domingo, 3 de abril de 2016

How an community manager criminal believes is an "hacker"

Recently the news portal "Bloomberg" publish an article about: How to Hack an Election

This article talks about an "Great Colombian Hacker", he can manipulate any political campaign:

1- An man with an tattoo of a QR code that contains an encryption key at the back of the head.

2- On his nape are the words “</head>” and “<body>” stacked atop each other, dark riffs on coding.

3- For eight years, Sepúlveda, now 31, says he traveled the continent rigging major political campaigns. With a budget of $600,000, the Peña Nieto job was by far his most complex.

4- His services were extensive. For $12,000 a month, a customer hired a crew that could hack smartphones, spoof and clone Web pages, and send mass e-mails and texts. The premium package, at $20,000 a month, also included a full range of digital interception, attack, decryption, and defense.

5- As a child, he witnessed the violence of Colombia’s Marxist guerrillas. As an adult, he allied with a right wing emerging across Latin America.

6- He says he traveled for eight years across the continent manipulating the major political campaigns.

7- Manipulate social networks to create false feelings of enthusiasm.

8- Joined to "the right" starting in Latin America (on few words an "paramilitary")

Sepúlveda says the program has been able to identify recruiters ISIS minutes after creating Twitter accounts and start publishing and hopes to share information with the United States or other countries fighting the Islamist group.

10- he declares. "In any case I do illegal things", oh well, all this are not illegal (recording calls/sms, spam sms/email, phishing, defacement, ddos, spread spyware, etc ...)

Well all this points sounds an the new "Colombian Rambo", Hacker and Military guy, shit this guy is amazing, is my hero, oh await one sec WTF ???

It's funny how no one hacking group in the country/world, supports the knowledge of this guy, and people who have worked with he, always refer to him as one who is devoted to "talking".

Now let's put all this fancy on technical words and explain what it is and how it is done.

Social engineering: in the context of information security, refers to psychological manipulation of people into performing actions or divulging confidential information. A type of confidence trick for the purpose of information gathering, fraud, or system access, it differs from a traditional "con" in that it is often one of many steps in a more complex fraud scheme.

Phishing: is the attempt to acquire sensitive information such as user names, passwords, and credit card details (and sometimes, indirectly, money), often for malicious reasons, by masquerading as a trustworthy entity in an electronic communication.

Defacement: is an attack on a website that changes the visual appearance of the site or a webpage. These are typically the work of system crackers, who break into a web server and replace the hosted website with one of their own.

DDos: In computing, a denial-of-service (DoS) attack is an attempt to make a machine or network resource unavailable to its intended users, such as to temporarily or indefinitely interrupt or suspend services of a host connected to the Internet.

Well the "Hacker Sepúlveda" has a full name "Andrés Fernando Sepúlveda Ardila" with ID "80.851.062" and the brother has a full name "Luis Carlos Sepúlveda Ardila" with ID "91.523.017", you can download personal info about this guys HERE, the documentation and info are in original language "Spanish".

Analyzing the QR code, which contains an encryption key, according to the news portal "Bloomberg", i see some lies, this tattoo not match with the QR format, and really does not represent any encryption key, you can download the files HERE, this fake QR code has been created to deceive ordinary people who know absolutely nothing about QR codes, i used ZXing Decoder Online to test that.

Analyzing the words “</head>” and “<body>”, tattooed on the neck of this guy, when the portal news say "dark riffs on coding", really is not true, this words ar part of an markup language HTML(HyperText Markup Language), really is a language that is useless in itself, only lets you draw tables (<table> or <div>), breal line(<br>), tittle(<tittle>), paragraph(<p>), etc, etc, you can see an tutorial about this language HERE, well, the HTML language, without CSS, Javascript, Java (Applets), ActionScript (Flash), C# (Silverlight) really can't do nothing, and much less if these additional lenaguejes are not aimed at a webserice on a server on the Internet, the WebService can be writed on PHP, C#(ASP), Java(J2EE), Javascript(Node.JS), really this words is only other part his false image of "Great Hacker", who manipulate any political campaign.

The news portal too say "he traveled the continent rigging major political campaigns. With a budget of $600,000","His services were extensive. For $12,000 a month", we have a big problem with this lie, let us sum 600k USD per campaign, does not know the sea, he has not had, nor has a car, he lives in house rent and is reported in the central bank risk, oh well now undertand, how an guy with access to this lot money can have this problems ??? his brother talk about it in this video on youtube, the video are in original language "Spanish" "ANDRÉS SEPÚLVEDA: ¿EL ARCHIENEMIGO DE LA PATRIA?" - HERE

Sepulveda reveal who tried to obtain information from the FARC creating false identities on Facebook and by mail masquerading as supporters of the guerrilla group and contacting them in their social networks and email: "" with this method were accepted got his friend requests by the Ecuadorian journalist "Dax Toscano" and the guerrilla "Hermes Aguilar".

Since the information that exposes Sepulveda in videos posted was not secret and he did not have the training to intercept the bodies of the government, aircraft tech US or FARC, prosecutors point out that actually Sepulveda would have bought a package of 20 emails with their keys to "people in Havana, which is on the negotiating table". Information which paid only three of the eight million to be asked. In turn he would have been given a "base of demobilized guerrillas data obtained by a contact known as Torres in the COA, under the Ministry of Defence unit". To confirm these arguments appear about three videos where agents of the Metropolitan Police of Bogotá showing and handing a gun to Sepulveda who gave money in return would be revealed.

Sepulveda has had a behavior on social networks like a "script kiddie", everyone knowns that, much has been published about it.

Sepulveda has no university education, nor any experience in security or pentest, nor empirical experience.

It's not a security expert much less an ethical hacker, Too it's not an expert programmer and need to resort to aid the tutorials on YouTube and call for help GitHub, to perform tasks that are basic to an expert.

Yes, you have probably learned to handle some tools or some commands for BSD Terminal Mac or Perl or Python. They may have gotten even infect used by government actors, members involved in political campaigns or negotiations Havana devices. Still, it does not take an expert to buy a kit virus, design and implement a campaign and shooting attacks: by a not very expensive you can get very easy to use kits that bring instructions, automatic updates and support technical, any moron can do it, if you have money to pay.

"I really do not think he has the ability to do everything he says the prosecution. When I met had economic problems, and experts in computer told me that this man was a con man, who was not able to develop all programs what did he say", say the engineer "Jhon Arias".

The alleged "Hacker Sepulveda" attempt to negotiate with the development of anti terrorist software, to reduce his sentence, but his little knowledge on this subject, did not give good fruit.

"Carlos S. Álvarez" he share and known more about cybersecurity and cyberthreats, he write an article about the totally discredited as "Dread Hacker" Twitter:isitreallysafe, but unfortunately people in my country is very ignorant and do not understand any of this.

"Fernando Álvarez" Kienke columnist says "During my campaign for the Senate I had the opportunity to approach what these supposed experts on social networks and am fortunate to be among the few who understand what these gentlemen who are experts in what is in getting unwary. First, not strictly manage social networks. Social networking alleged invent and create ghosts amounts of users to believe the gullible who have exponentially increased their number of followers. Deceive their customers hundreds of visits, they really are ghosts hits showing them that indeed they are nonexistent users, apocryphal Internet and parallel accounts, which sometimes will supplant some famous to believe their clients are followed by those personalities.", and it's true i see companies that do this work, they hire about 10 guys and start to write garbage on the internet, crating large list of fake profiles/accounts to do fake publications, this is really far from being able to manipulate political campaign.

All portal news shows this guy as "A Fearsome Hacker or Great Hacker", really is not true, in hacking forums as Хакер, HackForums, BlackHatWorld, Rohitab, ElHacker, You can see children of 14 years old with more knowledge than this guy, this guy not have the level to write an exploit or an shellcode, is simple, he can't have knowledge to do that.

None of this is located, nor about even, to the category of security expert.

And definitely not making it a hacker, this guy just tarnishes the image of the guys working around things IT and Security, who spend many months disassembling and analyzing code, to detect vulnerabilities, it is very hard work , and this type of idiots only destroy the name of the true hackers.

Why this alleged "Hacker Sepulveda" He claims to be what it claims to be, is really simple, is in jail for 10 years, is in bankrupt, he is a liar and compulsive swindler, does not have any solid on cyber security knowledge, only buys criminal waste (maleware / spyware) and awarded a title that does not have, being a "Great Hacker" to follow the same path from which started in this, he only like cover his and get a reduced sentence, speaking more crap.

Then we explain what it supposedly does this "Super Hacker" and as is done:

The list of his alleged services are:

- Make dirty war and psychological operations, black propaganda, rumors (Trolling/Defamation)
- Send emails and bulk text messages (SPAM)
- Falsify and clone websites (Phishing)
- Wiretap / Intercepting SMS messages
- Fake likes and followers
- Encrypted file handling
- Intercept emails
- Defacement
- DDoS

How doing this things:

Trolling/Defamation: is really simple, you create a fake social accounts and fake emails, with names that any idiot can believe, and publish fake rumors, black propaganda, this technique was created on 4chan ( they are the masters of trolling time, this "Super Hacker", call that "Dirty War/Psychological Operations", and allegedly charged thousands of dollars for doing this, i think only a moron would pay for that.

SPAM for email/sms: again is really simple, exist more ways to do that, by email accounts, Hosting for SPAM or API bulk system.

- By email accounts: the email accounts as gmail have an limit diary for send emails around 300 emails by day, you only need coding an SMTP/POP client to manage this accounts and you can send a lot of email diary, in the case of SMS some countries have an service as email to sms, you only need send an the phone number and the text message.

- Hosting for spam: you need buy an hosing with an send_mail enable and sockets enable, and use an lib for send a massive emails from this server to any email large list.

- API bulk system: you need create an client to connect WebService API and send a lot emails or SMS.

Phishing: is really simple, any idiot can do that, you only need create a fake copy of and loguin of any site and put that on an hosting server, the most hosting sites used for that is this: 110mb, Ripway, SuperFreeHost, Freehostia, Freeweb7, t35, Awardspace, PHPNet, Free Web Hosting Pro, ProHosts, FreeZoka, 000webhost, AtSpace and this and this is accompanied by SPAM, sending emails to unsuspecting users, saying things like, change the password, or any other stupid excuse (Social engineering), MITM attacks are also used for these purposes.

Wiretap / Intercepting SMS messages: well this can divide on this common methods

- Without Hacking: The Stingray/ GSM interceptor/IMSI catcher is equipment that can gather data from hundreds of phones over targeted areas and they can also perform denial-of-service attacks on phones and intercept conversations. Though these products are not available legally but they can be bought through black markets or through deep web.

Law enforcement and the military use these devices to track cellphones. A stingray system involves an antenna, maps, and a signal device. The device mimics as a cellphone tower BTS (Base Transmitting Stations) and gets the phones in the area to connect to it. Then it collects IMSI (International Mobile Subscriber Number) and the ESM (Electronic Serial Number) numbers associated with the phone and can connect any phone.

There are two ways to use the devices:

One way is to use antenna in a given area to collect International IMSI (Mobile Subscriber Number) and the ESN (Electronic Serial Number) numbers of mobile phones in that area and see who is in that given area.

Second way is to locate a mobile phone with IMEI (International Mobile Station Equipment Identity), IMSI (International Mobile Subscriber Number) and the ESM (Electronic Serial Number) number like apple Find my phone application but in this case the phone can be traced even if the phone is formatted, as IMEI remain associated with the hardware not the software. Based on the signal strength of the device you can find the exact location of the mobile phone.

Also in some cases a DOS attack can be done on mobile phone but in terms of GSM signal not in term so of Data packets. When under DOS attacks the phone cannot receive or make any calls.

These devices can be used with software to eavesdrop on mobile phone conversations and spoof calls and SMS. These softwares are known as Over-The-Air special signal software like FISHHAWK, PORPOISE.

These devices are also knows as GSM INTERCEPTOR OR IMSI CATCHER. There are various devices like these in the market easily available.

- Injecting Malware/Spyware: abusing of exploits and/or threats, the mobile devices installing a RATS (Remote Administration Tools), this tools normally are sold on the deep web, this tools contains a lot of features: record calls, record camera/mic, record screen, grab email/sms messages, execute code and other things, this tools be controlled by C&C (Command & Control) systems, is really easy uses that, all noobs uses that.

- Abuse of Global Telecom Network: The critical flaw lies in the global telecom network known as Signal System 7 that powers multiple phone carriers across the world, including AT&T and Verizon, to route calls, texts and other services to each other; SS7 (Signaling System Number 7) is a protocol suite used by most telecommunications operators throughout the world to communicate with one another when directing calls, texts and Internet data. It allows cell phone carriers to collect location information from cell phone towers and share it with each other. A United States carrier will find its customer, no matter if he or she travels to any other country.

Encrypted file handling: is really simple and exist 3 ways to do that.

- ZIP encrypted file: select and password and uses that, is simple for idiot noob's.

- Volume Encryption: After having appeared multiple vulnerabilities on TrueCrypt software, has practically been the replacement of the VeraCrypt, this software supports multiple platforms and works perfectly well so far.

- Secure USB: exist an brand of USB devices "Ironkey" this be created with an AES-256 encryption standard and is the best, is some expensive.

Fake likes and followers: as such idiots, are far from being able to create a stable and effective Botnet, the only thing they can do is pay for it, normally this idiots buy services as that Buycheapfollowersfast, Bestfollowers exist an large list to similar companies, only search on Google.

Intercept emails: exist some common methods for that:

- By Phishing: you create an Phishing site and store the data collected, only noob's uses that.

- By MiTM: The MiTM have a 5 normal methods, but the most common is a "Poison ARP Table", and i sure this guy can't dev that, need pay for an tool to do that, select you target IP, and redirects to the new Fake IP and store the data collected, is really simple, well for us.

- Inyecting spyware: when the spyware are installed on the system, you only use the C&C to extract data, is really simple.

Defacement: only need use tools and check if the site is vulnerable, if the site is vulnerable, you enter easily, the common tools for that are: NMAP, WPScan (For Wordpress Scanning), Joomscan (For Joomla Scanning), OpenVas (For Vuln Scan), all script kidies start to win money do defacement's.

DDoS: again he not have knowledge to create botnet's, would use jMeter, XOIC, HULK, GoldenEye, LOIC(Low Orbit Ion Canon), or similar tools, other guys can rent a Botnet services for that, here i not explain how to create Botnet's to do DDoS attacks.

Some of the methods described above are outside the scope of our "Super Hacker", already stated above that no has knowledge to software development oriented to security or hacking and the only way, he can do this is to pay for it, is more advanced for him.

Really install tools and see videos on Youtube not turn you on "Great Hacker", the old school is all, and well this is all the fantasy of our "Super Hacker", There is a lot of really tough people in the world, but this guy is not one of them.

Oh I almost forgot something, our "Super Hacker", according to him is part to "the right", in few words is an "paramilitary", It's funny, because I'm sure that if one day an "real paramilitary" sits with a 9mm at his side, he pee in his pants, the brother says in self twitter account "Now, from prison, helping in the technology fight against ISIS.", this is really super fun, as an fucking joke, I just hope this does not reach the ears of these terrorists, because they loved behead and record that and publish it on the Internet, Mom did not tell you not to play with fire ?

Conclusion, this guy sees much TV, he see some hacking videos on Youtube, he buy some malwre / spyware on the deep web and is a liar and deceiver compulsive.

My sincerest apologies for "Jordan Robertson", "Nick Casey", and "Thomas Fox-Brewster", should stop being so naive, and need contact with true security experts to validate the information, sorry.

I only like see this "Super Hacker" playing with "Real Hackers" on sites as: Defcon, BlackHat, MalCon, or other Security Conferences.

We are the Internet's immune system, and he is no part of us, a lot "Hackers and Security Guys" are agree with that.

Why i write this post, is very simple, I hate the liars and criminals, and the that people speak crap.

And a big lie have an part of true and more parts of false, remember that.

The New York Times - Nick Casey: Twitter:caseysjournal
Bloomberg - Jordan Robertson: Twitter:jordanr1000
Forbes - Thomas Fox-Brewster: Twitter:iblametom

"Hacker Sepúlveda" - Twitter:hackersepulveda
"Capitán Sepúlveda" - Twitter:zappsepulveda

No hay comentarios: