This is well-meant, but the author seems to be based in Italy, and this is illegal in Italy [1]. I know how tempting it is to retaliate against these people, but you have to stay on the right side of the law.
If you choose not to stay on the right side of the law, then at a minimum you really should avoid blogging about your crimes.
Many people do good things that are not their job, the worst thing that could come out of this is that you lose your drive and curiosity and start playing things safe.
I've flagged the story to help it vanish faster. I encourage others do the same.
Do you have anyone that can mentor you on such matters? This whole thing has a vibe of self-taught about it. I recommend finding someone older and more experienced to talk to... if for no other reason, than to avoid making mistakes that can put you in legal jeopardy.
That being said, I don't think anyone here thinks you're a bad person for wanting to clap back at scammers. We just want to emphasize caution and working within the law.
If you feel lost or alone, the community here is full of hackers of all stripes (and spots, and scales, and ...). You'll find someone you can vibe with pretty easily.
I'm not at all familiar with the Italian justice system, but it's hard to imagine that anyone is going to investigate this case unless the injured party complains -- which they aren't going to do, because they were committing a crime themselves at the time.
Just let this post drop away, learn from it, move on. Don't let it spoil your day.
Author here. I did wrong. And I'm sorry I didn't stay on the right side of the law.
I advise against doing the thing I did. I know it can be found on archive.org.
I removed the post so people don't follow it for "guidance" on how to break the law. Sorry to everyone.
I wish I could remove this post from hacker news. It is a dark page for me today.
Hilarious. Did you find out how their scam actually worked? Are they just harvesting user credentials of those who sign up and then later trying to hack the accounts?
They harvest username, email and passwords from users (If someone not too tech savvy uses the same email/password combination for more than one service they can access their accounts). The main function of this scam campaign is to steal "gas fees" money (no actual minting involved, looked at the code). They ask 0.15 ETH for each entry. In my case they could've got something around 6000$.
This seems like clickbait. Being told your server's Apache config has been deleted and you need to recreate it is barely an inconvenience for a scammer whose operation probably brings home much more cash than the hour it will take them to get back to normal ops...
Why would you even tell them what you did to their server in the first place?
> for a scammer whose operation probably brings home much more cash
There's probably a very long tail of scamming operations that are only profitable because the operator is in a country with very low cost of living. Based on the short list of domains on the server, it might not be the biggest operation.
Author here. I did wrong. And I'm sorry I didn't stay on the right side of the law.
I advise against doing the thing I did. I know it can be found on archive.org.
I removed the post so people don't follow it for "guidance" on how to break the law. Sorry to everyone.
I wish I could remove this post from hacker news. It is a dark page for me today.
Author here. I did wrong. And I'm sorry I didn't stay on the right side of the law. I advise against doing the thing I did. I know it can be found on archive.org. I removed the post so people don't follow it for "guidance" on how to break the law. Sorry to everyone. I wish I could remove this post from hacker news. It is a dark page for me today.
> Author here. I did wrong. And I'm sorry I didn't stay on the right side of the law.
Oh I don't care frankly. I know it's not the right thing to do, but I am refering strictly to the technical content of the blog. I am not a judge nor do I plan becoming one. I would notify the domain owners about issues in their websites, but I am not a lawyer and I don't know the implications of it.
Removing the Apache config was a bit anticlimactic considering that the thing the OP did is illegal itself.
If you are after a vigilante justice, I would suggest doing something substantial like exposing the identities or tipping of the authorities and most importantly: don't reveal your own identity. Back in the day when the internet was mostly a lawless place you could have done something like that and recoup the clout and be the hero of the people but that's not the case anymore.
Author here. I did wrong. And I'm sorry I didn't stay on the right side of the law.
I advise against doing the thing I did. I know it can be found on archive.org.
I removed the post so people don't follow it for "guidance" on how to break the law. Sorry to everyone.
I wish I could remove this post from hacker news. It is a dark page for me today.
You probably will be fine but you are risking yourself.
I'm not anti-vigilante, its always fun to read about people going after the scammers but the clout of it isn't worth advertising it with your real identity.
Author here. I did wrong. And I'm sorry I didn't stay on the right side of the law.
I advise against doing the thing I did. I know it can be found on archive.org.
I removed the post so people don't follow it for "guidance" on how to break the law. Sorry to everyone.
I wish I could remove this post from hacker news. It is a dark page for me today.
Well you have to fill in all your details in the form on italianauthority.it.gov.com.to . It will ask you to purchase an NFT, but don't worry, you will get it back at no charge.
Apparently such an odd "crime" (banning people from walking in a public place) exists in some countries, where is seems you will have half a dozen armed police officers wrestle you to the ground for such an action.
> half a dozen armed police officers wrestle you to the ground
or being kept in a cell for 8 hours for jaywalking is crazy.
Now I jaywalk all the time, but let's not call it simply "walking in a public place". It has safety implication. It's dangerous for you, and it can also endanger / have severe implications on other people who haven't asked anything. Road safety is no joke and should not be taken lightly.
The burden is on the person operating 2 tons of machinery in a way that can kill someone
If your assertion that walking along/across the road is dangerous, how come pedestrian deaths in the US where such things are illegal are 22 per million population per year, and in the UK where such things are perfectly legal outside of a small number of dedicated roads is just 5 per million population.
Perhaps the problem is the culture which puts cars above people.
> The burden is on the person operating 2 tons of machinery in a way that can kill someone
Everybody needs to pay attention.
I usually bike, I try to be very careful and never had an accident, and I will be extra careful if I see pedestrians around, but pedestrians often increase danger and risks a lot when they just walk on my bike line though they have a dedicated area on the pavement, or cross it carelessly. I have some inertia, if I judge the pedestrian is not going to cross but they actually decide to cross at the last moment without noticing me, it's going to be an issue.
Just like when I'm pedestrian and bikes or cars don't bother to let me cross or don't notice me.
We need everybody to pay attention because if one happens to make a mistake, the worst will likely be avoided by the others. I'm grateful to the pedestrians or vehicles who paid attention the times I screwed up.
> how come [...]
Maybe UK drivers are more careful by virtue of jaywalking being expected. Or maybe UK and pedestrians are both more generally careful because of the culture. Or maybe UK cars and roads are just safer than in the US.
My point is not that jaywalking should be illegal. I actually wish it were legal in my area (nobody is punished for jaywalking here already). There's no point in crossing at a specific location or in waiting for some light to become green if it's already safe to cross because it's certain that nobody is going to cross your path at this moment. It's just plain boring and useless. Just that you need to be careful, and I would prefer someone who dangerously crosses the road to get a warning.
Now, we fundamentally agree:
> Perhaps the problem is the culture which puts cars above people.
Yes, and it's happening right now for some streets in my city. I wish this would be extended further. I would go to the extra length of saying that I want (most) cars to get out of the cities. I went to Winterthur, cars don't seem banned but people actually don't use the car inside the city. Pedestrian walk on the roads no problem. Less pollution and noise. What a breeze!
City/road design, greater distances of travel, higher speeds. No character, moral, or legal failing required. Some designs work better in some contexts than others.
I wish I could remember the YouTube channel but I saw a couple great critiques of road and city designs comparing the US and certain places in Europe.
Ah ha! I found it searching “stroads”, this is part of a series:
Author here. I did wrong. And I'm sorry I didn't stay on the right side of the law.
I advise against doing the thing I did. I know it can be found on archive.org.
I removed the post so people don't follow it for "guidance" on how to break the law. Sorry to everyone.
I wish I could remove this post from hacker news. It is a dark page for me today.
If you choose not to stay on the right side of the law, then at a minimum you really should avoid blogging about your crimes.
[1] https://iclg.com/practice-areas/cybersecurity-laws-and-regul...