CHAPTER 18Passwords, Dumps, and Data Viper

I find it to be so amazingly cool to be able to say the following sentence: This is the chapter where we get to use a hacker's own hacks against them. What I mean by that is we will be using the data within a “data dump” (i.e., a company's hacked data) to fill in the missing pieces from the previous chapter.

During my quest to uncover the identities of The Dark Overlord, I could not find a single tool with all of the historical data needed to form the necessary conclusions, so I built my own: Data Viper (www.dataviper.io).

Though this tool is not commercially available (yet), I will discuss how I built the tool, how you can build your own, and of course, how it was used to reach conclusions during my investigation.

The following is an excerpt from my first conversation with TDO, circa November 2017, where he and I discuss Cr00k and his affiliation with the group.

TDO: Peace, now that's a fascinating thought.
TDO: We've contracted a great deal of individuals to front for us as data brokers. It's difficult finding the time to do these things when we're busy climbing out way up the hacking chain.
VT: oh, that's interesting. i guess i never looked at it that way.
VT: ok, so if he is a broker, why is he no longer being used?
TDO: As a business owner, we're surprised you hadn't considered the ‘supply chain' methodology and its benefits.
VT: i guess i had no idea how organized the group is.
TDO: Do you believe it's an intelligent ...

Get Hunting Cyber Criminals now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.