Readit News logoReadit News
_yyku commented on I brought down a scamming operation with 15 bytes of PHP    · Posted by u/_yyku
ta1243 · 3 years ago
You did fine in the action (breaking the law isn't the end of the world), just a little naive over the consequences.

They're back online

https://uniquemost.online/home.php

I expect it will all blow over.

Being a vigilante is great, but there's a reason Batman has a secret identity

_yyku · 3 years ago
I don't think I did fine in the action, tbh. It was not my job to do such thing.
_yyku commented on I brought down a scamming operation with 15 bytes of PHP    · Posted by u/_yyku
some_furry · 3 years ago
I've flagged the story to help it vanish faster. I encourage others do the same.

Do you have anyone that can mentor you on such matters? This whole thing has a vibe of self-taught about it. I recommend finding someone older and more experienced to talk to... if for no other reason, than to avoid making mistakes that can put you in legal jeopardy.

That being said, I don't think anyone here thinks you're a bad person for wanting to clap back at scammers. We just want to emphasize caution and working within the law.

If you feel lost or alone, the community here is full of hackers of all stripes (and spots, and scales, and ...). You'll find someone you can vibe with pretty easily.

_yyku · 3 years ago
I don't have any mentor at the moment. I'll avoid doing such things and exercise more caution while handling this kind of matter.

Thank you for flagging

_yyku commented on I brought down a scamming operation with 15 bytes of PHP    · Posted by u/_yyku
gumballindie · 3 years ago
Ah yes, a classic remote file inclusion exploit. Nothing new, but fun to see in the wild as of 2023.
_yyku · 3 years ago
Author here. I did wrong. And I'm sorry I didn't stay on the right side of the law. I advise against doing the thing I did. I know it can be found on archive.org. I removed the post so people don't follow it for "guidance" on how to break the law. Sorry to everyone. I wish I could remove this post from hacker news. It is a dark page for me today.
_yyku commented on I brought down a scamming operation with 15 bytes of PHP    · Posted by u/_yyku
lemper · 3 years ago
where should I contact Italian authority? there's this malicious person who damages other people's property without legal justification.
_yyku · 3 years ago
Author here. I did wrong. And I'm sorry I didn't stay on the right side of the law. I advise against doing the thing I did. I know it can be found on archive.org. I removed the post so people don't follow it for "guidance" on how to break the law. Sorry to everyone. I wish I could remove this post from hacker news. It is a dark page for me today.
_yyku commented on I brought down a scamming operation with 15 bytes of PHP    · Posted by u/_yyku
vntok · 3 years ago
> I brought down a scamming operation

This seems like clickbait. Being told your server's Apache config has been deleted and you need to recreate it is barely an inconvenience for a scammer whose operation probably brings home much more cash than the hour it will take them to get back to normal ops...

Why would you even tell them what you did to their server in the first place?

_yyku · 3 years ago
Author here. I did wrong. And I'm sorry I didn't stay on the right side of the law. I advise against doing the thing I did. I know it can be found on archive.org. I removed the post so people don't follow it for "guidance" on how to break the law. Sorry to everyone. I wish I could remove this post from hacker news. It is a dark page for me today.
_yyku commented on I brought down a scamming operation with 15 bytes of PHP    · Posted by u/_yyku
mowthie · 3 years ago
Well, I am no member of law enforcement organisation, but I was really hoping to read that. Does anyone have a copy, by chance?
_yyku · 3 years ago
Author here. I did wrong. And I'm sorry I didn't stay on the right side of the law. I advise against doing the thing I did. I know it can be found on archive.org. I removed the post so people don't follow it for "guidance" on how to break the law. Sorry to everyone. I wish I could remove this post from hacker news. It is a dark page for me today.
_yyku commented on I brought down a scamming operation with 15 bytes of PHP    · Posted by u/_yyku
mrtksn · 3 years ago
Removing the Apache config was a bit anticlimactic considering that the thing the OP did is illegal itself.

If you are after a vigilante justice, I would suggest doing something substantial like exposing the identities or tipping of the authorities and most importantly: don't reveal your own identity. Back in the day when the internet was mostly a lawless place you could have done something like that and recoup the clout and be the hero of the people but that's not the case anymore.

_yyku · 3 years ago
Author here. I did wrong. And I'm sorry I didn't stay on the right side of the law. I advise against doing the thing I did. I know it can be found on archive.org. I removed the post so people don't follow it for "guidance" on how to break the law. Sorry to everyone. I wish I could remove this post from hacker news. It is a dark page for me today.
_yyku commented on I brought down a scamming operation with 15 bytes of PHP    · Posted by u/_yyku
jacquesm · 3 years ago
This is funny but: you are breaking the law and this could backfire spectacularly.
_yyku · 3 years ago
Author here. I did wrong. And I'm sorry I didn't stay on the right side of the law. I advise against doing the thing I did. I know it can be found on archive.org. I removed the post so people don't follow it for "guidance" on how to break the law. Sorry to everyone. I wish I could remove this post from hacker news. It is a dark page for me today.
_yyku commented on I brought down a scamming operation with 15 bytes of PHP    · Posted by u/_yyku
gnfargbl · 3 years ago
This is well-meant, but the author seems to be based in Italy, and this is illegal in Italy [1]. I know how tempting it is to retaliate against these people, but you have to stay on the right side of the law.

If you choose not to stay on the right side of the law, then at a minimum you really should avoid blogging about your crimes.

[1] https://iclg.com/practice-areas/cybersecurity-laws-and-regul...

_yyku · 3 years ago
Author here. I did wrong. And I'm sorry I didn't stay on the right side of the law.

I advise against doing the thing I did. I know it can be found on archive.org.

I removed the post so people don't follow it for "guidance" on how to break the law. Sorry to everyone.

I wish I could remove this post from hacker news. It is a dark page for me today.

_yyku commented on I brought down a scamming operation with 15 bytes of PHP    · Posted by u/_yyku
namanyayg · 3 years ago
Hilarious. Did you find out how their scam actually worked? Are they just harvesting user credentials of those who sign up and then later trying to hack the accounts?
_yyku · 3 years ago
They harvest username, email and passwords from users (If someone not too tech savvy uses the same email/password combination for more than one service they can access their accounts). The main function of this scam campaign is to steal "gas fees" money (no actual minting involved, looked at the code). They ask 0.15 ETH for each entry. In my case they could've got something around 6000$.

There are people that have fallen for this scam.

_

u/_yyku

KarmaCake day-1September 7, 2023View Original