vilsac and say his ass doesn't need advertising because it's already selling great. Or you can pull up to a prostitute on the highway, slowly open the window, and sagely declare, "Your body doesn't need advertising because it's already selling great."

In both cases, you'd be right. In fact, I spent a month thinking about this kind of crap. I'm not afraid of looking stupid, guys, but I am afraid of being stuck in the image of a boring storyteller. And I think I was finally able to break that pattern, just like Butler did.

"Hey, Max, you fucked up again," they would say to him. "Thanks for noticing. Now I'm going to change my pants, change my last name and move on," Max would reply. "Thanks for noticing.

 

[Jollier]

Max Butler - The First Hacker After God. Attack on the Pentagon.

You've probably heard at least once in your life about hackers attacking the Pentagon. It sounds funny and has nothing to do with reality, until Max Butler enters the game. I call him "The First Hacker After God", which means that no one will be able to jump over this bar, because he is the true personification of hacking. Now my goal is to go through Kingpin closely to prove the above. A deep bow to everyone who watches this, hugs.

This guy was one of those who simply loves hacking. He penetrated systems - left a backdoor. But only for himself, so that he could return to take what was his and leave. But they said enough of the trash and put him away.

I'm finally back, guys, and I'll try again to make these stories one of the meanings of my life, until I kick the bucket and knock on the gates of heaven. It would be a shame if no one opened the door for me there, so if anything happens, bury me with a book that sells well. I will appear before God with it, let him laugh. Maybe then the Lord will give me a discount as the best bookseller.

Oh yeah, I completely forgot, do you remember, in the first part I wondered if I had a chance to become the best at something. It turns out there was a chance, and I took advantage of it. I am the best at selling books. Don't believe me? Ask a Belarusian writer. I worked for him for a long time, promoting the main flagship of his company. I liked the job, he paid me well, sometimes I had free time, and I tried to get through to the cyber-grandfather.

It's like I'm telling him, cyber-grandfather, I am your cyber-grandson, but he doesn't believe me.

Listen to your heart, and you will understand that this is true. You can destroy the Emperor. He foresaw this. This is your destiny. Be with me, and we will rule the galaxy. Come with me. This is the only way.

In general, the old man was disappointed in me, and I admit I was disappointed in myself, I thought I would live forever, but recently doctors disproved my theory. Oh well, screw my health, the main thing is to have time to work for the Americans like Navalny. I quit Pavlovich, wrote to Kevin Paulson, and told him, hey, American cybergrandfather, there is a job for me. "What can you do?" Kevin asked, and I answered - sell books.

The First Hacker After God, Part 2, Attack on Bind In the first part, we stopped at the fact that our hero changed his last name from Battler to Vision and moved to San Francisco. There, five school friends from Meridian were waiting for him, who, like Max, were eager to grab their piece of the pie in Silicon Valley. The Meridian geeks rented a luxurious mansion, which they expanded between themselves to Hungry Manor.

This was their reference to their startup, Hungry Programmers. The guys were into programming, they had a website Hungry.Com, touching it today, I experienced a storm of emotions. It is very touching to watch how the brainchild of talented guys will go bankrupt over the years, leaving behind only memories. Look at the profiles of these guys, this is old school, these guys and girls stood at the junction of the winds of programming and cybersecurity, when the word hacker was not yet disgraced by scriptkid.

One of the profiles belonged to Max, the photo is of course missing, because a real hacker has photos either from the police station or from prison. Going to Max's profile, I came across his quotes, it is very interesting to read it 23 years later. December 7, 1998. He who controls the present, controls the past.

November 21, 1998. Cross-browser compatibility. Ah, IE users can see what we are talking about. Yes, old man, we can see. September 21st '98 Well, I didn't do much here, but Kimmy and I got to play a little with Kimmy No. The kimmi.Net domain was chosen in honor of the new girl, Kimmy Winters. We'll get to that a little later, but for now let's rewind.

Max Vision goes to San Francisco. There, five friends are waiting for him at Hungry Manor. He becomes the sixth member of the Meridian party. In a posh mansion, his friends give Max a room and help him get a job at a gaming startup company, Impass Interactive, as a system administrator. Max was very happy with his job, especially his responsibilities in tech support, he liked helping people.

But one morning, the past came knocking at the door. A courier was standing at the door to hand him a $300,000 lawsuit filed by the Software Publishers Association. The organization decided to punish Max for stealing software from an ISP's FTP server in Little Tony and use Max's possible legal losses as a warning to all pirates.

This action is a lesson for those users who allow themselves to steal software with impunity without fear of publicity or punishment, they said. And Maxi Butlery wrote an article in Wired magazine and was also mentioned at a congressional meeting on piracy. Nevertheless, he got away with it, and the new MaxVision remained untouched. Only his closest friends knew about the real connection between these two names. Agent Chris told Max that a new, more dangerous movement of cybercriminals had appeared, real criminals, and not these amateur pirates. These were various Internet thieves, terrorists and even pedophiles. Max agreed to cooperate with the feds, he wanted to do good deeds, and being a hacker in law is a very exciting occupation.

When the media attention died down, the software development organization agreed to forget about the incident for just $3,500 and help troubleshooting their networks. But there was a downside to the coin, and Maxi was now known to the FBI. A few days later, the feds called Max to their station. “We are not your enemy,” said Chris Beeson, a young cybercrime agent.

At the time, he thought so. His job was to help agents find underground cybercriminals. Max's first written report included a basic course in writing viruses, piracy, and hacking computer systems. In his next report, Max compromised a file-sharing service and the pirate music band Rabbit New Roses, which had leaked Metallica's second album Ride the Lightning before its release last October.

These were Max's first successes in his new business, and when he managed to get his hands on a pirated version of the Autokat program used by SWAT, the FBI even awarded him a $200 bonus. Cooperation with Fuzz Chris eventually developed into friendship, and it was this friendship that would give Max the most important lesson in his life.

Never, under any circumstances, do business with cops or consider them friends; decent cops are only in the movies. Max Vision considered himself a White Hat. He wanted to be a white hat hacker on the side of the law, but he had a very hard time fighting Max Butler's black hat. "Brothers, remember the true wisdom that I have come to over the years.

This is not some nonsense about Pavlovich's book. This is the truth, which sounds like this. God leaves a vulnerability in every system to test the white hacker for strength, whether it will report the vulnerability found or start using it for its own purposes. It's just a question of morality. And Max had, to put it mildly, not very good morals, and his best friend Tim Spencer knew this firsthand.

Tim was a kind of fire hydrant who could put Max out with a few words. Even Butler could not go against him, and Vision certainly would not dare to object, that's why he is the best friend. One day, a phone call rang in Spencer's office. Tim picked up the phone and heard the stunned voice of the system administrator, who reported penetration into Hungry.com. Who would have doubted it? Max, you should ask permission to do things like this. Tim tried to lecture him about life for the hundredth time. Imagine doing it in front of everyone. It's a good way to make sure you're doing the right thing. If I or your father were standing next to you, you'd feel the same way when you did it. Think about what we'd tell you. Max listened to the moralizing and decided to find himself a permanent lady of the heart, thinking that it would be better for me to have a girl screwing with my brains than Tim Spencer. And soon he met 20-year-old Kimmy Winters at a party that took place in an abandoned warehouse. Kimmy studied at college, and in her free time she worked as a barista. She was a little shorter than Max, and in her black oversized hoodie, at first glance you would hardly understand whether she was a guy or a girl.

He didn't need to open a detective agency named after Alan Pinkerton to understand whose handiwork it was. Tim transferred the admin to the second line and contacted Butler. "Max, can you at least leave our site alone?" Tim's voice didn't betray his true anger. Max apologized, he didn't want to quarrel. When Tim returned to the second line, he heard the happy voice of the SIS admin, who reported that the attack had stopped.

But on closer inspection, Max found her face very sweet, inherited from her Korean mother. He invited her to a party at Hungry Manor that same week. The parties at Hungry Manor were famous throughout the area. Programmers, sysadmins, and web designers from all over the city flocked there to hang out with the Meridian geeks. By the time Kimmy arrived, the house was already crawling with dozens of members of the Silicon Valley keyboard battalions.

Max blushed when he saw her at the door. They said hello, and he gave her a detailed tour of their house, ending in his bedroom. Kimmy returned to Hungry Manor the next night, Max invited her to dinner. She was delighted with him and saw him as her future husband. Two weeks after the party at the villa, Max was at work at the MPatch office when the phone rang.

The courier told Max to go outside to pick up a package. It was a decorative box with a gift inside and a bunch of balloons that reminded Max that it was his birthday. Max was so touched that he almost cried. Max was a big sincere child who seemed to not want to grow up. No one had ever done such things for him and he loved Kimmy like hacking.

And hacking was the meaning of life for Max, that is what makes him the first hacker after God. This is not some kind of play on beautiful words, I am telling you about hackers as superheroes, and I would like you to think the same way as I do. To be a hacker means to be caught by the feds one day, there is no other way here, so the path itself is important to us, not its final outcome.

And the outcome for a hacker is always the same - prison. In September, the owner of the villa came to visit the Hungry Manor estate. He was very surprised at what the Meridian programmers turned his house into. The weekly parties had taken their toll. So all six friends were sent packing, taking the legend of Hungry Manor with them once and for all.

Hungry programmers scattered across the Bay Area, and Max and Kimmy rented a cramped studio next to the 101 freeway. Max continued to work with the feds in addition to his official job, sharing his skills in ARC chats among white hats, until one day he was approached by Matt Herrigan, a former hacker who had started a worthy consulting business in San Francisco, and he was interested in Max joining him.

Matt Herrigan was the founder of Microcosm Computer Resources, a company offering pentesting services to wealthy corporations. The idea was not new, since there were already penetration testing mastodons on the market, but, as in the case of Pavlovich's book, everything was decided by the advertising slogan. Advertising his business, Herrigan openly stated that his employees, former hackers with experience in real hacking, this is what bribed clients.

The offer was a gift of fate for Max, because Max could do his favorite things, hack all sorts of nonsense and write reports on how exactly he penetrated this system, and how to protect this system from people like him. Max found his niche, he made between $100 and $150 an hour.

Never tired, he would spend hours hammering away at a client’s network, changing the attack vector until he finally managed to hack it. Watching Max smash his way through MSR, Kimmy left the cafe for a better-paying job – a school for kids with autism. Things picked up, and the couple left their squalor and rented a two-room apartment in San Jose. And in March, they got married in a small college chapel in Lakewood, Washington, Kimmy’s hometown.

The hungry programmers had come to Washington to see their big baby get married. Max was wearing a black tuxedo and smiling from ear to ear, and Aikimi was positively glowing in her snow-white wedding dress and veil. Surrounded by family and close friends, they looked like the perfect couple starting their life together.

Back home in San Francisco, a tantalizing line of code was burning on Max’s monitor. It was one of 9,000 lines of code in the source code for Berkeley Internet Name Domain, or BIND for short. BIND is an age-old foundation of Internet infrastructure, as important as, say, a modem or fiber optic cable.

Developed in the early 1980s under the auspices of the Defense Advanced Research Projects Agency, BIND ran the scalable Domain Name System (DNS), a sort of telephone directory that translated familiar URLs like Google.Com into the numeric addresses that power the web. Without Bynt or its analogues, we would watch YouTube on 173, 194, 222, 198 instead of youtube.com and visit 74, 125, 67, 100 in order to google the information we are interested in.

Bind was one of those innovations that made the explosive growth of the Internet possible. It replaced the crude mechanism that was holding back its popularization. But not everything was so good, because as it was later discovered, Bind had a major security hole. Its code was a relic of the times, the times when the network was closed and there were fewer threats. And hackers did not stand still, they learned new hacking methods and were now armed with an incredible number of exploits.

To restore the balance of power, experts from the Internet software Konsorshum took on the heavy burden of keeping the Bind code, and decided to rewrite it anew in order to protect the software at least from script kiddies. After all, at that time, the most modern and sophisticated networks in the world with new sparkling servers and workstations worked on buggy glitchy software of the last generation.

In 1998, those same code keepers discovered the last hole in Bind. This was the same line of code from Max's monitor. It took a request from the Internet and, as expected, copied it byte by byte into a temporary buffer called Unbuff in the server's memory. But there was one problem. It didn't check the size of the input data. Therefore, a hacker could send an overly long request to the Bind server, overflow the buffer, and force the code to load directly into the computer's memory.

Even if done by accident, such an attack would result in a crash. But a clever hacker can perform a much more sophisticated attack. By loading the buffer with his own piece of code, he can carefully and slowly get to the very top of the program's memory, where there is a special short-term storage area called the stack. The stack is where the processor saves all of its actions. Every time a program switches the computer to a subroutine, the processor places the current memory address on the stack.

This way it knows where to return to when the program terminates. Once a hacker has access to the stack, he can overwrite the last return address with his malicious code. When the computer finishes executing the subroutine, it returns not to where it was, but to the malware. And because Bind runs as administrator, the hacker's program now has administrator rights, too. Which means the computer is now in the attacker's possession.

Two weeks later, after Max and Kimmy got married, the government-funded Carnegie Mallan University Computer Emergency Response Team, or CERT, issued an alert about the vulnerability in BIND, citing a simple fix. Two extra lines of code that filtered out queries that were too long. But CERT's fix also included two other vulnerabilities that were a consequence of the fix, reflecting an underestimation of the vulnerability's importance.

So, not everyone realized the seriousness of the situation. Max read the CERT advisory with a look of amazement on his face. Bind came pre-installed on Linux and ran on servers in corporate, non-profit, educational, military, and ISP networks. It was everywhere with this flawed line of code.

The only thing holding back network attacks was that no one had written an exploit for this hole. But it was only a matter of time, and Max knew it. It didn’t take long before the first victim of the Bind vulnerability appeared. On March 18, 1998, root.Shell.Com, a computer security news site run by student enthusiasts, was hacked.

Max called cop Chris and explained the seriousness of the situation. “Anyone who hasn’t patched Bind can now be hacked by any script kid who can download the exploit and write a few commands,” Max said. Just a month earlier, a less serious bug in Sun's Solaris operating system had led to computers at a dozen U.S. military bases being hacked. The hack was called the most self-organized, planned attack on U.S. defense systems to date by the deputy secretary of defense.

The attacks sent a false alarm about a cyberwar. The Pentagon called the intrusion Solar Sunrise and blamed it on Saddam Hussein. But investigators soon traced the attacks to a young Israeli hacker named Yahud Teneboim, who went by the pseudonym Ena Layzer, who he said was just having fun.

In 2001, Ena Layzer was tried and sentenced to 18 months. The FBI even released an 18-minute training film about the Solar Sunrise operation. Anyone could buy it for $12.28. The next day, Max called Beeson again and told him that the hacker group ADM had released a ready-to-use version of BindExploit, which scanned the Internet for unpatched servers, traded on them, installed itself, and used the infected computer for further scans and hacks.

Someone could definitely take over the entire Internet now, and it better be me, Max thought to himself and hung up. That evening, Max was already telling his plan to Kimmy, she saw the fire in his eyes, knowing full well that she would not be able to stop him.

Max wanted to be the author of his own attack on Bind. He had to plug all the security holes, get rid of competition in the form of other hackers, and hack only those facilities that most needed to be updated security systems of the US military and government. "Please don't get caught," Kimmy said. The well-being of his family was at stake, and Max sacrificed it without a second thought with the click of a keyboard.

He was obsessed with hacking, especially since he sincerely believed that he was doing it for the good. Max sat at the computer all night, raping the keyboard with his code, he fell asleep for a while in the morning. The malware was written and was biding its time. It all started with the program throwing a virtual hook through a hole in the bind, executing a command that made the machine access the Internet and import 230 bytes of script.

In turn, this script connected to already infected hosts, from where a large malicious package called Rootkit was downloaded. The modified login program works the same as the original, but now it includes a backdoor through which the attacker can log into the machine again. The PASSWD program still allows users to change passwords, but now it also records and stores these passwords where they can be retrieved later.

The new sheet displays the directory contents as normal, except for hiding the files that are part of the rootkit. Once the rootkit was installed, Max's code could do what the government couldn't. It could update Bind on the hacked computer and close the security hole through which he had entered. The computer would now be secure, but Max could still log back in if he wanted to.

Max was fixing the problem and exploiting it. He was both Black Hat and White Hat at the same time. The attack itself would take literally minutes. One moment the computer was controlled by the system administrators, the next the hook was thrown, the script was downloaded, the rootkit was installed, and now the computer belonged to Max. Max opened his eyes, his daytime nap interrupted by the annoying Chris.

He was blabbering about a report on the Bind hole that Max was supposed to prepare for him. Little did the cop Chris know that in a little while, if he wanted, Max would be able to put the damn report right on his home computer. Left alone with his computer, at some point Max decided to start his attack. First, he hacked a few computers at a college to use as a springboard.

On May 21, he logged into the Internet through a stolen Vario ISP account and launched the code. It didn't take long to see the results. Max's code reported success to his computer via Verio Dialup, so he could watch the attack spread. The hacked machines reported to him via an exterm pop-up window on his computer. Brooks Air Force Base, Maghord, Tinker, Affud, Scott, Maxwell, Kirtland, Keesler, Robins were now Max's property.

His code had penetrated Air Force servers, Army computers, the machine in the office of the presidential secretary. Every computer now had a backdoor that Max could use at any time. Max marked his conquests like checkpoints in a computer game. When his cat swept through the Navy's network, he found so many unpatched computers that the moderate stream of pop-ups turned into a tsunami.

Max's computer crashed over and over again as he tried to deal with it. It took him a while to fix the problem, and then Max was stuck in front of his computer for five days. He didn't answer his phone and ignored emails from cop Chris. Where's the report? Call me back right now. But Max didn't care. Max was consumed with his growing power over cyberspace.

At one point, he called Kimmy over and told her that he had managed to penetrate the ID Software server in Misquita, Texas. At that time, ID Software was preparing the third part of the legendary shooter Quake for release, and Max managed to download its source code from the developers' computers under the disgruntled voice of his wife. In return, Max touched all the holes in the boys' system and wished them success. Soon Max learned that in addition to Kimmy, his boss from MCR, another person found out about his tricks.

This was a computer science researcher Vern Paxson from the Lawrence Berkeley National Laboratory, California. Vern noticed the scanning that Max was doing with his own software called BRO "Big Brother". BRO was an experimental anti-hacking system with a single function.

It worked silently on the network, sifting through traffic in search of suspicious activity and, if any was detected, notifying the administrators that something was wrong. Paxson wrote a full report on the attack to SERD, but Max intercepted it and was amazed. The researcher not only discovered the attack, but compiled a list of servers attacked through the Lawrence University network, which Max was using as a second staging area.

Max sent Paxson an anonymous message through the lab's root account. Vern, I apologize for the inconvenience, but I am single-handedly fixing a huge security hole in many of your systems. I admit there are new holes, but they are all password protected and would never harm anyone's computer. If I didn't do this, someone else would and could do some mischief.

Like schoolchildren leaving wares, disabling rcbs and quietly deleting files via bin and ram when they are in a bad mood. Pathetic. You may not appreciate what I did, but it is for the greater good. I dropped all the hosts from the list you compiled. I did not touch them, because I know you passed the list to SERD. SERD should hire people with my skill level.

Of course, with decent pay I would never leave rootkits and such. Max stopped the attack immediately after sending a letter to Vern Paxson. This was the end of a five-day cyber war, from which Max returned with a trophy in the form of a thousand hacked government He was proud of himself, because he managed to single-handedly fix the hole in Bind on each of them. After the attack, Max decided to take on a new, more useful project for society. He wanted to create a web application that would scan a user's computer in real time for vulnerabilities to Bind attacks.

It was a good version of his program, which had just yesterday hacked thousands of computers. The application would still scan government and military networks for vulnerabilities, but now, instead of hacking them, it would send a warning email to the system administrator.

Now Max didn’t have to hide behind a hacked Verio account. Both services would live on his new public website, whitehats.Com. For two days and two nights, Max did nothing but work on his new legitimate project. Beeson continued to spam Max’s email with questions about the long-awaited reports. “I’m almost done creating a vulnerability scanner and a site to host it on.

But there are still a couple of little things that prevent me from releasing the program to the world,” he wrote in response. “Oh, another ADM worm has appeared on the Internet,” he added. “But I don’t think it will be able to spread much.” The next month after the attack was difficult for Max. He launched WhiteHats.Com, the site took off and gained unprecedented popularity in the world of cybersecurity. In addition to his vulnerability scanner, Max collected all the latest SERT recommendations and links to Bind patches on the site, and also wrote an article about the ADM worm, in which he described its work in great detail.

No one in the community even suspected that all this was the work of Max Vision. He personally demonstrated the most striking example of a serious security hole, which in turn could not help but please novice hackers and future cybersecurity specialists. In addition to his personal project, Max continued to work for the FBI, regularly sending them reports.

By the way, after the last report, Beeson wrote to Max from his personal email, he wanted to meet, supposedly to discuss Max's latest findings. "How do you feel about me coming to your house? " "We need to talk," Beeson wrote. "I think I have an address, I remember where you wrote it down." "Come on over, you cop," Max thought to himself and clarified his address. A few days later, returning from work, Max opened the door to his apartment to find four federal agents sitting in his living room.

Max recognized two of them right away. They were Chris the cop and Pete Trahan, the head of the computer crime unit, a nasty guy who knew his stuff. Looking at him, Max realized that the legals knew everything, which meant he was in trouble. Chris explained the real purpose of the visit, he knew all about Max's attacks on the Pentagon.

Behind him stood Eric Smith, a young investigator who worked for the US Air Force in the Washington office. He was the one who tracked the intrusion into Bayant. All the tracks led to Max's apartment in San Jose, the agent was holding a search warrant. Max began to apologize, he tried to explain that he just wanted to help, wanted the best. After a while, the temperature dropped, and the feds had heart-to-heart talks with Max to find out everything he knew.

Max, pleased with the agents' good mood, revealed more and more details about his hack and listened with interest as Smith explained how he had tracked it down. It was all about the pop-up notifications that Max used to stay updated on the progress of the attack. The messages were sent to Dial-Up Vario, and upon official request, as an Air Force investigator, the provider gave Smith Max's phone number.

The feds wanted to know if anyone else knew what Max was doing. He said that his boss from MCR was also involved. He said that Matt Herrigan, aka Digital Jesus, had not yet completely given up hacking and therefore agreed to keep Max company. He also said that his company was about to sign a contract with the National Security Agency. On the agents' orders, Max was forced to write a confession.

At some point, the feds began confiscating all the computer equipment in Max's house. Kimmy came home from work to see this sight. The federal moles dug up the entire house and left, leaving the newlyweds alone. Asshole, Kimmy said, I asked you not to get caught. The path of the first hacker after God is winding and thorny, and we must go through it from beginning to end. I promise, it will be a fascinating journey.

But for now I will finish in the best traditions of 90s TV series, partly. Hugged.

 

[Jollier]

The First Hacker After God. Max Butler.

It is noteworthy that Salgado did find a potential buyer in the #carding chat . He turned out to be a student studying to be a programmer at San Diego State University. He himself was engaged in counterfeiting credit cards, obtaining numbers from account statements stolen from the mail. The student had contacts who, according to him, could buy the entire database of stolen cards. The amount was listed as a six-digit number. The deal went to hell when Salgado decided to check the honesty of his buyer. He hacked the student's Internet provider and dug through his files. Having learned this, the guy began secretly working with the FBI.

People tend to die before death. Childhood dreams are shattered by unforeseen difficulties, plans made in youth are slowed down by unexpected obstacles, until a person runs out of desires, imagination and simply vitality. Rarely does anyone manage to preserve them in the face of ordinary life's difficulties. Very few people manage to change truly difficult circumstances. And only a few can do the incredible: win themselves back from a hostile world, not bury themselves when others have already buried them, preserve the ability to hear, see, dream - and live.

If Jordan Belford asked me to sell him a pen, I would say, fuck Jordan, I sell books. Any fool can sell a pen, but selling books is an art. It is impossible to learn, and it is unlikely that anyone would even think of doing something like this, but fortunately, there is me. I can sell absolutely any book. Be it a book about the first carder who could, or about the first hacker after God, for atheists about the first hacker, it simply does not matter.

Only the degree of sincerity is important, and I never stop repeating this. Without sincerity, any business is doomed to failure. Without sincerity, the immersion effect that I am so proud of is impossible. I even learned to sing, and all for the sake of being able to immerse you in my story. The stronghold has become a place of fun and a place of sadness at the same time.

A deep bow to everyone who buys my style. A huge thank you to YouTube, which takes down my videos, and to all the haters who insult me in the comments. My dear haters, I'm really trying to shed a tear, but the eternal smile on my face suppresses it at the moment of its birth. Thank you for your attention, but it's time for me to begin as befits a storyteller from God. The First Hacker After God, Part Three.

I drank a lot today, but I don't care. I'm tired of stories and tired of songs. But I need to start again.
Hack your world hack Like Butler hack And don't run away from the feds Hack your world hack Like Butler hack and don't run away from the feds.

On March 13, 1989, a talented programmer Tim Berners-Lee put this document on the desk of his boss Michael Sandahl. In it, Tim described a certain information management system. In fact, thanks to this piece of paper, you are watching this video today. – it is like a wandering atom in an infinite universe called the Internet. But the Internet as Tim imagined it did not last long.

Large corporations and government agencies at some point defiled it with their presence. And now they monopolize almost everything that happens on the Internet. What we buy, the news we read, and who we like. They can control, manipulate and spy on us in ways that were hard to imagine just recently. That is why it is extremely important today to have a good VPN at hand, because it is the only way to freedom and security on the Internet.

I will say right away that using free VPN services is dangerous, because they sell user data, show ads, and work very slowly and unstable. Therefore, you need to look towards premium VPN services such as Surfshark. Surfshark is a next-generation VPN service. By purchasing just one subscription, you can install and use Surfshark on an unlimited number of devices simultaneously.

The application is available for any platform. Surfshark has more than 3,000 servers in 65 countries, which means that you will always find a server where you need it. The application will block annoying ads and malicious sites, and modern VPN protocols and IS-256 encryption will ensure the highest security of your data.
With Surfshark, you can visit your favorite sites, bypassing censorship and geoblocking, use Netflix libraries for 15 major countries. You will get access to any closed streaming services, wherever you are, and, most importantly, your speed will not decrease. Now about the goodies, guys! With the promo code BATTLER you will get an 83% discount and 3 months of free use.

Follow the link in the description and grab this freebie. The feds left, leaving the first hacker since God alone with his wife. You know, that awkward moment when your woman was right all along, but you didn't listen to her, and now that she knows she was right, she's going to rape you mentally. Max was trapped, but the feds kindly gave him a second chance.

If he was going to get leniency, he should have continued working for the agency, but now he couldn't get away with just reports. In an effort to fix the situation, save his family and career, Max didn't even want to sign a written contract. He believed everything they said, Max thought that if he helped them, they would help him.

Two weeks later, Max got his first assignment. A gang of phone phreakers had hijacked the Tricom phone system and were using it as a personal communications network. It was an international gang of phone phreakers, numbering about 35 people, mostly from Britain and Ireland. They called themselves DarkSide, as their catchy motto goes, and they wanted to unite phreakers and hackers from all over the world into one big digital army.

But in reality, they were just kids, script kiddies, playing with phones. Max found their IRC chat, gained their trust, and sent the logs of their conversations to the feds. A week later, the feds, pleased with Max's work, called him back. A new job had appeared, this time in Las Vegas. According to the briefing, Max had to appear at DEFCON, the world's largest hacker conference, held annually in Las Vegas.

Trehan and Beeson wanted him to fit in and learn the real names of the hackers the feds wanted and trick them into sharing PGP encryption keys, which were commonly used by people concerned about their security. They used these keys to sign and encrypt their emails. Devcon was created in 1992 by Jeff Moss as a farewell party for his friend and fellow hacker.

The party was planned in Las Vegas a few days before his friend was due to leave the US because his friend's father had accepted a job offer in another country. However, his friend's father left early and took his son with him, leaving Jeff alone. However, Jeff decided not to cancel the party, but to invite all of Hacker's friends and go to Las Vegas.

The term DEFCON itself comes from the movie WarGames as a reference to Defense Readiness Condition. In the movie, Las Vegas was chosen as the target for a nuclear warhead. It was because these events took place in Las Vegas, as well as his event, that Jeff decided to call the conference DEFCON. Over time, DEFCON became a meeting place for hackers from all over the world, those who continued to do dirty work, and those who retired, finding themselves in cybersecurity, like Max.

Naturally, the government immediately took control of all this activity. From 1993 to this day, not a single DEFCON conference has passed without the Feds in attendance. Devcon was such an obvious target for the government that Jeff Moss, aka the former phreaker The Dark Tengen, even created a game called Spot the Fed. The participant who spotted an agent in the crowd had to point to him and shout, “I got a Fed!”

If the others agreed with his suspicion, the winner took home a T-shirt with the inscription “I got a Fed” at Devcon. It often happened that the suspected agent simply gave in and good-naturedly raised his badge, giving the hacker an easy victory. On July 31st '98, Max arrived at Devcon, held in the plazas of the NKSIN hotel, with Kimmy.

To her, this party was the most boring place in the world, but Max saw it differently. It was like he was in a hacker's paradise, albeit in the skin of a federal hacker. Tables throughout the room were covered with vintage computer equipment, exotic electronics, lock picking tools, T-shirts, books, and copies of 2600 The Hacker Quaderly, a popular American high-tech magazine.

Max spotted Elios Levy, a famous White Hat hacker, and pointed him out to Kimmy. Levy, aka Elif Wang, was a moderator of the Bactrac mailing list, a kind of New York Times in the cybersecurity world, and the author of a tutorial on buffer overflow. Max didn't dare approach the celebrity, and what would he say to him anyway. As he passed, Max noticed a group of guys who had isolated themselves.

They were playing capture the flag, a very popular game on Devcom. The goal of the game was to be the first to penetrate the network and take it over. By the way, they quickly raised this network themselves. The first team to plant their virtual flag in one of the targets took $250 in prize money and respect from other hackers. You could earn even more by hacking other participants.

For this game, hackers took out the latest powerful guns from their virtual arsenals, only instead of weapons there were exploits and a variety of attacks that they hid in order to show them off publicly for the first time. Looking at the crowd at the conference, Max more and more often caught himself thinking that the people around him were not his enemies, but rather friends whose brain receivers were aimed at the same wavelength as him.

Many hackers reluctantly gave up their immature pranks and went to legitimate work in dotcoms or created their own cybersecurity companies. They all dressed in white, like Max, but the popular T-shirt at the conference conveyed their "I miss crime" message perfectly.

And even though Max worked for the feds, wrote reports for them, and even helped catch some underage idiots in Darkseid, for their own good, who got off with a warning, he couldn't give a damn about his ideals. He didn't want to be a rat who gained the trust of others like him, only to ruin a person's life in an instant, just because that person trusted him. Max ignored the FBI's instructions and began attending parties and lectures at DEFCON.

On the release list this year was the long-awaited exit from the Cult of the Dead Cow, or CDC for short. CDC were the rock stars of the hacking world, recording and performing music, and contributing to DEFCON presentations. At this year's conference, the group released Back-Office, a sophisticated remote control program for Windows.

And if someone managed to persuade the victim to launch Backorifice, he would have full access to his files, could take a screenshot or even display an image from the webcam. According to the developers, the program was designed to put Microsoft in an awkward position. Windows 98 security was too leaky. At the presentation of Backorifice, the pillar was wildly delighted.

The positive energy of this place infected Max. But Max was more interested in the lecture on the legality of computer hacking, which was given by attorney Jennifer Grannick. She decided to start with a story about the recent prosecution of a hacker from the Bay Area. His name was Carlos Salgado Jr. He was a 35-year-old computer repairman who, like no one else, personified the future of cybercrime.

From his bedroom in his parents’ house in Daly City, a few miles south of San Francisco, Saldaga hacked into a major tech company and stole a database of 80,000 credit card numbers, complete with names, zip codes, and expiration dates. Carding had been around for a long time, but what Saldaga did next would earn him a place in every respectable history of cybersecurity.
Under the handle Smag, he logged into an IRC chat channel called hashtag carding and put the entire list of cards up for sale. To put that in perspective, at the time it was like finding Pavlovich’s book on a shelf at Auchan today. Back then, the online credit card scam scene was a morass of would-be hacker kids.

They had barely advanced beyond the previous generation of scammers, who photocopied receipts they found in trash cans behind shopping malls. Most of these conversations took place in open channels that any cop could get into. They didn’t think about security, they thought their petty antics would hardly interest law enforcement.

Idiots. Remarkably, Salgado did find a potential buyer in a chat room with the hashtag “carding.” On the morning of May 21, 1997, Salgado arrived at the meeting place. He was waiting for the buyer in the smoking area of the San Francisco International Airport, where he intended to exchange the disk with the database for a suitcase filled with bucks. Instead, he was arrested by the San Francisco Computer Crimes Unit.

This case opened the eyes of the FBI, Salgado became one of the first hackers to use his hacking skills for profit, and of course he posed a threat to the future of e-commerce. Immediately after his arrest, Salgado made a full confession, in which he told the FBI agents everything down to the last detail. At the presentation, Granik said that this was his biggest mistake.

And despite his cooperation, Salgado was sentenced to 30 months in prison. "What the FBI wanted me to tell you today is that Salgado did the right thing by telling you himself. She paused and said, That's bullshit. "Fuck them," Granik said, and the audience erupted in applause and whistles.

"There's no good reason to talk to the cops. If you really want to cooperate, please do so only after consulting with an attorney and signing a plea agreement. Kimmy and Max were standing at the back of the crowd, listening to this speech. She elbowed him in the ribs. The thing was, Max had done everything Granik had told online bad actors not to do.

Everything. Max was starting to have second thoughts about his cooperation with the feds. He returned to the Fuzz empty-handed and didn't even show up for a meeting at headquarters to receive his new assignment. This infuriated Fuzz Chris' boss, Pete Trahan. In subsequent letters, Bisson warned Max of the dire consequences of his uselessness to the agency.

"In future, unexcused absences from meetings will be undesirable behavior on your part. I think you understand what I mean, Mr. Butler. And if you decide to stop working with us, we will be forced to take appropriate action. This Monday, Pitt is meeting with the prosecutor in your case, and he would like to see you in our office at 10:00 sharp, Monday, August 17, '98. Max was trapped, blackmailed by the feds, and forced to show up.

Trahan explained to him that his interest fell on Max's boss at MCP, Matt Herrigan. He was alarmed by Matt's idea to launch his own cybersecurity campaign with people like Max, former criminals. If Max was going to have a bright future outside the confines of a cell, he had to get Herrigan to admit that he was still hacking illegally and that he had something to do with Max's attacks on Bind.

Trahan slipped Max more papers to sign. They were written agreements to have a listening device installed on him. After they were signed, Trahan gave Max the device itself, disguised as Pat Pager. The next day, Max met Herrigan at Dennis's in San Jose. He was not wearing a wire.

Max scanned the other customers with his eyes and looked out the window at the parking lot. The feds could be everywhere. He He pulled out a piece of paper, left it on Matt's desk, said "this is what's really going on," and hurried out of the building. Immediately after, Max called Jennifer Grannick; he had taken her business card from Devcon. After a short conversation, she agreed to represent him in court.

Once Trehan and Bisson learned that Max had a lawyer, they immediately removed him from their list of informants. Granik began calling the FBI and the prosecutor's office to find out what the government had in store for her new client. Three months later, she finally heard back from the top computer crime prosecutor in Silicon Valley. The United States was no longer interested in cooperating with Max; his only hope now was to go back to prison.

Max wasted no time waiting for a federal indictment. The vulnerability in Bind and the subsequent success of WhiteHat.Com gave him a head start. He created another site on the maxvision.Net domain, where anyone could learn about Max's services and order a penetration test. One hour of his time would cost the client $100, or free if it was not a commercial organization.

His main argument was the 100% fact of successful penetration into the system. It was a great time for White Hat hackers, the rebellious spirit in the online community led to the popularization of open source software, which gradually appeared in the world of computer security. And a new wave of college graduates and countless former and current White Hats destroyed the conservative foundations that dominated the world of cybersecurity for decades.

The first to be crossed out was the principle according to which security vulnerabilities and attack methods were not made public. White Hats called it security through obscurity. The new generation preferred full disclosure, discussing security problems not only helped to fix them, but also advanced information security as a science and hacking in general.

Hiding bugs was beneficial only to two groups, the bad guys who wrote exploits based on them and giants like Microsoft who preferred to fix holes without publicizing their mistakes. The full disclosure movement spawned the Backtrack mailing list, where hackers of all hats could share detailed reports of security holes they found in software.

An even better option was to include an exploit with the report, the code that demonstrated the hole. The preferred path in the full disclosure movement was to first notify the software developer and give them time to release a patch before publishing a leak or exploit to backtrack. But backtrack did not censor, so it was not uncommon for a previously unknown backtrack to end up on the backtrack list without the developer's knowledge, and be available to thousands of researchers and hackers within minutes.

This outcome usually guaranteed a near-instantaneous response from the developer. Bactrac gave hackers a way to demonstrate their expertise without breaking the law. And those who were still hacking had to deal with the White Hat community, armed with a growing arsenal of defenses. In late 1998, former NSA employee Marty Roche developed some of the best security software of the time.

One day, as a joke, he decided to see how many attacks, if any, were going through his Internet cable while he was at work. Literally on his knee, in a couple of days, he wrote a traffic analyzer, or sniffer, and released it as an open source project under the name SNOT. At first, SNOT did not seem like anything special. An ordinary sniffer is a standard security tool that intercepts passing traffic and writes it to a file for later analysis.

But a month later, Rosh had turned his program into a full-fledged intrusion detection system that would alert him if the signature of incoming traffic matched the signatures of known attacks. There were several proprietary IDSs on the market at the time, but SNOT's versatility and open source code attracted more and more WhiteHats who were eager to try out fresh software. Max liked SNOT too, he was delighted.

The program was somewhat similar to BRO, the Lawrence Lab project that helped track Max's attack on Bind. Max realized that SNOT was the very thing that could change the rules of the online game between black and white hackers. Now they could detect in real time attempts to use exploits that were spotted on Bactrac or elsewhere on the network.

SNOT was a kind of early warning system for the Internet, something like NORAD radars that monitor American airspace. All he needed was a comprehensive and up-to-date list of ATAK signatures. In the first couple of months after the release, the Snot database had been growing chaotically, with a list of about 200 signatures. In one sleepless night, Max more than doubled that number, bringing it up to 490 signatures.

Some were completely homemade, some were improved versions of existing ones that he had kindly borrowed from Dragon IDs, a popular paid program at the time. By signature writing, he meant identifying unique characteristics in the network traffic generated by a particular attack, such as a port number or a byte string.

For example, this spell in a Snot alert meant that some hacker was trying to use BaCoreFS, the same program from the dead cow cult that they had provided at DEFCON 6.0. The spell spoke of an incoming connection to port 31337 with a specific 12-byte string in the network traffic, meaning someone was trying to use a backdoor.

Max uploaded all the signatures as a single file to WhiteHat.Com, thus giving credit to other cybersecurity geeks, including Ghost 23, as his alter ego. He later rewrote the file into a full-fledged database and invited other experts to contribute to the future of cybersecurity. He gave the project a catchy name, RH Needs, which literally translates as “Advanced Archive of Intrusion Detection Systems Directions, Discoveries, and Samples.”

RH Needs became a hit and helped Snot rise to new heights of popularity in the cybersecurity community. Along with SNOT, Max Vision rose, becoming more and more respected in his circles. The more White Hats got involved in the project, the more SNOT began to resemble the FBI’s fingerprint database.

It could identify almost any known attack method or variant. Max also continued to write documentation on Internet worms like the worms and the like, and the tech press even began to seek out Max to comment on the latest attacks. Even as he did so, Max knew that his authority as Whitehat would not save him from the federal prosecutor general.

In quiet times, he and Kimmy fantasized about somehow escaping their evil fate. They could run away together to Italy or some other island far from America, and start over. Max would find a sponsor, a man with money who would pay him for his talent, his art of hacking. Everything could be fine. But in reality, the couple was going through hard times, the government silently looming over them like a huge thundercloud.

If they had rarely thought about the future before, now they were afraid to even think about it. Life was no longer subject to them, and the unknown was killing them. When they were alone, they often argued, and in public they glanced sideways at each other. "The reason I signed the confession is because of you, Kimmy. We just got married, and I didn't want to hurt you," Max explained to Kimmy.

He felt guilty, having married he had given his enemies a significant advantage, Kimmy was his weakness, his exploit. Soon Kimmy transferred from Deanzo College to UC Berkeley, and the couple decided to move across the bay to live near her university's campus. This move, as Max expected, was fortunate for him too.

In the spring of 2000, a Berkeley company, Hiver World, offered Max a long-awaited job. The company already employed some of the hungry programmers, although they were now quite well-fed. Hiverworld planned to release a new anti-hacking program that would detect hacking attempts, something like SNOD, but it also had to scan the user's network for vulnerabilities, and be able to ignore them if the vulnerability was harmless.

Author of SNOD Marty Roche was employee number 11, Max was supposed to be number 21. Max's first day was scheduled for March 21, 2000, when thousands of programmers dreamed of working at a promising IT startup, the American dream of the 2000s. Believe it or not, but on March 21, 2000, in the morning, FBI agents knocked on Max's door.

Max thought it was a prank from Hyperworld, just a joke gone too far, but it was not. Do not answer Kim under any circumstances, he spoke quietly. Max grabbed the phone and hid in the corner of the room in case the agents decided to look in the windows. He immediately called Granik and half-whispered what was happening.

Most likely, the charges had already been brought, the FBI was coming to take him away to prison. After standing by the door for a while, the agents left, fortunately at the moment they did not have a warrant to simply break into the house with both feet. So it turned out that Max saved his ass for a while by simply not opening the door. For his part, the gamer had already called the prosecutor to try to organize a civilized appearance at the FBI office.

In the meantime, Max called the director of Hiver World, his new boss, to say that he would not be there for the first day, and that he would soon show up and explain everything. In the evening, Max was waiting for another news. He was shown on the news, a hacker suspected of computer hacking named Max Butler was charged with 15 counts, including illegally intercepting private messages, hacking and storing stolen passwords.

When the feds knocked on his door again, Max opened the door without a second thought. After two nights in a septic tank, he appeared before a federal judge in San Jose to be charged. Kimmy, Tim Spencer, and a dozen hungry programmers filled the courtroom.

At the end of the trial, Max was finally released on $100,000 bail. Since Max didn't have that kind of money at the time, Tim signed a check for half the amount, and Max's buddy, one of the hungry programmers who had recently risen to the top by starting his own dotcom, decided to throw in the other half. The arrest sent shock waves and worries through cybersecurity circles. Hiverworld rescinded its job offer; no startup would hire a security specialist who was facing arrest for hacking.

The community was also concerned about what would happen to the RH Needs database without Max's oversight. It was his project, Rosh said online, and if he didn't voluntarily hand over control, it would be unacceptable to force it into other hands. Max responded to this message personally, in a long post he talked about his love for computers and spoke about the future of cybersecurity and intrusion detection in particular.

WhiteHats.Com and RageNeeds will continue to operate regardless of what happens to Max himself. “My family and friends have been incredibly supportive. I have already received offers to support the site. Even clearly illegal forms of assistance, I am grateful for everything.”

“After the smoke cleared and I was exposed in the press, Hammer World decided to not continue our cooperation,” Max wrote. “The company has made itself out to be the last coward. Where are your balls, guys? I am ashamed of you.” It is very offensive that you behave like this, I will miss your support. I am innocent until proven guilty, Max continued, and I would be incredibly happy if our entire society recognized this.

After six long months, Max admitted his guilt, but in light of the recent news, few paid attention. A wave of federal investigations into hackers swept across the country, and Max was simply lost in the hype. This month, Patrick Gregory, the leader of the group Global Hell, was sentenced to 26 months in prison and ordered to pay $154,529 in restitution for a series of website hacks.

Jason Dickman, 20, of California, was charged with hacking NASA and university systems for fun. And Jonathan James, 16, better known online as Comrade, received six months, becoming the first juvenile in history to be jailed for hacking.

In short, the country was in total chaos. Max showed up for his hearing in unpressed pants, standing and silently watching as the legal experts decided his fate. Defense attorney Jennifer Grannick argued diligently to Judge James Ware that Max deserved a lesser sentence, if only because of his work for the FBI. The prosecutor took the opposite side.

It was a rather strange hearing for a computer hacking case. A dozen of Max’s colleagues and the security community, people who are ready to stick up for people like them, wrote to Judge Ware personally. Dragos Ruju, a prominent security expert in Canada, called Max a brilliant innovator in cybersecurity. French programmer Renaud Deraison noted that without Max’s help in the early stages of developing Nessus, Deraison’s vulnerability scanner might not have been released at all.

And Nessus has become one of the best free security tools on the market. Given Max’s potential and his exceptional vision of Internet security, society would be much better off if he remained a specialist instead of rotting away in his four walls and watching his talent slowly but surely disappear into oblivion,” Deraison wrote.

The hungry programmers wrote letters, too, but so did Max's mother and sister, of course. He had plenty of support. In her letter, she begged the judge, by hook or by crook, to release Max. "He saved me from the path of mutual love and taught me self-respect," she wrote. "He gave me a refuge when I had nowhere to go.

He took care of me when I was seriously ill and saved my life by taking me to the emergency room despite my objections. He was so kind to me that I couldn't help myself." When the lawyers finished their monotonous discussions, Max began to speak for himself, with the politeness he displayed when he was away from his computer. His attack, he said, was purely for good reasons.

He had only wanted to plug a hole in the bind, and in the process he had lost his mind. I couldn't help myself. The guilt in his voice gave him away. It's hard to explain what a hacker feels like when he finds himself in a situation like mine. It felt like I was in a race. So if I had gone in quickly and closed the hole behind me, I could have prevented a lot of bad things, to put it mildly. So I did it. And I will not deny that I went against the law. I ruined my reputation as an information security specialist.

I hurt my family and friends. I regret it, believe me. Judge Ware listened carefully to Max’s speech, although he had already made his decision. Letting Max go without a prison sentence would be a bad decision. Other hackers could feel unpunished, and this will not lead to anything good. “Anyone who follows in your footsteps should know that if they are caught, they will not be let go so easily,” Judge Ware concluded the hearing.

The sentence is 18 months in prison, followed by three years of supervised release, during which Max will not have access to the Internet. The prosecutor asked the judge to immediately remand Max into custody, but Ware denied the request and gave the hacker a month to get his affairs in order and report to prison himself.

After the verdict, Max and Kimmy moved to Vancouver, closer to her parents. Once settled, Max wasted no time in organizing the work of WhiteHats.Com and RageNeeds so that they would survive his incarceration. He set up automatic payments for his Internet bill and wrote a list of things Kimmy would take care of while he was away.

"You're in charge of RH Needs now," Max said, gesturing to the server in their apartment. Max spent his last weekend of freedom at his computer, preparing RH Needs for transfer to new hands. On June 25, 2001, he was temporarily locked up in the county jail, awaiting transfer to his new home, the Taft Federal Penitentiary, located near a small town in central California.

There was just one detail that bothered Max, an injustice, just like Vidaho had been. He was sent to prison again, not for hacking, but for refusing to turn in Matt Herrigan. He was punished for his principles, once again becoming a victim of a capricious justice system. Kimmy was alone for the first time since they had met.

Despite all his talk about living until the grave, Max had chosen a path that would inevitably lead to their separation.
Two months later, a small incident occurred. It was one of the few conversations with Max on the phone. They were chatting about life, as always, when suddenly she heard a sharp pop and acrid smoke filled her nostrils. Max tried to calm her down. "All you have to do is replace it with a new one. I'll do it with my eyes closed," he said.

Max began to tell her how to replace the motherboard, but Kimmy was flying in the clouds, she realized that she did not want to be a hacker's prison wife. In August, to forget all her problems and have a good time, Kimmy rushed to Nevada for the Burning Man festival. When she returned home, in her first phone call with Max, she told him that she had met someone else. It was another betrayal. Max listened to her revelations with eerie calm, asking about every detail.

Kimmy, what drugs she was on when she cheated on him, what positions they fucked in. He wanted her to ask him to apologize, and he would do it without thinking. But that was not what she wanted to say, she wanted a divorce. “I don’t even know if you think about the future,” Kimmy kept saying. In order to sign the divorce papers, Kimmy flew to California, rented a car and drove to Taft, where she nervously waited for Max in the waiting room.

When Max entered the room, he took his usual place opposite, at the steel table, and they began to talk. All this time he was thinking about the future, telling her that he already had plans for their life together. It wasn't over yet. "I talked to people," he said, lowering his voice to a whisper.

"People I could work with. We can do this, Kimmy." But Kimmy didn't want to listen. Maybe this was the best time to break up with Max. To hit him as hard as possible, when he was so vulnerable. And I could stand up for our hero. I could beat Kimmy up to the punch. But that would be too easy. As Roma the Englishman said, may he rest in peace, life is just a bunch of bullshit that just happens.

And shit happened to Max, soon he would go on a rampage, start playing Cybercrime like an adult, and in this game he would have no equal. What else could he do? The whole world was going to war on him, the government and his wife were smashing his face into the ground.

Max didn't have the strength to send them all to hell, all he could do was smile, smile at them all in spite, curtain.

Smile when you're being smashed into the ground.

 

[Jollier]

The First Hacker After God. Breaking Bad.

The game of the good guy has come to an end. The 4th part about the first hacker after God is the calm before the storm, because everything that happens next will forever put an end to Max's career as a brilliant white hat hacker.

Eighteen months of imprisonment, followed by three years of supervised release, during which Max will not have access to the Internet. And all because he refused to hand over Matt Herrigan, his wife demands that he sign divorce papers, she is having sex with another man and she enjoys her new life. From this thought alone, Max is torn apart inside, he was betrayed once again.

In the hacker's heart there was a serious grudge, the game of the good guy was coming to an end, Max Vision died within those four walls of the Taft Federal Prison, and in 2002 Max Butler was released. Now everything is grown up, the war between hackers and the feds continues, Max has fought enough on the side of the federal moles, sat down, it's a shame, it happens.

Fighting on the side of the hackers is much more interesting, of course, we know the outcome in advance, prison, but if you can't see the difference, then why overpay. In prison, Max met a thug named Jeffrey James Norminton. He was already on the final stretch of his 27-month prison marathon when Max met him in Taft.

34-year-old Norminton inspired fear and respect with his whole appearance. An alcoholic and a seasoned swindler, he was a money wizard who pulled off all his best deals half-sober. He started the day with a bottle of Kurzlight beer, and by the end of the evening he couldn't string two words together. But in that sweet spot between the sobriety of the morning and the blur of the afternoon, he was a master high-roller who pulled seven-figure sums out of thin air.

One afternoon in 1997, Norminton picked up the phone and dialed the vice president of the Intrust Group, a Pennsylvania brokerage house. He introduced himself as an investment manager with Hyland Federal Bank, a real bank based in Santa Monica, California.

Using all his confidence, acting, and charm, Norminton convinced Intrust to buy the bank's high-yield CDs, promising the vice president a breakeven return of 6.2 percent on a one-year investment. When the victim wired $297,000 to Hyland, the money landed in a shell company owned by Norminton's accomplice. The scammers quickly cashed out almost the entire amount, leaving only $10,000 in the account. Their audacity knew no bounds, and they decided to do it all over again.

This time, the same vice president received a call from Norminton's accomplice, pretending to be a manager of another bank, City National, offering a deal more than twice as big. The Intrust management turned out to be idiots, and they promptly sent two more payments for a total of 800 thousand dollars. But as often happens, Norminton was destroyed by his own greed, he sent his brother to City National to get 700 thousand dollars from the bank in one check.

The City National management was much smarter, they refused Norminton's buddy, considering this transaction suspicious. After some time, the criminals decided to cash the money again at another bank branch, where the FBI was already waiting for them. This is how Jeffrey Norminton got into TAFT, he was glad to meet Max, he saw potential in him.

From now on they stuck together, swapping war stories on their walks and fantasizing about the mischief they could do together on the outside. By combining their skills, financial scams, and hacking, they could do great things, like hack into brokerage houses, tap into rich dudes' overflowing accounts, and funnel the money offshore.

Literally, one big catch and the money they got would be enough for the rest of their lives, a life in which they would never know what to say no to. Five months later, Norminton was on his way home to sunny Orren County, California. Max stayed in Taft for one last year. A long, painful year surrounded by degenerates and primitives. In August 2002, Max was paroled.

He was sent to temporary housing in Oakland, where he shared a home with five ex-convicts. It was a free-roaming correctional facility. It demanded that Max either find himself a paid job or go back to prison. Remote work was not allowed. After learning that Max had been conditionally released, Kimmy went to see him, taking with her a stack of divorce papers.

The narrow-eyed woman begged Max to let her go, saying that the relationship with her new fucker had reached a new level. But Max was no longer interested in this, just as Kimmy was not interested in what it was like for Max to be stuck within four walls with horns pointed at him. He refused to sign anything, he was beside himself with anger, looking at her. The only thing Max wanted now was to find a job and quickly leave the prison shelter.

He started calling his old acquaintances from Silicon Valley and discovered something shocking for him. Due to a criminal record for cybercrimes, he only heard refusals. In desperation, he borrowed a laptop from one of the hungry programmers he managed to contact and began monitoring the network for vacancies in the field of information security. I even personally visited the offices, to no avail, at half past five in the morning I scoured the sites all night, and still no results, what kind of nonsense is this, am I in a fucking comedy or something.

It was all a joke, he wrote to Tim Spencer. Max even offered his services at hot prices, he was ready to work for minimum wage for the first few months. Previously, he received $100 for one hour of his work, now he agreed to a measly $7.

But soon, luck finally smiled on him, a manager of one of the companies responded to his request, agreeing to Max working from a home office in Fremont, which was 20 minutes by train from Max's new house. He received a fee of $10 an hour for helping to assemble servers. It blew nostalgia, as a teenager he did the same job, helping his father in his store. After two months, the correctional facility released Max, now he was absolutely free.

He quit his job and rushed to San Francisco, where two of the hungry programmers lived, Chris Tischok and Seth Alves, the same guys with whom Butler tore up the school. The guys kindly offered to stay with them in the apartment that the three of them rented. The third person was a woman, namely Tishok's ex-girlfriend, Charity Mezhers. Charity was a refugee from Idaho, she was quite an extraordinary girl at that time.

She painted her nails brightly, like Skittles, each in a different color, and wore lenses that turned her eyes into two amazing emeralds. She worked as a system administrator on a porn site in Nevada for a minimum wage, which was barely enough in such a rich city as San Francisco. Max noticed her right away and one day penetrated her system, after which the young people declared themselves a couple.

Even today, old Charity looks quite decent, her life has turned out well, she is a co-founder and technical director of Honeycom and is well off. But then everything was different, the couple needed money, and finding Max a decent job and a criminal record was not an easy task. But soon luck smiled on him, one of his former clients from Silicon Valley decided to help him, signing a contract for $ 5,000.

Max had to carry out penetrating networks of his company. The company management sympathized with Max, and therefore they absolutely did not care whether he presented them with a report or not, but Max understood what he was paid for, he valued his reputation as a 100% hacker, and therefore took the matter seriously.

He pounded the firewalls day and night, expecting, as always, an easy victory, which he was accustomed to in the good old days, but the system did not give in. "I have never failed at hacking before," Max told Charity. Max pressed with even greater zeal, but in the end he became more and more upset about his own impotence. Finally, he decided to try something new, an unconventional and previously unused approach.

Instead of looking for vulnerabilities in the company's secure servers, he turned his sights on its employees. Client-side attacks are what hurt the most people, like spam that comes to your email with a link to download some stupid picture. In fact, it's a picture, an executable file, but few users will pay attention to the file extension.

The icon is there, as if it were an ordinary photograph. If you ignore the warning messages from Windows, download this picture anyway, you can consider that from now on the computer belongs not only to you, and maybe not to you at all. In 2003, the dirty secret of these attacks was that even seasoned computer users fell for this trick. The so-called browser bloat was to blame.

In the nineties, the bitter battle in the browser market between Microsoft and Netscape led to Microsoft having to stuff a shit ton of useless features into Internet Explorer. Each new feature increased the attack surface, more code, more bugs. Internet Explorer was no longer vulnerable, it was a vulnerability. Often, the exploit would be discovered by one of the good guys, be it a Microsoft employee or one of the White Hat guys.

The problem was that they didn't always warn the developer about the vulnerability before publishing it on Backtrack. Once the vulnerability was publicly known, the race was on. Black Hat worked to exploit this bug, creating fake websites and then tricking victims who visited the page. Just viewing the site, i.e. clicking on a link, would give the hacker control of the victim's machine without any visible signs of infection.

But even without publishing information about the holes, hackers could still find out about them using reverse engineering. Information security experts watched with alarm as the time between the announcement of a vulnerability and the appearance of an exploit shrank from many months to a few days. In the worst case, Black Hats discovered the bug first, this is called a zero-day vulnerability. In this case, in the race between good and evil, White Hats were catching up.

And since new patches were released at Microsoft almost every week, even large companies usually lagged in installing them, and the average user did not install them at all. In the end, one of Max's many attacks finally gave the desired result. Having gained access to the employees' computers, he jumped inside like a fucking grasshopper, grabbed a couple of trophies and successfully jumped out.

More than one and a half million cybercrimes are committed annually in the world, guys, it's time to get a really relevant profession and make a living like Max Butler did in his time. Now about the goodies, with the promo code butler you will receive a 50% discount on training, the link is in the description under the video, follow it and register for the course.

Even though Max was paid 5000 bucks for penetrating the server, the company's management was extremely unhappy with his work. And the thing is that using a client-side attack in a penetration test was considered indecent. Max was paid to attack servers, not employees who had access to the server. He was increasingly convinced that there was no place for him in cybersecurity anymore.

After serving time, everything around him changed. Hoverworld, where Max was effectively employee number 21, revamped its executive team and raised $11 million in venture capital before changing its name to nSocle Network Security. Marty Roche left the company to build on the success of Node, which Max had also been involved with, and started his own business called Sourcefire in Maryland.

Both companies were on their own paths to success, with nSocle starting to scale and aiming to have about 160 employees within a year and Sourcefire heading for an IPO. In some alternate universe, Max never hacked the Pentagon, or never used that damn dial-up Vario, or just kept his mouth shut and quietly ratted out Matt Herrigan.

There, he found financial success and a well-rewarded, fun job. Instead, he just watched the success of all the projects he was involved with from a distance. He needed a breath of fresh air to keep from getting depressed, and he got it. One day he decided to check his forum on WhiteHats.Com, where he found an anonymous note from an old friend from Taft.

It was a code phrase that Max had made up with Jeff Norminton while in prison. Soon they were sitting across from each other and talking. For this, they rented a room at the St. Francis Hotel. Norminton was telling about a scumbag judge who signed him off on supervised release. He had a special person assigned to him who made sure he didn’t start drinking again.

To do this, Norminton submitted his urine for testing every month. Not surprisingly, after a week, he relapsed and started bruising daily again. After two consecutive positive urine tests for alcohol content, the court ordered him to undergo treatment at Impact House, a drug and alcohol rehabilitation center in Sedona. Three weeks later, he returned home and was now looking for a job so he could save up enough zeros to get the fuck out of Mexico.

It's time to put our ideas into practice, my friend, Norminton finished his story, I'm ready to sponsor you as a professional hacker, so what do you say? Naturally, Max agreed, at that moment he wanted to return the time lost in prison at any cost, he wanted money. Max understood that he had already used up the limit of hospitality in the house of hungry programmers, although they did not say so.

His diet consisted mainly of instant noodles and vegetables, there was no health insurance, so any health problems, and especially with teeth, would cost him thousands of dollars. On top of that, he now had a trailer in the form of Charity. Measures, and he had to take care of it, just like he once took care of Kim.

Max said that first they needed to get a powerful Alienware laptop and a huge parabolic antenna. There was just one small "but" - Norminton did not have money, but he knew someone who did. That someone turned out to be Chris Aragon, Chris was like a 3-in-1 coffee bag, a con man, a carder and a bank robber. It all started in Colorado, he was 21 years old then, he worked as a massage therapist at a hot springs resort and he was not incredibly rich, but he had enough for his modest cocaine addiction.

One day he met Albert C, a crazy guy who had served time for petty thefts more than once, and after talking, the Colorado Bonnie and Clyde decided to rob banks. Chris was from a good family, his mother Marlene Ragon worked in Hollywood, she had a very good voice, worked there as an announcer.

Her voice could be heard on the Saturday morning show on ABC, it was called "The Challenge of the Super Friends", Marlene voiced Wonder Woman in it. Due to the fact that Chris was raised in a decent family, in childhood he developed a certain romantic idea of crime and criminals. But no one, including Chris himself, would have ever thought that in the future he and Albert would undertake a series of daring and mostly unsuccessful robberies of small banks in the resort towns that dotted Colorado.

The first robbery at Aspen Savings went well enough. Chris, wearing a white and blue gang uniform to hide his distinctive braces, pointed a rifle at the bank manager as he opened the bank in the morning, as usual. They dragged him inside and began filling bags with valuables, when they suddenly discovered a cleaning lady hiding behind one of the tables, her hands shaking as she dialed the police.

They took everything they could and left the scene of the crime in a hurry. The second robbery at Pitkin Country Bank ended before it even began. The genius Albert hid in a dumpster by the back door with his shotgun, planning to jump out at the employee who arrived at work first. But the plan went awry when Chris, who was on the other side of the street, saw a garbage truck pull into the alley, ready to empty the contents of the container.

The third robbery took two of Ocean's friends a bit more work. On July 22, 1981, Chris and Albert showed up at a Chevrolet dealership in Rifleigh and asked to test drive a brand new Camaro, but the manager insisted on coming with them. Chris then drove out of town, pulled over to the side of the road, and Albert, pointing a gun at the salesman's flask, ordered him to get out of the dealership.

They tied him up with rope, stuffed a rag in his mouth, and left him lying on the side of the road while they drove off in a silver sports car. At 5 p.m. the next day, Chris parked the stolen Camaro at the Oleybank in Glenwood Springs, a bank where locals kept their money earned from the thriving tourist industry. Let's face it, Chris was also a client of the bank.

While he sat at the wheel, ready, Albert, wearing black sunglasses and carrying a leather briefcase, walked through the front door of the bank. Three minutes later, he came running out with ten grand in cash, jumped in the car, and Chris hit the gas. He headed south out of town on a dirt road that ran through the rocky red hills surrounding Glenfield Springs. Around the next turn, Chris's girlfriend was waiting for them in a spare car, and he drifted past her and made a grandiose show of turning the Camaro hood to hood.

He was jumping up and down with joy, screaming, "We did it!" In their joy, the would-be robbers failed to notice a police Ford Crown appear out of a cloud of dust on the horizon. Noticing the cops, Chris and Albert began to run as fast as they could across the rocky, tree-lined terrain. While climbing down another cliff, Albert accidentally fell right into a cactus, where he was detained by two police officers.

Seeing this, Chris dropped the shotgun on the ground and raised his hands in the air. From all these adventures, Chris learned one valuable lesson. Robbing banks with guns and cars is the dumbest way to make money. In 1986, after five years in federal prison, he was released and decided to try his hand at carding, and you know, he even achieved some success, earning some money.

After playing around with credit cards for a while, he got in touch with a Mexican drug dealer he had met in prison. He helped him deliver 2,000 pounds of marijuana across the border to a ranch near Riverside, California. Naturally, this move was monitored by the feds, and in September 1991, Chris was again in custody.

After another 5 long years, in 1996, he was released, at that time he was already 35 years old. This time, he promised himself no crime, and with his mother's help, he launched a legitimate business called Mission Pacific Capital, a leasing company that supplies computer equipment to struggling startups. With his trendy hair and charming eyes, Chris fits easily into the role of a Southern California businessman.

After 14 years of crime, plus the abnormal life of the middle class, had an exotic and even satisfying appeal. Chris loved to travel, attending all sorts of conventions, interviewing and hiring employees, and just chatting with colleagues in the industry. At one of these conventions in New Orleans, Chris met his sweetheart. Her name was Clara Shao Yen Lee, a stylist of Chinese origin who emigrated from Brazil.

Charmed by Clara's beauty and intelligence, he quickly took her as his wife. Under Chris's careful guidance, Mission Pacific established itself as a leasing broker with an innovative approach. The company was one of the first to offer instant contracts via the Internet, which ultimately became the factor that attracted tens of thousands of clients to Mission Pacific across the country.

The former robber and drug smuggler had two prominent Orange Country businessmen as partners and 21 employees working in a spacious, modern office a block from the Pacific Coast Highway. Being a competent professional, Clara would occasionally drop by her husband’s office and help with the promotion and appearance of the company’s website. By the 2000s, the couple had a fancy apartment, a son, and a business that seemed as limitless in its potential as the Internet itself.

But the following spring, the dream ended, the dot-com bubble burst, and the stream of new companies that had been the lifeblood of Mission Pacific began to dry up. The next blow was the entry of large companies like American Express, and the giants began to squeeze out small businesses. Chris’s company was no exception, and along with dozens of leasing brokers, it collapsed. He began laying off employees, and finally was forced to tell those who remained that Mission Pacific would, alas, not be able to pay its next payroll.

Left with no source of income, Chris got a job at another leasing company, but soon found himself in a wave of layoffs, because the company was bought by a large bank. Meanwhile, his wife gave birth to another boy, so when Jeff Norminton came to him, telling him about the superhacker he met in Taft, Chris was ready to listen to his proposal. He gave him the required amount, Norminton gave the money to Max, who in turn bought the necessary equipment for the business.

Now Chris had to see Max in person. Some time later, the legendary trio met at the vintage Vesuvius Cafe in the North Beach area ...

 

[Jollier]

Carders. The First Hacker After God.

In Part 5, "The First Hacker After God" discovers a new world, the world of carding. A deep bow to everyone who read to the end, everyone who didn't watch automatically goes to purgatory.

An alcoholic, the first hacker after God and a Carder. This damn trio of players clearly do not pretend to spin the reel in Leonid Yakubovich's show. And they gathered at the same table in the Vesuvi cafe in the Northbeach area, clearly not to discuss the weather. They need big money, and they need it not in a year, not in a month, they need it now. Chris looked at Max with interest, they had a lot in common, both were vegetarians, both had sat and read the same books more than once and, damn it, their wives were Asian.

Max said that they needed to climb higher, where he could show everything he could do. So the trio found themselves in a 27-story Holiday Inn in Chinatown, a few blocks from the cafe. They rented a room on the upper floors, and Max went to the window, turned on his laptop, plugged in the antenna, and began scanning for Wi-Fi networks.

The antenna Max used was a monster. At 2 feet wide, the parabolic cannon instantly detected two dozen Wi-Fi networks located near the hotel. Max connected to one of the access points and showed Chris how it all worked. Armed with a vulnerability scanner, a tool he had used since his days as a penetration tester, he could quickly scan the vast stream of Internet data for known vulnerabilities.

Security holes were everywhere; he was sure that in the business district, he would easily be able to get into vulnerable financial institutions or e-commerce sites. Norminton and Chris just had to choose what kind of data they needed and how they would use it. In 2003, the world began to rapidly evolve towards wireless technologies, thereby introducing more and more new vulnerabilities.

The revolution began with the Apple Airport wireless access point, and later other major equipment manufacturers such as Linksys, Netgear, and others joined in. Prices for computer equipment were becoming more affordable, and most businesses and home users began to free themselves from the shackles of their Ethernet cables. Wireless equipment, introduced into homes and offices across the country, was a dream for any hacker.

The overwhelming majority of them used the 802.11b standard, which was adopted back in 1999. It included an encryption scheme that theoretically made it difficult to switch to someone else's wireless network or passively sniff traffic. But in 2001, researchers from the University of California, Berkeley, identified a number of serious vulnerabilities in the encryption scheme that made it possible to hack the network using equipment and software that were quite affordable to the average user.

In practice, however, special black magic was usually not even used; there was simply no need for it, since the manufacturers themselves supplied modems with encryption disabled by default. Businesses large and small simply unpacked the boxes, plugged the Wi-Fi routers into sockets and simply forgot about them, sometimes mistakenly believing that the walls of their offices would prevent access to the network from the street.

A few months before Max went to jail, one of the White Hat hackers invented a kind of sport, which he called wardriving, in order to highlight the prevalence of vulnerable networks in San Francisco. He attached an antenna to the roof of his car and began to drive around the city streets, while his laptop scanned all available Wi-Fi networks.

After an hour of driving through the business district, his setup found about 80 networks. When Max got out, wireless networks were everywhere, he knew that hacking into his home was the preserve of schoolchildren and idiots, and it was a lesson he learned the hard way. But thanks to Wi-Fi, he can now work from almost anywhere and remain anonymous, and if the feds do track Max's attacks, all they'll get is the unfortunate ISP Max connected to.

Chris saw that Max was the one he needed, he introduced him to one of his prison acquaintances, real estate swindler Werner Janner, whom Aragon met while serving time in Terminal Island in '92. Janner offered Max to hack into his sworn enemy's computer, Max asked for $5,000 and they shook hands. Max did everything cleanly, the money he received gave him confidence in the future, he began flying to Orange County, where he and Norminton worked in Chris's garage.

The tickets weren’t his name, so there was no record of him violating his supervised release by leaving the Berea area. Max downloaded a list of small businesses from the EFDIC website, figuring out they would be the most vulnerable, and ran a script to scan each bank for known exploits.

An electronic bell in the garage would ring once the scan was complete, and Max would then run a worm that would go through each bank and pull up databases of customer names, financial data, and account numbers. The mass approach meant that Max would be spared the frustration he’d experienced during his last legitimate penetration test. Hacking any one target could be difficult, if not impossible depending on the situation, but scanning hundreds of thousands of systems was guaranteed to find vulnerabilities.

It was a numbers game, a bit like trying to steal a car by trying to find one with the door left open in a huge parking lot. Charity was the only one in the family who had a full understanding of what Max was doing, and she didn't like it. She could see that Max got on well with Chris, but something was bothering her, she couldn't put her finger on it, he seemed too soft and sweet.

Max soon moved on to small sales websites, where he collected transaction histories, some even with credit card numbers. But his numerous hacks had no specific purpose, and even Chris and Norminton weren't always sure what to do with all the stolen goods. They needed a scheme. Luckily, Chris soon had some money, Werner Janner owed him 50 grand and was ready to transfer the money at any time.

Wanting to get his hands on the unaccounted cash, he asked Norminton to do the best he could. Norminton arranged for one of his friends to receive the wire and cash it out within a few days. The first withdrawal went smoothly as planned, and Norminton showed up at the garage with $30,000. However, the next day, Norminton reported that his partner was sick and had to take a couple of days off.

In fact, Norminton had learned the real source of the income, the $50,000 was part of Chris's earnings from the illegal real estate scheme that the janner had originally conceived. Now it turned out that Norminton was in on the deal, too, and of course, he wasn't thrilled about it, so he valued his work at $20,000. The next morning, Chris found the Honda he'd loaned Norminton parked outside his garage, with a fresh dent in the front fender and a flat tire.

In the cabin, he found a note from Norminton, the FBI is after me, I'm leaving town. Chris called the drop who withdrew the money, already perfectly understanding what he would be told, there is no money, but you hold on. Chris found Max through charity and demanded answers from him. What do you know about Norminton's whereabouts, where is my money?

But Max only mumbled something in response, he was as surprised as Chris at Norminton's disappearance. In the end, they were left alone. Max and Chris immersed themselves in a routine, once a month Chris flew or drove on his own to the north of Orange County to downtown San Francisco, where he met Max and then everything went as usual. They rented a room in some hotel, raised a massive antenna up and installed it on a tripod by the window.

Then Max tried to find a high-speed Wi-Fi network with a good signal. After a while, they realized that height does not play a major role when hacking Wi-Fi, the location of the buildings visible from the window is much more important. If all else failed, Chris would run to the front desk and ask for another room, explaining that he had no cell phone signal or was too afraid of heights to stay on the twentieth floor.

Max treated it like a job, he would say goodbye to Charity and then disappear for a week to one of the best hotels in the city, under the noise of city traffic Max scanned the networks around, saving all the data he could find. During his last prison term he had lost some of his skills, but now he was back on top, he was aware of all the latest vulnerabilities, his skill level was growing before his eyes.

Without understanding why he hacked into the accounts of Kimmy and her new boyfriend, he thought about hacking her email to send out letters on her behalf to all her contacts, in which she would repent for betraying Max. He thought that everyone should know that she was nothing but a pathetic whore, but at some point he changed his mind, because now he had Charity, his favorite girl. He took a deep breath, grabbed Kimmy and silently signed the divorce papers.

When he got back to work, the first thing he did was open his browser and start googling the questions that interested him, what other cybercriminals around the world were doing and how they monetized the stolen data. That's when he truly understood what crime was in its global sense. He got acquainted with two of the best thematic forums - Carder Planet and Shadow Crew. It all started in 1999.

That's when the British carding platform Counterfeit Library came into being. It solved one of the main drawbacks of running a criminal business in ARC chats. The fact is that as soon as the chat was closed, a huge amount of valuable information from experienced users simply disappeared.

Founded by a handful of Western hackers, Counterfeit Library stored a large number of tutorials on completely different topics, and also had its own forum, where users had the opportunity to exchange tips, buy or sell new IDs and, of course, credit card dumps. Participants could publish their messages in thematic discussions, had nicknames and a reputation. Counterfeit Library was a revolutionary project at the time. It is no wonder that the site quickly grew to several thousand visitors per day, mainly from North America and Europe.

Carders from Eastern Europe did not envy the success of Counterfeit Library for long and already in 2000 opened their own site on the Carder.Org domain. The site was not bad, something like ozone or valsberes in the criminal world, a large range of services, although there was frankly a lot of ikidalova, in any case, there was still no alternative. Until two amazing people appeared on carder.Org.

The first was known under the nickname Weber, later he would change to Script, the second called himself Betby. These two were friends, Script, aka Dmitry Golubov, was a very ambitious person, a carder with excellent organizational skills, and of course his friend, the funny guy Vladislav Khorokhorin, aka carder BadB.

Last question, how many times have you lied during this interview? Do you think I counted?

A year before appearing on Carder.org, Vlad broke the Israeli army just to go on leave more often, for which he managed to sit in an Israeli dungeon for a while. Talented managers, former military personnel, a great duo to support Max Butler's beer when he's in the building, but I'll upset you a little by saying that at that time, it was Max who held the beer of these two guys.

After all, it was these two who would later create the planet of carders, something like Amazon by today's standards, but among cybercriminals. They will have everything, respect, power, money, whores, in general, come up with something else yourself, it will work anyway. He is quite capable of understanding me correctly.

Hello, Mr. Smith, don't jump out the window. So what if your greenbacks, bucks flew to another continent in one transaction. Maybe it happened in the summer, or maybe in the winter. There is no pause between seasons for fraud Tons of dump canton.

This short cartoon created by BadB reflects the whole essence of the beauty and simplicity of carding of that time. It has the very scheme that Butler and Arragon clearly lacked. The time to break systems for fun has passed, Khorokhorin, who at one time hacked Internet providers and even the Israeli bank Discount for fun, knew this very well. Now Max Butler understood this too.

At the end of 2000, the script, having quarreled with the Carder Org admin, creates his own store with the same name together with Batby, but on the .Ru domain. Cards.Ru quickly gain popularity not without the help of the popular Hacker magazine, articles from those years are banned by RKN, but the web archive carefully stores the guys' posts to this day. At some point, the script decides to temporarily suspend the project in order to restart on a new domain, raising the bar a little.

So in the spring of 2001, a carders' meeting was held in one of the restaurants in the Ukrainian city of Odessa. There were about 150 of them, all of them Russian-speaking cybercriminals and all of them were united by a common goal - to discuss the launch of a revolutionary website of its kind. Roman Vega was noticed at the meeting, at that time he was 37 years old, he had his own platform Boa Factory, where he traded counterfeit documents and credit card dumps.

I will leave links to an interview with him on Sergey Pavlovich's channel "People Pro". In June 2001, the result of the Odessa meeting was announced "Creation of an international alliance of carders" or simply carderplanet.com - a strictly organized rethought resource that will serve the entire post-Soviet space.

While Counterfeit Library was a Boa Factory-backed forum, not a fancy shop, Carder Planet was a brutally disciplined online marketplace. Script and Betby had created a strict hierarchy, modeled on the Italian mafia, so that each forum member had a role to play. For example, Sgoristo, a registered user.

Don, a member of the family, this title was the top of the Carder Planet hierarchy, it was worn by the script. Capa Biastoni, a friend of the family and the right hand of the godfather, in their case Don Scripta, Gabellotta, the supreme judge, the head of security, consigliere, the family's adviser on various important issues, Capo DiCappi, people who are entrusted with the mission of protecting and helping the family, Capo, reliable people who are listened to by the administration,

Juwan Donore, the moderator of the forum, Recife Vender, a person whose service has passed the administration's check.
Unresolved Vendor - former Receive Vendor, keen on providing poor quality services. If after 14 days the problems with clients were not resolved, the title went to Reaper. Well, Reaper was a scammer. Scum of Society - the scum of society.

Most often awarded for insulting moderators or forum participants. And finally, Woodpecker, a person who posts identical ads in different sections, asking stupid questions that interfere with the communication of other participants. Soon after the discovery of the planet, Roman Vega joined the site, he was known on the forum as Boa, he was famous for the quality of his dumps.

More and more Russian-speaking users flocked to the new site in order to offer their services or, perhaps, use someone else's, the list of which was extremely diverse and was replenished every day. Credit card numbers, of course, were the main hot commodity, but only at first, soon sellers appeared who specialized in selling FullInfo. The FullInfo service is a card number with the owner's name, address, social security number and mother's maiden name.

It cost about 30 bucks. Hacked eBay accounts cost about 20 dollars. Other sellers could sell counterfeit checks and money, or rent drop addresses in the United States. Where purchased goods will be delivered without fuss, and then forwarded to the scammer. The offers also included blank CR-80 plastic cards with a magnetic strip and encoders for recording dumps, also known as writers in carder slang.

For $500, you could buy 10 ID cards with one photo but different names. Absolutely anyone could register on Carder Planet, but in order to be able to sell their goods or services, a person had to pass a certain inspection. New sellers sometimes required confirmation from the script or a certain deposit, an emergency fund, which was used to pay those buyers who did not receive their goods or services after payment.

Sellers were required to inform the administration about upcoming vacations, protect buyers' personal data from hacker attacks, and respond to customer complaints. Rippers or simply scammers were banned, like any other seller who had 5 complaints from customers on their account. Soon after Carder Planet, another similar site appeared, but aimed at the English-speaking world – Shadow Crew.

In September 2002, a carder going by the name KIT brought in the big guns of Counterfeit Library to start his own business and emulate the success of the guys at Carder Planet. The news quickly spread through IRC chats, and by April 2003, Shadow Crew had 4,000 registered users. With a motto for those who like to play in the shadows, Shadow Crew was both a home college and an online supermarket, selling everything from How I Stole a Million to books that simply didn’t exist.

Their tutorials included lessons on how to use stolen credit card information, forge driver’s licenses, bypass security alarms, and muffle gunshots. Trusted sellers around the world could provide a variety of illicit goods and services.

Like Carder Planet, each product had its own specialists, and each new seller had to be vetted by a trusted member of the site before being allowed to sell. Disputes were resolved as quickly as possible. Administrators and moderators worked 24/7 to prevent possible scams and ban rippers in a timely manner.

Over time, trading expanded beyond data sales, and products such as ATM skimmers, manuals on how to make drugs at home, and services such as distributed denial-of-service attacks or DDoS for about $200, as well as custom malware to bypass antiviruses, began to appear on the site. A vendor called UbuyWeRush offered a wide range of devices for recording magnetic strips, as well as many things like receipt paper and ink cartridges for counterfeiting receipts.

Child pornography was strictly prohibited, and one degenerate who asked for permission to sell animal porn was laughed at by the entire community, but almost everything else on ShadowCrew was within the pale.

By this time, CarderPlanet had opened several forums for criminals from Asia, Europe, and the States, but it was Shadow Crew that became a true international marketplace where people from all walks of life could come and discuss their business. Max shared his discovery with Chris, and now they were both amazed and wondering how they hadn't stumbled upon these sites before. Chris quickly signed up for the forums and began studying them as if they were a printed textbook. He noticed that some things hadn't changed much since he tried his hand at carding in the 80s, but most had changed beyond recognition.

There was a time when fraudsters could literally get credit card numbers from trash or from prints on the drums of printing machines. Now mechanical printing is dead, Visa and MasterCard have banned printing full credit card numbers on checks, but even if you manage to get that serial number, it will not be enough to make a counterfeit card.

Now banks add a special code to the magnetic strip, something like a PIN code, but which is unknown even to the cardholder. The card verification code, or CVV code in common parlance, is a set of numbers obtained by extracting from other data on the card's magnetic strip, that is, mainly from the account number and expiration date, as well as from that secret code that only the bank knows. When a card is swiped through a POS terminal, the CVV code, along with other card data, is sent to the bank for verification. If the data does not match, the transaction is rejected. When the CVV code was first introduced, by Visa in 1992, the percentage of money lost to carding from all Visa transactions dropped from 0.18% to 0.15% in just one year.

The technology saved a lot of money in the 2000s, when phishing attacks became especially popular. Back then, spammers sent thousands of emails aimed at gullible users entering their credit card numbers on specially created fake bank pages.

But without the CVV code on the magnetic strip, which consumers did not even know about and therefore could not expose it in any way, these stolen numbers were useless in real cash registers. MasterCard followed Visa's example and introduced its own card security code, or CSC. In response, Visa rolled out CVV2 in 1998, another code that is now printed on the back of the card, with which you can safely pay for purchases online.

This further reduced the losses from fraud and made it possible to break the Great Wall of China between online and offline carding. Accounts stolen through phishing sites could only be used online, and conversely, magnetic stripe data could only be used offline, since the carder did not have the CVV2 code.

By 2002, security measures had turned raw magnetic stripe data into one of the most valuable commodities on the illegal market. Hackers began breaking into transaction processing systems, but the easiest way for a smart hacker to steal credit card data was to hire a similarly money-hungry restaurant employee and equip him with a pocket skimmer, a magnetic stripe-reading device with built-in memory.

About the size of a lighter and easily concealed in a fast food worker’s apron pocket, a skimmer can store hundreds of cards’ worth of data in its memory, which can then be easily scanned via a USB port by simply swiping the customer’s card through the device. In the 2000s, criminals began targeting major cities across the United States.

They would recruit even more waiters and travel from city to city offering small profits, typically $10 for a single swipe. Gas station managers and retail workers could also pitch in and make some extra cash. All that was required was to install tiny skimmer boards into portable terminals and point-of-sale terminals.

Some of the data would be used locally, but much of it was sent to Eastern Europe, where the dumps would be sold in the tens, hundreds, or even thousands at a time. Each dump typically contained just two lines of text, one for each track on the magnetic stripe. Rarely could you see a third track in a dump, but it was of no value and was simply ignored by carders.

For example, if the card was issued by Citibank jointly with American Airlines, then the third track stored information about the accumulated miles. A dump cost about $20 for a standard card, $50 for a gold card, and $80 to $100 for a corporate card with a high limit. Chris decided to take up carding again, he immediately realized that Script, the godfather of carder planets, was one of the most reliable sources of dumps in the world.

He paid a Ukrainian $800 for a pack of 20 Visa Classic cards and gave another $500 for everyone's favorite MSR206 encoder. Once the shoebox-sized encoder was connected to his computer and the necessary software was installed, Chris could take an anonymous Visa gift card or one of his credit cards and write one of the script dumps to it by swiping the card through the device just twice.

With the rewritten card in his pocket, Chris walked around the local video game store, Blockbuster, and a few other stores in his area, watching the cashiers' behavior when paying with a credit card. Simply buying with someone else's card may be the easiest way to commit fraud, but it has its limitations. After walking around various shops, Chris concluded that buying electronics or expensive clothes is not an easy task.

Upscale stores have their own special precautions. For example, the cashier carries the last 4 digits of the card number, and if they do not match, the terminal will not accept the card. Or, even worse, the seller can easily call the cops. The rewritten card was only good in places where employees wouldn't touch the card, like gas stations, pharmacies, or supermarkets. Chris headed to a supermarket near his home.
He loaded the cart to the brim, walked up to the cash register, swiped the cards, and a moment later the cash register display flashed approval. And somewhere in America, an unsuspecting citizen had just paid 400 bucks for groceries. Chris clearly saw the outline of a new business plan, he would assemble a team with which they would be able to sell plastic in huge quantities. He

only needed to stock up on dumps, and then it dawned on him why he should spend money on dumps if he had Max Butler. "Max, get me dumps. That's where the real money is," Chris said. The next day, Max already had a clear understanding of where he would borrow them, and most importantly, from whom. Everything was simple, thousands of potential sources were on the surface of Carder Planet and Shadow Crew. Those same carders who literally just yesterday tore themselves away from their mother's tit, having smelled the taste of easy money, decided to play Cybercrime.

On the hacker you can find articles by Roman Vega with a reference to the planet, these are some tutorials, something like a guide to the world of carding, most likely paid for by the planet itself. The goal is quite clear - to drive as many people as possible into carding, and therefore interest potential buyers of dumps.

Naturally, those same carders did not have knowledge of computer security, which means it would be much easier to hack them than the Pentagon. He began by choosing a weapon, which was the elegant Trojan Bay Frost, which was already walking around the Internet. Max slightly modernized it so that it was not detected by antiviruses. When the program became invisible to each of the antiviruses, Max moved on to the next step - collecting ICQ numbers and e-mail addresses of carders from open forums, combining thousands of records into a database.

Then, on behalf of a well-known supplier of Hammer 911 dumps, he sent the same message to all victims. It said that Hammer 911 had acquired a large number of American Express credit card dumps that he could use or sell, so he decided to just give some of them away.

The letter contained a link that said "Click here to get a free American Express dump." When the potential victim clicked on the link, a page with a list of fake dumps opened in front of him, and invisible code on the site already used a vulnerability in the new Internet Explorer. The exploit used a feature of Internet Explorer, it could process not only websites. In 1999, Microsoft added support for a new file type called HTA, HTML Application.

This is a file written in the same script markup language, but which allows various actions to be performed on the user's computer, which ordinary sites would never be able to do. For example, creating or deleting files, or executing arbitrary commands. The idea was to allow developers in the already well-worn field of web programming to use their skills to create full-scale desktop applications.

The developers of Internet Explorer understood that an HTML application can become a dangerous tool in the hands of a skilled person, and therefore the application is not launched directly from the Internet, but only from the user's hard drive, in theory. In practice, Microsoft left a hole in how the browser views content on a web page. The thing is, many sites contain Object tags, these are simple instructions that tell the browser where to get content from another site, usually movies or music.

But it turned out that in exactly the same way it was possible to load an HTML application and force the browser to execute it, Max just had to disguise it a little. While the naive carders were drooling over the American Express dumps, an invisible Object tag launched a malicious HTML application that Max had written specifically for this occasion. It is important to note that Max had specified the file extension as txt, a superficial indication that it was a regular text file, but this was enough for the Internet Explorer to consider it harmless and launch it.

However, when the browser began downloading the file, Max's server changed the type of the transferred file to hta, which now identifies it as an HTML application. In essence, the server changed the download history, first presenting the file as a harmless text file for the browser's security check, and then correctly identifying it as hta when it came time for the browser to decide how to interpret the file.

The carders swooped down on Max's infected page like hungry piranhas, hundreds of machines came into his possession, and he began rummaging through the scammers' hard drives at random. He was surprised how little time it took. Most of his victims bought small batches of dumps, 10-20 pieces, sometimes even less, but there were many of them and it still allowed Max to steal about 10 thousand dumps.

Max forwarded the dumps to Reece and did not hesitate to save other valuable data of his victims, if any were found. He managed to find details about their fraud, stolen personal data, passwords, mailing lists used in phishing schemes, several real names, photographs, as well as email addresses, ICQ addresses of their friends.

In short, pretty useful information for future attacks. With one well-thought-out trick, Max had infiltrated the carder ecosystem without anyone noticing. It was the beginning of something bigger, he was an invisible burglar, living off what he could extract from the illegal economy of plastic sellers. The carders, in turn, could not call the cops, and Max's anonymous Internet connections and other precautions thwarted the carders' attempts to hack him.

Having assessed the file extension as safe, the Internet Explorer no longer double-checked this and took TXT as truth, it simply launched Max's html application instead of web pages. The HTML application was a script written in Visual Basic that launched a decoy program on the victim's computer. Max called the file hope. Hope was Charity's middle name. The program, in turn, downloaded and installed a modified Bifrost neighborhood. This is how Max took over the carders' computers.

It didn't take long for Max to realize that not all carders were what they seemed at first glance. The target was in Santa Ana. After logging into her computer, Max started digging around in the hard drive using a backdoor and immediately realized that something was wrong. The computer was running a program called Camtasia, which recorded everything that was happening on the screen. Why would a carder record his desktop, Max thought.

He continued to examine the hard drive, and soon his suspicions were confirmed. The drive was literally crammed with FBI reports. Some of the files contained information that the agent had an informant who provided dirt on Script, the leader of the carder planets from whom Chris bought his first dumps. This meant that the planet was being watched by the feds, with whom Max had old personal scores to settle.