DA

Darknet Diaries

Jack Rhysider

164: Oak Cliff Swipers

Oct 7, 20251h 32m

About This Episode

He started small, swiping cards, buying gift cards, and cashing out. It spiraled into a full‑blown criminal enterprise. Dozens of co‑conspirators, stacks of stolen plastic, and a lifestyle built on chaos.

Meet Nathan Michael, leader of Oak Cliff Swipers.

Sponsors

Support for this show comes from ThreatLocker®. ThreatLocker® is a Zero Trust Endpoint Protection Platform that strengthens your infrastructure from the ground up. With ThreatLocker® Allowlisting and Ringfencing™, you gain a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker® provides Zero Trust control at the kernel level that enables you to allow everything you need and block everything else, including ransomware! Learn more at www.threatlocker.com.

Support for this show comes from Pantheon. Pantheon keeps your site fast, secure, and always on. That means better SEO, more conversions, and no lost sales from downtime. But this isn’t just a business win; it’s a developer win too. Your team gets automated workflows, isolated test environments, and zero-downtime deployments. Visit Pantheon.io, and make your website your unfair advantage.

Support for this show comes from Adaptive Security. Deepfake voices on a Zoom call. AI-written phishing emails that sound exactly like your CFO. Synthetic job applicants walking through the front door. Adaptive is built to stop these attacks. They run real-time simulations, exposing your teams to what these attacks look like to test and improve your defences. Learn more at adaptivesecurity.com.


Listen to Darknet Diaries in Podtastic

For listeners, not advertisers

More Episodes

176: NSL

Jul 7, 20261h 6mSummary

In this episode of Darknet Diaries, host Jack Rhysider interviews Nick Merrill, an early internet pioneer who inadvertently became the center of a landmark legal battle over government surveillance. After starting one of the first internet service providers in New York City during the mid-nineties, Merrill’s trajectory changed permanently when he received an unexpected visit from the FBI. He was handed a National Security Letter (NSL), a directive demanding sensitive customer data while imposing a strict gag order that forbade him from disclosing the request to anyone, including his business partners or legal counsel. Merrill recounts his decision to challenge the constitutionality of the NSL, arguing that it violated the First, Fourth, and Fifth Amendments by bypassing judicial oversight and enforcing prior restraint on speech. With the assistance of the ACLU, who recognized the letter as a rare opportunity to challenge a secretive tool of the Patriot Act, Merrill embarked on a decade-long legal fight against the federal government. The episode provides an insightful look into the delicate balance between national security powers and individual constitutional rights in the digital age.

175: Bayrob

Jun 2, 20261h 36mSummary

In this episode of Darknet Diaries, host Jack Rhysider explores the complex investigation of Bayrob, a sophisticated malware gang that defrauded eBay users for years. The episode centers on the investigative work of Liam O’Murchu, a security researcher at Symantec who first encountered the malware while analyzing novel threats. Unlike common cyberattacks, Bayrob utilized a highly intricate proxy chain that routed traffic through thousands of infected machines worldwide to conceal the attackers’ true location. The narrative details the evolution of this digital cat-and-mouse game, highlighting the persistence required to track criminals who actively taunted researchers and utilized advanced obfuscation techniques. The story spans years, covering the collaboration between private sector experts, such as Liam and investigators from AOL, and the FBI. Listeners learn about the challenges of cross-border cybercrime, the frustration of working with encrypted data, and the legal hurdles of the time regarding international information sharing. Ultimately, the episode serves as a compelling case study on the persistence of both the perpetrators and the dedicated professionals working to dismantle one of the most elusive fraud rings of its era.

174: Pacific Rim

May 5, 20261h 30mSummary

In this episode, the podcast explores a multi-year cyber-espionage campaign targeting Sophos, a major provider of network security hardware. The story begins in 2018, when attackers breached a subsidiary, CyberRoam, to gain access to proprietary source code. The investigation revealed a sophisticated, multi-stage operation where actors moved laterally across networks with precision. The situation escalated in 2020 with the discovery of a widespread vulnerability in Sophos firewalls, which allowed hackers to remotely compromise thousands of devices globally. The episode details how Sophos took the unprecedented step of deploying a remote hotfix to patch these devices without direct user intervention—a controversial move that sparks a broader discussion regarding the balance between security, vendor overreach, and user control. Through deep technical analysis and OSINT, security researchers were eventually able to trace the activity back to a specific threat actor in China, identifying how the attackers used virtualized instances of the products to refine their exploits. This episode offers a fascinating look at the high-stakes world of corporate incident response, the long-term persistence of sophisticated threat actors, and the difficult ethical decisions cybersecurity vendors face when protecting their customers at scale.

173: Tarjeteros

Apr 21, 202638 minSummary

El episodio 173 de Darknet Diaries, titulado Tarjeteros, relata la sorprendente historia de Alberto, un joven residente en Yonkers de ascendencia dominicana, quien lideró una operación criminal a gran escala en Nueva York. Tras sumergirse en los foros del internet profundo, Alberto descubrió el mundo del cash-out, donde individuos aprovechan datos de tarjetas de crédito robadas para retirar dinero en efectivo a través de cajeros automáticos. El relato explora cómo Alberto, movido por la ambición, reclutó a un grupo de amigos y conocidos para ejecutar dos audaces atracos bancarios en 2012 y 2013. A través de tarjetas de débito manipuladas con límites de retiro prácticamente ilimitados, el grupo logró extraer millones de dólares de múltiples cajeros por toda la ciudad de Nueva York en tiempo récord. El episodio detalla la logística, la adrenalina y la meticulosa planificación que estos jóvenes llevaron a cabo para evadir sospechas mientras cargaban mochilas llenas de efectivo. Esta crónica analiza no solo el aspecto técnico del fraude, sino también la psicología detrás de estos hustlers, revelando cómo el deseo de una vida mejor los llevó a protagonizar uno de los robos bancarios más grandes en la historia de la ciudad.

172: SuperBox

Apr 7, 20261h 27mSummary

In this episode of Darknet Diaries, host Jack Rhysider explores the unsettling reality of malicious hardware hidden in plain sight. The discussion centers on the SuperBox, a seemingly innocuous device marketed as a premium streaming box capable of providing thousands of movies and live TV channels for a one-time fee. Through the investigation of a cybersecurity researcher known as Deadass, the episode reveals how these devices—widely available on major e-commerce platforms—are actually dangerous, backdoored hardware. The investigation uncovers that the SuperBox functions as a sophisticated, internet-connected botnet node. By analyzing network traffic, the researcher discovered the box performing aggressive ARP scans and internal network reconnaissance, essentially acting as a bridge for malicious actors to pivot into corporate or private networks from within the home. Furthermore, the device uses outdated, unpatched Android software and contains remote management tools, allowing unauthorized external access. Because these boxes are frequently purchased for residential use, they represent a significant, overlooked entry point for intelligence gathering and potential large-scale cyberattacks. The episode highlights the alarming ease with which these devices infiltrate suburban households and the complex, ongoing efforts required to track their reach.

170: Phrack

Feb 3, 202648 min

169: MoD

Jan 20, 20261h 9m

168: LoD

Jan 6, 20261h 20m

167: Threatlocker

Dec 23, 202549 min

166: Maxie

Dec 2, 20251h 4m

All podcast names and trademarks are the property of their respective owners. Podcasts listed on Podtastic are publicly available shows distributed via RSS. Podtastic does not endorse nor is endorsed by any podcast or podcast creator listed in this directory.