Darknet Diaries

Oct 27 2020 48 mins 58k

Explore true stories of the dark side of the Internet with host Jack Rhysider as he takes you on a journey through the chilling world of hacking, data breaches, and cyber crime.










75: Compromised Comms
Sep 29 2020 37 mins  
From 2009 to 2013 the communication channels the CIA uses to contact assets in foreign countries was compromised. This had terrifying consequences. Guests this episodes are Jenna McLaughlin and Zach Dorfman. Sponsors This episode was sponsored by IT Pro TV. Get 65 hours of free training by visiting ITPro.tv/darknet. And use promo code DARKNET25. This episode was sponsored by Thinkst Canary. Their canaries attract malicious actors in your network and then send you an alert if someone tries to access them. Great early warning system for knowing when someone is snooping around where they shouldn’t be. Check them out at https://canary.tools. View all active sponsors. Sources https://finance.yahoo.com/news/cias-communications-suffered-catastrophic-compromise-started-iran-090018710.html Video: Fostering Bipartisanship in Intelligence Oversight CNAS2019 https://www.mcclatchydc.com/news/nation-world/national/article28348576.html https://foreignpolicy.com/2018/08/15/botched-cia-communications-system-helped-blow-cover-chinese-agents-intelligence/ https://www.nytimes.com/2017/05/20/world/asia/china-cia-spies-espionage.html https://www.nytimes.com/2018/01/17/world/asia/jerry-lee-cia-china-mole-hunt-suspect.html https://news.yahoo.com/cia-fix-communications-system-left-trail-dead-agents-remains-elusive-100046908.html https://www.washingtonpost.com/archive/sports/1988/03/21/cuban-defector-impeaches-cia-spies/10cec17c-076b-4867-96c5-628b8435a852/ https://en.wikipedia.org/wiki/Aldrich_Ames Attribution Darknet Diaries is created by Jack Rhysider. Research assistance this episode from Yael Grauer.


74: Mikko
Sep 15 2020 71 mins  
Poker is a competitive game. Unlike other casino games, poker is player vs player. Criminal hackers have understood this for a while and sometimes hack the other players to get an edge. And that small edge can result in millions of dollars in winnings. This episode contains a story from Mikko Hypponen of F-Secure. We also interview Mikko to know more about him and the history of malware. Sponsors This episode was sponsored by IT Pro TV. Get 65 hours of free training by visiting ITPro.tv/darknet. And use promo code DARKNET25. This episode was sponsored by Thinkst Canary. Their canaries attract malicious actors in your network and then send you an alert if someone tries to access them. Great early warning system for knowing when someone is snooping around where they shouldn’t be. Check them out at https://canary.tools. Sources https://www.cardplayer.com/poker-news/18318-wsop-bracelet-winner-jailed-for-web-poker-cheating https://forumserver.twoplustwo.com/29/news-views-gossip/my-unbelievable-ept-barcelona-story-hotel-rooms-arts-barcelona-broken-into-plant-trojans-1369171/ Mikko’s research on bypassing hotel room keys https://archive.f-secure.com/weblog/archives/00002647.html https://pokerfuse.com/news/live-and-online/more-stories-of-tampered-laptops-emerge-in-wake-of-ept-barcelona-scam-24-09/ https://forumserver.twoplustwo.com/showpost.php?p=40050535&postcount=410 https://forumserver.twoplustwo.com/showpost.php?p=40099537&postcount=794 https://igaming.org/poker/news/danish-former-high-stakes-pro-reported-to-police-for-massive-fraud-1602/ https://nyheder.tv2.dk/krimi/2019-12-02-dansk-pokerspiller-far-konfiskeret-26-millioner-kroner https://www.flushdraw.net/news/peter-jepsen-verdict-a-mixed-victory-for-poker-justice/ https://www.bankrollmob.com/poker-news/2019123/danish-poker-pro-sentenced-jail-cheating-others-online-poker Video: Peter Jepsen talks about an attempted hack on him https://www.sijoitustieto.fi/comment/29593#comment-29593 https://forumserver.twoplustwo.com/29/news-views-gossip/sad-conclusion-my-barcelona-incident-1397551/ Video: Brain Searching for the first PC virus in Pakistan https://archive.org/details/malwaremuseum










69: Human Hacker
Jul 07 2020 66 mins  
We all know that computers and networks are vulnerable to hacking and malicious actors, but what about us, the humans who interface with these devices? Con games, scams, and strategic deception are far older than computers, and in the modern era, these techniques can make humans the weakest link in even the most secure system. This episode, security consultant and master social engineer, Christopher Hadnagy, joins us to share his stories and wisdom. He describes what it was like to be a social engineer before the world knew what social engineering was and tells some of his amazing stories from his long career in penetration testing. A big thanks to Christopher Hadnagy from social-engineer.org for sharing his stories with us. Check out his book Social Engineering: The Science of Human Hacking, affiliate link here. Check out his podcast called The Social-Engineer podcast. Sponsors This episode was sponsored by Thinkst Canary. Their canaries attract malicious actors in your network and then send you an alert if someone tries to access them. Great early warning system for knowing when someone is snooping around where they shouldn’t be. Check them out at https://canary.tools. Support for this episode comes from LastPass. LastPass is a great password manager but it can do so much more. It can setup 2FA for your company, or use it to monitor what your users are doing in the network. Visit LastPass.com/Darknet to start your 14 day free trial. Sources https://www.social-engineer.org/ How phishing scammers manipulate your amygdala and oxytocin TEDxFultonStreet DEF CON 22 - Chris Hadnagy - What Your Body Tells Me - Body Language for the SE https://en.wikipedia.org/wiki/George_C._Parker Book Recommendations with affiliate links: Social Engineering Influence What Every Body is Saying Emotions Revealed Presence It’s Not About “Me”, Top 10 Techniques for Building Rapport


68: Triton
Jun 23 2020 75 mins  
A mysterious mechanical failure one fateful night in a Saudi Arabian chemical plant leads a cast of operational technology researchers down a strange path towards an uncommon, but grave, threat. In this episode, we hear how these researchers discovered this threat and tried to identify who was responsible for the malware behind it. We also consider how this kind of attack may pose a threat to human life wherever there are manufacturing or public infrastructure facilities around the world. A big thanks to Julian Gutmanis, Naser Aldossary, Marina Krotofil, and Robert M. Lee for sharing their stories with us. Sponsors This episode was sponsored by IT Pro TV. Get 65 hours of free training by visiting ITPro.tv/darknet. And use promo code DARKNET25. This episode was sponsored by Linode. Linode supplies you with virtual servers. Visit linode.com/darknet and when signing up with a new account use code darknet2020 to get a $20 credit on your next project. Sources https://www.fireeye.com/blog/threat-research/2019/04/triton-actor-ttp-profile-custom-attack-tools-detections.html https://www.fireeye.com/blog/threat-research/2017/12/attackers-deploy-new-ics-attack-framework-triton.html https://www.fireeye.com/blog/threat-research/2018/10/triton-attribution-russian-government-owned-lab-most-likely-built-tools.html https://dragos.com/wp-content/uploads/TRISIS-01.pdf Video S4 TRITON - Schneider Electric Analysis and Disclosure Video S4 TRITON - Mandiant Analysis at S4x18 Video S4 TRITON - Reverse Engineering the Tricon Controller by Dragos Video S4 TRITON - A Report From The Trenches Video - Safety Orientation video for the Chemical Plant







65: PSYOP
May 12 2020 73 mins  
PSYOP, or “Psychological Operations”, is something the US military has been doing to foreign audiences for decades. But what exactly is it? And what’s the difference between white, gray, and black PSYOP missions? We talk to PSYOP specialists to learn more. Thanks to Jon Nichols for telling us about this fascinating world. Sponsors Support for this episode comes from LastPass. LastPass is a great password manager but it can do so much more. It can setup 2FA for your company, or use it to monitor what your users are doing in the network. Visit LastPass.com/Darknet to start your 14 day free trial. Support for this episode comes from Blinkist. They offer thousands of condensed non-fiction books, so you can get through books in about 15 minutes. Check out Blinkist.com/DARKNET to start your 7 day free trial and get 25% off when you sign up. Sources https://www.democracynow.org/2006/3/24/the_psyops_war_a_look_at https://en.wikipedia.org/wiki/Lincoln_Group https://www.goarmy.com/careers-and-jobs/special-operations/psyop/psyop-mission.html# https://en.wikipedia.org/wiki/Operation_Wandering_Soul_(Vietnam_War) https://en.wikipedia.org/wiki/Torches_of_Freedom http://cgsc.contentdm.oclc.org/cdm/ref/collection/p16040coll3/id/182 https://archive.org/details/PropagandaAudiobook/Propaganda+Chapter+01.mp3 https://www.newsweek.com/us-military-gets-mysterious-and-false-text-message-evacuate-korean-peninsula-669875 https://www.cbinsights.com/research/future-of-information-warfare/ https://en.wikipedia.org/wiki/National_Defense_Authorization_Act_for_Fiscal_Year_2013#Smith%E2%80%93Mundt_Modernization_Act_of_2012 Videos Vietnam War Ghost Audio Tape used in PSYOPS ‘Wandering Soul’ Jon Nichols Part 0 - Unallocated Spaces Talk on Russian Propaganda Cyber-Influence: Cyberwar and Psychological Operations WWII Psych Ops MISO Marines broadcast important information to Afghans The War You Don’t See Edward L. Bernays interview, 1986-10-23 As it fights two wars, the Pentagon is steadily and dramatically increasing money spent on propaganda




63: w0rmer
Apr 14 2020 58 mins  
The hacker named w0rmer was active within AnonOps. These are Anonymous Operations which often organize and wage attacks on websites or people often with the purpose of social justice. Eventually w0rmer joined in on some of these hacking escapades which resulted in an incredible story that he will one day tell his kids. Thanks to w0rmer for telling us your story. Sponsors This episode was sponsored by IT Pro TV. Get 65 hours of free training by visiting ITPro.tv/darknet. And use promo code DARKNET25. Support for this episode comes from LastPass. LastPass is a great password manager but it can do so much more. It can setup 2FA for your company, or use it to monitor what your users are doing in the network. Visit LastPass.com/Darknet to start your 14 day free trial. SourcesArchived Tweets Feb 7, 2012 Twitter user @Anonw0rmer posts “@MissAnonFatale I managed to pwn1 a site , get my papers , find my required primary IDS , yeah baby, i deservers em :)” Feb 8, 2012 1:17 AM, Twitter user @Anonw0rmer posted, “ROFL! WaS that us? https://www.wvgazettemail.com/news/legal_affairs/hackers-group-posts-police-chiefs-information-online/article_77f79fd5-f76f-5825-ae19-43a398361fdf.html o yeah oops #OpPigRoast #CabinCr3w” Feb 9, 2012 12:35 AM, Twitter user @Anonw0rmer posted, “DB Leak http://dps.alabama.gov https://pastehtml.com/view/bnik8yo1q.html”. The bottom of this post originally showed this NSFW image. Feb 9, 2012 at 8:42 PM, Twitter user @Anonw0rmer posted, “Mobile Alabama Police Criminal Record Database Logins Failing To Protect And Serve I Via @ItsKahuna I http://pastehtml.com/view/bnmjxxgfp.html #OpPiggyBank.” Feb 9, 2012 at 8:39 PM, Twitter user @CabinCr3w posted, “Texas Dept. of safety Hacked By @AnonWOrmer for #OpPiggyBank http://bit.ly/x1KH5Y #CabinCr3w #Anonymous” Bottom of pastebin also shows a woman holding a sign saying “We Are ALL Anonymous We NEVER Forgive. We NEVER Forget.









59: The Courthouse
Feb 18 2020 88 mins  
In this episode we hear from Gary and Justin. Two seasoned penetration testers who tell us a story about the time when they tried to break into a courthouse but it went all wrong. Sponsors This episode was sponsored by Detectify. Try their web vulnerability scanner free. Go to https://detectify.com/?utm_source=podcast&utm_medium=referral&utm_campaign=DARKNET This episode was sponsored by IT Pro TV. Get 65 hours of free training by visiting ITPro.tv/darknet. And use promo code DARKNET25. Support for this episode comes from Blinkist. They offer thousands of condensed non-fiction books, so you can get through books in about 15 minutes. Check out Blinkist.com/DARKNET to start your 7 day free trial and get 25% off when you sign up. Sources https://arstechnica.com/information-technology/2019/11/how-a-turf-war-and-a-botched-contract-landed-2-pentesters-in-iowa-jail/ https://krebsonsecurity.com/2020/01/iowa-prosecutors-drop-charges-against-men-hired-to-test-their-security/ https://www.coalfire.com/News-and-Events/Press-Releases/Coalfire-CEO-Tom-McAndrew-statement https://www.desmoinesregister.com/story/news/crime-and-courts/2019/10/10/iowa-supreme-court-justice-cady-policies-courthouse-break-ins-senate-polk-dallas-burglary-ia-cyber/3930656002/ https://www.desmoinesregister.com/story/news/crime-and-courts/2019/09/19/iowa-state-senator-calls-oversight-committee-investigate-courthouse-break-ins-crime-polk-dallas/2374576001/ https://www.desmoinesregister.com/story/news/crime-and-courts/2019/10/28/iowa-courthouse-break-ins-men-security-firm-plead-not-guilty-trespassing/2488314001/ https://www.desmoinesregister.com/story/news/crime-and-courts/2019/10/30/courthouse-break-in-ceo-cyber-security-coalfire-charges-dropped/4097354002/ https://www.desmoinesregister.com/story/news/crime-and-courts/2020/01/30/courthouse-break-ins-charges-dropped-against-coalfire-employees/4611574002/





























































































































5 • 24 Ratings

Stephen D. Marti Sep 01 2020
I Have Learned A Lot From Jack and This Podcast...

friend11y Sep 01 2020
Wow. What an insightful podcast. Highly recommended if your interested in computers, hacking and internet.






Alon Aug 25 2020
Absolutely amazing. Fascinating stories and fantastic story-telling by Jack Rhysider. A must-listen to anyone in the tech industry.

Brave free World Aug 24 2020
Darknet Diaries is the best infosec podcast. Can be followed by non technical listenets.

SuperNick Aug 07 2020
Fascinating and great combo of storytelling & interviews. Absolutely love geeking out to this podcast!

waterfif Aug 04 2020
Awesome, well researched podcast

Ming3r Jul 27 2020
Love it. Educational, entertaining, and lots of stories about pentesting

merijn.xyz Jul 01 2020
Very good real stories from "The dark side of the Internet", about hacking, the person's behind the hacks, crime fighting on the dark net, behind anonymous, etc.

Crofty333 Jun 18 2020
Very interesting and eye opening into thing that you dont know are going on all around everyone all the time.

Chris Campbell Jun 12 2020
Great storytelling about true events






Scott Johnson Jun 12 2020
The Big House - what an incredible story, on multiple levels. Jack hits a home run again.

Eudes Jun 04 2020
Very interesting and fun

DivaythFyr Jun 03 2020
Best InfoSec podcast out there. Easily in the top 10 podcasts.

Coihue May 21 2020
Excelent! Cheers from Argentina!

Flexdream May 11 2020
Better than fiction, a gripping real life tale of intercept, intrigue and death.

matoval May 01 2020
Best infosec podcast out there!

Schulzy Apr 27 2020
Amazing podcast. The story telling is superb.

Alex Apr 17 2020
Fantastic podcast, very detailed and exciting.






Tiim Apr 15 2020
The best podcast, not only security related but overall. Thank you Jack Rhysider for the great listening experience every episode.

Eldaly Apr 14 2020
Since I started to listen to this podcast I learned so much. Thank you for bringing things so clear and understandable.

Aki Apr 12 2020
Easily in the top10 podcasts of all time. Very informative and well presented.

dg Apr 12 2020
Love the topics, and the way Jack explains the details... It's so accessible I've even got my very non-technical partner enjoying the stories.

IListenToMuch Apr 12 2020
The best cyber security podcast.

pockets6794 Apr 06 2020
Absolutely the best cyber security based podcast. Well narrated and explained so even people not in the field can follow and enjoy. Absolutely love this one.