
Mail from the (Velvet) Cybercrime Underground - andreipop
http://krebsonsecurity.com/2013/07/mail-from-the-velvet-cybercrime-underground/
======
nemesisj
I really enjoyed this blog post for some reason - I think the frank dissection
of how the whole plot was hatched was really interesting.

The main takeaway for me is how worrying the chosen attack vector was, and
what it says about the state of the USA. Think about it - the most effective
way to remotely cripple someone you hate is to turn the USA's ridiculous drug
enforcement apparatus on them. It's not a bomb or insults, or any kind of
direct or overt physical harm, it's simply mailing them a narcotic and tipping
off the police.

What if this guy hadn't been monitoring things? He could very well have been
in a nasty, highly stressful, possibly career ending situation simply due to
America's stance on drug enforcement.

~~~
X4
I also feel somehow guilty now, because I enjoyed that article too much..

That's crazy how much more power and impact a scene member can have on the
life of someone. And it's so easy to do that..

Reminds me to a situation I was in: While coding during midnight and while
important political and prominent people came to town, I felt some weird
vibrations on my window. After touching it, it felt like something was making
it vibrate very strong. Then came the shock, when I saw a drone targeting my
window, unaware of it being armed or not.. I hid and waited until it moved to
scan other buildings.

unfortunately I didn't make a photo, but it had a large triangular red thing
on it's nose (infrared?) and was able to stay at one position.

I imagined that they could have thought that this is the highest building and
having a perfect view to the scene from that window, it would be a preferred
sniper position. But ordering heroin to a whitehat and spoofing calls from the
neighbours to police..wow..

Getting threatened by the Government for whatever reason is seriously no more
fun.

~~~
marvin
I really, really wish you'd gotten a picture of the drone, because with just
your description this would be too easy to chalk up to a psychotic episode. No
offense intended.

~~~
X4
I regret that I wasn't more prepared and don't know how to describe the
situation. One isn't prepared with drones appearing from nowhere and watching
your home, you know. Imagine you see a car approaching you fast, everyone
seeing you would think "jump or run to the side, now", but when it happens to
yourself in a moment you weren't ready, then you just freeze.

I haven't seen it first, but felt the vibration and after touching the window
for about 10seconds I was sure that this wasn't my neighbours music or
something else. It was weird because I didn't hear such deep sound before, it
wasn't very loud, but had a very low frequency, I guess that's why the window
vibrated so strong. One could feel the pressure or tingling on the skin.

Then it came into eyesight, I don't know if it switched that red triangle
shaped thing on, or if I saw it after starting to look for something that
could make such strong vibrations. Everybody would look for a car parking
there with loud music, so did I. But I didn't see it, so I looked up. The
thing I focused my eyes on first was to see, if there is some movement below
it, like rockets, lights or anything, I was really afraid of what would happen
next. I couldn't run away, it was just there. After starting to realize the
situation that I was in, I hid at the side of that small room, but could still
see how it stood there in the air. After some time, it flew higher and
increased it's speed, without the red triangle shaped thing in sight, it was
hard to make out. The first thing I did, was to call mum and ask, if she's ok.

Summing it up: It had some kind of engine that allowed it to stand still in
the air and move to different directions, it was gray or dark, not sure. The
engine wasn't loud enough to get aware of it from a distance, but when "near"
you could feel very strong vibrations. It could accelerate pretty fast. It had
no flashing lights, but it looked like there was something moving below it, I
couldn''t make out what it was. I don't remember the shape good enough, sorry.
A prominent thing was the large triangle shaped red thing on the front of it.
Could it be infrared? Isn't infrared invisible to the human eye and why was
that so prominently visible then?

~~~
marvin
An infrared light for active infrared illumination _could_ appear dark red,
but probably wouldn't on a military drone. It would probably filter out all
visible frequencies.

Thanks for your account, these things will show up again if they are actively
used. There's no question that such an aircraft _could_ be built, I've been
thinking about it myself. (Strong aviation interest).

~~~
X4
That would be really cool, if you can build something like that! I'm really
interested in your findings, would you drop me a line on torchat (see profile)
in case you know more about it?

------
lifeisstillgood
For me the two big takeaways are the cop who wanted to unplug from Google.
This is likely to be a fairly sizeable minority of the world who used to know
how it all worked - and just cannot be bothered to learn the new rules.

I am not sure if that's a good or a bad thing - if grandpa is not online can
be do video calls to the grandkids ?

The second is of course - I do not monitor these boards and of course the next
attempt will not be public. Not sure how to react if a dozen baggies got
delivered. Hand it over to the cops I guess.

It is the makings of an interesting real life DDoS attack on politicians for
example

~~~
girvo
Hand it over to the cops, but not before speaking to a lawyer, would be my
tactic.

------
marvin
Would the claim "I didn't order this, someone wanted to frame me" hold up in
court if this guy hadn't discovered this scheme?

~~~
nikcub
Blind mules are a huge problem in Mexico, where they are unwittingly used to
courier drugs over the border. Most end up in prison and have to prove their
innocence via public campaigns.

[http://edition.cnn.com/2012/01/23/world/americas/mexico-
blin...](http://edition.cnn.com/2012/01/23/world/americas/mexico-blind-drug-
mules)

------
Renaud
You must be something right when you attract that much dedicated attention...

I'm surprised at how personal these attacks are. Is it that common for public
security figures to be at such risk ?

~~~
jlgaddis
Skim through some of Krebs' past articles.

He has publicly outed many "cyber-criminals" on his blog and typically
provides plenty of proof to back up his assertions. These criminals, of
course, don't really like that.

I understand his motive for publishing details of things like this that are
directed at him but it makes me wonder if another criminal reading it won't
try to "one-up" the previous guy.

------
gedrap
And that's really worrying. For me, it makes various threats and other cyber
bullying look like a game. 'I wish you get cancer' yeah whatever f-off kid.

But this one can easily ruin someones life. Or at least give enough stress to
shorten it for a while. Not even talking about legal expenses to prove it's
not yours. I mean... Police finds reasonable amount of Class A drugs at your
place. 'it's not my' 'yeah right, everyone says that'.

------
undoware
I always get a kick out of Krebs' relationship with the thesaurus.

"Miscreants" "goons" "fraudsters"

Seriously, 'goons'? What is this, an Archie comic?

But, yes, fascinating article, nonetheless. I dislike the man for reasons
difficult to articulate, but there is no arguing with a story like this. Great
read.

~~~
e1ven
Not necessary related in this instance, but users of the Something Awful forum
generally refer to themselves as "goons".

See:
[http://en.wikipedia.org/wiki/Something_Awful](http://en.wikipedia.org/wiki/Something_Awful)

~~~
peterwwillis
Not to mention the Defcon goons: [http://www.defcon.org/html/links/dc-
goons.html](http://www.defcon.org/html/links/dc-goons.html)

------
X4
How could Krebs protect himself, if someone ordered contract killers from the
silkroad? I do hope that he get's some bodyguards, I never knew that infosec
was a life-threatening job. I wish that it at least pays off for him, because
it's surely a hard situation for his family. I couldn't take a breath, if I
knew that my brother or sister was in danger.

I think these criminals should be very thankful to have Kreb alive and not in
jail, because a) they win more market, by getting rid of other criminals b)
they learn howto he doxxed the other criminals and can protect themselves
better.

Maybe one of you has ideas on howto protect against that, then pleaes tell us

------
ollybee
While entertaining for us responding in such a public way will encourage
further stunts from his adversaries. Kreb plays a dangerous game.

~~~
tripzilch
That's one side of writing that blog post, but on the other side, if someone
were to simply try this scheme again, but on a forum Krebs doesn't monitor, or
more secretly, this particular blog post with a date will help his defence to
show they tried this before.

(At least that would seem to make sense to me, but I am not familiar with US
regulations and when it comes to drugs they can apparently be .. somewhat
counterintuitive)

But yeah he _is_ playing a dangerous game, and I think he is well aware of
that.

Also, I wonder, he must be monitoring at least tens of underground-forums or
so, that must take a sizeable chunk out of his day? Especially depending on
how fluent his Russian is. I hope he has an intern or something to help him
out scanning those boards.

------
stfu
This seems like a good starting point to deny having made any "orders" from
the silkroad yourself.

 _It 's all some internet conspiracy! The same thing happened to Krebs_."

------
sidcool
It's interesting how righteous the Silk Road guy sounds. He's using his power
to cheat, and then he quotes about agorism and shit.

~~~
codesuela
I think you mean the russian carder, the Silk Road heroin vendor sounds as
professional as one can be in such a situation.

------
soapit
What a waste of perfectly good heroin.

------
01Michael10
It seems wrong to provide the non-HTTPS link of a security blog...

