CHAPTER 13Interesting Places to Look
As the name implies, this chapter is all about finding information in unique places. This chapter will also wrap up the story of threat actor Cyper and the events leading up to the discovery of his identity.
What better way to start than with an excerpt of a private XMPP conversation between Cyper and myself. In this conversation, Cyper and I traded information as to how we were able to discover each other using obscure clues.
VT: |
How did you know it was me? |
kickass: |
lol you use the same macbook |
VT: |
considering i bought this macbook 2 days ago, i dont think so |
VT: |
brand new baby. i9 |
kickass: |
but not the name ;) |
kickass: |
anyway answer the questions |
kickass: |
why you think i am that guy |
VT: |
ignoring the fact that your language style changes somewhere towards the end of hell/right before BlackBox, when you guys finally opened KA, your newsbot was something like Cypernews |
VT: |
CYPERCRIME news |
VT: |
that's what it was |
kickass: |
lol |
kickass: |
you are on ka and so you should know cyper is also there ‐ btw have we ban you? |
VT: |
i havent been on KA in a long time |
kickass: |
some tip if you use jabber don't use the same userpic for all accounts and also change you laptop name sometimes ;) |
What Cyper was referring to was the “hostname” field in my Jabber client. I didn't realize this at the time, but you have the ability to customize that field, and if left alone, Adium for Mac OSX will use the name of your computer. In this case Cyper knew ...
Get Hunting Cyber Criminals now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
