REAL Ransomware Chat Logs

Рет қаралды 15,780

Күн бұрын

jh.live/flare || Track down shady sellers, hunt for cybercrime, or manage threat intelligence and your exposed attack surface with Flare! Start a free trial and see what info is out there: jh.live/flare
Learn Cybersecurity with Just Hacking Training: justhacking.com
Learn Coding: jh.live/codecr...
Don't listen to other "influencer" VPN crap -- host YOUR OWN: jh.live/openvpn
WATCH MORE:
Dark Web & Cybercrime Investigations: • Tracking Cybercrime on...
Malware & Hacker Tradecraft: • Malware Analysis & Thr...
📧JOIN MY NEWSLETTER ➡ jh.live/email
🙏SUPPORT THE CHANNEL ➡ jh.live/patreon
🤝 SPONSOR THE CHANNEL ➡ jh.live/sponsor
🌎FOLLOW ME EVERYWHERE ➡ jh.live/twitter ↔ jh.live/linkedin ↔ jh.live/discord ↔ jh.live/instagram ↔ jh.live/tiktok
💥 SEND ME MALWARE ➡ jh.live/malware
🔥KZbin ALGORITHM ➡ Like, Comment, & Subscribe!

Пікірлер: 73

@AgentAsteriski 17 сағат бұрын

honestly, i'd totally believe that a ransomware team has better ui than many legit businesses, the bar is on the floor

@BillAnt 10 сағат бұрын

If companies would just invest in a good real-time incremental backup, none of this sh*t would be happening. Got infected? No problem, just roll it back by a couple of hours to the encrypted data. If have software monitoring any encryption taking place in real time.

@BillAnt 10 сағат бұрын

If companies would just invest in a real-time incremental backup, none of this sh*t would be happening. Got infected? No problem, just roll it back by a couple of hours to the encrypted data. If have software monitoring any encryption taking place in real time.

@billant2 10 сағат бұрын

@bobbyrandomguy1489 18 сағат бұрын

Man, that last convo was bizarre!! Interesting video.

@jmd489 14 сағат бұрын

Was clearly trying to talk him up to get more info out of them.

@bobbyrandomguy1489 10 сағат бұрын

@jmd489 yeah that's a good possibility. They just seemed like old friends or something lmfao

@billant2 10 сағат бұрын

If companies would just invest in a real-time incremental backup, none of this sh*t would be happening. Got infected? No problem, just roll it back by a couple of hours to the encrypted data. Or have monitoring software of any encryption taking place in real time.

@BillAnt 10 сағат бұрын

If companies would just invest in a real-time incremental backup, none of this sh*t would be happening. Got infected? No problem, just roll it back by a couple of hours to the encrypted data. Or have monitoring software of any encryption taking place in real time.

@TTVBretZ 20 сағат бұрын

I wonder how many of those are IT guys just fucking with them 😂

@logiciananimal 19 сағат бұрын

Or law enforcement doing a sting.

@robertgowdey 19 сағат бұрын

@@logiciananimal A sting how? It's all bitcoin and TOR.

@Oldladywithastick 19 сағат бұрын

@@robertgowdeyAs if bitcoin would be 100% anonymous

@logiciananimal 18 сағат бұрын

@@robertgowdey Delaying tactics by LE to track down where the bad guys are.

@BillAnt 10 сағат бұрын

@@logiciananimal - Probably drying on a highway with a burner phone. Tracking nowadays is really difficult with good opsec.

@balsalmalberto8086 18 сағат бұрын

I would watch of 24 hour stream of this with a Costco deluxe sized bag of popcorn

@CoolProveIt 11 сағат бұрын

"we have mcafee and symantec" and nothing prevented this :(" Peak.

@Bempus 16 сағат бұрын

Compliments goes a long way, if you're positive and kind you're more likely to buy more time (as shown in the conversation). There were never any hesitation from the hacker's side and the victims bought almost a month of time to try to solve the problem themselves. It might just have been a strategy from the victims.

@jmd489 14 сағат бұрын

this 100%

@darkshoxx 19 сағат бұрын

26:45 yeah it sounds like they exchanged phone numbers and started dating 😆. Man that was bizarre

@Alfred-Neuman 18 сағат бұрын

He finally found a service that offer a good customer support so that understandable... lol

@TylerRamsbey 19 сағат бұрын

Excellent stuff. Thanks sir!

@DVLANetwork 11 сағат бұрын

The company I work for got hit a few months ago and we never even contacted them. Don't negotiate with the criminals

@Walter_ 11 сағат бұрын

Yeah also: doing full backups from a nearly air sealed pc that uses SSH to login to the actual servers is nearly unbeatable. From compromising the entire network perspective you can only stop the backup from working, which you can set up to trigger an alarm, but they can't encrypt/delete the backup. Only problem left would be data leakage, idk how to solve that.

@stronglift1873 Сағат бұрын

Yes but some companies actually have costumers and work with data that would hurt them if it gets online. Then if you just ignore them, youre in an even bigger mess. Even if you have backups because they just gonna leak the data. And i dont know for sure who the real criminals are, the ones that do these attacks, or the ones that are supposed to keep our data safe but fail so for years and years and were getting slapped with data leak after data leak. If you run a company you should be liable if the data you are supposed to keep safe gets leaked

@mathewrogers5430 15 сағат бұрын

Hey John we need live KZbin session about this...awesome content

@sergeyvas123 17 сағат бұрын

I think important point was missed here. Where these resources gets the chats data from?

@p2l 17 сағат бұрын

could be leaked, there could be an insider or they were probably the person to start the chat

@layneburkhead3220 13 сағат бұрын

Overwriting memory is too complicated for a SOC analyst?

@alejandroalzatesanchez 8 сағат бұрын

The fact that also tells you how they hacked into your system is quite dystopian. :|

@ThrowawayAccountToComment 18 сағат бұрын

This would be reallly interesting to stream!

@OsmanFarid-e9m 20 сағат бұрын

it's very important video good job. John

@Miqueljuanserra 18 сағат бұрын

Alternative title for this video: "Just for laugh". Love it.

@Macj707 14 сағат бұрын

good stuff, crazy crazy crazy stuff.

@fearmaiden.21 11 сағат бұрын

I refuse to believe those guys are from IT, really!?

@jacquesduplessis6175 18 сағат бұрын

Cool video, some of those chats were really funny 😆

@justingolden87 10 сағат бұрын

Maybe last guy was complimenting to just buy time and had no interest in paying from get go?

@SmallGuyonTop 15 сағат бұрын

I received such a threat. I told them to prove they had my information by telling me the address where I am located. Crickets... You can't just Google me and find me. I am off the grid.

@Mario583a 10 сағат бұрын

Grizzly Adams, that you?

@darkshoxx 19 сағат бұрын

1:00 now to stop you right there for a second, (assuming this isn't answered later in the video). What ARE you supposed to do? What is the best call? Do I DO contact the police, other law-enforcement, cybersecurity companies, Huntress?

@logiciananimal 19 сағат бұрын

I would encourage your business, if you have one, to have a preexisting policy. IMO rewarding criminals is not a good idea and ignore the "No police warning". But talk to legal; they probably should have a lot to say here. For yourself, that's a bit more complicated.

@DarkForce2024 17 сағат бұрын

@@logiciananimal Right. That's what I've always wondered. Oh, your a criminal, I TOTALLY trust that you won't attack me again and you won't publish my data after I paid you. Do people actually believe that?

@darkshoxx 14 сағат бұрын

@@DarkForce2024 @logiciananiman I believe to remember from a conference talk that renowned hacker groups are actually guaranteed to hold their end of the deal. It sounds counterintuitive but they build a reputation as a group that will hold their end of the deal, therefore it makes sense to pay, because they have established that reputation. Similar to what John says at 3:25 about them having a business with a "good reputation". Not good as in "a lawful force of good in the world" but good reputation as in "is known to follow through"

@Shelleloch 14 сағат бұрын

@@DarkForce2024The last thing an enterprising ransomware writer wants to be known as is "the one that doesn't release follow through". If you don't follow through, you get one, maybe two payments before word gets out that you're not worth paying. The "release what is being held hostage" part is really the most important part of your job, and when you're scamming significantly sized businesses, you can't just hope that your victim will not tell every one of their corporate contacts about "the one not worth paying".

@HerEvilTwin 18 сағат бұрын

Super interesting and entertaining video. Would love a part 2

@CrittingOut 10 сағат бұрын

This is very interesting to see

@AnonymousPhucker 17 сағат бұрын

flare is also tip of horse junk which expands during the session

@LDowning0190 18 сағат бұрын

21:31 please live stream this one time!

@betterjesusofficial 15 сағат бұрын

Fascinating stuff more videos like this please

@Miglen 21 сағат бұрын

Pretty cool video JOhn :)

@testcss5329 15 сағат бұрын

Is it safe to access ransomware sites like John Hammond did?

@min3craftpolska514 10 сағат бұрын

Most likely yes unless you download shady programs.

@danielthompson3082 2 сағат бұрын

If I encrypt my information (with windows Bitlocker for example ), does that deny hackers access to the plaintext on its face? I know they can just get the encryption key, but how much more difficult would it be?