How do hackers hide themselves? - staying anonymous online
2024 ж. 12 Мам.
1 325 911 Рет қаралды
🐕 Follow Me:
Twitter: / collinsinfosec
Instagram: / collinsinfosec
Cybercademy Discord Server: / discord
🤔 Have questions, concerns, comments?:
Email me: grant@cybercademy.org
🎧 Gear:
Laptop (Lenovo X1 Carbon Ultrabook 6th Gen): amzn.to/2O0UfAM
Monitors (Dell D Series 31.5” D3218HN): amzn.to/2EXlgRF
Keyboard (Velocifire VM01): amzn.to/2TEswfd
Headphones (Audio Technica ATH-M40x): amzn.to/2F4Tvq6
Standing Desk (FlexiSpot Height Adjustable 47 inch): amzn.to/3p3uSAa
Great video! But you failed to mention that hackers use hoodies and glasses to stay hidden too haha
Now you are a true hacker Edrick 😎
Wrong, they use it because the sunlight hurt their eyes
What he ACTUALLY forgot was to mention covering up the camera.
@@ladvargleinad7566 you mean deleting the camera's drivers and/or completely removing it from the device (same for microphone)
@@xansurnamehere And how is that supposed to fix anything? What if someone hacks your computer, reinstalls the drivers, and while they are still there, add a little spyware to said drivers? Or what if the camera has backup drivers on its own, separate, hidden partition? Covering it up or physically removing it is the safest way.
Can’t tell if it’s the malfunctioning yt algorithm propagating it’s own inevitable demise or the feds wasting their time with honeypot videos again but either way, a gem of a channel and some novel content I look forward to learning.
😂This is a great comment! You made me laugh out loud
*IS THE ..."TIME WASTER s" ..*
Do you know what website?
feds need anonymity too
Lmao
Actually, Ross Ulbricht was caught through an old email that he had advertised Silk Road on in Reddit, then, when they knew who he was they traced him to a library, and then a female and make FBI agents distracted him by pretending to have an argument while another rushed his laptop, so he couldn’t press the kill code button he’d set up previously, they also messaging him through Silkroad at that exact time and caught him with his laptop open and everything logged in 😅
moral of the story? Mind ya own business at all times
they are in dark rooms with a hoodie on and type erratically green text on a black background, they have a world map with red connecting lines that make a sound when moving around, computer screen turns black and a bunch of pop-ups of random images with beep sounds appear and after drinking the sixth can of dr pepper they say : "I'm In"
🤣👍🏻👏🏻
don't forget the anonymous mask and audible mentions of "hacking into the mainframe"
"They have a world map with red connecting lines that make a sound when moving around" You just reminded me of Uplink.
Ok you need to stop! 😂🤣😂🤣
You are not a script kiddie. Thank you for the lesson. This is fantastic.
if the compliment is 'you are not a script kiddie' then you label the person basically a script kiddie
Who said tho that he's a script kiddie
@@bikdigdaddy he said it to himself in the video
ima script kiddie thanks now im near to matrix level
@@fernandoblazin Needless to say (and that's the point of it), calling somone 'not a script kiddie' is rather something else entirely than not('a script kiddie'). But even assuming this is as simple as !a == b is the same as a==!b (which, ignoring all context, may not be unreasonable!) it would simply make you 'not a script kiddie' not 'matrix level'. An alternative interpretation is for example, you are simply no programmer at all.
Staying anonymous is one thing.. what about removing digital identity ? People who grew up in digital age and not knowing how bad things can get.. what steps can one take to wipe out this data ?
Great point. Especially if you had parents, family, employers who posted photos and info about you online. There are digital privacy laws where you can request for your information to be taken down. But this is dependent on where live and even then there will still be an online footprint you left. Best possible option is to never make the online trail in the first place. That's not easy nowadays.
@@collinsinfosec Po
If your like me, then your GenX parents keep posting your personal info on every social media site. So, the first step is to abandon parents.
@@HopeisAngerhey now that's not nice, they're just trying to show off they're kid that they're proud of. But I totally feel ya, I'm opposite and am extremely protective over my kids photos ever getting posted on internet. Especially, after a time I Googed his sisters name & shockingly on the first page that came up i saw a nude photo of hers that'd been reposted on a hella shaddy website, that had her little brothers photo on her wall right behind her, totally clear as day. I was pissed to say the least. Got that sh*t pulled down immediately.
@@HopeisAngertrue, it sucks I have photos of myself out there on social media sites and Im not even sure what they post about me as I don't use those sites. Worst thing is that there's literally nothing i can do and they are gonna stay there forever
Your style is simple yet detailed, I haven't come across another related you tube channel that keeps it simple to the point and clearly examined. Subbed!
If I was selling bad things on the internet and I felt I was about to get caught; I’d make a KZhead channel and as such, talking about OPSEC, appear as a red herring. Hypothetically
4:50 something worth mentioning is that installing your own vpn server on some random vps could be a security risk depending on your threat model. Federal agencies can detect your ip address is the only one connecting to that server and thus deduce the outgoing traffic from that server is effectively yours. Also, wireguard should be prefered over openvpn if you actually need to setup a vpn server for some reason.
6:50 don't underestimate vulnerabilites with virtualization. TailOS discourages indeed the virtualization approach because the host machine can fully control and check what's going on in the VM
Great point!
Ssshhh
yes but being totally 100% anonymous is kindly impossible. Tails offer a way to get more % in anonymity. That's it. It's the same debate as with confinements and vaccines... Just gain more % here and here.
Yeah but u can spoof any info that you connect with to a rdp so its a win win
True. Many, including myself at one point, thought VMs won't leak malware, but they can. Just as malware can hop partitions to jump to different OSs. (;
He’s not saying you should be a hacker but you could be a hacker 😂
I never said anything 😂
@@collinsinfosec LOL 😂
What's the alternative to being the predator? Being the prey
Good presentation and very clear, concise and useful information. As a 'security professional' (and someone interested in security since before the internet) this is exactly the kind of straightforward yet entertaining content we need more of.
Thank you for the kind words. I am going to try to improve on my video presentation.
Try Mental Outlaw if you haven't yet!
@@rune.theocracy thank you, I already subscribe to him, good advice though.
4:09 I'm glad you mentioned that VPNs introduce intermediaries. I feel like a lot of people either forget or don't know about this and perhaps don't think about it before deciding when to use a VPN.
just found your videos. i'm a sys admin looking to get into cyber security and your videos are genuinely informative and enjoyable to watch. don't worry, you're definitely not a script kiddie. i'd know, i was one lool. keep it up man
Yes please do go into more depth...I'm very interested. Thankyou 🙌🏼
Very interesting i must say, i always had this question. Thanks for the video. you got a new follower :D
Nothing but straightforward pieces of information 👌 If only other KZhead videos are made this way.
Hey Grant really nice video! How about to do a video with the techniques used to trace back this kind of be anonymous strategy? I mean some reverse engineering
Hi Cybermondo, I like the idea!
@@collinsinfosec I will wait for it then ;)
The Grugq is very good and has a few lectures going through the takedown of lulsec and another smaller one.
@@ironheadrondo5596 I seem to recall the takedown of lulsec basically boiled down to one of the members being really, really bad at opsec, so once they arrested that guy, they were able to get him to get other members to reveal themselves over their now compromised private chat.
Great content man, I just found your channel and its awesome! I’m going to school for computer science, I really wanna focus on encryption and cybersecurity, so your content is an attention grabber. Keep up the good work, posting a video more in depth like what you showed at the end would be pretty interesting!
Thank you Sydnie!
Keep up and don't make mistake I did! When you struggle with something, give yourself a time. Don't give up because you think something us "too hard". You just don't have enough knowledge to solve this problem. So educate urself and attempt one more time :)
Sydnie I suggest watch a 13 part series called _What on earth happened_ by Ewaranon to learn that the earth is not a globe. I got it in my about tab.
@@MrCipek1221 I’m super late to this reply but thank you for the advice. It means a lot, especially with this degree you have a lot of people who aren’t willing to help or who have kind of like god complex.
I feel weird about a lot of VPN's, although they claim to have a "no log policy," I've heard of many instances in which VPN companies helped the police in finding cyber criminals.
Drowning I suggest watch a 13 part series called _What on earth happened_ by Ewaranon to learn that the earth is not a globe. I got it in my about tab.
From prior experience, government agencies do show up to the datacenter and usually either takes the drives or make a copy of them.
that’s because VPNs are used to protect regular citizens, not criminals
Waay late to the party but here's an explanation: Any internet service provider, vpn company or other internet service owner based in the 14 eyes (basically NA, West EU, Australia) is legally required to comply with proper orders from law enforcement. In such cases they WILL demand all logs and any relevant information pertaining to their investigation. And the laws do allow businesses to lie about keeping no logs if it's for the sake of complying with said laws. Conversely, countries outside of the 14 eyes may have more lax laws around that stuff (think Sweden and the MulvadVPN cases). In short: if you're hoping that your vpn will allow you to escape those pesky glowies, ensure that the vpn is either a decentralized service (Tor/IP2P) or based outside the 14eyew
And your flat earth nonsense has what to do with the discussion? @@flat-earther
Great Video, I’m somewhat knowledgeable but I loved how you broke down certain things for beginners
You Rock I'm getting a laptop soon . I'm just starting off . I'm learning how to code and read it . It's tricky but I'll figure it out !!!
god damnit I fell off my chair laughing when you said "security professionals like you and I"!
Awesome demonstrations there, but personally I would have liked to see more about how criminals who use these stealth techniques actually get tracked and ultimately caught; I imagine there's a very interesting story there as well
A video to follow-up on this topic is a great idea 👍
Ddw had stories.. not that I know or anything as a useless script kiddie wannabe
NSA has enormous resources ,money , techs , and proprietary software . Get in if you dare , but get out before they can target you , because they WILL get you if you don't !
This comment's a year old but look up seytonic or mental outlaw. Often times, it's the user unintentionally outting themselves by mixing their public and private identities I.e. using their anonymous email to sign up for Instagram, reusing their private email across multiple websites
@@collinsinfosecsir i need help Please help me anyone
Great points. At the end of the day if your DNS is still controlled by your ISP, vpns, anonymizing services won't help much. Unless you maybe have a PFsense unbound router setup using a service like Quad9 to cloak your DNS.
Great stuff men. I just started watching you and you really make very good content. You got a new subscriber 😉 And I would like to see a video that you get more technical in anonymity 🙂 Cheers
Some people do silly things with out thinking. And then get found out
it would be lovely if you mention some tools/services that do the work - for spoofing and dns encryption to avoid the deep dive in coding world
THIS ^ has been the most useful explanation! I have been researching each of these components individually, but you now put it all together in a series of steps. Maybe I am slow on the uptake… or just was distracted with Life… but this really helps with my own personal OPSEC! Thanks!
Also that DNS thing is so terrifying!
Loved the vid I think you really summarized everything really well. I did want to say though I’m still new to the cybersecurity world as I’m really in robotics, but assuming I an attacker could use some sort of small pi like device to connect to virtually with it running a live os like you described I could have it connect directly to the victims network, or even just as a dummy ip in case of middle man failure. I was thinking about this with some of my own applications on a defensive standpoint luckily I’m able to hard wire everything so they’d have to literally tap in without me knowing.
I was waiting for a VPN ad all video. Awesome job on this, nice to see some digestible content about hacking that isn't from a conference or experts react video. 👍
Tapport I suggest watch a 13 part series called _What on earth happened_ by Ewaranon to learn that the earth is not a globe. I got it in my about tab.
@@flat-earther I recommend you stop spamming KZhead comments with flat earth shit, lmao. Embarrassing.
@@Tapport So does denying the globe automatically mean flat earth to you?
@@flat-earther I honestly don’t care what shape you think the earth is, it’s still irrelevant to this video or my comment.
Finally!!! Someone that can speak CLEARLY about this topic! Subscribed
Objective and Useful video! Thank you Grant!
I think where I’ve been going wrong is I’ve only managed stealthiness. I’m gonna give stealthinessness a try.
I thought the way to use proxychains was to give it a list of proxy servers to select from, and chain together several of them. Why did you just give it localhost? Also, in case people are interested, the way to protect a network against DNS tunneling is through DNS Inspection, which security appliances can do.
wow i was *literally thinking of this rn!*
This was great! Thank you!
More technical would be great. Appreciate your videos brother!
Tbh writing style is covered so damn less in such videos so props for talking about it even if it was just a second and in a list of thing to identify you most people dont even know about that
I impersonated a long time ago (half a decade minimum) and one of the main things I used was writing style which made it quite difficult for people to figure out it was me even when they became suspicious. (I don't suggest you try impersonating, it gets messy.) It's one of those details that people don't really think about but makes a lot of difference.
This helped with my cybersecurity class, thanks!
this video was better than a 1 year course i did in cyber security
Great content....I am studying computer Science and need to know somethings so I found your channel and this content helpful💯💯..keep it up💪💪
You are awesome man.... Keep going❤️❤️
Looking forward with more videos like this.
yes I would like you to do a more technical video on how to be anonymous online that is easy to follow step by step please 😊
that was a really good informative video, thank u man
you record with hardware outside of the program. Great tutorial btw it was very detailed but still just right for beginners.
Anuj I suggest watch a 13 part series called _What on earth happened_ by Ewaranon to learn that the earth is not a globe. I got it in my about tab.
great video with some useful tips i have never thought about before. thanks grant!
I knew most of this stuff but this was great review thank u
Nice video bro learn a lot . Thanks for sharing
Well, if your in cyber security. What is the best DNS to use? and how do you protect yourself better?
I always thought you just did programming videos?!? I didn’t know you did cyber security
I do! Almost all cybersecurity content
If you take a basic scenario of a simple machine setup, xp service pack 3 with no anti virus or firewall and a basic connection to it, what are the chances that a remote connection would be identified. The example given here is top level, not an isolated machine in some dead beat dump of a one person band business. It is probably unlikely that any connection over the net would even be known by anybody.
Hii Grant, I love this video. Rich in info as always.
I appreciate the kind comment Duke :)
Since a live session won’t save downloaded software a hacker wouldn’t use Tails. They would use something like Kali or ParrotOS.
Thanks for your information as a IT nerd 🤓 I'm happy to get this info 🙂 But i think some how i know this before still gonna watch for more information 🙂
Plating I suggest watch a 13 part series called _What on earth happened_ by Ewaranon to learn that the earth is not a globe. I got it in my about tab.
Great content, Id love a more technical video. Am I on a list now?
11:50 😂 You are a really Good Hearted Person👍
I'd love to see a video that is more in depth and alot more details on how to do it and set it up. I'm new to this and would be great to see more high level programming.
Offensive security...love that term ✌️
Enjoyed the video man. I couldn't stop laughing Everytime I started typing something I thought you weren't going to mention...you started mentioning it🤦😅
love your voice overs
This was an awesome video! keep up the good work..:)
Garrett Evans Wow thank you Garrett, you've made my day!
The advanced defenses you are referring to at 11:19 are IPS systems, correct?
Proxys...hops and exits...
thank you for this video!
Subscribed, thanks for the info
Staying anonymous offline is the bigger challenge.
🤔🤔🤔 Interesting and thought provoking statement, I believe this might be the comment of the century... 🤔🤔🤔 # Comment Of The Century, "Staying anonymous offline is the bigger challenge." - Hammer Fist
@@TruthResonates144 its not that deep
More details needed
thanks brother. basic but good
What i still don’t understand is how you can remain anonymous if you must first connect to anything through your local ISP?
Amazing tips and things which you provide.
Awesome video! Thank you
Great video, interesting you use a Lenovo laptop. Why not Apply MAC? Do you have cleaned laptop running a Live OS AND Tail?
Now I know how to operate my own Silk Road without getting caught
So crazy what worlds are out there…
You know what's real anonymous money? Cash.
Very True
Cash will completely disappear in a few years Everything will be digital
@@overlord5068few years no ......few decades maybe
dont forget to destroy your memory (RAM) and Hard Drive, always use fresh hard drive or buy second used
I think my security is compromised lol I googled about a mission in watchdogs 2 and this showed up a few days later
Same
Super interesting, thanks for making this video. :)
This guy is onto something!
Thanks Man :D
1:23 still, the reason he got caught was none of those. But the NSA cross referencing old posts of him that had a similar name to his later used username. then they claimed it was done by some unfixed exploit in his market. But of course we know they just checked their data collection.
Very useful, thank you :)
You revealed it; now they may be in danger.
don't forget to verify the checksum of any file that you download with a checksum of that file provided from a known good source
Thanks! Really useful in …
8:31 I knew it: logs! I think i heard this on Jack Rhysiders podcast with some who did the forensics after the case…
How can hacker end up in jail? Do the site owners have to report you and sue you or how? Can someone please explain Btw great video
If a hacker uses all of these methods, how would you go about finding them?
when you're searches and watches on KZhead puts on the watch list.
Acquire your machine for cash at a local swap meet. One those rando parking lot ones. While wearing your hacker hoodie and glasses
Just as a standard user I just get around the uac prompt to load pc game from flash drive. Needed help
when configuring proxy chains, can you exclude some countries Out?
SA. I opened. My eyes hurt. Too many buttons. Don't know what to do. Closed my soft.
As it has been understood for time immemorial: Professionals have standards!!!
Xavier P I suggest watch a 13 part series called _What on earth happened_ by Ewaranon to learn that the earth is not a globe. I got it in my about tab.
By using a goodie inside a dimly lit room
I admire your admission you're a script kiddie... Wise young man. Keep going!