> “We are apolitical, we do not participate in geopolitics, do not need to tie us with a defined government and look for other our motives [sic],” reads an update to the DarkSide Leaks blog. “Our goal is to make money, and not creating problems for society. From today we introduce moderation and check each company that our partners want to encrypt to avoid social consequences in the future.”[1]
Sounds like they're about to get rolled up by law enforcement as well. As someone who's had the full force of a three letter agency come down on me, this is not something you want to deal with on any level. I was lucky. I was young and dumb and got a slap on the wrist.
Times have changed and when govt agencies see this as an attack on critical infrastructure, you're looking at some serious jail time. I would say its only a matter of time until they're tracked down. When you're being hunted like that, the govt works 24/7 and never stops. People on the run don't have that luxury.
Thanks for sharing your experience. Not to dig too deep into details, but what would you say your primary motivation was in your 'young and dumb' days? Were you curious about it, was it a statement, was there an allure?
I had gotten into an argument with a professor on a discussion board. He used derogatory terms to refer to me, which pissed me off. I sent him a virus that was supposed to just damage files and delete some random files. It turns out it propagated onto their main network and crashed the entire universities network.
Suddenly, you feel untouchable (even though the virus had gotten out of control, which I didn't mean it to do). You feel like you can do anything and are beyond the reach of law enforcement. I'd never done anything like that and you felt really powerful, in control. You now had this idea if someone slights you, you have something to shut them down and they can't reach you.
Then the feds show up in your class, bring you to a windowless room on campus you didn't even know existed and start threatening you with jail time while they question you. This happened in the late 90's and the CFAA was still really new and DA's really didn't know how to apply it. I was pretty lucky for sure. The stuff they were threatening me with was like interference with interstate commerce, identity theft, stuff like that. They gave me the old, "You have a bright future kid, don't fuck it up." speech at the end. That was enough to scare me straight so to speak. I lost my campus network access for a year, which sucked, but the whole experience was enough for me to stop doing what I was doing.
It was just in time too, because you saw during the early aughts, the feds really started going after hackers. They started using the broad powers of the CFAA to put some really high profile people in jail with some pretty hefty prison times. To this day, I still look back and feel like I dodged a bullet there.
A stupid mistake a script kiddie makes when playing with malware you're not familiar with.
I copied an existing virus someone had given me. The last part of the virus was to multiply and seek out any other computers attached to the network and delete and damage the files on those computers as well. I didn't know that. When it damaged the professors PC, he was using it on his home network, so he said there was only one PC it infected.
When he got back to campus, he sent the email to the network team (a group of students and professors) and they tried testing it out on a group of PC's. They thought the PC's were sandboxed. Turns out they weren't. The next 24 hours the virus rampaged and pillaged PC's attached all over the network. I'm still not sure how it eventually crashed the network. All the people involved refused to tell me exactly how it crashed their network - they said they didn't want me encouraging others to do it, so I was never told the full story.
To this day, I'm still not sure what happened, but it had to be bad enough to call in the Feds, right?
[1] https://krebsonsecurity.com/2021/05/a-closer-look-at-the-dar...
Yeah, just dirtbags making money.