Comment by bitbasher

21 days ago

Wasn't he the guy that used tar for the leaked folder of data, but the tar included his user folder which contained his legal name?

20 comments

bitbasher

Reply
Hamuko  20 days ago

Yes, the tar command claims another victim. Tested while inside /var/www/html/vastaamo and then stuffed it in the crontab.

  $ tar cvf /var/www/html/vastaamo/vastaamo.tar . -C /var/www/html/vastaamo --exclude vastaamo.tar

For reference:

  -C, --directory=DIR
         Change to DIR before performing any operations.  This
         option is order-sensitive, i.e. it affects all options
         that follow.

shellac  21 days ago

It's in the article. Not sure it had his name, but certainly his family name since he looked for records concerning his relatives.

ryanlol  20 days ago

No, that did not actually happen.

  • snet0  20 days ago

    What did happen, then?

    • ryanlol  19 days ago

      Someone else leaked a copy of a shared throwaway VM used for hacks. Akin to https://www.thc.org/segfault/, but longer lived and potentially tens of people with access.

      The leaked home folder data doesn't really tie that VM to anyone, which is natural given that it seems to have mostly been used to run headless hacking tools and inspect their output.

      The idea that I'm linked to this VM comes from the ridiculous idea that lazy hackers would not share SSH key files in order to control access to groups of virtual machines. I.e. if a SSH key fingerprint is at one point tied to me, that key must also still belong to me even when used from a internet connection belonging to another person in another country with a similar track record as me.

      In court we had long debates about whether or not hackers could actually be so lazy as to violate best practices by sharing private key material, the lower court rejected such an idea as incredible and found me guilty.