This message showed when I entered the serial specifically made for pirates. Right now feeling nothing but respect for plugin devs. Next month Imma buy this plugin 100% fixed, need it or don’t need it doesn’t matter anymore lol.

@Cinner@lemmy.world
bot account
link
fedilink
English
-23
edit-2
1Y

====================

Edit: Can any fellow infosec nerds chime in and say whether this is readable or not? I feel like I just wrote it incoherently because I was stoned. I hope that’s what happened anyway, and people pirating software aren’t actually this ignorant about network security.

tl;dr: Disgruntled employee wants to make a bunch of easy crypto from the company he hates. cracks contain viruses a non-minimal amount of the time. This turned into a story about an easier way this coworker could be doing it to introduce his own ransomware and get away with it, and then I went into how I would do it if that was the intention.

I have no idea if this is the reason or if OPs colleague really hated scrolling down and clicking Accept. Maybe he just wanted the legit version for himself.

====================

This sounds like a great way to introduce your 2-year-delay ransomware on the company without it being as risky of a charge if you’re caught. Only fired for causing a ransomware infection out of neglect and stupidity if caught, just make sure you tell a few coworkers about it.

Although it’d be easier to plug in a USB drive you found in the parking lot with folder [company name blackmail] which contains “[hot male coworkers name] NUDES.zip.ws” and “[hot female coworkers name] NUDES.zip.ws

Just make sure you buy a throwaway laptop and install a Russian or Chinese language pack and use that as the primary system language when opening the final source code before you add some CN/RU strings in the file and compile. Use Google Lens to translate in realtime from a burner smartphone /e/OS and location disabled. Make 3 drives and toss 2 of them from your car window in hard to find places a week before, with multiple days between. Then on the day you find yours, covertly chuck it from the roadway an hour before opening in the general area you park, and show up 5 minutes early in the spot you usually park. Make sure you always show up somewhat early. Then “notice it” and walk in and plug it in.

Ransomware starts after a 2 day delay, they being in LE and find the others that were dropped. Make sure to use neoprene gloves, as latex can pass fingerprints through.

@IHadTwoCows@lemm.ee
link
fedilink
English
21Y

deleted by creator

@Cinner@lemmy.world
bot account
link
fedilink
English
21Y

Many IT security guys go their whole career without touching malware analysis so I’m not one bit surprised.

Your post insinuated this was happening at work

Anyway if doesn’t matter. I’ll take the L for trying to share some information.

@IHadTwoCows@lemm.ee
link
fedilink
English
21Y

Out of “friend” , “acquaintance”, “associate”, and “colleague”, the last one seemed to fit the best.

Maybe shoulda gone with “I know a guy”

@Cinner@lemmy.world
bot account
link
fedilink
English
1
edit-2
1Y

lol I still would have gone on the same rant since it was him using cracked software at work after paying for it. No worries.

@Cinner@lemmy.world
bot account
link
fedilink
English
3
edit-2
1Y

Unless he cracked it himself, he wouldn’t know for a long time if the cracks were malicious or not. When I found an uploader that had so much working software even the smaller more obscure and niche stuff, I tried to stay with him…Eventually I did malware analysis (hobby at the time) and found out he was binding his password manager stealer to the main program or some necessary .dll that was called my the main program.

That was on IPTorrents private tracker, and he was incredibly highly regarded.

I cum in my pants thinking about the number of different accounts he stole over all those years. I was able to access a similar dumb via ftp and hardcore username and password in the downloader, but that uploader has his bound file so crazy hidden.

The rest was high me writing a story about what your coworker could have been doing, Office Space style.

WTF are you on about?

@Cinner@lemmy.world
bot account
link
fedilink
English
-3
edit-2
1Y

Seriously? 21 downvotes? Is everyone in the piracy Lemmy completely ignorant and unaware of USB drops? Do you guys not get information security training at work?

I’m talking about https://www.osibeyond.com/blog/usb-drop-attacks-cause-cybersecurity-incidents - USB drops and how that’d be the ideal way I would do it, if I were going to.

I was basically making a story about how OPs colleague could be using cracked programs so the ransomware he coded didn’t get him charged, but instead only fired.

I watched Office Space recently and I was high when I wrote it so maybe it didn’t come read as well as I thought it did.

P.S. .ws files can be as dangerous as .exe and .com/bat/PS1 if that’s what’s confusing people.

You’re not wrong, just ranting in the wrong place.

@locuester@lemmy.zip
link
fedilink
English
51Y

I’m failing to draw a connection between what OP said about his friend, and the rant you wrote.

Well op said “colleague” rather than friend, which I point out only because that is presumably why they made the connection to work.They’re referring to using pirated software at work, which could introduce ransomware without you knowing it. Ransomware can remain dormant for extended periods of time, giving it a better chance to evade security controls and spread to other machines.

@locuester@lemmy.zip
link
fedilink
English
41Y

I was assuming that software wasn’t used at work. Anyhow, cool rant

Cosmic Cleric
link
fedilink
English
-41Y

Any guesses about the comment you replied to was created by a bot or not?

@Cinner@lemmy.world
bot account
link
fedilink
English
5
edit-2
1Y

I am technically less than 49.999999999 bot.

Take that as you will.

Cosmic Cleric
link
fedilink
English
3
edit-2
1Y

I am technically less than 49.999999999 bot.

Take that as you will.

That’s exactly what a bot would say.

(I kid, I kid. Er, I think.)

Haha okay infosec engineer here… I think this blurb is hard to read maybe a little because you wrote it high and maybe a little because you’re overestimating what the average person knows about security.

Your first paragraph there makes sense but it would’ve definitely benefited from a little additional explanation. I don’t think it was super clear you were referring to an insider threat scenario. People probably could’ve got that by breaking it down a little more, but naturally they jumped to the next part hoping for more context.

But you jumped into a hypothetical alternative means to introduce ransomware to a device. And it’s not necessarily that people don’t know plugging in strange thumb drives is bad, as you suggested in another comment. It’s the jargon (maybe not really jargon but thats the best word that came to mind) you used. You talked about a lot of things a bad actor would do, but the average Joe does not know why you’d be doing most of those things. And even if they do it’s still not going to make much sense if they didn’t grasp what you were saying in the first paragraph.

But ultimately yes, what you said does make sense if you have some Security knowledge (at least a bit more than just basic awareness training) and break down what you’re first paragraph is trying to say.

@Cinner@lemmy.world
bot account
link
fedilink
English
31Y

I can see that. Appreciate you taking the time to break it down like that.

Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ
!piracy@lemmy.dbzer0.com
Create a post
⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.

Rules • Full Version

1. Posts must be related to the discussion of digital piracy

2. Don’t request invites, trade, sell, or self-promote

3. Don’t request or link to specific pirated titles, including DMs

4. Don’t submit low-quality posts, be entitled, or harass others



Loot, Pillage, & Plunder

📜 c/Piracy Wiki (Community Edition):


💰 Please help cover server costs.

Ko-Fi Liberapay
Ko-fi Liberapay

  • 1 user online
  • 249 users / day
  • 436 users / week
  • 935 users / month
  • 3.44K users / 6 months
  • 1 subscriber
  • 3.47K Posts
  • 83.2K Comments
  • Modlog