WEBVTT 00:00:06.870 --> 00:00:14.130 JACK: [MUSIC] Hey, this has been a weird year, hasn’t it? 00:00:14.130 --> 00:00:16.219 Well, this is gonna be a weird episode. 00:00:16.219 --> 00:00:19.650 Are you ready to go on a musical adventure with me? 00:00:19.650 --> 00:00:20.650 Yeah? 00:00:20.650 --> 00:00:21.650 Okay, let’s do this. 00:00:21.650 --> 00:00:27.160 Here, check this out. 00:00:27.160 --> 00:00:36.129 [MUSIC] Did you just hear what I heard? 00:00:36.129 --> 00:00:37.129 ‘Pass the hash’? 00:00:37.129 --> 00:00:38.379 ‘Trojan all the firmware’? 00:00:38.379 --> 00:00:43.059 What is this? 00:00:43.059 --> 00:00:45.379 ‘Man-in-the-middle’? 00:00:45.379 --> 00:00:49.320 ‘My wire-taps are feared’? 00:00:49.320 --> 00:00:56.390 Was this song made just for me? 00:00:56.390 --> 00:01:07.040 Okay, okay, okay, I’m hooked. 00:01:07.040 --> 00:01:11.369 I want to hear more and if you do too, come along with me and let’s dive into the world 00:01:11.369 --> 00:01:14.000 of nerdcore music. 00:01:14.000 --> 00:01:18.580 But two quick warnings; first, this episode has explicit lyrics. 00:01:18.580 --> 00:01:19.920 Swear words and stuff. 00:01:19.920 --> 00:01:24.919 Second, make sure to listen to this one at 1x speed, okay? 00:01:24.919 --> 00:01:26.860 Now turn it up. 00:01:26.860 --> 00:01:34.880 (INTRO): [INTRO MUSIC] These are true stories from the dark side of the internet. 00:01:34.880 --> 00:01:39.530 I’m Jack Rhysider. 00:01:39.530 --> 00:01:43.280 This is Darknet Diaries. 00:01:43.280 --> 00:01:51.090 [INTRO MUSIC ENDS] 00:01:51.090 --> 00:01:58.310 JACK: Okay, first on the playlist is YTCracker. 00:01:58.310 --> 00:01:59.880 YTC: This is DJMC YTCracker. 00:01:59.880 --> 00:02:03.250 JACK: That’s spelled with the letter Y, the letter T, and then Cracker. 00:02:03.250 --> 00:02:20.780 Now, to give you a taste of what YTCracker’s music sounds like, here’s an appetizer. 00:02:20.780 --> 00:02:32.420 [MUSIC] You hear all this? 00:02:32.420 --> 00:02:34.910 ‘Living like the archetypal internet kingpin’? 00:02:34.910 --> 00:02:38.160 ‘Traffic on the scanners been shallow so I’m in a shadow’? 00:02:38.160 --> 00:02:41.880 Then he says ‘Fingers on the keyboard typing, showing my eliteness.’ 00:02:41.880 --> 00:02:45.879 I guess that sort of frames my curiosity. 00:02:45.879 --> 00:02:48.780 How elite are nerdcore rappers? 00:02:48.780 --> 00:02:50.580 Who is YTCracker? 00:02:50.580 --> 00:02:55.500 To find that out, we have to stop and rewind the tape to when he was a kid. 00:02:55.500 --> 00:03:00.349 [MUSIC] He grew up in California and in Colorado and was introduced into tech by his father. 00:03:00.349 --> 00:03:05.170 YTC: He worked for Hughes Aircraft and he was working on peacekeeper missiles, just 00:03:05.170 --> 00:03:07.990 all the cold war cool stuff, but absolutely hated California. 00:03:07.990 --> 00:03:09.930 JACK: This is YTCracker talking. 00:03:09.930 --> 00:03:13.920 YTC: Moved back to Colorado and he was working with Martin Marietta, which eventually became 00:03:13.920 --> 00:03:14.920 Lockheed Martin. 00:03:14.920 --> 00:03:21.590 He’s very much hardware oriented and I kinda fell more into the software field, but it 00:03:21.590 --> 00:03:27.519 was lucky to have a computer in my house kinda when they weren’t as ubiquitous as they 00:03:27.519 --> 00:03:28.629 are now. 00:03:28.629 --> 00:03:34.860 I was really advantaged, I think, by just – the first time I ever touched a computer, 00:03:34.860 --> 00:03:37.170 I was just super-fascinated with them. 00:03:37.170 --> 00:03:40.630 Just wanted to figure out everything; how they worked. 00:03:40.630 --> 00:03:44.990 JACK: [MUSIC] We’re talking the 90s here, when YTCracker was in high school. 00:03:44.990 --> 00:03:48.760 He was getting online then and looking to see what was there which by the way, there 00:03:48.760 --> 00:03:49.920 wasn’t much online at the time. 00:03:49.920 --> 00:03:55.569 YTC: I was really into the bulletin board scene, locally. 00:03:55.569 --> 00:04:03.329 I think from there is kinda where I started reading a lot of texts; text files, textzines, 00:04:03.329 --> 00:04:08.769 and sort of the tales of the underground and got real fascinated with tone phreaking and 00:04:08.769 --> 00:04:15.980 hacking and stuff, sorta being a natural extension to the understanding how computers worked. 00:04:15.980 --> 00:04:20.560 JACK: The internet and computers were fascinating to him, so he kept going deeper and deeper 00:04:20.560 --> 00:04:21.570 to learn more about it. 00:04:21.570 --> 00:04:28.010 YTC: [MUSIC] My first real hack, I think – there was a – the public library had a bulletin 00:04:28.010 --> 00:04:31.039 board system. 00:04:31.039 --> 00:04:33.780 I found out how to drop into a shell. 00:04:33.780 --> 00:04:36.380 I turned it into an Eggdrop bot. 00:04:36.380 --> 00:04:41.620 JACK: At that time, most people didn’t have a persistent connection to the internet, but 00:04:41.620 --> 00:04:43.180 his library did. 00:04:43.180 --> 00:04:48.449 He installed an IRC bot on it which could act sort of like an admin of a chatroom, something 00:04:48.449 --> 00:04:51.190 that was always vigilant, watching everything that was going on. 00:04:51.190 --> 00:04:56.031 This was cool as a teenager to have remote control over an always-on computer and to 00:04:56.031 --> 00:04:57.480 actually put it to use. 00:04:57.480 --> 00:05:04.880 YTC: Yeah, I just kind of really got addicted to the real breaking [00:05:00] into stuff. 00:05:04.880 --> 00:05:12.380 I just kinda went on this little bit of a rampage, I guess, after that. 00:05:12.380 --> 00:05:17.650 I hacked pretty much every school district in the state. 00:05:17.650 --> 00:05:26.810 JACK: [MUSIC] Now, before we get too far down his hacking path, at this same time he was 00:05:26.810 --> 00:05:28.979 also learning how to make music on his computer. 00:05:28.979 --> 00:05:33.000 Oh, and just so you know, all the songs you hear while we’re talking with YTCracker 00:05:33.000 --> 00:05:34.569 were made by him. 00:05:34.569 --> 00:05:39.310 In the 90s, there were these programs called trackers which would let you play samples 00:05:39.310 --> 00:05:41.259 at different pitches to make music. 00:05:41.259 --> 00:05:43.240 YTC: Scream Tracker was the first one that I had used. 00:05:43.240 --> 00:05:48.980 Actually, a couple of the computer guys that I had – the other hacker dudes were super 00:05:48.980 --> 00:05:50.180 into electronic music. 00:05:50.180 --> 00:05:53.370 JACK: Here’s one of the songs he made while in high school using Scream Tracker. 00:05:53.370 --> 00:06:06.890 [MUSIC] You know, I wasn’t gonna say anything but that intro brings back memories I totally 00:06:06.890 --> 00:06:08.199 forgot about. 00:06:08.199 --> 00:06:12.319 When I was a teenager around that same time, I found some text-to-speech software. 00:06:12.319 --> 00:06:14.919 Whatever I wrote, the computer would try to say it. 00:06:14.919 --> 00:06:19.070 You could do male voices or female voices, British or American accents. 00:06:19.070 --> 00:06:24.510 When I discovered this as a teenager, I made the voice say sexy things, too. 00:06:24.510 --> 00:06:29.011 Possibly all teenage boys who discover text-to-speech programs for the first time get the computer 00:06:29.011 --> 00:06:34.220 to say something dirty just to giggle. 00:06:34.220 --> 00:06:38.820 At this time in the 90s, the cool place to be part of was the demo scene and YTCracker 00:06:38.820 --> 00:06:40.370 was right in the middle of it. 00:06:40.370 --> 00:06:43.169 The demo scene was its own subculture of the internet. 00:06:43.169 --> 00:06:48.539 It pretty much was just a audio and visual showcase made by independent artists. 00:06:48.539 --> 00:06:53.160 Demos were little programs, executables that when you ran it, it would just display moving 00:06:53.160 --> 00:06:54.830 graphics and play music. 00:06:54.830 --> 00:06:56.231 That’s all it did. 00:06:56.231 --> 00:07:00.940 But in the 90s, it was really cool to scroll through scene.org, download files, and run 00:07:00.940 --> 00:07:03.090 them to see what they did. 00:07:03.090 --> 00:07:07.480 Since YTCracker was making music, he was all about the demo scene, uploading his music 00:07:07.480 --> 00:07:10.620 there and making friends with other electronic musicians. 00:07:10.620 --> 00:07:15.990 YTC: I looked on scene.org and I can’t find a lot of the older stuff that I had. 00:07:15.990 --> 00:07:21.349 It was definitely on bulletin boards but we had this group called the Pu Tang Clan, we 00:07:21.349 --> 00:07:26.040 had one called Multisync, and then there was a group called Category 5. 00:07:26.040 --> 00:07:31.360 JACK: At this point, YTCracker was really into computers, using them to make music with 00:07:31.360 --> 00:07:34.069 other people and to hack stuff, too. 00:07:34.069 --> 00:07:39.150 Being part of the demo scene sometimes blended right into the hacker scene because a lot 00:07:39.150 --> 00:07:43.580 of apps that were used to play pirated games had cool little graphics and music built into 00:07:43.580 --> 00:07:48.580 the app to say this game was cracked by our hacker group which made the hacker group so 00:07:48.580 --> 00:07:49.580 much cooler. 00:07:49.580 --> 00:07:57.569 YTC: I remember WinNuke had come out and it was like, you send out a band packet to port 00:07:57.569 --> 00:08:04.379 139 and it would crash someone’s computer if you – this is prior to consumer firewalls 00:08:04.379 --> 00:08:06.570 and everything like that. 00:08:06.570 --> 00:08:10.440 Basically, if you had somebody’s IP address and they had a Windows machine, you could 00:08:10.440 --> 00:08:12.610 invariably crash them. 00:08:12.610 --> 00:08:17.370 I remember having that and one of the SysOps at the Southern BBS I had gone in is like 00:08:17.370 --> 00:08:19.240 have you ever been on AOL? 00:08:19.240 --> 00:08:21.660 I hadn’t, but I was obviously aware of it. 00:08:21.660 --> 00:08:25.020 He was like, you can just knock people offline there. 00:08:25.020 --> 00:08:26.020 I’ll try it, too. 00:08:26.020 --> 00:08:27.120 I was like oh, that’s so cool. 00:08:27.120 --> 00:08:32.500 JACK: Yeah, so America Online or AOL was a way to get online in the 90s but it was designed 00:08:32.500 --> 00:08:34.490 for dummies to use the internet. 00:08:34.490 --> 00:08:39.330 So, because it was so super-easy to use, it attracted a lot of newbies to the internet. 00:08:39.330 --> 00:08:45.980 In some IRC chatrooms, this meant AOL users were easy targets to try to hack. 00:08:45.980 --> 00:08:53.310 YTCracker was finding ways to hack into AOL servers and look up information on their users. 00:08:53.310 --> 00:08:58.100 YTC: We were working on defacing keywords. 00:08:58.100 --> 00:08:59.740 We had access to the CRIS. 00:08:59.740 --> 00:09:06.430 It was the Consumer Resource Information Service so you could look up – on AOL, you can look 00:09:06.430 --> 00:09:12.510 people up and get their credit card information, their address, phone number, you know, all 00:09:12.510 --> 00:09:13.510 the notes on the account. 00:09:13.510 --> 00:09:18.920 Really, it was crazy ‘cause back then when people were actually anonymous on the internet 00:09:18.920 --> 00:09:24.089 and weren’t trying to put all their real information on Facebook and stuff, it was 00:09:24.089 --> 00:09:29.399 really just funny ‘cause we’d be talking shit to somebody on AOL and then tell them 00:09:29.399 --> 00:09:30.540 where they live. 00:09:30.540 --> 00:09:33.510 You wouldn’t see them sign-on for weeks ‘cause they would just be scared out of 00:09:33.510 --> 00:09:34.510 their minds. 00:09:34.510 --> 00:09:37.830 JACK: Now, all this was going on while YTCracker was still in high school and he’s also hacking 00:09:37.830 --> 00:09:39.870 into the school because why not, right? 00:09:39.870 --> 00:09:44.420 I mean, for a teenager, it’s sometimes just a simple question of let’s see if the school, 00:09:44.420 --> 00:09:48.520 which is trying to teach me about computers, knows anything about how to secure their own 00:09:48.520 --> 00:09:49.520 network. 00:09:49.520 --> 00:09:54.010 He was able to get into the school’s database which allowed him to change grades for any 00:09:54.010 --> 00:09:56.000 student in the school. 00:09:56.000 --> 00:10:02.810 YTC: I just had the perception, basically, that if you changed one grade in a system, 00:10:02.810 --> 00:10:06.312 then it’s obviously easy to find [00:10:00] out who is behind it and stuff. 00:10:06.312 --> 00:10:14.150 There was a method to changing random grades and stuff so there was no way to really associate 00:10:14.150 --> 00:10:15.150 it with anybody. 00:10:15.150 --> 00:10:16.320 JACK: You changed your own grade? 00:10:16.320 --> 00:10:18.270 YTC: [MUSIC] I didn’t change my own grades, no. 00:10:18.270 --> 00:10:19.670 Never changed my own grades. 00:10:19.670 --> 00:10:21.440 JACK: You just screwed with other students? 00:10:21.440 --> 00:10:22.620 YTC: Changed others, yeah. 00:10:22.620 --> 00:10:25.860 That’s the best way to do it. 00:10:25.860 --> 00:10:28.930 I’d basically gotten into all the record systems. 00:10:28.930 --> 00:10:33.230 I defaced all the web pages later. 00:10:33.230 --> 00:10:39.850 JACK: Defacing a website is pretty much just making changes to a website when you’re 00:10:39.850 --> 00:10:41.090 not supposed to be able to. 00:10:41.090 --> 00:10:43.769 YTC: I remember replacing the entire front page. 00:10:43.769 --> 00:10:47.380 It was like, all you’d have to do is go to the domain and you would see it there. 00:10:47.380 --> 00:10:52.660 I would leave links to the original pages and stuff, but yeah, just replacing the entirely 00:10:52.660 --> 00:10:54.480 of the page. 00:10:54.480 --> 00:11:01.060 Sometimes I would mess with the…just take the existing page that’s there and just 00:11:01.060 --> 00:11:04.240 mess with the text to make it funny and edit the pictures. 00:11:04.240 --> 00:11:05.240 Sometimes I’d replace it completely. 00:11:05.240 --> 00:11:10.519 But again, I think it was the competitive atmosphere that – again, amongst ourselves, 00:11:10.519 --> 00:11:14.019 we were just trying to find the biggest fish to farm. 00:11:14.019 --> 00:11:18.790 JACK: He was gaining street cred as a hacker, earning the respect of more people in the 00:11:18.790 --> 00:11:20.019 chatrooms that he was in. 00:11:20.019 --> 00:11:27.100 YTC: I started getting into – I was really into hip-hop and everything so graffiti was 00:11:27.100 --> 00:11:29.410 one of the elements of hip-hop, I guess. 00:11:29.410 --> 00:11:32.889 I kind of really liked web page defacement. 00:11:32.889 --> 00:11:41.450 It seemed to be the most hip-hop of all of the hacks you could do. 00:11:41.450 --> 00:11:43.519 I remember the first series. 00:11:43.519 --> 00:11:51.670 There was a cold fusion bug when it was in default upload, there was – in the examples 00:11:51.670 --> 00:11:55.420 of the cold fusion server – but some people would just leave this directory up there and 00:11:55.420 --> 00:12:00.620 it allowed you to just arbitrarily upload files to web pages. 00:12:00.620 --> 00:12:09.580 I remember just grinding out local car dealerships, web pages I would see on TV. 00:12:09.580 --> 00:12:15.250 Again, this was back in the late 90s and early 2000s, so it wasn’t – most people had 00:12:15.250 --> 00:12:20.690 AOL keywords back then which was how you would visit them on the internet and so many people 00:12:20.690 --> 00:12:22.449 were on AOL. 00:12:22.449 --> 00:12:28.140 Like I said, defacing keywords and defacing web pages just became this sort of funny way 00:12:28.140 --> 00:12:35.500 to use the hacking but not…there was glory in it, I guess. 00:12:35.500 --> 00:12:38.350 You’re not stealing nuclear secrets, though. 00:12:38.350 --> 00:12:41.500 JACK: [MUSIC] This was fun. 00:12:41.500 --> 00:12:43.269 This was a rush for him. 00:12:43.269 --> 00:12:46.579 Making music and defacing websites became his two biggest hobbies. 00:12:46.579 --> 00:12:50.399 YTC: First it was high-value-target-type stuff, corporate. 00:12:50.399 --> 00:12:56.810 Then for whatever reason, it was just like the .mils and the .govs just became sort of 00:12:56.810 --> 00:12:58.870 enticing, shiny Pokemon to me. 00:12:58.870 --> 00:12:59.870 JACK: .mils and .govs? 00:12:59.870 --> 00:13:02.600 Those are top-level domains. 00:13:02.600 --> 00:13:07.889 He’s talking about any website that ends in .mil or .gov. 00:13:07.889 --> 00:13:12.970 He’s targeting military and government websites now. 00:13:12.970 --> 00:13:15.839 Some of the ways he got in were pretty simple, too. 00:13:15.839 --> 00:13:20.769 He just had a handful of techniques and he would try each technique to see if it worked. 00:13:20.769 --> 00:13:24.449 These were sometimes simple tools just to check if the web server was vulnerable. 00:13:24.449 --> 00:13:27.190 If so, he’d exploit it. 00:13:27.190 --> 00:13:37.581 YTC: I did – yeah, the city of Colorado Springs was my local town and I hacked the 00:13:37.581 --> 00:13:41.170 USGS Texas Department of Public Safety. 00:13:41.170 --> 00:13:44.170 It’s like their sheriff department. 00:13:44.170 --> 00:13:50.130 I did AT&T, Acer, the FAA, New York Department of Agriculture, Oregon State Construction 00:13:50.130 --> 00:13:55.279 Contractor’s Board, the Oregon State Board of Education, pretty much every school district 00:13:55.279 --> 00:13:57.060 in Colorado. 00:13:57.060 --> 00:14:03.380 The Goddard Space International Program, the National Training Center for the Bureau of 00:14:03.380 --> 00:14:04.550 Land and Management. 00:14:04.550 --> 00:14:12.670 Yeah, it was a – it was fun but again, my purpose was just making graffiti. 00:14:12.670 --> 00:14:20.540 I wasn’t really trying to disrupt the inner workings of the US government at the time. 00:14:20.540 --> 00:14:26.050 JACK: At this point, are you feeling like you’re gonna get caught? 00:14:26.050 --> 00:14:33.339 YTC: I was fairly certain – ‘cause the handle that I went by, YTCracker, the people 00:14:33.339 --> 00:14:37.120 – they knew me as that anyway ‘cause I had done music under it and stuff. 00:14:37.120 --> 00:14:42.410 It wasn’t like kind of a secret, and that’s part of where – I didn’t delete logs. 00:14:42.410 --> 00:14:49.300 I purposely was – I was just making it so – I didn’t really think about the consequences 00:14:49.300 --> 00:14:50.530 though, at that time. 00:14:50.530 --> 00:14:58.529 I wasn’t eighteen, so I figured anything that happened to me, I could just get adjudicated 00:14:58.529 --> 00:15:02.700 out of, or whatever. 00:15:02.700 --> 00:15:04.040 [00:15:00] 00:15:04.040 --> 00:15:10.779 JACK: [MUSIC] At this point, YTCracker discovered a pretty interesting thing that could potentially 00:15:10.779 --> 00:15:12.149 earn him money. 00:15:12.149 --> 00:15:15.600 He found some websites had referral programs. 00:15:15.600 --> 00:15:21.089 Basically, the website would pay anyone cash for referring a new user to the site. 00:15:21.089 --> 00:15:26.470 YTCracker realized hey, if I had a lot of e-mail addresses, I could send them all an 00:15:26.470 --> 00:15:31.199 e-mail telling them to go sign up at this website and I’d get paid for sending people 00:15:31.199 --> 00:15:32.199 there. 00:15:32.199 --> 00:15:35.350 He entered into the world of spam. 00:15:35.350 --> 00:15:37.259 Step one though is getting the e-mail addresses. 00:15:37.259 --> 00:15:43.980 YTC: Okay, so, on AOL there was a member directory but then there was also a bunch of chatrooms. 00:15:43.980 --> 00:15:47.509 In the chatrooms there was a feature you can click called Who’s Online? 00:15:47.509 --> 00:15:51.900 It would list who was in that room at the time. 00:15:51.900 --> 00:15:56.410 The max room size is about twenty-three, twenty-four people. 00:15:56.410 --> 00:16:01.290 There was just programs it’ll just automatically go through and click. 00:16:01.290 --> 00:16:05.779 To gather the names, pretty much you would just go to all the public rooms and you would 00:16:05.779 --> 00:16:06.889 cycle through. 00:16:06.889 --> 00:16:11.069 Initially, there wasn’t any rate limits so you could just basically get the entirety 00:16:11.069 --> 00:16:16.589 of AOL and just have something that’s constantly running and grabbing names from the member 00:16:16.589 --> 00:16:17.589 directory. 00:16:17.589 --> 00:16:20.480 You could take a dictionary file and then search for certain things that would be in 00:16:20.480 --> 00:16:21.730 people’s profiles. 00:16:21.730 --> 00:16:24.060 You would just scale out that way. 00:16:24.060 --> 00:16:28.440 JACK: You got what, a list of a few hundred, a few thousand? 00:16:28.440 --> 00:16:29.570 YTC: Millions. 00:16:29.570 --> 00:16:31.380 JACK: Okay, step one is done. 00:16:31.380 --> 00:16:33.519 He has millions of e-mail addresses. 00:16:33.519 --> 00:16:38.670 Next is to find the most profitable website that pays for referrals but doesn’t mind 00:16:38.670 --> 00:16:42.690 if people use spam to get those referrals. 00:16:42.690 --> 00:16:47.620 After researching what websites to promote, he found the perfect site. 00:16:47.620 --> 00:16:55.140 YTC: Porn was pretty much the – I wasn’t even old enough really to view it, but a lot 00:16:55.140 --> 00:17:04.709 of these companies, they outwardly had a policy against spamming but realistically under the 00:17:04.709 --> 00:17:10.160 hood, everybody knew it was just kinda known this is how the traffic gets generated. 00:17:10.160 --> 00:17:12.890 There was choices to get paid per click or per sign-up. 00:17:12.890 --> 00:17:25.819 Depending on how your traffic backed out – in spam, obviously, it’s just – you want 00:17:25.819 --> 00:17:40.700 to go with the pay-per-click model. 00:17:40.700 --> 00:17:47.220 JACK: [MUSIC] There he goes, sending millions of e-mails to people urging them to visit 00:17:47.220 --> 00:17:49.210 porn sites and to join as a member. 00:17:49.210 --> 00:17:53.160 The more people he got to click, the more money he’d make. 00:17:53.160 --> 00:17:58.070 You were making $1,000 a week, or? 00:17:58.070 --> 00:18:02.990 YTC: Yeah, just about. 00:18:02.990 --> 00:18:09.580 JACK: That’s pretty good for a seventeen-year-old. 00:18:09.580 --> 00:18:11.740 YTC: Yeah, it was amazing. 00:18:11.740 --> 00:18:16.940 JACK: Do you remember the things you were buying as a seventeen-year-old? 00:18:16.940 --> 00:18:20.570 YTC: I mean, lots of computer equipment. 00:18:20.570 --> 00:18:24.490 My wardrobe was insane. 00:18:24.490 --> 00:18:30.510 I had just the most insane – EKKO was my favorite clothing brand and I pretty much 00:18:30.510 --> 00:18:32.660 had every piece that they owned. 00:18:32.660 --> 00:18:41.039 I was taking my friends out to dinner and everything all the time, bought a car. 00:18:41.039 --> 00:18:42.419 I don’t know, just whatever. 00:18:42.419 --> 00:18:43.450 Again, it was just… 00:18:43.450 --> 00:18:49.220 JACK: What’d your parents think that you had – how’d you get this money? 00:18:49.220 --> 00:18:57.850 YTC: They knew, but my dad was always just really – my parents are really traditional 00:18:57.850 --> 00:19:03.120 and I was kind of, at that point, fucking education and stuff. 00:19:03.120 --> 00:19:11.669 I realized that I make more than my teacher, not doing even – not even really working. 00:19:11.669 --> 00:19:16.851 This whole kind of teenage rebellion thing where every teenager does think that they 00:19:16.851 --> 00:19:21.570 know everything, but at that stage I was really like well, if this is what’s possible, then 00:19:21.570 --> 00:19:26.490 why do I need to continue to do this type of stuff? 00:19:26.490 --> 00:19:34.720 Yeah, I think my parents – my dad was trying to instill work ethic in me; going to work 00:19:34.720 --> 00:19:37.170 and showing up and this type of stuff. 00:19:37.170 --> 00:19:38.690 I was like no, it’s the money that’s important. 00:19:38.690 --> 00:19:39.710 It’s not the job. 00:19:39.710 --> 00:19:52.990 It’s the byproduct – the end result of what you’re working for is the key here. 00:19:52.990 --> 00:20:08.299 We were at odds, I guess, philosophically. 00:20:08.299 --> 00:20:15.510 [MUSIC] [00:20:00] 00:20:15.510 --> 00:20:26.260 JACK: Somewhere around here, YTCracker dropped out of high school, which I understand. 00:20:26.260 --> 00:20:29.870 He’s running circles around the school’s network, so there’s probably not much they 00:20:29.870 --> 00:20:31.130 can teach him about computers. 00:20:31.130 --> 00:20:32.880 He’s making more money than his teachers. 00:20:32.880 --> 00:20:40.230 He’ll feeling like he’s got life figured out. 00:20:40.230 --> 00:20:42.990 [MUSIC] 00:20:42.990 --> 00:20:52.750 HOST: [MUSIC] Cyber-crime seems to be how some people, particularly juveniles, feel 00:20:52.750 --> 00:20:53.750 important. 00:20:53.750 --> 00:21:00.380 For YTCracker, a seventeen-year-old dropout, this meant compromising and defacing multiple 00:21:00.380 --> 00:21:01.380 websites. 00:21:01.380 --> 00:21:05.669 YTC: Kids like us, we go out every day, we have fun, then we come home, rule the world. 00:21:05.669 --> 00:21:10.970 HOST: He came to the attention of DCIS when he illegally accessed a defense contract management 00:21:10.970 --> 00:21:12.549 agency web server. 00:21:12.549 --> 00:21:19.039 Once inside, he replaced DCMA information with text and graphics in which he bragged 00:21:19.039 --> 00:21:21.049 about his exploits. 00:21:21.049 --> 00:21:26.870 The pattern was repeated on over forty websites including servers maintained by NASA. 00:21:26.870 --> 00:21:33.160 Agents from DCIS, NASA, as well as the FBI began to close in on the juvenile. 00:21:33.160 --> 00:21:38.600 Meanwhile, police in Colorado Springs were conducting their own investigation. 00:21:38.600 --> 00:21:43.490 They were tracking down an individual who had hacked into local school records. 00:21:43.490 --> 00:21:48.320 The minor responsible for the defacements was soon identified and agents began to build 00:21:48.320 --> 00:21:49.900 their case. 00:21:49.900 --> 00:21:52.120 YTCracker knew they were onto him. 00:21:52.120 --> 00:21:56.590 YTC: Detective DeHart published a 314-page case report on the whole thing. 00:21:56.590 --> 00:21:58.080 I was just like, that’s huge. 00:21:58.080 --> 00:22:03.169 HOST: The seventeen-year-old suspect eventually confessed to one count of computer crime under 00:22:03.169 --> 00:22:04.880 Colorado law. 00:22:04.880 --> 00:22:19.570 He was placed on two year’s probation and fined $24,000. 00:22:19.570 --> 00:22:49.799 YTC: [MUSIC] I think it was that the ride was over, type thing. 00:22:49.799 --> 00:22:56.510 The one hack that is still kind of – again, this was sort of a gentleman’s agreement 00:22:56.510 --> 00:23:01.300 I would say, but they were just like look, if you didn’t fuck with the government, 00:23:01.300 --> 00:23:04.680 we probably wouldn’t have even come after you. 00:23:04.680 --> 00:23:10.169 I was like, I thought that was pretty interesting. 00:23:10.169 --> 00:23:14.510 I just had this gentleman’s agreement with the government ever since that I just don’t 00:23:14.510 --> 00:23:15.750 hack them. 00:23:15.750 --> 00:23:21.929 Ever since then, I’ve pretty much stayed out of – I haven’t been raided since. 00:23:21.929 --> 00:23:27.810 It’s not like I kept my nose the cleanest but at the same time, I was the – pretty 00:23:27.810 --> 00:23:36.330 much just the biggest takeaway is that the government will really roll over you if – they 00:23:36.330 --> 00:23:41.010 have an infinite budget and infinite time if you humiliate them. 00:23:41.010 --> 00:23:46.080 JACK: But while he had a truce with government websites, he didn’t see any problem with 00:23:46.080 --> 00:23:48.580 continuing with his spamming career. 00:23:48.580 --> 00:23:53.750 YTC: Spamming is life. 00:23:53.750 --> 00:24:07.050 [MUSIC] ‘Cause I realized that hacking is much more rewarding when you are making money 00:24:07.050 --> 00:24:14.120 doing it, so that was the onus for a lot of it and defacing things wasn’t really profitable 00:24:14.120 --> 00:24:19.700 unless you’re obviously defacing something and putting a link to your gas card which 00:24:19.700 --> 00:24:41.210 was…[MUSIC] I think that – and again, people have varying opinions on 00:24:41.210 --> 00:24:42.210 it. 00:24:42.210 --> 00:24:45.559 It’s one of those things that I think everybody wants to do or wishes they could do regardless 00:24:45.559 --> 00:24:46.890 of how annoying it is. 00:24:46.890 --> 00:24:52.070 Well, I won’t say everybody but even in today’s culture, people are just like, look 00:24:52.070 --> 00:24:56.659 into my mixed tape or check out my YouTube channel; like and subscribe-type stuff that 00:24:56.659 --> 00:25:02.240 really – getting into a million, ten million, a hundred million inboxes. 00:25:02.240 --> 00:25:06.730 If you can do that and get that many eyeballs on your [00:25:00] thing, you’re obviously 00:25:06.730 --> 00:25:07.730 doing pretty well. 00:25:07.730 --> 00:25:12.920 JACK: At some point he realized online pharmacies were also paying very well for referrals. 00:25:12.920 --> 00:25:18.660 So, he started sending spam trying to get people to buy medications from certain pharmacies. 00:25:18.660 --> 00:25:22.320 Then he also found sites that you could buy fake diplomas from. 00:25:22.320 --> 00:25:23.840 They were also paying well for referrals. 00:25:23.840 --> 00:25:27.470 M1: [MUSIC] If you send me another fucking text message to my cell phone, we’re gonna 00:25:27.470 --> 00:25:28.470 have a problem. 00:25:28.470 --> 00:25:31.309 Better knock this shit off. 00:25:31.309 --> 00:25:33.600 YTC: We blasted this diploma spam. 00:25:33.600 --> 00:25:38.200 JACK: He actually figured out a way to send a bunch of spam through text messages in some 00:25:38.200 --> 00:25:39.200 campaigns. 00:25:39.200 --> 00:25:44.020 M1: [MUSIC] I will sue you for every fucking thing you’ve got. 00:25:44.020 --> 00:25:47.600 Do not call or text my phone again. 00:25:47.600 --> 00:25:53.360 YTC: A lot of the calls that are on that song are actually people that were spammed and 00:25:53.360 --> 00:26:07.299 didn’t want diplomas. 00:26:07.299 --> 00:26:18.419 F1: [MUSIC] You can kiss my fucking ass and if I ever get another goddamn text message… 00:26:18.419 --> 00:26:19.679 JACK: Now you might be wondering, isn’t this illegal? 00:26:19.679 --> 00:26:21.260 Well ya now it is. 00:26:21.260 --> 00:26:24.330 The CAN SPAM act was inacted in 2003. 00:26:24.330 --> 00:26:26.399 Which was right about this time. 00:26:26.399 --> 00:26:32.510 CANSPAM is an acronym and it stands for Controlling the Assault of Non-Solicited Pornography And 00:26:32.510 --> 00:26:33.510 Marketing. 00:26:33.510 --> 00:26:37.580 Ya after that came out, some spammers took a big hit, going to prison and getting hit 00:26:37.580 --> 00:26:39.700 with millions of dollars in fines. 00:26:39.700 --> 00:26:44.450 Ytcracker had to learn how to keep low and out of trouble while continuing to spam. 00:26:44.450 --> 00:26:49.520 Becaue honestly, major companies spam us all day long, and they do it legally. 00:26:49.520 --> 00:26:53.120 So it was just a matter of making smart business choices. 00:26:53.120 --> 00:26:57.210 And with his years of background in doing this, he was really good at it. 00:26:57.210 --> 00:26:59.510 And he was able to even legitimize this whole business. 00:26:59.510 --> 00:27:02.450 Incorporating it, claiming the income on taxes and stuff. 00:27:02.450 --> 00:27:11.300 YTC: [MUSIC] I guess kinda what broke me out more into quote, unquote ‘serious musicianship’ 00:27:11.300 --> 00:27:16.360 or something was when I released NerdRap Entertainment System in 2005. 00:27:16.360 --> 00:27:42.429 It got traction just on the internet at large. 00:27:42.429 --> 00:27:54.059 [MUSIC] 00:27:54.059 --> 00:28:11.200 JACK: While this album is called NerdRap Entertainment Systems, there was another rapper who named 00:28:11.200 --> 00:28:12.200 the whole genre. 00:28:12.200 --> 00:28:21.529 YTC: MC Frontalot, he came out with a song called Nerdcore Rising. 00:28:21.529 --> 00:28:30.020 The genre, right around I would say 2006, 2007, started to really kinda gain steam, 00:28:30.020 --> 00:28:33.850 but Frontalot is credited with naming it. 00:28:33.850 --> 00:28:39.100 Realistically, there’s – even within quote, unquote ‘nerdcore’ there’s all these 00:28:39.100 --> 00:28:47.659 subgenres where Frontalot’s a graphic designer, does web pages and stuff, but obviously highly 00:28:47.659 --> 00:28:48.659 nerdy. 00:28:48.659 --> 00:28:55.370 But his content is different than MC Lars which is – he’s a literature – he has 00:28:55.370 --> 00:29:00.269 a degree from Stanford in 19th Century Literature so a lot of his rhymes are more centered around 00:29:00.269 --> 00:29:04.049 the poetry and prose of that era. 00:29:04.049 --> 00:29:10.179 Me, I had been doing music obviously prior to that but my stuff was – I just – it 00:29:10.179 --> 00:29:16.850 was kind of like this gangster rap for nerds-type thing where I’m talking about hacking, doing 00:29:16.850 --> 00:29:26.010 all this stuff, criminal stuff on the computer, and not outside in the real world, type thing. 00:29:26.010 --> 00:29:32.320 Nerdcore sort of encompasses all of this – what we know we considered nerd culture, but now 00:29:32.320 --> 00:29:38.860 has kinda become fused more into mainstream as technologies popped up a lot more. 00:29:38.860 --> 00:29:39.860 JACK: [MUSIC] Yeah. 00:29:39.860 --> 00:29:44.340 Do you think that it’s unfortunate it’s called nerdcore? 00:29:44.340 --> 00:29:47.210 YTC: Not entirely. 00:29:47.210 --> 00:29:53.370 I found it – have always found it kind of an apt way to describe – I’ve always been 00:29:53.370 --> 00:29:56.840 proud to associate with the genre. 00:29:56.840 --> 00:30:12.309 I’m considered one of the forefathers of it. 00:30:12.309 --> 00:30:16.350 [MUSIC] 00:30:16.350 --> 00:30:26.919 JACK: The nerdcore genre isn’t always about hacking. 00:30:26.919 --> 00:30:32.700 There’s a lot of nerdcore songs about video games, graphic design, programming, DnD, comic 00:30:32.700 --> 00:30:35.039 books, and sci-fi shows. 00:30:35.039 --> 00:30:40.580 Nerds cover a big range of topics which means while I consider myself a nerd, I often run 00:30:40.580 --> 00:30:43.299 into nerds that I have no common interests with. 00:30:43.299 --> 00:30:44.299 [00:30:00] 00:30:44.299 --> 00:30:45.299 YTC: We are not the same. 00:30:45.299 --> 00:30:48.260 Yeah, I – well, so, and this is part of where – I got Nerd Life tattooed across 00:30:48.260 --> 00:30:50.490 my stomach. 00:30:50.490 --> 00:31:04.100 [MUSIC] It was kind of a play on Thug Life that Tupac had, but I got it on the seventh 00:31:04.100 --> 00:31:07.690 anniversary of his death, like when he was supposed to come back. 00:31:07.690 --> 00:31:09.940 It was September 13th, 2003. 00:31:09.940 --> 00:31:16.110 But if you looked at older interviews of Tupac and stuff before he had gone really hard, 00:31:16.110 --> 00:31:25.440 he was super-into drama, he was kind of effeminate and you could sort of see this – that even 00:31:25.440 --> 00:31:28.649 to – people can be nerdy about anything, I guess, is the biggest takeaway. 00:31:28.649 --> 00:31:34.720 Like you said, I think that the – more of a beautiful way to communicate it that again, 00:31:34.720 --> 00:31:38.360 the people aren’t – if this guy’s into comics and you’re into this, some people 00:31:38.360 --> 00:31:39.429 are sports nerds. 00:31:39.429 --> 00:31:44.360 Some people know everything about this baseball player or that basketball player or something. 00:31:44.360 --> 00:31:50.631 It’s just, I think the accumulation of knowledge of more like what I identify with and what 00:31:50.631 --> 00:31:56.750 I say that nerd life is, is it’s just being passionate about something to some crazy, 00:31:56.750 --> 00:31:57.750 large degree. 00:31:57.750 --> 00:32:00.450 Mine just happened to be computers. 00:32:00.450 --> 00:32:02.899 [MUSIC] 00:32:02.899 --> 00:32:09.230 JACK: YTCracker’s music career has been pretty successful. 00:32:09.230 --> 00:32:13.200 He’s been able to do international tours with his music and play tons of live shows 00:32:13.200 --> 00:32:14.200 every year. 00:32:14.200 --> 00:32:21.400 YTC: I get probably five, six fan mails a day that are just – I got into computer 00:32:21.400 --> 00:32:29.490 security ‘cause of you or I listen to your music all the time while I’m coding or whatever. 00:32:29.490 --> 00:32:36.190 That to me is just the – I just – teaching through music or getting people inspired that 00:32:36.190 --> 00:32:43.529 way is a lot – like, that’s where I feel the success comes in, is that my fans, by 00:32:43.529 --> 00:32:49.950 and large, are all relatively smart and again, passionate. 00:32:49.950 --> 00:32:57.669 You kind of have to be to be a fan, whereas once – if you’re a Drake fan, nothing 00:32:57.669 --> 00:33:03.419 against Drake, but you have all – this cross section is way different and people don’t 00:33:03.419 --> 00:33:06.210 – I wouldn’t say that Drake inspired people to code or something. 00:33:06.210 --> 00:33:08.039 It’s a little bit different. 00:33:08.039 --> 00:33:11.799 Do you know who DeadMau5 is? 00:33:11.799 --> 00:33:13.049 JACK: Yeah. 00:33:13.049 --> 00:33:20.149 YTC: Yeah, so, he actually plucked AntiSec out of the weeds. 00:33:20.149 --> 00:33:28.480 He’s been playing it out now but we’re re-releasing it on Mou5trap, his remix. 00:33:28.480 --> 00:33:34.830 [MUSIC] It’s kind of going mainstream in a sense, where DeadMau5 is putting it on his 00:33:34.830 --> 00:33:35.830 album and stuff. 00:33:35.830 --> 00:33:39.830 There’s a little bit of that thing still that’s happening to this day. 00:33:39.830 --> 00:33:44.980 JACK: Okay, so yeah, YTCracker made this song called AntiSec. 00:33:44.980 --> 00:33:49.130 Here, take a listen. 00:33:49.130 --> 00:34:15.540 [MUSIC] This is a 00:34:15.540 --> 00:34:20.190 song about LulzSec which I’ll have to do a future episode on sometime. 00:34:20.190 --> 00:34:25.740 But basically, operation AntiSec was a hacking campaign conducted by a group of anonymous 00:34:25.740 --> 00:34:27.480 hackers called LulzSec. 00:34:27.480 --> 00:34:34.060 They hacked into a ton of websites including Sony, PVS, the US Senate, and a bunch of other 00:34:34.060 --> 00:34:35.060 sites. 00:34:35.060 --> 00:34:38.129 YTC: The LulzSec; kind of anonymous phenomenon. 00:34:38.129 --> 00:34:45.589 I was involved in Project Chanology and some of the other stuff but yeah, the scene right 00:34:45.589 --> 00:34:49.340 around that time was really booming. 00:34:49.340 --> 00:34:51.940 [MUSIC] 00:34:51.940 --> 00:35:02.079 JACK: Huh, it sounds like he was there watching what LulzSec was doing. 00:35:02.079 --> 00:35:05.290 And at least being present for some of the things they did. 00:35:05.290 --> 00:35:09.420 So, since he had a front row seat and was watching it all go down and it was making 00:35:09.420 --> 00:35:21.960 major news, why not write a song about it? 00:35:21.960 --> 00:35:46.490 [MUSIC] [00:35:00] Another thing that YTCracker got involved with along his journey was Bitcoin. 00:35:46.490 --> 00:35:59.860 One of the songs he’s known for is this one called Bitcoin Baron. 00:35:59.860 --> 00:36:26.180 [MUSIC] Bitcoin is currently worth something like $10,000 each right now but when he got 00:36:26.180 --> 00:36:31.980 in, it was only like $50 per coin. 00:36:31.980 --> 00:36:38.060 YTC: When Bitcoin was around $60 or something, people were like what do we do with – what 00:36:38.060 --> 00:36:41.190 can be done with this? 00:36:41.190 --> 00:36:46.230 Jason was like, just, well – I’ll feed homeless people with it. 00:36:46.230 --> 00:37:03.400 JACK: Yeah, YTCracker and Jason have fed over 200,000 people now through their Bitcoin charity. 00:37:03.400 --> 00:37:28.599 [MUSIC] Now, these days, YTCracker holds a day job doing information security work. 00:37:28.599 --> 00:37:30.830 YTC: Currently, I’m working at Ring. 00:37:30.830 --> 00:37:35.750 JACK: Ring is a internet connected camera that Amazon makes that goes on your front 00:37:35.750 --> 00:37:36.750 door. 00:37:36.750 --> 00:37:41.480 YTC: I’m part of Amazon digital security but I work under – more for the Ring subsidiary 00:37:41.480 --> 00:37:48.080 and there’s a lot of considerations like privacy and security there that obviously 00:37:48.080 --> 00:37:55.170 – I want to make – if I started a camera company tomorrow, I wouldn’t have the reach 00:37:55.170 --> 00:37:58.580 and impact that Ring does. 00:37:58.580 --> 00:38:05.780 [MUSIC] As a utility, just being part of that pipeline and being able to affect the products 00:38:05.780 --> 00:38:11.359 the way that I would like to see them distributed is a real – that’s where I see the benefit 00:38:11.359 --> 00:38:16.711 of working with a Google or a Facebook or an Amazon is that again, you can be in the 00:38:16.711 --> 00:38:21.680 trenches and you can affect the change that you want to see in these devices and put your 00:38:21.680 --> 00:38:29.420 mark on them. [MUSIC] 00:38:29.420 --> 00:39:05.920 JACK: What do you want to be known as, Ohm-I? 00:39:05.920 --> 00:39:07.900 OHM-I: Yeah, that’s fine. 00:39:07.900 --> 00:39:12.290 JACK: Ohm-I, I like that ‘cause it’s like the Ohm as in the resistor. 00:39:12.290 --> 00:39:14.000 OHM-I: That’s where it came from. 00:39:14.000 --> 00:39:15.119 JACK: I would be current. 00:39:15.119 --> 00:39:17.500 OHM-I: Yeah, I is current. 00:39:17.500 --> 00:39:23.400 JACK: Alright, we got Ohm-I up next and I actually saw Ohm-I live once at an after-party 00:39:23.400 --> 00:39:24.540 for a security conference. 00:39:24.540 --> 00:39:47.160 Let’s take a listen to his music. 00:39:47.160 --> 00:40:10.540 [MUSIC] So, did you steal WiFi as a kid? 00:40:10.540 --> 00:40:13.290 OHM-I: Yeah, so growing up, we didn’t have WiFi. 00:40:13.290 --> 00:40:19.569 There was a router in the living room but my room was not anywhere close to it. 00:40:19.569 --> 00:40:26.800 The one house around me that had their WiFi open – and I would sit in my room and try 00:40:26.800 --> 00:40:29.202 to play games or I would watch a lot of anime. 00:40:29.202 --> 00:40:35.431 Obviously, I didn’t know the legalities of it at the time ‘cause I was young, but 00:40:35.431 --> 00:40:39.750 it was open and I needed internet. 00:40:39.750 --> 00:40:41.640 [MUSIC] [00:40:00] 00:40:41.640 --> 00:40:46.369 JACK: It’s true, isn’t it? 00:40:46.369 --> 00:40:49.579 At least for me, that’s all I needed growing up. 00:40:49.579 --> 00:40:54.310 Ohm-I grew up in Brooklyn and his passion with computers started in junior high. 00:40:54.310 --> 00:40:57.070 OHM-I: Maybe I’ll explain New York first, alright? 00:40:57.070 --> 00:41:03.020 The way the New York school system works is that once you reach the eighth grade you get 00:41:03.020 --> 00:41:07.609 this big book of schools in New York, and there’s a lot of schools in New York. 00:41:07.609 --> 00:41:10.670 You have to apply for your schools that you want to go to. 00:41:10.670 --> 00:41:17.130 When I was in junior high school, there was one school called Brooklyn Tech. 00:41:17.130 --> 00:41:21.950 I actually failed to get into that school ‘cause I didn’t score high enough. 00:41:21.950 --> 00:41:27.220 But what happened was my music teachers in junior high school, they saw that; they saw 00:41:27.220 --> 00:41:34.089 where I was planning on going and someone put my name on a list of standby people to 00:41:34.089 --> 00:41:35.560 get into Brooklyn Tech. 00:41:35.560 --> 00:41:40.180 Brooklyn Tech is very technical-heavy, right, so they had an Aerospace Engineering Major. 00:41:40.180 --> 00:41:41.750 This high school had majors. 00:41:41.750 --> 00:41:43.420 That’s how serious it was. 00:41:43.420 --> 00:41:47.490 I was like yeah, I got a thing, I got in. 00:41:47.490 --> 00:41:55.690 My major in high school was computer science so I took AP Java, computer architecture, 00:41:55.690 --> 00:42:02.010 a prep for an A+ course, but I – all these technical, really in-depth courses – which 00:42:02.010 --> 00:42:05.510 I failed most of them ‘cause I stopped going to classes like, halfway through. 00:42:05.510 --> 00:42:11.500 That was my initial exposure to most of the tech industry. 00:42:11.500 --> 00:42:14.079 I did pretty well. 00:42:14.079 --> 00:42:15.250 I did the projects and stuff. 00:42:15.250 --> 00:42:17.109 I just didn’t go to class half the time. 00:42:17.109 --> 00:42:18.109 JACK: Yeah. 00:42:18.109 --> 00:42:19.510 Then, how were you into music at the time? 00:42:19.510 --> 00:42:23.339 OHM-I: That was from junior high school when I was in band. 00:42:23.339 --> 00:42:27.390 I picked up alto saxophone and I was playing that for a couple years. 00:42:27.390 --> 00:42:31.670 Then when I got to high school, New York has what’s called the All State Band. 00:42:31.670 --> 00:42:36.090 There was All State Marching Band, All State Jazz Band. 00:42:36.090 --> 00:42:41.710 I joined the All State Marching Band and eventually I picked up baritone saxophone and French 00:42:41.710 --> 00:42:42.740 horn and trombone. 00:42:42.740 --> 00:42:48.171 I was just playing all these instruments and I was like yeah, I wanna go be a video game 00:42:48.171 --> 00:42:51.150 composer when I leave high school. 00:42:51.150 --> 00:42:56.010 That didn’t happen, but that was the goal at the time. 00:42:56.010 --> 00:42:57.010 JACK: Huh. 00:42:57.010 --> 00:43:01.260 That makes me think; are people who make music for video games also nerdcore musicians? 00:43:01.260 --> 00:43:05.490 [MUSIC] I mean, shoot, some of the rappers here are taking video game sounds and putting 00:43:05.490 --> 00:43:08.579 them in their songs, so maybe. 00:43:08.579 --> 00:43:13.630 Well, Ohm-I was really into video games and computers at the time which he says in one 00:43:13.630 --> 00:43:23.070 of his songs sort of made him different. 00:43:23.070 --> 00:43:24.880 [MUSIC] 00:43:24.880 --> 00:43:38.290 OHM-I: So, okay, the first thing I don’t understand is that in a lot of black neighborhoods 00:43:38.290 --> 00:43:44.579 there’s an expectation – at least back in the 90s and maybe still now – you sort 00:43:44.579 --> 00:43:46.740 of fit in a certain way, right? 00:43:46.740 --> 00:43:51.290 If you like certain things or if you talk a certain way, people will say oh, you talk 00:43:51.290 --> 00:43:54.809 like you’re white or you talk all proper, all that kinda stuff. 00:43:54.809 --> 00:44:00.150 It was one of those things that at the time, I was like oh, okay, sure. 00:44:00.150 --> 00:44:04.119 But it was one of those things that kinda stuck with me because it made me feel like 00:44:04.119 --> 00:44:12.069 I didn’t fit in at the time, especially going to a school in Fort Green and Brooklyn 00:44:12.069 --> 00:44:15.950 which now isn’t as black as it used to be. 00:44:15.950 --> 00:44:19.050 But it’s definitely gentrified. 00:44:19.050 --> 00:44:21.930 But it was one of those things just growing up. 00:44:21.930 --> 00:44:25.520 It was what I was told by other people who look like me. 00:44:25.520 --> 00:44:35.710 It was you’re too white or you like white girls or something like that. 00:44:35.710 --> 00:44:47.320 It was kinda like okay, sure. 00:44:47.320 --> 00:44:55.580 [MUSIC] For whatever reason, there’s always been this expectation that because I’m tall, 00:44:55.580 --> 00:44:56.900 right, that I play basketball. 00:44:56.900 --> 00:44:58.809 I never really got into playing sports. 00:44:58.809 --> 00:45:02.130 I never really cared too much to watch it. 00:45:02.130 --> 00:45:05.630 I’d get really annoyed when people had that – put that expectation on me like I’m 00:45:05.630 --> 00:45:08.260 supposed to know something. 00:45:08.260 --> 00:45:12.150 I joined the Navy. 00:45:12.150 --> 00:45:16.700 I left New York and I was doing electronics. 00:45:16.700 --> 00:45:21.910 I had my hands in a lot of deep network and radar electronic stuff. 00:45:21.910 --> 00:45:25.540 JACK: He spent years in the Navy doing this stuff and he was thinking about getting out 00:45:25.540 --> 00:45:28.270 and doing something else, but then he saw a new opportunity. 00:45:28.270 --> 00:45:34.540 OHM-I: The Navy has this role for Cryptologic Technicians for networks who do mostly – it’s 00:45:34.540 --> 00:45:37.490 like the cyber field for the Navy. 00:45:37.490 --> 00:45:38.490 I was like you know what? 00:45:38.490 --> 00:45:39.490 I’m gonna give this a shot. 00:45:39.490 --> 00:45:41.589 I’ll stay in for four more [00:45:00] years and see how it goes. 00:45:41.589 --> 00:45:46.970 JACK: He ended up spending ten years in the Navy and then he got out of there and transitioned 00:45:46.970 --> 00:46:04.010 back to civilian life. 00:46:04.010 --> 00:46:26.480 [MUSIC] When he got out of the Navy, he got a job as a penetration tester. 00:46:26.480 --> 00:46:30.330 [MUSIC] 00:46:30.330 --> 00:47:22.980 OHM-I: I was a web app pen tester and as I was doing this pen test for whatever site 00:47:22.980 --> 00:47:27.359 it was, they had ASP and I was like oh, what can I do with this? 00:47:27.359 --> 00:47:31.540 JACK: He decided to write his own tool to give him command line access to this machine. 00:47:31.540 --> 00:47:37.210 OHM-I: Being able to take over an entire box to me was -super-exciting the first time I 00:47:37.210 --> 00:47:38.210 did it. 00:47:38.210 --> 00:47:44.580 Being able to take over an entire box just through a web shell and writing .NET payloads 00:47:44.580 --> 00:47:47.050 and all these other cool things that people were doing, they all were just kinda like 00:47:47.050 --> 00:47:48.830 oh, you’re doing cool research in .NET? 00:47:48.830 --> 00:47:51.849 Let me go figure out how to write this web shell. 00:47:51.849 --> 00:48:04.560 It was definitely an experience and one of my favorite experiences from that job. 00:48:04.560 --> 00:48:36.020 [MUSIC] I wrote that song specifically for my resume because I knew that getting out 00:48:36.020 --> 00:48:40.990 of the Navy, getting a job was gonna be a little hard. 00:48:40.990 --> 00:48:47.260 I had some experiences with some companies who explicitly mentioned that they had a hard 00:48:47.260 --> 00:48:52.960 time hiring veterans because of personality issues and personality conflicts. 00:48:52.960 --> 00:48:57.461 But I just wanted to do something unique for my resume so I just left a link to the song 00:48:57.461 --> 00:48:59.329 at the bottom of the footer. 00:48:59.329 --> 00:49:03.440 I was like hey, check out this song. 00:49:03.440 --> 00:49:05.950 Hire me, please. Please. 00:49:05.950 --> 00:49:08.470 JACK: Well, how did it work? 00:49:08.470 --> 00:49:09.819 OHM-I: It didn’t. 00:49:09.819 --> 00:49:11.200 JACK: Oh. 00:49:11.200 --> 00:49:16.040 OHM-I: The companies that interviewed me – the song aside – I just didn’t get hired. 00:49:16.040 --> 00:49:18.680 I already knew it was gonna be an uphill battle. 00:49:18.680 --> 00:49:23.089 JACK: Did they comment at all on like, oh, cool song, but no. 00:49:23.089 --> 00:49:27.330 OHM-I: One of the companies, that was one of the first things they brought up on the 00:49:27.330 --> 00:49:28.859 phone interview, the phone screening. 00:49:28.859 --> 00:49:31.530 I was like, I guess it worked. 00:49:31.530 --> 00:49:35.450 I guess I did a good thing there. 00:49:35.450 --> 00:49:38.260 JACK: Ohm-I is really into Python. 00:49:38.260 --> 00:49:41.160 He learned it while in the Navy but he’s been using it ever since. 00:49:41.160 --> 00:49:44.319 His Twitter bio even says Python is life. 00:49:44.319 --> 00:49:49.420 So, I asked him how does being good at Python make you good at doing security work? 00:49:49.420 --> 00:49:52.030 OHM-I: Oh man, Python makes it easy. 00:49:52.030 --> 00:49:56.510 Because Python is super well-supported by so many people and there’s always someone 00:49:56.510 --> 00:50:02.510 writing a new library somewhere, it makes it one of the most versatile languages. 00:50:02.510 --> 00:50:07.970 I would say that no matter what your field is in InfoSec, you can probably use Python 00:50:07.970 --> 00:50:12.140 for something because there’s always something that you can automate, there’s always something 00:50:12.140 --> 00:50:15.170 that you can make easier. 00:50:15.170 --> 00:50:19.740 For sure, Python is one of the most approachable languages to do that in. 00:50:19.740 --> 00:50:20.850 [MUSIC] 00:50:20.850 --> 00:50:27.869 JACK: Like any human, nerdcore rappers suffer from loss and heartbreak, too. 00:50:27.869 --> 00:50:38.430 Here’s how Ohm-I brings his relationship experiences into his music. 00:50:38.430 --> 00:50:51.690 [MUSIC] [00:50:00] 00:50:51.690 --> 00:51:19.900 OHM-I: Oh, yeah, so that song is about my ex-girlfriend. 00:51:19.900 --> 00:51:22.960 I am not a very emotionally available person. 00:51:22.960 --> 00:51:25.579 I’ll say that out loud. 00:51:25.579 --> 00:51:28.530 It was basically that, right? 00:51:28.530 --> 00:51:32.099 I don’t always open up to people. 00:51:32.099 --> 00:51:34.119 Yeah. 00:51:34.119 --> 00:51:37.880 I sent her that song and she didn’t understand any of the references. 00:51:37.880 --> 00:51:45.670 I was like, this is just me expressing my feelings. 00:51:45.670 --> 00:51:47.630 [MUSIC] 00:51:47.630 --> 00:51:55.430 JACK: It does seem comical at the same time as being sad, that in all of this nerdcore 00:51:55.430 --> 00:52:00.920 seems comical; like, oh my gosh, I get that joke but I feel so nerdy getting it. 00:52:00.920 --> 00:52:06.040 OHM-I: Yeah, and then that’s definitely the vibe that I think a lot of – that nerdcore 00:52:06.040 --> 00:52:13.070 has gone for since inception, is like, that I get this particular line ‘cause I can 00:52:13.070 --> 00:52:17.460 relate to it. [MUSIC] 00:52:17.460 --> 00:52:24.290 JACK: Now, Ohm-I is working on the red team at Azure. 00:52:24.290 --> 00:52:27.109 This is the cloud computing service that Microsoft offers. 00:52:27.109 --> 00:52:34.310 OHM-I: Our job is to perform red team assessments against teams working on Azure products and 00:52:34.310 --> 00:52:35.310 services. 00:52:35.310 --> 00:52:37.410 We’re an internal team, right? 00:52:37.410 --> 00:52:40.470 We don’t do customer-facing engagements. 00:52:40.470 --> 00:52:46.890 We basically just hack away and try to find new things either within Azure or against 00:52:46.890 --> 00:52:53.450 specific teams and how they organize their infrastructure or whatever else they have 00:52:53.450 --> 00:52:54.450 to organize. 00:52:54.450 --> 00:52:59.740 JACK: But get this; while yeah, he’s hacking on Azure itself sometimes, his scope goes 00:52:59.740 --> 00:53:01.660 way beyond the product. 00:53:01.660 --> 00:53:02.660 OHM-I: Right. 00:53:02.660 --> 00:53:08.520 If you take Azure Functions, for example, we’re not looking for vulnerabilities in 00:53:08.520 --> 00:53:09.520 Azure Functions. 00:53:09.520 --> 00:53:12.450 That’s for the product engineer teams and security assurance team. 00:53:12.450 --> 00:53:19.290 We’re looking for ways to hack the Azure Functions development team and any vulnerabilities 00:53:19.290 --> 00:53:24.210 that they may have that might lead us to take over this service, for example, which now 00:53:24.210 --> 00:53:26.450 has bigger implications down the line. 00:53:26.450 --> 00:53:27.569 JACK: Wow, that’s crazy, huh? 00:53:27.569 --> 00:53:32.110 He’s trying to hack the people who work at Microsoft in order to help keep Microsoft 00:53:32.110 --> 00:53:34.900 products more secure. 00:53:34.900 --> 00:53:36.400 Wild. 00:53:36.400 --> 00:54:01.410 [MUSIC] The last song I want to leave you with from Ohm-I; it’s called Tabs and I 00:54:01.410 --> 00:54:31.869 absolutely love it. 00:54:31.869 --> 00:54:45.180 [MUSIC] Our last musical act is none other than Dual Core. 00:54:45.180 --> 00:54:46.720 INT80: Yes, I am Int80. 00:54:46.720 --> 00:54:51.230 I’m the rapper in Dual Core and I consent to this recording for the use of Darknet Diaries. 00:54:51.230 --> 00:54:55.010 JACK: Okay, just to clear things up, Int80 is the name of the rapper, the guy we’re 00:54:55.010 --> 00:54:57.880 talking with, and Dual Core is the name of the rap group. 00:54:57.880 --> 00:55:00.730 INT80: I’m beyond excited to be on the podcast. 00:55:00.730 --> 00:55:02.650 Your podcast is literally my favorite one. 00:55:02.650 --> 00:55:04.080 I’ve listened to every single episode. 00:55:04.080 --> 00:55:06.800 I can’t say that about any other podcast. 00:55:06.800 --> 00:55:09.790 As soon as new episodes come out, it’s the first thing that I listen to. 00:55:09.790 --> 00:55:14.240 JACK: Whoa, it’s always a trip for me to meet someone and find out that we have mutual 00:55:14.240 --> 00:55:15.640 respect for each other’s work. 00:55:15.640 --> 00:55:17.650 I really dig Dual Core’s music, too. 00:55:17.650 --> 00:55:22.609 Here, check this out. 00:55:22.609 --> 00:55:44.089 [MUSIC] [00:55:00] So, you ready to start? 00:55:44.089 --> 00:55:46.089 INT80: Sure. Let’s do it. 00:55:46.089 --> 00:55:47.089 JACK: Alright, so what was going on in high school? 00:55:47.089 --> 00:55:48.339 Were you a nerd then? 00:55:48.339 --> 00:55:50.369 INT80: Absolutely, yeah. 00:55:50.369 --> 00:55:51.970 I got in trouble in high school. 00:55:51.970 --> 00:55:58.250 I took a C++ programming class and sent – using Net Send, I sent a message to all the Windows 00:55:58.250 --> 00:56:01.849 computers saying there was a virus in the system and I waited until everybody had logged 00:56:01.849 --> 00:56:03.440 out at the end of the class period. 00:56:03.440 --> 00:56:08.220 The next class period came in and they all logged in and got this message box popping 00:56:08.220 --> 00:56:12.369 up saying there was a virus and I got kicked off the computers for like, a week. 00:56:12.369 --> 00:56:14.950 JACK: It was in high school where he started making music. 00:56:14.950 --> 00:56:17.510 INT80: I listened to hip-hop. 00:56:17.510 --> 00:56:23.140 There was a kid that I used to program and hack with on AOL and he lived in New Jersey. 00:56:23.140 --> 00:56:26.190 We would either be talking about hacking or programming or hip-hop. 00:56:26.190 --> 00:56:30.319 We’d have discussions of who the best rapper was, etc. 00:56:30.319 --> 00:56:33.400 He’s actually the one that got me started rapping. 00:56:33.400 --> 00:56:38.170 He sent me an e-mail with a rap verse that he wrote about how he was a better hacker 00:56:38.170 --> 00:56:39.220 than I was. 00:56:39.220 --> 00:56:44.660 [MUSIC] I paid it no mind ‘cause I knew that I was a better hacker than him. 00:56:44.660 --> 00:56:49.640 He kept bugging me to write a response back so eventually I wrote a response and that 00:56:49.640 --> 00:56:53.130 was my first rap verse that I ever wrote, and it was about how I was a better hacker 00:56:53.130 --> 00:57:03.609 and programmer than he was. 00:57:03.609 --> 00:57:15.150 [MUSIC] I remember making my first website. 00:57:15.150 --> 00:57:20.880 I was just learning HTML but obviously I didn’t know HTML particularly well. 00:57:20.880 --> 00:57:26.960 I went to paste something into an IM to somebody and I thought I had some other content in 00:57:26.960 --> 00:57:31.760 the clipboard but what I had was the markup from the website that I was building. 00:57:31.760 --> 00:57:36.650 It was all messed up and it crashed AOL or it froze it or something bad happened. 00:57:36.650 --> 00:57:40.700 I was curious as to what happened so I looked at what was in my clipboard and it was the 00:57:40.700 --> 00:57:44.180 markup from my website. 00:57:44.180 --> 00:57:48.480 There were some syntax errors, like the tags or the values were wrong or something. 00:57:48.480 --> 00:57:53.579 At that point I realized okay, what if I intentionally put bad values in the markup and then send 00:57:53.579 --> 00:57:54.640 that to somebody? 00:57:54.640 --> 00:58:00.080 Then I just started manually fuzzing; putting in strange values like having a font size 00:58:00.080 --> 00:58:08.020 of a bunch of nines or starting the HTML with an ending HTML tag. 00:58:08.020 --> 00:58:12.059 What would happen is there were all these bugs in the AOL client and you would get kicked 00:58:12.059 --> 00:58:16.450 offline or AOL would freeze up or crash or something bad would happen. 00:58:16.450 --> 00:58:21.410 At the time, it was dial-up, so it took you like ten minutes to get back online. 00:58:21.410 --> 00:58:24.210 You’d be in a chatroom and someone would argue with you. 00:58:24.210 --> 00:58:28.940 You’d turn off your IMs and send them an IM with this awful HTML in it and their client 00:58:28.940 --> 00:58:48.290 would crash and they would go off – go away and get kicked offline. 00:58:48.290 --> 00:58:59.460 [MUSIC] I used to trade these punt strings, this malformed HTML, for stolen accounts so 00:58:59.460 --> 00:59:00.630 that I could keep access. 00:59:00.630 --> 00:59:04.349 My parents would always get upset with me for some reason and then they’d take away 00:59:04.349 --> 00:59:05.349 my AOL access. 00:59:05.349 --> 00:59:10.589 I had all these stolen accounts so that I could continue having access to the internet. 00:59:10.589 --> 00:59:15.250 What really drove me into programming was I had a secret stash of punt strings that 00:59:15.250 --> 00:59:18.100 I refused to share to anybody ‘cause they were so good. 00:59:18.100 --> 00:59:20.420 I needed a way to weaponize those. 00:59:20.420 --> 00:59:25.780 That drove me to learning Visual Basic and the Windows API so that I could write my own 00:59:25.780 --> 00:59:28.170 punters to then kick people offline. 00:59:28.170 --> 00:59:32.040 JACK: Dual Core actually collaborated with YTCracker on this song. 00:59:32.040 --> 00:59:36.809 It’s called I Remember. 00:59:36.809 --> 00:59:40.980 [MUSIC] 00:59:40.980 --> 00:59:49.680 INT80: I actually did not want to do computers as a career. 00:59:49.680 --> 00:59:54.359 I went to school; I have a Bachelor of Arts in Political Science and I wanted to be a 00:59:54.359 --> 00:59:55.359 lawyer. 00:59:55.359 --> 00:59:59.460 I really enjoyed classes like Civil Liberties and Criminal Justice. 00:59:59.460 --> 01:00:08.270 I really enjoyed doing case studies, writing about dissenting opinions and concurring opinions. 01:00:08.270 --> 01:00:14.760 I always thought of the movie The Matrix where they show Thomas Anderson in his cubicle after 01:00:14.760 --> 01:00:16.730 he’s just been yelled at by his boss. 01:00:16.730 --> 01:00:21.049 It just looks like such a drab situation to be in. 01:00:21.049 --> 01:00:25.920 That was my stereotypical view when I was younger about what having a career in computers 01:00:25.920 --> 01:00:27.319 would be like. 01:00:27.319 --> 01:00:33.420 But I was approaching graduating from my Political Science degree and I went to a Law Day at 01:00:33.420 --> 01:00:35.329 a law school. 01:00:35.329 --> 01:00:39.059 Learning about how much you had to read and write was unbearable for me. 01:00:39.059 --> 01:00:45.270 [01:00:00] I decided hacking computers is really fun and maybe I can get a job doing 01:00:45.270 --> 01:00:49.960 that or at least programming and building web apps and stuff which is something I had 01:00:49.960 --> 01:00:51.030 been doing at that point. 01:00:51.030 --> 01:00:54.270 JACK: His first computer job was doing website development. 01:00:54.270 --> 01:00:58.320 He then started hanging out at security meetups and from there, he got an internship doing 01:00:58.320 --> 01:00:59.750 security work. 01:00:59.750 --> 01:01:04.490 After that, he went to get a job doing application security which is where he’s paid to find 01:01:04.490 --> 01:01:07.130 bugs in the software that the company makes. 01:01:07.130 --> 01:01:13.119 INT80: Right, except I was a consultant so I would basically be on a five-day engagement. 01:01:13.119 --> 01:01:17.369 We would do white box or black box assessments; white box being where you have exposure to 01:01:17.369 --> 01:01:22.440 the entire source code and black box where you’re just targeting a regular site or 01:01:22.440 --> 01:01:25.700 an application without any knowledge of its source code. 01:01:25.700 --> 01:01:30.299 Then yeah, for the first four days, you’re pretty much hacking and just trying to find 01:01:30.299 --> 01:01:32.299 bugs, unfortunately. 01:01:32.299 --> 01:01:36.890 I think in one of my first assessments, I think I pivoted through the network and got 01:01:36.890 --> 01:01:41.690 domain admin and checked in with the engagement manager and said okay, I’ve got domain admin. 01:01:41.690 --> 01:01:42.690 Now what? 01:01:42.690 --> 01:01:43.720 They were like no, that’s not what you’re supposed to do. 01:01:43.720 --> 01:01:54.510 You’re just supposed to take a screenshot of the alert box and put that in 01:01:54.510 --> 01:01:57.880 the report. 01:01:57.880 --> 01:02:16.010 [MUSIC] Let’s see, at that point I think we had just started Dual Core. 01:02:16.010 --> 01:02:19.030 I know we started Dual Core in 2006. 01:02:19.030 --> 01:02:21.910 That was when we were making our first album Zero One. 01:02:21.910 --> 01:02:30.299 In 2007, that was when I – that was when we released our first album Zero One. 01:02:30.299 --> 01:02:35.240 Also in 2007 is when I got my first application security job. 01:02:35.240 --> 01:02:40.819 I remember when I started at the company, people already knew about Dual Core which 01:02:40.819 --> 01:02:45.730 was mind-blowing to me because I was just some kid recording rap songs in a basement 01:02:45.730 --> 01:02:47.890 in Cincinnati. 01:02:47.890 --> 01:02:52.109 It was a shock to walk into a place and people already knew my music that had only been out 01:02:52.109 --> 01:03:01.349 for a few months. 01:03:01.349 --> 01:03:13.579 [MUSIC]Dual Core is two people; it’s myself, Int80. 01:03:13.579 --> 01:03:18.630 I’m the rapper in the group and then the other half is c64. 01:03:18.630 --> 01:03:24.780 I write and record all the rap songs and I have the moustache, and c64 makes all the 01:03:24.780 --> 01:03:25.780 beats. 01:03:25.780 --> 01:03:26.900 He does all of the mixing. 01:03:26.900 --> 01:03:33.410 He does all of the artwork, does some of our social media stuff, and he’s basically all 01:03:33.410 --> 01:03:34.770 of the talent in the group. 01:03:34.770 --> 01:03:41.109 I’m just kind of the loud person in front. 01:03:41.109 --> 01:03:52.970 [MUSIC] Penny Arcade published a blog post about our album which got our music in front 01:03:52.970 --> 01:03:54.780 of a bunch of listeners. 01:03:54.780 --> 01:03:59.970 I kind of used that as a springboard to start booking shows as rabidly as I could. 01:03:59.970 --> 01:04:02.220 I said Penny Arcade is a big fan of our music. 01:04:02.220 --> 01:04:04.359 Here’s the link to their blog post. 01:04:04.359 --> 01:04:06.670 You should totally book Dual Core. 01:04:06.670 --> 01:04:09.109 We ended up playing at Defcon that year just a few months after that. 01:04:09.109 --> 01:04:12.750 We were the first ever live hip-hop act to play at Defcon. 01:04:12.750 --> 01:04:25.329 I’ve been playing every year since 2007, live in person, except for 2020 with the pandemic. 01:04:25.329 --> 01:04:43.309 [MUSIC] Yeah, I then moved into a position doing reverse-engineering. 01:04:43.309 --> 01:04:47.550 I was essentially cracking copy protection. 01:04:47.550 --> 01:04:51.609 Companies would come in with copy protection that would go on a particular device and they 01:04:51.609 --> 01:04:54.960 would want to know how fast it could be broken. 01:04:54.960 --> 01:04:57.859 We have three objectives, usually. 01:04:57.859 --> 01:05:04.079 [MUSIC] One would be to pirate the intellectual property, one would be to reverse-engineer 01:05:04.079 --> 01:05:09.339 the protection to get a full understanding of the protection, and then the third objective 01:05:09.339 --> 01:05:17.510 would be to tamper the protection without being detected. 01:05:17.510 --> 01:05:51.630 [MUSIC] [01:05:00] I went and worked at a social media platform that we all know and 01:05:51.630 --> 01:05:54.119 have probably used at some point. 01:05:54.119 --> 01:06:01.839 I worked on building threat systems for them. 01:06:01.839 --> 01:06:07.560 Our goal was to be able to find any malware that was spreading or communicating across 01:06:07.560 --> 01:06:13.720 the platform and then sandbox it, pick it apart programatically, figure out what it 01:06:13.720 --> 01:06:20.819 was doing, siphon out indicators and then build new signatures and put it all on our 01:06:20.819 --> 01:06:25.720 compute and fabric storage, and then programatically associate it with any other families. 01:06:25.720 --> 01:06:31.819 Then we could put detections and filtering in place to stop future campaigns and alert 01:06:31.819 --> 01:06:33.809 victims that were on the platform. 01:06:33.809 --> 01:06:40.089 JACK: While there, he discovered some malware on the platform which would mine Litecoin. 01:06:40.089 --> 01:06:41.980 This is a cryptocurrency like Bitcoin. 01:06:41.980 --> 01:06:46.940 He’d clean the malware off the infected systems but he realized he could do more than 01:06:46.940 --> 01:06:48.789 just stop it in his network. 01:06:48.789 --> 01:06:55.960 INT80: I reached out to the Litecoin mining pool and asked them if they would stop – basically 01:06:55.960 --> 01:06:59.110 stop all of the progress for this particular account. 01:06:59.110 --> 01:07:03.690 I had evidence of you know, these are the malware samples, here’s in the code where 01:07:03.690 --> 01:07:06.480 it’s using your pool, etc. 01:07:06.480 --> 01:07:13.859 Also, the malware had stages up on Dropbox, so I worked with Dropbox and said hey, this 01:07:13.859 --> 01:07:17.299 is – this malware is staging off of your platform. 01:07:17.299 --> 01:07:19.730 Can we find all of the instances of it? 01:07:19.730 --> 01:07:23.190 Dropbox was able to find them all. 01:07:23.190 --> 01:07:29.750 Then the C2 was at some hosting company, so I reached out to the hosting provider and 01:07:29.750 --> 01:07:35.590 I said hey, this malware has got its C2 on a VPS in your hosting setup. 01:07:35.590 --> 01:07:37.320 Can I get a copy of the VPS? 01:07:37.320 --> 01:07:38.320 They said, sure. 01:07:38.320 --> 01:07:43.920 They gave me a copy of the VPS and that gave me all of the logs and keys that the malware 01:07:43.920 --> 01:07:47.289 authors used to login and check into the C2. 01:07:47.289 --> 01:07:52.809 Then on a particular Friday, I said hey, on this Friday coming up at 9:00 AM Pacific Time, 01:07:52.809 --> 01:07:54.200 let’s kill everything off. 01:07:54.200 --> 01:07:55.200 So, we did. 01:07:55.200 --> 01:08:00.180 We did this coordinated takedown and that Friday at 9:00 AM, the malware ceased to exist 01:08:00.180 --> 01:08:01.180 on the internet. 01:08:01.180 --> 01:08:12.589 It was super fun. 01:08:12.589 --> 01:08:25.580 [MUSIC] After leaving the social media platform, I took a job as a red team operator. 01:08:25.580 --> 01:08:31.400 I worked on the red team at Salesforce and our job was basically to make the bad things 01:08:31.400 --> 01:08:41.009 happen. 01:08:41.009 --> 01:08:55.120 [MUSIC] We would start any red team operation with asking the question what’s the worst 01:08:55.120 --> 01:08:56.390 thing that can happen to this business? 01:08:56.390 --> 01:09:00.580 The Salesforce has a number of acquisitions so there was always fresh attack surface for 01:09:00.580 --> 01:09:03.370 us to look at. 01:09:03.370 --> 01:09:07.100 We basically would try to go after things that were really important or critical to 01:09:07.100 --> 01:09:10.830 the business, things that mattered the most because if you’re handing in a report to 01:09:10.830 --> 01:09:17.270 executives and you just say look, I popped an alert box, no executive understands why 01:09:17.270 --> 01:09:19.739 that’s important, maybe not even what that is. 01:09:19.739 --> 01:09:23.819 But if you’re able to say I have a copy of all of your customer data and I’ve put 01:09:23.819 --> 01:09:27.000 backdoors in the source code that makes your business run, and those are the most important 01:09:27.000 --> 01:09:31.429 things to your business, they’re gonna understand we’re gonna be out of business or the stock’s 01:09:31.429 --> 01:09:35.089 gonna take a hit or bad things are gonna happen. 01:09:35.089 --> 01:09:37.150 We would do that kind of stuff, right? 01:09:37.150 --> 01:09:41.839 We would try to exfil customer data or we would try to backdoor source code or we’d 01:09:41.839 --> 01:09:44.989 break into places sometimes. 01:09:44.989 --> 01:09:52.390 Trying to frame the objectives in a more high-level way and telling a story rather than just handing 01:09:52.390 --> 01:10:03.440 in a report that people might not read. 01:10:03.440 --> 01:10:13.110 [MUSIC] 01:10:13.110 --> 01:10:25.120 JACK: But that job didn’t last long. 01:10:25.120 --> 01:10:31.660 If you Google Defcon Salesforce, you’ll see articles about a mishap that happened. 01:10:31.660 --> 01:10:32.870 He got caught up in all that. 01:10:32.870 --> 01:10:37.730 INT80: I have since pivoted into a cloud engineering kind of role. 01:10:37.730 --> 01:10:41.989 I build [01:10:00] cool stuff but I also break things. 01:10:41.989 --> 01:10:49.140 It’s a nice balance of getting both sides of it, right; being able to construct and 01:10:49.140 --> 01:11:00.660 then also tear down and see how to construct it better in the future. 01:11:00.660 --> 01:11:12.159 [MUSIC] The song All the Things came about by randomly being at Defcon one year. 01:11:12.159 --> 01:11:19.941 A friend of mine, Vyrus from DC949 came up to me and said hey, drink all the booze, hack 01:11:19.941 --> 01:11:20.941 all the things. 01:11:20.941 --> 01:11:22.530 That’s how we’re doing it this year. 01:11:22.530 --> 01:11:24.270 I said oh, that’s cool. 01:11:24.270 --> 01:11:27.040 Sounds like fun. 01:11:27.040 --> 01:11:28.710 My producer was in from the UK. 01:11:28.710 --> 01:11:31.570 He had flown all the way to Vegas. 01:11:31.570 --> 01:11:37.740 Also with me was Dale Chase and we were rolling around playing parties. 01:11:37.740 --> 01:11:44.600 I think it was our fourth party of the night, and we get there and the whole pool place 01:11:44.600 --> 01:11:46.590 is packed. 01:11:46.590 --> 01:11:50.699 The pool area is just filled with people all waiting for a Dual Core show. 01:11:50.699 --> 01:11:53.070 We’re like, alright. 01:11:53.070 --> 01:11:56.250 We show up. 01:11:56.250 --> 01:12:02.699 My producer and I are talking and they’re like, what if we played a set where – just 01:12:02.699 --> 01:12:04.889 kinda make it up as we go? 01:12:04.889 --> 01:12:06.890 My producer was like, sounds good. 01:12:06.890 --> 01:12:09.950 c64 is just throwing on whatever beats that he wants to throw on. 01:12:09.950 --> 01:12:12.230 We’re not sticking to any particular set. 01:12:12.230 --> 01:12:14.180 We’re just going for it. 01:12:14.180 --> 01:12:20.570 Dale and I are just kind of rapping verses, we’re putting in hooks where we can, and 01:12:20.570 --> 01:12:24.120 my producer plays this one beat and I said, let’s do a freestyle. 01:12:24.120 --> 01:12:26.130 I like this beat; sounds good. 01:12:26.130 --> 01:12:27.990 Let’s do a freestyle. 01:12:27.990 --> 01:12:33.720 I’d just say alright, in the chorus I’m gonna say drink all the booze and everybody 01:12:33.720 --> 01:12:36.740 yell ‘hack all the things.’ 01:12:36.740 --> 01:12:38.270 It was amazing. 01:12:38.270 --> 01:12:42.620 We started the freestyle and we got to the chorus and I yelled drink all the booze. 01:12:42.620 --> 01:12:48.389 Now it’s four-something in the morning in Vegas and the entire pool area is just people 01:12:48.389 --> 01:12:53.130 screaming ‘hack all the things’. 01:12:53.130 --> 01:13:02.370 [MUSIC] Several years after the song had been out, I got an e-mail and it was a person who 01:13:02.370 --> 01:13:08.989 said hi, I work on the game Watchdogs at Ubisoft and we were making Watchdogs 2 but nobody 01:13:08.989 --> 01:13:11.570 knows yet. 01:13:11.570 --> 01:13:16.630 I saw you play at Defcon and I need your music in the game. 01:13:16.630 --> 01:13:17.630 How do we do that? 01:13:17.630 --> 01:13:21.239 I said, send me an NDA and we’ll get everything set up and we’ll make it happen. 01:13:21.239 --> 01:13:33.889 They ended up including All the Things in Watchdogs 2. 01:13:33.889 --> 01:13:43.340 [MUSIC] 01:13:43.340 --> 01:13:57.330 JACK: Dual Core has continually grown more popular over time, and so much that he’s 01:13:57.330 --> 01:13:59.440 been able to book live shows all over. 01:13:59.440 --> 01:14:05.900 INT80: I’ve played all across the US, Canada, I’ve played in Columbia, I’ve played in 01:14:05.900 --> 01:14:09.900 Brazil, I’ve played in Dubai, and I’ve played all across Europe as well. 01:14:09.900 --> 01:14:17.141 We even did a three-week tour, me and my producer, in the UK. 01:14:17.141 --> 01:14:21.800 [MUSIC] But when I started, I always thought that my ideal week would look like hacking 01:14:21.800 --> 01:14:26.890 stuff Monday through Friday and then playing rap shows on the weekends. 01:14:26.890 --> 01:14:31.540 That is the structure that I kind of derived or composed and have stuck with all these 01:14:31.540 --> 01:14:32.540 years. 01:14:32.540 --> 01:14:33.540 It’s worked out really well. 01:14:33.540 --> 01:14:38.480 I’ve done some tours where we’re on the road for anywhere from three to eight weeks 01:14:38.480 --> 01:14:43.699 but for the most part, a normal week for me is like Monday, I go to work, and then Thursday 01:14:43.699 --> 01:14:47.960 or Friday I’ll fly out and play shows, and then Sunday or Monday I’ll fly back, and 01:14:47.960 --> 01:14:49.699 Monday I’m back at work again. 01:14:49.699 --> 01:14:54.489 JACK: Dual Core has done some collaborations with other nerdcore rappers, but not all nerdcore 01:14:54.489 --> 01:14:56.170 rappers are hackers. 01:14:56.170 --> 01:15:00.340 Like we were saying before, some nerdcore rappers talk about video games and some talk 01:15:00.340 --> 01:15:01.340 about anime. 01:15:01.340 --> 01:15:05.909 But in order for Dual Core to collaborate with others, he created a file-sharing system 01:15:05.909 --> 01:15:07.560 on a server that he set up. 01:15:07.560 --> 01:15:14.639 However, he set it up using SCP which is a secure file-transfer method but it takes a 01:15:14.639 --> 01:15:15.860 couple steps to set up. 01:15:15.860 --> 01:15:20.989 INT80: When I started doing collaborations with folks, I’d say hey, here’s a – send 01:15:20.989 --> 01:15:25.719 me your SSH public key and I’ll set you up with a user account, and then you can SFTP 01:15:25.719 --> 01:15:28.159 or SCP your waves up. 01:15:28.159 --> 01:15:33.690 I thought everybody was a hacker like I was in the nerd rap scene, and I think YTCracker 01:15:33.690 --> 01:15:36.350 was the only person that when I said that, he didn’t blink an eye. 01:15:36.350 --> 01:15:39.240 He said okay, no problem, here’s my SSH key, good to go. 01:15:39.240 --> 01:15:40.830 Meanwhile, everybody else was like what is SSH? 01:15:40.830 --> 01:15:41.870 [01:15:00] What is a key? 01:15:41.870 --> 01:15:43.340 What is SCP? 01:15:43.340 --> 01:15:45.660 How do I get you the files? 01:15:45.660 --> 01:15:51.230 I always thought that was a really funny experience, having the realization that there aren’t 01:15:51.230 --> 01:15:53.150 many hackers that are out making rap music. 01:15:53.150 --> 01:15:57.040 JACK: [MUSIC] See, that’s what I think is interesting about this sliver of music in 01:15:57.040 --> 01:15:58.330 the world. 01:15:58.330 --> 01:16:01.790 The lyrics are about this specific type of computer usage. 01:16:01.790 --> 01:16:07.881 But not only that; it’s made by hackers themselves for other hackers who want to hear 01:16:07.881 --> 01:16:09.080 songs about hacking. 01:16:09.080 --> 01:16:11.469 Hey, I dig it. 01:16:11.469 --> 01:16:15.929 After chatting with these guys, I really am surprised at how much they’re actually doing 01:16:15.929 --> 01:16:16.929 security themselves. 01:16:16.929 --> 01:16:20.290 I don’t know why but I just assumed they were wannabe hackers. 01:16:20.290 --> 01:16:21.820 But no, they aren’t. 01:16:21.820 --> 01:16:24.330 They really are doing this stuff. 01:16:24.330 --> 01:16:34.310 Now, when I listen to nerdcore, I have a newfound respect for the musicians behind it. 01:16:34.310 --> 01:16:51.909 (OUTRO): [OUTRO MUSIC] A big thank you to YTCracker, Ohm-I, and Int80 from Dual Core. 01:16:51.909 --> 01:16:56.130 I never had guests bring their own soundtracks before, but this was a fun ride. 01:16:56.130 --> 01:17:00.020 If you want to just listen to the music from this episode I’ve created a playlist for 01:17:00.020 --> 01:17:01.020 you. 01:17:01.020 --> 01:17:04.550 Go to darknetdiaries.com/episode/78. 01:17:04.550 --> 01:17:08.219 While there you’ll also find more about each of these artists, and dive into their 01:17:08.219 --> 01:17:11.560 music because they have tons more songs to discover. 01:17:11.560 --> 01:17:14.910 Also, I want to give a big thanks to all my Patreon members. 01:17:14.910 --> 01:17:18.230 Those who are donating to this show are a massive help for the show’s success. 01:17:18.230 --> 01:17:20.219 Thank you so much. 01:17:20.219 --> 01:17:24.700 But I did the math and less than 1% of my audience is helping the show through Patreon. 01:17:24.700 --> 01:17:28.620 Look, if you’ve gone through every episode and can’t wait for new episodes, consider 01:17:28.620 --> 01:17:30.280 donating to the show. 01:17:30.280 --> 01:17:33.720 This tells me most of all that you like it and want more of it which motivates me to 01:17:33.720 --> 01:17:35.659 keep going and to make it better. 01:17:35.659 --> 01:17:38.530 If you want to help, please visit patreon.com/darknetdiaries. 01:17:38.530 --> 01:17:41.449 Thank you. 01:17:41.449 --> 01:17:44.909 This show is made by me, sir dollar string, Jack Rhysider. 01:17:44.909 --> 01:17:49.320 Editing help this episode by the funky cherry Damienne and our theme music is by Biggie 01:17:49.320 --> 01:17:52.120 Doom, AKA Breakmaster Cylinder. 01:17:52.120 --> 01:17:58.929 Even though for some weird reason I think 1024 is a perfectly round number, this is 01:17:58.929 --> 01:17:59.870 Darknet Diaries.