Kingpin - A very interesting read

So I picked up a copy of the book Kingpin and just wanted to recommend it for anyone out there who likes reading and wanted to read about the carder market. I happened upon this book when someone posted about Evo and how it sprung from a carder market and speculation that Evo is honeypot for LE. I started doing a little more digging and came across this book. I'm about halfway through and it is extremely fascinating. Sorry if this book is a bit offtopic for the sub, I don't think it is since it talks about the history of the creation of one of the DNMs.

Clearnet link to the book: http://www.amazon.com/Kingpin-Hacker-Billion-Dollar-Cybercrime-Underground/dp/0307588696

The book is very well written and thought I'd just pass on a reading suggestion.


Comments


[9 Points] None:

[deleted]


[5 Points] A_box_in_a_cage:

I saw it in Gwerns post and read it this week. Terrific book! Any more recs /u/gwern ?


[3 Points] Theeconomist1:

Craziest shit I saw so far in the book was that VPN that was offered to all the carders which actually was created by the Feds. They had a CI and they developed this VPN which the CI then marketed to all of the carders. Major honeypot!! It was like the carders were paying the feds to be exposed.


[3 Points] ruSAL:

Read it a year or two ago after reading Ghost in the Wires. Both are good entertaining books. Agree though that Kingpin gives some good background to carder markets and how they form and disappear pretty often.


[2 Points] PM_me_all_your_lies:

thanks for sharing!


[2 Points] Theeconomist1:

So I assume its b/c of this people speculate that Evo is run by the feds? That they infiltrated the carding market (haven't gotten that far in the book, but assume that happens) from which Evo spun off? If so that's some fucked up shit. In the book they were saying that the fed who was posing as a spammer king had hosted DarkMarket (which he infiltrated secretly) in Florida. He moved it to the Ukraine when he was almost exposed and Max asked why the hell the server was in a place that was exposed to a warrant from the US government.

I guess that's why PGP is critical. It talked about how the fed would just go in and monitor all the messages on the system, pick out ones of interest. Its some serious scary shit.


[1 Points] None:

I bought this thus I have a retail copy. Any suggestions on where to upload it for others to download?


[1 Points] Theeconomist1:

Some things of interest/worth of being noted:

  1. Trust no one. CI's were the primary way of these guys getting busted. They were good at flipping these guys.

  2. Trust no one. From a market owner perspective, be very wary of who you give admin access to. The feds created a persona out of thin air. They inflitrated DarkMarket by creating a "king spammer" out of thin air. They reached out to Spamhaus and they put in an entry. With these creds, the fed was able to gain trust pretty easily.

  3. Watch how you access sensitive things. This was actually the flip side, the fed was almost exposed b/c he had gotten lazy a few times and logged in from his own IP w/o going through the VPN he had set up. Max and Silo (hacker in Canada, also a CI) hacked DarkMarket, found the access logs and realized that there was a fed in DarkMarket. Nobody believed them of course. But they were able to almost uncover the fed b/c they say the IP addy in access log and tracked it down.

  4. For big fish, they will trace currency/virtual currency. They doxxed a big German carder via his e-Gold account. I don't knkow how e-Gold worked, I don't think its like Bitcoin, but they subpoenaed an e-gold company, uncovered the account, which was in a fake name, but apparently before it was this fake name, the account was under another name, who was the real guy. Stupid mistake. Point being, they will use whatever digital trails possible. I assume they'd do something similar with Bitcoin, but in that case follow the transactions. But if it ever touches a market like LBC, CoinBase, etc - make sure its not tied to your real ID

  5. This was a full time job for the fed. He worked from morning until 2am, all the time. That's how he kept up his persona.

Anyway, just my take aways so far. It really hit home why you should use PGP, don't use a third party encryption service, use your own. These guys aren't idiots. They are patient and determined. I cringed when I read how the feds (and other hackers) would just read through all of the PMs and messages on the system. Also, they would take advantage that people are lazy and re-use passwords and usernames on different markets and sites. Both the hackers and feds took advantage of this. Some crazy shit. The carding aspect on Evo concerns me b/c that's a crime worthy of hte Secret Service, FBI, probably HOmeland security as well. They don't care much about drugs but man, once you fuck with their currency or money, they are on top of that.


[1 Points] Ubereem:

I read this book last year. Fucking awesome book. I was so bummed when I had to finish it. I wanted to just keep reading...

Anyone have pictures or info on what anyone is doing now? Like that snitch Johnny kid. Always curious about him for some reason.


[1 Points] kingbinazw3:

retail azw3 (kindle format): https://anonfiles.com/file/72dd48d7460a9d55891bd5de02029186


[-5 Points] None:

What's a book?