How I delt arms on the internet, and learned to love it
Sit down, and enjoy my crazy story of evil, insanity, and a journey into the heart of darkness itself. I try to ensure that the details in this following story are generally, correct. Maybe I made up some stuff, added some details, but overall the main story is generally accurate. I am a bit drunk, so I apologize for my drunken writing. I have been trying to type up this story for a long time, just never got around to finishing it, I'm finally drunk today, so I might as well try to finish it. Just try not to fall asleep, I'm sure my stories are better than those of Grampa Simpson.
Best way to get drunk? Off your own supply of course!
All my arms dealing advice is hypothetical, if asked, i will insist that this is just a very interesting story that happened to a "fried of a friend".
"Selling a gun for the first time is a lot like having sex for the first time. You're excited but you don't really know what the hell you're doing. And some way, one way or another, it's over too fast." - Lord of War.
It was the summer of 2012, and I just came off of a spectacular implosion in my last scheme. My attempts to revolutionize the narcotics industry ended in huge failure. I barely escaped from a bunch of drugged up crazies who tried to lynch me. I had to write off a significant amount of equipment (sodastreams, test tubes, humidifiers, a huge amount of "herbs" etc). Fortunately, I was able to get out of that bad situation alive, and I quickly started to look for more opportunities, with a group of actually competent accomplices now.
I was bored to death everyday (hey, porn and gaming can only go so far), and I was too lazy to get a normal legitimate job. Tried peddling porn on a few forums, that got old quite fast (did you know that the most common sex toy featured in amateur porn is the Hitachi Magic Wand? now you do!).
How many hours can I stare at this before I go mad?
I needed to find something interesting to do, and so I went off to browse the sketchy parts of the internet again.
So I was browsing a Honker forum when the idea hit me. Spam is a major problem with all internet communities, and not even the Honkers have a good solution to it. After posting a tutorial on the forum, I saw a spam post advertising the "latest innovation in malwar(sic)". The malware peddler claimed to that his malware was completely undetectable, can attack Windows AND OS X, is extremely stable, and allows the attacker to take control of the victims computer (even obtaining administrator rights through the use of local exploits). I was really interested, and I actually clicked the link. These malware peddlers were selling their wares for thousands of yuan (think hundreds of USD). The moment I saw the page, I just knew that I needed to get into the action.
Before we continue, let me explain what a honker is. In Chinese, hackers are known as 黑客. Literally translated, it means "black guy", or "a guy who knows the black arts". Now communist sympathizing hackers are known as 红客, which translates to "red guy", a play on words that is commonly used to refer to partisan grassroots communist sympathizing hacking organizations. I used to hang out often on a few of those forums, and I made a few great friends on there.
Before you read on, please read this well written article: http://arstechnica.com/tech-policy/2013/03/rat-breeders-meet-the-men-who-spy-on-women-through-their-webcams/
its a good portrait of the people I dealt with in my efforts at being an arms dealer.
I know a honker who was a complete madman. The guy was almost "Pedro Cerrano like" in his religious beliefs. Instead of "Jesus no help with hitting curve-ball", for him, it was "Jesus no help with sql injections", and thus, he kept preaching for a revolving door of deities. Today its "Confucius' works reveal the truth about pointers", tomorrow its "The Greek system of gods reveals fundamental truths about jagged arrays" (the garbage collector apparently played the role of the Parthenon). The guy's most grandiose goal in life was to make WMDs in his toilet, every day he bounced his techniques for making better chlorine gas off me. He disappeared off he internet inexplicably a while back. Before he disappeared, he kept boasting about how his WMD capabilities were better than Saddam Hussein, but just worse than Kaiser Wihelm II. I must assume that either the cops picked up on him, or he poisoned himself into the hospital. For the rest of the story, I will simply refer to him as WMD guy.
Imagine this scene with a laptop instead of a bat.
At the time, I was peddling snake oil with a British guy. We roamed the internet, advertising our magical "super secure" encryption systems that will allow you to avoid all sorts of government surveillance. This was before PRISM was revealed, so we were stuck preaching to the tin foil hat crowd. They probably spent all their money on tin foil, and wouldn't spend more than 5$ on internet encryption. To be fair though, our PPTP VPN probably didn't do anything against government surveillance (what was especially ironic was the fact that my buddy kept snooping in the traffic of our more "interesting" clients, it was pretty much out of the frying pan and into the fire), but we did successfully convince a surprising amount of people into buying it. Of course, the Brit easily joined up in my arm dealing efforts, and he would prove instrumental in distributing our wares.
Before I even start development, I needed to figure out what kind of market I would market to. Honker forms were hit or miss, too much scammers on there really demolished the confidence one would have when purchasing products on the honker forums. Hacking forums and carding forums on the so called "deep web" were also a bad idea. People there would actually know what there were buying, and the competition was really tough with famous malware like Zeus or Spyeye. I needed to sell at a place where there were lots of buyers, and where the buyers were not really intelligent, an internet community populated by fools.
I finally set my sights on Hackforums.net, one of (in my opinion) the worst internet communities out there, but one with nearly infinite potential for arms dealers like me. Before you go off to find my posts on hackforums, don't even bother to look, I got banned for life (for a completely unrelated reason to my arms dealing). Plus, only around 10% of the posts are mine, I told WMD guy to post for me in the off topic section to inflate my post count, and the Brit to post in the hacking discussions section for me.
Hackforums was literally the perfect place to peddle malware. The site was like the first result when you google "hacking forums". There is a lot of people on there, which means that I have a huge potential market to tap into. More importantly, the place is filled with newbies and wannabies. Newbies are the easiest group to exploit. You can see lots of tutorials on there that teaches you how to "take over other people's computers", and when you read the tutorial, you see that it uses a poorly written and over priced tool, yet because these guys are new to this, these newbies would often just follow the tutorial and purchase the product.
And than, there are the wannabies. These are the people who claims that they can "hack NASA", when they think that ip addresses are a unix console command. Its this crowd that I ended up exploiting. They have money and egos, and their stupidity is just ripe for exploiting.
Finally, hackforums just has this "spend money" mentality. you pay 15$ to get elevated into a special usergroup (pathetically called l33t), and you pay more to get elevated into an even higher usergroup. You need to pay (allegedly) up to 2000$ to start a group, you pay for stickies, and the marketplace is one of the most active section of the forum. There is a huge amount of money changing hands, and I think I can reasonably carve myself a piece of the pie.
So I started off my writing a bit of code to gauge the market reaction. Now one of the biggest problems with this business is that you might devote so much time and effort, you will find yourself working for under minimum wage. Thus, I chose .net to ease my development, and within 2 hours, I had a decently working thing going on.
Download my code here: http://www.filedropper.com/csiconstealer
Ever wondered what work conditions are like for the 21st century arms dealer?
Thanks to .net and the awesome code that I found on the internet, I was able to slap up some code that downloads exes from the internet, executed it on your computer, than binds itself to all the executable files in every network share and removable storage on your computer (while stealing the icon and falsifying the time stamp). It took me barely any effort, and with some bare minimum marketing efforts, I was able to make 150$ by selling it to a sketchy Singaporean gentleman.
The hackforums market is filled with people trying to sell their wares. Usually, the market is filled with offers for 2$ crypts (aka, make your malware undetectable by antivirus), 20$ RATs (Remote administration tools, malware that allows the user to take over your computer), and other hacking related products and services. I had some experience dealing with people over there, and really, for me, I would never deal with those idiots again.
I have a friend (sort of? I guess) that I met over there. He displayed all the classical characteristics of being a hackforums wannabe. He actually used his real first name as part of his screen name, so i'll just call him K.
K is the classic wannabe hacker. He processes barely any knowledge regarding computers, and cannot program if his life depended on it. His "hacking experience" was at best comprised of using the most idiot proof tools known to man. K wanted to make a bit of money on the hackforums market (which he did later on), and I had just the thing to sell him.
It was people K that really convinced me to not sell directly to the members of hackforums. Hackforums was the place where you would sell a bitcoin miner to a guy, only for him to come back and ask you what a bitcoin is. I hate trying to teach these idiots, I hate promoting my shit on hackforums, and I absolutely loath dealing with piracy (the DRM systems these guys use fight piracy makes the stuff EA use look simple).
K represents a huge portion of the hackforums wannabe crowd. He doesn't really know much about computers, or technology in general. He kept insisting to me that his iPhone 4s had a better camera than my Pureview 808, since it has an "led flash, and that's the shit they use in expensive TVs". Yet he keeps talking about writing some "next level" "completely undetectable" malware.
It was than when it hit me, why don't I create some kind of "idiot proof" kit to allow these guys to sell their own malware? After all, turn key scripts like Wordpress allows anyone to create their own blog, and turn key solutions like Cpanel and WHMCS already allows wannabes to flood the hackforums market with their "secure offshore hosting" . Why can't I create a turnkey solution that allows these idiots to create their own malware that they will than sell?
So in a few hours, WMD guy and I sat down and created a basic system that allows people to easily create their own malware. It was a DLL file that included everything needed to create a basic malware system that you can sell. Everything that an aspiring malware writer had to do was create a UI, and all the code that he would need to start selling malware is included in the DLL.
Download the code here:
Why did I decide to create a class library? Well first of all, I would assume it is slightly more "legal" on paper than actually creating and selling malware. I also hate dealing with lots of hackforums script kiddies, and by doing this, I can reduce amount of time I have to spend interacting with wannabes. I left the whole "customer support" thing to my customers.
All I needed to do was to type up an API reference, and create a few examples for my customers, and I was ready to go.
I sold K a copy first (25$ in my pocket), and told him what to do. It took him approximately 20 minutes to have 4 different pieces of malware up and running, ready to sell (15 minutes is approximately the upper limit of the script kiddie attention span, the last 5 minutes walking him through the process was painful). He sold a few copies, and was happy with the product.
When I tried to pitch the product to hackforumers both publicly and privately however, the response was overwhelmingly meh. There was barely any response for my revolutionary product. It will change the way you look at malware forever! Yet there was barely any response.
So I told the British guy to quietly sell this concept to a select few people. From the feedback that we got, it seems like we needed more buzzwords. You see, script kiddies love buzzwords. They love "polymorphic", "object orientated design","high stability", "persistent", preferably written in as low level a language as possible. Whats really sad is the fact that most of these script kiddies barely knew what they were talking about. I tried to pass off method overloading as polymorphism once, and the overwhelming response was "vb.net can't support polymorphism"........
So I went back to the drawing board, and started to play software architect. I designed a completely new library, one that allowed for much greater customization than the one I created, one that was designed with "object orientated" and "polymorphism" in mind (remember, you need to hit the right buzzwords). The library was designed so that it wasn't too "idiot proof". It was a powerful extensible library that would "power the next generation of malware" (direct quote from our sales pitch). To top it off, this next gen malware class library would be avaible both as c++ library with a .net port. Hell, it was even cloud certified! (I kept pushing the "malware in the cloud" thing for a time, and designed the whole thing to work on azure).
So how was I able to actually create something like this? 3 people can't hope to be capable enough to code a project on this scale. So I had to outsource, WMD guy went on a variety of Chinese internet communities to hire people to code for us. It was certainly cheap, but working with Asian talent presented a unique set of problems. Who knew that Chinese programmers overwhelmingly prefer VC++ 6? Apparently, the chinese standard programmer certificate still tests people on VC++ 6, in 2013
After a few weeks, our new library is coming along nicely. I was actually brave and stupid enough to start testing our "cloud malware system" on Azure. We even had a few sales, and early response was amazing. Our customers were making money hand over fist by assembling code snippets that we sold them into malware.The malware that our customers sold were very well reviewed (due to our great codebase).
Hell, when I designed the malware library, it was even designed with mobile in mind. I had some parts of it working on Symbian, by preferred cellphone operating system. How many of you iOS and Android fanboys can claim that you love your preferred mobile platform so much, you contributed to the malware problem?
Even the stupid "cloud malware" thing was gaining steam, i had a rough proof of concept on azure at the time. I envisioned it as the malware of the future, where malware sales would transition into SAAS, completely bypassing the need for DRM.
We actually made quite a bit of money in this phase, more than enough to cover our costs and make us a tidy profit. But than, this was where things started to fall apart. The problems always start from the inside.
One day, WMD guy just started to argue with the Brit. I didn't really know what the dispute was about, maybe the British guy just objected to WMD guy using his share of the profits in chemical weapon research, or maybe it was because the British guy was arrogant, and belonged to the old "for queen and empire" faction, whereas WMD guy was a staunch anarchist.
No matter what really happened, the Brit leaked shit about our plans onto multiple hacking communities, and there was a general backlash against our customers. The whole thing was a clusterfuck, and our customers were pressured to stop purchasing from us.
So my internet arms dealing efforts failed. My efforts did make me some money, and I was making more than minimum wage when you average it down. But you know what, the whole thing blew up in my face. But hey, when one of your partners is a chemical weapons enthusiast, and the other one is a staunch colonialist, such things are bound to happen.
As for me, I went to Europe on a LONG vacation later for some soul searching.
I am cooking up a new evil plan right now. Just like the conquers of old, I went to Toledo, and got myself a new sword, a rapier in the classical style. But lets be honest here, my next scheme is probably just going to implode too, and a year from now, you can probably read my next story here.
So yeah, since this is the internet, a selfie is like compulsory.
SO yeah, I spent my gains on a bunch of homebrew gear, a sword, and a mask. With a toledo rapier on one hand, and a nokia on the other, I am surely going to succeed with the my next scheme.
I promise to post more fantastical stories next year, when my next plan inevitably implodes