[HN Gopher] 'The Manipulaters' improve phishing, still fail at o...
___________________________________________________________________
'The Manipulaters' improve phishing, still fail at opsec
Author : todsacerdoti
Score : 65 points
Date : 2024-04-03 13:21 UTC (9 hours ago)
(HTM) web link (krebsonsecurity.com)
(TXT) w3m dump (krebsonsecurity.com)
| bediger4000 wrote:
| Great article. Krebs serves the story with a dose of judgement:
|
| > these nitwits still fail spectacularly at hiding their illegal
| activities
|
| Seems to me that part of what makes a global internet hazardous
| is the it is fully connected in a graph theory sense. Every
| clinical sociopath can reach every other person on earth.
| lupire wrote:
| One person's nitwit is a other person's successful
| cybercriminal.
| tonnydourado wrote:
| From the story, I wouldn't call them successful =P
| andrewflnr wrote:
| Successful enough to be at it for a long time, and to keep
| making money. Successful enough to keep causing harm.
| bryanrasmussen wrote:
| The problem with engaging in an ongoing criminal enterprise
| is that if you fuck up once you lose, whereas people can
| fuck up normal businesses for years at a time.
| jstarfish wrote:
| > part of what makes a global internet hazardous is the it is
| fully connected in a graph theory sense.
|
| Nah, the bigger problem is that you can reach victims, but the
| long arm of their law enforcement can't reach _you_.
|
| You don't need OPSEC when you're judgment-proof. You can
| operate in plain sight since nobody can do anything to you.
| RajT88 wrote:
| This. EuroPol/FBI have no jurisdiction in Pakistan. As long
| as they don't target victims in their own country, they are
| most likely able to act with impunity.
| mikeyouse wrote:
| Russia, China, and North Korea too -- at least two of those
| have tacit if not open approval to target Westerners. I get
| the sense that PRC is more constrained and less willing to
| suffer the consequences of hosting random hackers but
| Russia especially is just lawless as long as they're not
| targeting Russians.
| MR4D wrote:
| Yeah, but it's an acyclic graph. :(
| Terr_ wrote:
| Hmm, I'm not sure about "acyclic", since maybe victims _can_
| impose _some_ kind of retaliation on a scammer /spammer, but
| the path back is either a much weaker link or involves more
| hops that lose strength.
|
| So maybe it's about comparing _flow_? Maybe the aggregate
| (sum? average) of flow along paths they can use to harm a
| victim are stronger than the reverse that a victim can use to
| fight back.
|
| Is there a discrete-math term for that? Delta of inversed
| maximum flow something something?
___________________________________________________________________
(page generated 2024-04-03 23:01 UTC)