Darknet Diaries
Jack Rhysider
158: MalwareTech
About This Episode
MalwareTech was an anonymous security researcher, until he accidentally stopped WannaCry, one of the largest ransomware attacks in history. That single act of heroism shattered his anonymity and pulled him into a world he never expected.
Sponsors
Support for the show comes from Black Hills Information Security. Black Hills has a variety of penetration assessment and security auditing services they provide customers to help keep improve the security of a company. If you need a penetration test check out www.blackhillsinfosec.com/darknet.
Support for this show comes from Arctic Wolf. Arctic Wolf is the industry leader in security operations solutions, delivering 24x7 monitoring, assessment, and response through our patented Concierge Security model. They work with your existing tools and become an extension of your existing IT team. Visit arcticwolf.com/darknet to learn more.
Support for this show comes from Cloaked, a digital privacy tool. Cloaked offers private email, phone numbers, and virtual credit card numbers. So you can be anonymous online. They also will remove your personal information from the internet. Like home address, SSN, and phone numbers. Listeners get 20% off a Cloaked subscription when they visit https://cloaked.com/darknet. Calling 1-855-752-5625 for a free scan to check if your personal information is exposed!
Listen to Darknet Diaries in Podtastic
For listeners, not advertisers
More Episodes
176: NSL
In this episode of Darknet Diaries, host Jack Rhysider interviews Nick Merrill, an early internet pioneer who inadvertently became the center of a landmark legal battle over government surveillance. After starting one of the first internet service providers in New York City during the mid-nineties, Merrill’s trajectory changed permanently when he received an unexpected visit from the FBI. He was handed a National Security Letter (NSL), a directive demanding sensitive customer data while imposing a strict gag order that forbade him from disclosing the request to anyone, including his business partners or legal counsel. Merrill recounts his decision to challenge the constitutionality of the NSL, arguing that it violated the First, Fourth, and Fifth Amendments by bypassing judicial oversight and enforcing prior restraint on speech. With the assistance of the ACLU, who recognized the letter as a rare opportunity to challenge a secretive tool of the Patriot Act, Merrill embarked on a decade-long legal fight against the federal government. The episode provides an insightful look into the delicate balance between national security powers and individual constitutional rights in the digital age.
175: Bayrob
In this episode of Darknet Diaries, host Jack Rhysider explores the complex investigation of Bayrob, a sophisticated malware gang that defrauded eBay users for years. The episode centers on the investigative work of Liam O’Murchu, a security researcher at Symantec who first encountered the malware while analyzing novel threats. Unlike common cyberattacks, Bayrob utilized a highly intricate proxy chain that routed traffic through thousands of infected machines worldwide to conceal the attackers’ true location. The narrative details the evolution of this digital cat-and-mouse game, highlighting the persistence required to track criminals who actively taunted researchers and utilized advanced obfuscation techniques. The story spans years, covering the collaboration between private sector experts, such as Liam and investigators from AOL, and the FBI. Listeners learn about the challenges of cross-border cybercrime, the frustration of working with encrypted data, and the legal hurdles of the time regarding international information sharing. Ultimately, the episode serves as a compelling case study on the persistence of both the perpetrators and the dedicated professionals working to dismantle one of the most elusive fraud rings of its era.
174: Pacific Rim
In this episode, the podcast explores a multi-year cyber-espionage campaign targeting Sophos, a major provider of network security hardware. The story begins in 2018, when attackers breached a subsidiary, CyberRoam, to gain access to proprietary source code. The investigation revealed a sophisticated, multi-stage operation where actors moved laterally across networks with precision. The situation escalated in 2020 with the discovery of a widespread vulnerability in Sophos firewalls, which allowed hackers to remotely compromise thousands of devices globally. The episode details how Sophos took the unprecedented step of deploying a remote hotfix to patch these devices without direct user intervention—a controversial move that sparks a broader discussion regarding the balance between security, vendor overreach, and user control. Through deep technical analysis and OSINT, security researchers were eventually able to trace the activity back to a specific threat actor in China, identifying how the attackers used virtualized instances of the products to refine their exploits. This episode offers a fascinating look at the high-stakes world of corporate incident response, the long-term persistence of sophisticated threat actors, and the difficult ethical decisions cybersecurity vendors face when protecting their customers at scale.
173: Tarjeteros
El episodio 173 de Darknet Diaries, titulado Tarjeteros, relata la sorprendente historia de Alberto, un joven residente en Yonkers de ascendencia dominicana, quien lideró una operación criminal a gran escala en Nueva York. Tras sumergirse en los foros del internet profundo, Alberto descubrió el mundo del cash-out, donde individuos aprovechan datos de tarjetas de crédito robadas para retirar dinero en efectivo a través de cajeros automáticos. El relato explora cómo Alberto, movido por la ambición, reclutó a un grupo de amigos y conocidos para ejecutar dos audaces atracos bancarios en 2012 y 2013. A través de tarjetas de débito manipuladas con límites de retiro prácticamente ilimitados, el grupo logró extraer millones de dólares de múltiples cajeros por toda la ciudad de Nueva York en tiempo récord. El episodio detalla la logística, la adrenalina y la meticulosa planificación que estos jóvenes llevaron a cabo para evadir sospechas mientras cargaban mochilas llenas de efectivo. Esta crónica analiza no solo el aspecto técnico del fraude, sino también la psicología detrás de estos hustlers, revelando cómo el deseo de una vida mejor los llevó a protagonizar uno de los robos bancarios más grandes en la historia de la ciudad.
172: SuperBox
In this episode of Darknet Diaries, host Jack Rhysider explores the unsettling reality of malicious hardware hidden in plain sight. The discussion centers on the SuperBox, a seemingly innocuous device marketed as a premium streaming box capable of providing thousands of movies and live TV channels for a one-time fee. Through the investigation of a cybersecurity researcher known as Deadass, the episode reveals how these devices—widely available on major e-commerce platforms—are actually dangerous, backdoored hardware. The investigation uncovers that the SuperBox functions as a sophisticated, internet-connected botnet node. By analyzing network traffic, the researcher discovered the box performing aggressive ARP scans and internal network reconnaissance, essentially acting as a bridge for malicious actors to pivot into corporate or private networks from within the home. Furthermore, the device uses outdated, unpatched Android software and contains remote management tools, allowing unauthorized external access. Because these boxes are frequently purchased for residential use, they represent a significant, overlooked entry point for intelligence gathering and potential large-scale cyberattacks. The episode highlights the alarming ease with which these devices infiltrate suburban households and the complex, ongoing efforts required to track their reach.
170: Phrack
169: MoD
168: LoD
167: Threatlocker
166: Maxie
Related Podcasts
All podcast names and trademarks are the property of their respective owners. Podcasts listed on Podtastic are publicly available shows distributed via RSS. Podtastic does not endorse nor is endorsed by any podcast or podcast creator listed in this directory.