[memleak]

I understand doxing people is not allowed which is a great rule.
I'm wondering if we can talk about how certain people were caught, so that the community can learn from these experiences.
The name's aren't relevant, but the way they were discovered, I think would be useful for the community. Would love to hear the opinion on a mod.

[DredgenSun]

I guess this kinda info is okay, you'll mostly find it in articles I'd imagine...

[memleak]

I guess this kinda info is okay, you'll mostly find it in articles I'd imagine...

Yes exactly, all information is public/online and people have spoken about it.

[DredgenSun]

I guess this kinda info is okay, you'll mostly find it in articles I'd imagine...

Yes exactly, all information is public/online and people have spoken about it.

I'd like to know on the intricarices of how hackers etc get caught, I'd imagine 9/10 times, it's poor OPSEC

[memleak]

I guess this kinda info is okay, you'll mostly find it in articles I'd imagine...

Yes exactly, all information is public/online and people have spoken about it.

I'd like to know on the intricarices of how hackers etc get caught, I'd imagine 9/10 times, it's poor OPSEC

That is the usual case. It's one of those things where, looking back, you can almost always say it's bad OPSEC because they got caught. What many people don't understand is how to threat model correctly (or complete lack there of), which gets them caught up. They start growing, and never re-invest in adding addition security measures and such. And when they start something, they don't properly set up their operations.

There are a massive amount of lessons in how hackers are caught. LE will try to catch hackers in simple ways, but if they are unable to, depending on how notorious the hacker or group are, they will use other methods to catch them, such as working in collaboration with VPN providers, Tor de-anonymization techniques, and other complicated ways. The biggest difficult for LE is not determining who the hackers are, but proving it court and burning their way of catching the next hacker. Each court document will list what LE did to apprehend the person, and how they figured out who they were. In the case of Lulzsec and older hacker groups, LE worked with HideMyAssVPN who gave over connection logs. For vigilant hackers who then read the court documents, they know now to not use HideMyAss.

Prior to LE releasing this information, they have to make a conscious decision that if they release to the court that they used this particular method to catch this hacker, it could mean all the other hackers could adjust and become more difficult to be caught. Whether switching VPN providers, or going dark completely and recreating a new identity.

So one of my hobbies I have, is when someone gets arrested, read about how they were caught. Usually it's something silly, but sometimes, it's some new technique where people should change or adjust their strategy.

[DredgenSun]

I guess this kinda info is okay, you'll mostly find it in articles I'd imagine...

Yes exactly, all information is public/online and people have spoken about it.

I'd like to know on the intricarices of how hackers etc get caught, I'd imagine 9/10 times, it's poor OPSEC

That is the usual case. It's one of those things where, looking back, you can almost always say it's bad OPSEC because they got caught. What many people don't understand is how to threat model correctly (or complete lack there of), which gets them caught up. They start growing, and never re-invest in adding addition security measures and such. And when they start something, they don't properly set up their operations.

There are a massive amount of lessons in how hackers are caught. LE will try to catch hackers in simple ways, but if they are unable to, depending on how notorious the hacker or group are, they will use other methods to catch them, such as working in collaboration with VPN providers, Tor de-anonymization techniques, and other complicated ways. The biggest difficult for LE is not determining who the hackers are, but proving it court and burning their way of catching the next hacker. Each court document will list what LE did to apprehend the person, and how they figured out who they were. In the case of Lulzsec and older hacker groups, LE worked with HideMyAssVPN who gave over connection logs. For vigilant hackers who then read the court documents, they know now to not use HideMyAss.

Prior to LE releasing this information, they have to make a conscious decision that if they release to the court that they used this particular method to catch this hacker, it could mean all the other hackers could adjust and become more difficult to be caught. Whether switching VPN providers, or going dark completely and recreating a new identity.

So one of my hobbies I have, is when someone gets arrested, read about how they were caught. Usually it's something silly, but sometimes, it's some new technique where people should change or adjust their strategy.

So your MO is pretty much 'Witness, Adapt, survive'

I mean, yeah... There's ALWAYS a lesson in failure,

[phillybilly]

I guess this kinda info is okay, you'll mostly find it in articles I'd imagine...

Yes exactly, all information is public/online and people have spoken about it.

I'd like to know on the intricarices of how hackers etc get caught, I'd imagine 9/10 times, it's poor OPSEC

Agree, poor OPSEC.

[DredgenSun]

I guess this kinda info is okay, you'll mostly find it in articles I'd imagine...

Yes exactly, all information is public/online and people have spoken about it.

I'd like to know on the intricarices of how hackers etc get caught, I'd imagine 9/10 times, it's poor OPSEC

Agree, poor OPSEC.

Lessons learned; Better OPSEC

[memleak]

I guess this kinda info is okay, you'll mostly find it in articles I'd imagine...

Yes exactly, all information is public/online and people have spoken about it.

I'd like to know on the intricarices of how hackers etc get caught, I'd imagine 9/10 times, it's poor OPSEC

That is the usual case. It's one of those things where, looking back, you can almost always say it's bad OPSEC because they got caught. What many people don't understand is how to threat model correctly (or complete lack there of), which gets them caught up. They start growing, and never re-invest in adding addition security measures and such. And when they start something, they don't properly set up their operations.

There are a massive amount of lessons in how hackers are caught. LE will try to catch hackers in simple ways, but if they are unable to, depending on how notorious the hacker or group are, they will use other methods to catch them, such as working in collaboration with VPN providers, Tor de-anonymization techniques, and other complicated ways. The biggest difficult for LE is not determining who the hackers are, but proving it court and burning their way of catching the next hacker. Each court document will list what LE did to apprehend the person, and how they figured out who they were. In the case of Lulzsec and older hacker groups, LE worked with HideMyAssVPN who gave over connection logs. For vigilant hackers who then read the court documents, they know now to not use HideMyAss.

Prior to LE releasing this information, they have to make a conscious decision that if they release to the court that they used this particular method to catch this hacker, it could mean all the other hackers could adjust and become more difficult to be caught. Whether switching VPN providers, or going dark completely and recreating a new identity.

So one of my hobbies I have, is when someone gets arrested, read about how they were caught. Usually it's something silly, but sometimes, it's some new technique where people should change or adjust their strategy.

So your MO is pretty much 'Witness, Adapt, survive'

I mean, yeah... There's ALWAYS a lesson in failure,

I think if you're doing something where people are looking for you, and you aren't adapting, the only question is, how soon will you get caught.

[DredgenSun]

Yes exactly, all information is public/online and people have spoken about it.

I'd like to know on the intricarices of how hackers etc get caught, I'd imagine 9/10 times, it's poor OPSEC

That is the usual case. It's one of those things where, looking back, you can almost always say it's bad OPSEC because they got caught. What many people don't understand is how to threat model correctly (or complete lack there of), which gets them caught up. They start growing, and never re-invest in adding addition security measures and such. And when they start something, they don't properly set up their operations.

There are a massive amount of lessons in how hackers are caught. LE will try to catch hackers in simple ways, but if they are unable to, depending on how notorious the hacker or group are, they will use other methods to catch them, such as working in collaboration with VPN providers, Tor de-anonymization techniques, and other complicated ways. The biggest difficult for LE is not determining who the hackers are, but proving it court and burning their way of catching the next hacker. Each court document will list what LE did to apprehend the person, and how they figured out who they were. In the case of Lulzsec and older hacker groups, LE worked with HideMyAssVPN who gave over connection logs. For vigilant hackers who then read the court documents, they know now to not use HideMyAss.

Prior to LE releasing this information, they have to make a conscious decision that if they release to the court that they used this particular method to catch this hacker, it could mean all the other hackers could adjust and become more difficult to be caught. Whether switching VPN providers, or going dark completely and recreating a new identity.

So one of my hobbies I have, is when someone gets arrested, read about how they were caught. Usually it's something silly, but sometimes, it's some new technique where people should change or adjust their strategy.

So your MO is pretty much 'Witness, Adapt, survive'

I mean, yeah... There's ALWAYS a lesson in failure,

I think if you're doing something where people are looking for you, and you aren't adapting, the only question is, how soon will you get caught.

Plus people will always be of the mind 'It will never happen to me'