The Hunt For The Ransomware King of The Dark Web 

Management of for-profit hospitals too. If you have no qualms asking people to foot bills in the hundreds of thousands of dollars, you should have a robust IT system too. Obviously not talking of public hospitals, which, it seems, are underfunded no matter which country they are in

I think big pharma kills way more people bro

Absolutely agreed

It should be seen as terrorism. it is what it is.

The Philippines just had their national health database have this happen.

It doesn't get any lower than that, absolutely disgusting

it is, but i've set up a fair amount of systems for clinics and hospitals and they would never ever call me to finish my job resulting in their systems just barely being functional and very non secure. keep in mind that this wasn't done over them being cheap, but rather them thinking they have a functioning system in place so why bother? literally had to beg them to finish what i've started and none of them would even bother

That's kinda scary​@@blazeaster

@@ФеофанЭтополедолжнобытьзаполнеwell, hospitals are mostly for the sick and injured with only a small percentage of people going to a hospital being healthy and going there for a check or some test that ends up negative. So it's kinda obvious that any children's hospital will be full of sick children, lol.

Get em Ethan!

FACTS

Especially the current Canadian government

This 👌👌

What a great compliment

Yeah, a real bag guy..didn't even use a mouse.

there is a mouse lol @@w0ode198

Several server operators use 6+ monitors and 2 or more keyboards, albeit usually with each monitor connected to a server that's connected to a main server, with all of those being controlled with a single keyboard and mouse, with the other keyboard and mouse being connected to an offline PC next to them, so they can work on files without risking those files being accessed through the servers.

*monitors

😂

Feel bad for whoever bought my identity. Enjoy the debt, loser!

The data breaches are happening within the actual government. There is an error message they made to let you know your SIN has been sold on the Dark Web. Usually they use the CRA, but the government also uses the same company that has led to CRA breaches to also handle everything medical, as well social welfare.

What's crazy is that each person has an identifying number that cannot be changed. Like bro you guys gave me this stupid number at birth and tell me NEVER share it with anyone or it could ruin my life. But then I have to give it to some ransom old lady that works in accounting or I won't get a paycheck 😂

@@Nate_o_eight Out Healthcare numbers are also contracted out. I called about Ultrasound results, and the person I was speaking to didn't know the laws. I was speaking to an out of country call center, where I had to provide my name, SIN, health number, and Address, just to find out where my imaging ended up.

@@Nate_o_eight😢

HAHA that's twisted. If only he stopped there.

Are there any good RU-vid guides on ways to do this?

It is actually a very good thing to do, even in a world without criminals we want data Ifrastructure to have redundancies

​@@Max-zx4tpas an average consumer, I personally use an external hard drive.

what about rootkits?

@@Max-zx4tp Do you need someone to tell you how to remove a plug from a socket? 😂

so true.im from south Africa

@@jiteshmaharaj2961nice

​@@jiteshmaharaj2961okay?

Strange coincidence! I just watched a video about different scams & that story was included(there is more than one conman that ran that scheme). As well as a guy who 'sold' the Brooklyn bridge dozens of times lol.

@@snooganslestat2030 Someone - it might have been Victor Lustig - almost managed to sell the Statue of Liberty.

@@zh84 that is WILD, paging KiraTV for that sweet sweet mini doc!!!

Ah the same man who scam people with the fake counterfeit printing machine. Lol just heard that story recently

There’s one literally funny guy.

Lol thats funny. At this point I think every college student should take an intro to cybersecurity course.

Proving, once again, those who cannot do...teach.

@@ownedmaxer607 With the world's worst, most annoying voice delivery ever. And nowhere near the level of video editing and visuals presented on this channel.

And... you are a analyst ?? Why would you have to teach them by way of you tube ???

@@albertawheat6832 Not sure what you mean, YT is an amazing learning resource. Probably the best resource aside from experiential learning. Stories like this are how I was even introduced to cyber, and they accelerated my learning by showing all of the possible routes that hackers and defenders can take.

@@albertawheat6832 Because he is 12 years old 🤣

this guy is fucken to good just like me hahaha

Absolutely spot on. As they say - Poor people act rich. Rich people act poor. Nothing like having that £900 a month Range Rover on the drive, the £100 a month iPhone and the £1000 a month mortgage whilst you save £50 a month...

Yeah, real rich people hide their money ...instead of having it in piles and boxes in their house 😂

@@CyclistChrisy’all are ridiculous. Mark Zuckerberg and bill gates may not flaunt there wealth through clothes or cars but living in multi-million dollar mansions is not living like poor person

Money talks, wealth whispers

But the joke is that's one of the reasons he got sentenced to the max sentence lol!

okay i wont stop bro..im from south Africa

Hey, they gave him 7 years, the same sentence for manslaughter in Canada. Canada doesn't want you in prison, they want you out there working and paying your taxes. 😅

It's more of a way of thinking. Like, the Canadian justice system favorizes rehabilitation. If it's possible for the person to become better, it's the priority

Tbf it's not that dissimilar in the UK where Kira's from, our justice system has a habit of letting people who commit horrendous crimes (e.g. murder) off with a slap on the wrist, while financial crimes get you close to life in prison

That was the most shocking part of the story. If he committed that exact same drug crime in the US, he would have already been jailed for 20 years, never been able to be employed by the federal government, and never would have had the ability to extort hospitals and businesses through ransomware.

I member the dude who landlorded and ran 50+ grow houses in B.C. (b4 legalization, circa 2008). Got muthafucking probation, like two years. LOL. In USA, that is not how it would've gone down. It was then I realized, how 'understanding' our neighbor to the North was.

But it's not just about not being able to get at your files. They could very easily use your data against you.

@@regenosis There was basically no risk. The accounting and customer data was encrypted using a usb key which they can’t access and the other files were just research and training files.

Hey, how did you back up your files? Did you use OneDrive or something similar? I'm thinking of doing it for myself

@@cjoshy I just had a backup on an external drive I do it regularly to have a second copy of the files in case i ever need it

This an the babe wake up, such an such posted is more cringe than the fun fact ppl

Yahushua is Yahuah

@@honorablegent1201 Yahushua is Yahuah

Not a guarantee, but a pretty high liklihood that they don't, as their entire business model relies on that trust. If they started leaking or selling info after you pay, people would stop paying. Pretty simple

I'm sure believing in the good will of a criminal will work out well for everyone.@@KiraTV1

Again, it isn't about goodwill. I'm not sure how else to explain to you if the simple explanation above didn't do it. Its just common sense that they do what is in their best interest, and leaking info after payment is the exact opposite of their best interest.

@@KiraTV1 this plus they usually have too many "customers" to give a sh*t about a single company

You're right, but they have a strong incentive to do it properly. Otherwise, they'll end up with the reputation of not being trustful and people won't pay their ransom, thus ending with the riskier, dirtier and harder job of selling whatever data they now have.

@Galuche1L1U I guess, but they could just claim that it wasn't their criminal organization, but rather an "imposter". I don't have a horse in the proverbial race. Just some thoughts. No honor among thieves and all that

@Galuche1L1U or they could just say that they breached their system, so it could be someone else did also, who isn't known in the equation and has remained silent

@@JK-gm6kkit wouldn’t matter what they would claim - if a company got hit by ransomware and data was released by any means it would still damage their reputation

Healthcare companies are the ones doing mass extortion. If you don't do exactly what they want, when they want you to do it, they will crush you. It's legalized protection racket. They have a state mandated monopoly and they know how to weaponize it.

thats a double edge sword.. tho it ussaly results him the system getting unlocked for the same reason a s"cause they pay" if they pay and you don't unlock their shit then next time around they won't pay because you already proven that even if they pay it doesn't help them at all

False. Ransomware groups operate on reputation. If they ever fail to honor a deal, no one will ever even consider paying them again. Don't comment on things just to hear yourself speak, or see yourself type in this case.

@@ao1778 that is absolutely wrong.. there’s been a lot of RaaS that absolutely didn’t provide decryption keys even if you paid. For a very mainstream example just look at NotPetya, that actually asked for money and it was actually a wiper. Stop being an idiot and learn about the subject before you try to call out industry professionals, thanks.

Nothing surprises me anymore after he admitted to dropping hard r's

Yeah wondering if that’s a translation mistake…considering it’s in English.

I like you, you're my friend now.

@@LiftUpYourEyes Thank God.

it is probobly better that way even if things like this can happen bc this case is not really the norm and giving people short sentances for non-violent crimes as a general rule is prob beneficial to society. the american prison system is real bad and does a shit job at fixing crime, prison here encourages people to just continue a life of crime after they get out (it doesnt help that getting a job as a former prisoner is very difficult) we just have an enormous prison population that we (legally) use for slave labor. the best way to lower crime is to improve living conditions

I can't believe it was only 20 years - they could have got him for at least a thousand years probably - one count every time he did ANYTHING times 20 years per count. And he had a lot of victims. Plus they can usually tack on stuff like conspiracy and money laundering etc as bonus charges for just about any criminal activity.

Servers have ip addresses. Sorry, I thought that part would be obvious. Also, I didn't say they left him as the fall guy. I think at least 2 times I said everyone else was not in the reach of the United States, and the site was taken down simultaneously as he was raided. That was also explained in the video.

@@KiraTV1 thanks for the clarification. I must have missed that part. The makes more sense now. thank you! and also great content as always!

All good, thanks

Hahahahahahaha that was good. Well.played

All RU-vidrs making vids like this have to add details like that to personalize the story. I mean be honest with yourself- is it that farfetched he was doing those exact activities in the AM like every other human? It helps make the story well rounded and relatable. Also adds time to the video which means more ad revenue lol.

yeah, i don't have a problem with youtubers putting their own bits in (see: coffeezilla, just skip the bits if you don't like them) but when they're told in the exact same format as facts of the case, it gets confusing. it's a super small detail but since we're talking about a real legal case, it makes it hard to understand what's real and what's storytelling. even just adding something like "he might have...." would make things clearer and he could still keep the longer run time.

@roguejones good point. "he might have" or something similar would signify that they're adding fluff/storytelling for the sake of transparency. but a lot of True Crime channels will just add some of the most random details that make it seem like they were in a shared household relationship with the killer, and it can cause quite the laugh at times 🤣

Oh it probably is. What better way to disrupt competition? In the days of Sail we had privateers, allowed by a government to plunder another nations ships. This is just an extension of that. "You're going to do it anyway, so do it to our enemies, you get to keep what you get, and as long as you don't turn on us, we won't interfere"

You and Alberta. I live in Ontario and we are just followers. 🤫😆

lmfaoo

Aha. And if a breach happened at your company with 50.000 machines, hundreds of servers and thousands of switches scattered across the world. You might not so easily be prone to laughter.

Also they still have your data which they will publish online for everybody to download, so hope you don't have any data you don't want everybody else to have.

@@LordZordid Again keep company differential/incremental backup of all PCs, Re-deploy all OS through PXE/SCCM or similar as well as reflash all bios with a custom script. Then hire a pen tester to see how they got in if it can't be determined. I wouldnt be sysadmin for a company that size so hypotheticals get you no where. All across the world; no what your referring to is hops across routers/switches and anything outside my demarc point wouldn't matter. Copying data takes time, quite a bit over a network that's probably had to hop across 100+ points. Taking then server offline for the company wouldn't be a big deal. Reinstall the OS offline, BIOS, then harden security.

@@bubba99009 If they managed to go undetected possibly, if they're able to do anything with it is different. Knock the server offline and switch to a Linux/other partition or live boot and use a decryptor or nuke the damn thing and start over with your backups and hire a pen tester. Idgaf about company data its not mine, I don't keep self ID'ing stuff on my PC and I have vast protections against digital fingerprinting.

Except when it dosnt.

stupid comment.

Getting physical access to a server lets you basically get around most security features, if you know how. Something on that server allowed the connection to be traced back or expose his identity in some other way. If you want to be 'invisible' online, there is a lot you can do wrong. And why would it matter when the server was set up? He didn't create the group, but he was part of it and the biggest target they could catch. Good luck pursuing a hacker in Russia or some other countries.

I was saying he didn't set up the server. Was wondering what they found on the server that linked it back to him.@@fonesrphunny7242

he might have been the owner of the server and police traced the funds used to pay for it. or he accessed server related interfaces without protecting his IP (Tor ftw)

Maybe they gave him the ownership of it? Because they were around before him, so I assume this server was before him as well. Just us guessing in the wind because Kira didn't tell us lol. @@mysteryY2K

Got even a sliver of evidence for that?

You’d be surprised. There are mayors in the US that are currently serving that were arrested for breaking into cars in 2016.