The Hacking Empire Built on Discord
ฝัง
- เผยแพร่เมื่อ 30 ก.ค. 2024
- 👉 Free $100 Cloud Computing Credit linode.com/seytonic
0:00 Intro
0:16 Hacker Empire Built On Discord
3:48 Joe Biden Themed Carding Marketplace Gives Away 1M Credit Crds
7:31 KillNet Targets US Airports
9:12 Linode
9:51 Outro
Sources:
www.bleepingcomputer.com/news...
thehackernews.com/2022/10/lof...
lofygang.info/
/ lofygang
checkmarx.com/blog/lofygang-s...
www.bleepingcomputer.com/news...
www.bleepingcomputer.com/news...
securityaffairs.co/wordpress/...
gizmodo.com/bidencash-dark-we...
blog.cyble.com/2022/10/07/bid...
hothardware.com/news/hackers-...
securityaffairs.co/wordpress/...
go.theregister.com/feed/www.t...
www.bleepingcomputer.com/news...
www.darkreading.com/attacks-b...
blog.eclecticiq.com/killnet-e...
===============================================
My Website: www.seytonic.com/
Follow me on TWTR: / seytonic
Follow me on INSTA: / jhonti
=============================================== - บันเทิง
![[TH] 2024 PMWC x EWC Main Tournament Day 3 | PUBG MOBILE WORLD CUP x ESPORTS WORLD CUP](http://i.ytimg.com/vi/3EM6gpHgLk4/mqdefault.jpg)
![อยู่ได้แล้ว - LIPTA feat. Mirrr [OFFICIAL MV]](http://i.ytimg.com/vi/-9-hpntNym4/mqdefault.jpg)
So generous of the Biden administration to sell free Credit Cards in these tough times 🙏
Just like Musk and those free watches.
I can't believe communist Biden is giving credit cards out for FREE!!
Billionaires and the ruling class will never help those in want or need
@@RhizometricRealityNot like the Rockefellers giving away dimes on street corners during the Depression.
@@RhizometricReality bro biden is giving free credit cards for free he is changing the rules now give him time 🙏
Also, downloading and using a NPM package is basically like running an exe. As it runs on node, you can do everything on the computer/server that it is running on.
node is so scary, I always have the creeps when I use npm or pip or the like :(
is there any way to make it safe?
@@yeetyeet7070 I'd say the only way to make it safe is to use a VM to isolate it from your system...
This is one of the reasons why I hope Deno, a Node alternative, will gain more traction: it's secure by default. You have to explicitly enable file, network and environment access through separate flags.
The threat is identical with most other package managers for other environments that allows pre and post install scripts and download code that can be executed, not just NPM; apt-get, yum, RPM, Nuget, PIP, you name it. It just so happens that NPM is the most widely used and most accessible of the bunch and therefore gets the most attention from users and malicious actors alike.
One way to deal with it would be to do something like Deno; not allowing pre/post install scripts, and allow granular permissions on features to prevent any modules access to the file system, networking and more by default. However, this is only realistic for non-compiled languages, since every system is different and different software sometimes require different installation processes. It's convenience over security.
@@yeetyeet7070 virtual machines! Dont do such on host computer.
Very smart way of infecting people with malware.
I am a huge fan Mr Dvr
Plz dont
@@HazyJ28 I wont obviously. Just have to give credit its clever.
Babe wake up new Seytonic video is out
Wake bake*
It do be like that
One point about free credit cards publishing is diversification. If you steal thousands of credit cards info and steal money, you will likely face serious prosecution and leave a money trail. If you publish that info and let other people also steal, it is the same, but now there will be too much money trails to track, reducing the amount you can steal, but also reducing the probability of you being caught.
No you would just have sum more time as your friends got busted.
@@Desolationist unless
The thing is that using credit card is not that easy
Banks actually have pretty good verification system and if website actually did 3ds verification it would be much harder
Using and washing credit card money is the hardest and most labor intensive part of the process might as well outsource it
Ironically I got some accounts hacked today. It’s been years, been waiting for it to happen. They doxxed my whole family, destroyed what I’ve been building, and did I mention they called me over 100 times today? Just to taunt and gloat their prizes of my accounts. I hate it here
Sure you did. Sure...
You wouldn't be casually watching TH-cam videos and writing comments if that happened to you. And if "what you've been building" was anything larger and have more significance to your life than a crappy school project, it either couldn't be destroyed in just one day or you wouldn't be able to assess all the damage in the very same day it happened. You post just reeks of shit and demand for attention.
Don’t worry law enforcement of some kind will do something about it (not).
Anyways, sorry to hear that. Always good to learn and prevent it from happening in the future.
Go cry me a river you fucking stooge.
@@williamjohnson3229 🤡 it’s Saturday night and you alone on TH-cam. Get a life
@@williamjohnson3229 Watch your tone or I will slap the sht out of you with a drone that has hands attached to it.
Nice video as always! Today devs must be aware of packages like this. There are also some packages with typo in it containing malicious code. Btw, discord is doing ban waves and terming discord servers related to hacking content, I was a moderator on one server and my acc got termed too.
This is a challenge for any package manager. Does the NPM security team know about the site tracking the other malicious versions?
Can confirm. Managed to jump ship on a server belonging to a hacked game client less than an a day before it got termed.
I love getting my Seytonic fix. Every time I see you upload a new video, I get a wave of techy relaxation wash over me. Cheers✌️
Man imagine running a pro-russian ddos group without even being paid for it
They do it for free
Those fools, giving away for free what someone would pay them for!
@@StephenGillie there is no price for moral responsibility
@@user-yv2fb4mi1k Moral duty my ass
😂
@@user-yv2fb4mi1k Even the Ferengi side with you here.
Absolutely no one should be surprised by the discord news.
Malware in packages is my actual nightmare.
Discord self bots are actually against the TOS & you can get banned for using them.
You can also get banned for just about anything else. The reason they're banned is to prevent spamming or general abuse. Any automation of Discord is probably against ToS if used maliciously or to gain an unfair advantage. But so is using AdBlock, and with many services even using VPN is against its ToS, so I wouldn't take this too seriously.
@@NatiiixLP I wouldnt either, but discord's filter for self bots is incredibly effective
@@seailz in my experience it is actually incredibly ineffective
@@NatiiixLP Where in the ToS does it mention adblockers and VPNs are not allowed?
@@NatiiixLP discord automation isn’t really against TOS, you can make your own personal bots running on your personal computer pretty easily, I’ve made one before. The only thing is that you need to make it with discord’s developer tools, so it’s legit and within the TOS.
Notifications working now!! :) thanks seytonic
'It's funny buying their drugs from Tesco"......."it adds a little spice". Lol lol. Did you actually notice that? Great video. Thanks.
Thanks for your videos!
I actually decomposed a python script doing what these npm packages are doing, it didn't seem like the author knew what they were doing beyond following some shady tutorial.
Wasn't obfuscated, had proper formatting, hell I even found it on a public GitHub repo after some digging.
What I found really interesting was that instead of exploiting API access to acquire credentials, it was straight up reading admin-only windows paths.
I had a spare drive that was gathering dust, and one windows installation, one discord install, and a new, entirely untracable discord account later, I ran the script.
Didn't ask for admin permission, just crashed.
Script kiddies are hilarious.
Great video, subscribed!
LOL it almost feels like 6:30 is the start of a promo video.
You guys should join that forum, there's some good stuff on there
ok fed
glowing
Which forum are u talking about
Not that I would wire fraud anyway, but I had no idea that it's not the bank that takes the hit when someome uses a stolen credit card!
Usually there's like a $50 limit for credit card fraud. You pay the first $50 and the bank pays the rest.
@@StephenGillie Still means the store takes a hit too.
Excellent video, well worth a like and subscribe
I feel like that whole mpm package thing would of never happened if they just fixed a couple things . Like that part where you can put the legit link that isn’t yours onto your malmare package . That’s insane . Everything looks legit so it’s no wonder people downloaded it .
Glad to be a new sub, cybersecurity and hacking is a fairly new interest of mine, I love learning about this typa stuff. Thank you Seytonic.
Thanks for watching my dude : ) There’s a lot of interesting nuggets in the cybersecurity world
@@Seytonic facts!
@@Seytonic I'm going to be the one do to unpatch the V2 switch when I turn 18 hopefully hopefully it's packed before then
Ahh good ‘ole Malwarecord
Love how the instant I went to my home page I saw "7 minutes ago, 14 views". Glad to be this early! A new subscriber btw since a couple of days ago.
Same
Glad to have you on board : )
3:34 After almost 2 years of discord nuking and token logging. i can assure you that they sell those accounts to people who want to raid servers. At normal, 100 tokens cost around 2-3$ depending on the account age and verification
i used to sell bot tokens for like 0.50$
I just had to help someone secure their card from a fraud who opened a shopping and social media accounts. How the thief didn't realize what they had could be easily tracked somewhat befuddles me unless they just don't care.
4:25 Western Sahara is finally included in a stat map. Amazing!
love this channel
people always find ways to hack peoples discord accounts, they even made people hack themselves by scanning a qr
Social engineering is hacking 101, tbh.
@@Akronymus_ altough it wasnt really hacking, it was more like making people give them their accounts
@@gangsterism yes, social engineering is what that's called.
I know this may seem like a weird ask, but would you cover any IT news impacting Healthcare?
Biden cash is a pun play.. that's the spice. "buy'ed in cash" (the pun) -> for credit cards (not cash but cash equivalent). It's funny
What software do you use for text scrambling on the pictures you show?
Taking notice
I'm so curious to know more about the way those credit cards are skimmed using the malicious npm package for my own research ofc, where do i find out more ?
See the checkmarx link in the description, that’ll lead to the full research
@@Seytonic thanks man
I've been around hackers recently.
Almost saved myself from getting doxx .
U just need to careful with your bot
3:50 missed oppurtunity to call it Biden Bucks
ClintonCash
Anyone know what that background music is called?
You ain't even hear about Anonix dawg, we got taken down, we was some rowdy mfs dropping packs all the damn time, PDFs and books for learning, it was nuts
There’s another discord malware that’s been spreading like mad and still undetected because no one seems to want to check their node programs.
elaborate please.
@@legitsu_ a malware thats based in Node has been going around in various forms. Mostly noted to be a compiled EXE and averaging above 100mb in size usually. From games to be "tested" to selfbots to impersonating any program you can think of. It's still undetected by any antivirus vendor and I've been investigating it for a year. Your passwords, Cookies, Tokens, and Browser Data are what it targets.
Ironic that people are downloading “self bot” just to turn themselves in to a bot
i think they use account to see which users dont care about their CC spending and to make their socks look legit by "unreverted purchases"
How can card companies possibly blame a retailer for a fraudulent transaction?
yeah this doesn't seem likely tbh
Hi seytonic, i'm watching you for a quite long time and really enjoy your videos, but in Ukraine we have one ineteresting things in war - drones. I would be happy if you create video about radio-electronic warfare (attack/protect drones) and if yoy bring so new for us ideas or information it would be great
P.S. I'm not talking about military drones like bayraktar, but about civilian drones that usually use our solders for scouting. (some of us modify civilians drones with different SBCs for auto-go-home control, when russian radio interference kicks in)
Supply chain attacks are increasing by the day.
what happend to the cyberwar, idk it just vanished ._.
Hey, at least they are destroying the weird people
@Seytonic looks like you browse pages loaded with malware on your desktop, that's surprising considering your expertise. I would suggest using virtual machine to prevent attacks.
How can a bank charge the company for someone using a stolen card?
How is the company supposed to know?
Isn't it up to the bank and the user to maintain their own security, not the company they use the card on.
This just doesn't make sense????
what is the best website to buy illegal things
Well I am just glad that my CVV is switching every hour, and every online payment requires 2 Factor authentication
The creator of Javascript said it was a mistake he made it, and he regrets it
Not JavaScript, just node.
Supply chain attack. Then it's better to write your request instead of a package.
What is that forum that you always show ? That has hackers confessing what they do (showing off )
The name itself defines this sole app not very surprising
Haha, jokes on them, I never pay for nitro!!
Damn I want to make a group as powerful as the Discord ppl
You can change passwprd after getting the nitro
Speaking of Discord: do you have one we could join? I love your content.
Lmao once on the dark web on some marketplace I found someone’s listing, for $100,000,00 you could spend a night with belle Delphine. There was also government secrets for sale for like $85,000,00 lol
Tell me how I just got ran through 😂 someone had spam uploaded vids on my channel, but I got it back
See why said Discord is Dangerous too most people
U sure its not lo-fi? Anyone actualy asked one one of the hackers or are we just letting him get away with saying "lofe"
biden cash? those are two words i never expected together in a sentence lol
Credit-cards, revoked or not, are fine to sign in nasty web services🤗
Babe wake up, just wake up
Tesco Express!
I personally came across a few days ago by some weird discord invites in channels that after joining them they ask for a QR code scan for supposedly checking that the user is not a bot instead of reacting to a comment xD which was weird not to mention that these invite links were posted multiple times by a lot of people xD then I remembered that discord added a fast authentication for PC by having users do a QR code scan xD.
I can conclude that a lot of user authentication cookies had been stored xD for multiple reasons xD.
I swear only nefarious things happen on discord😂
Yep. Its worse then 4chan honestly nowaday 😆
Hold on i'm going to watch this video later because my hard drive is with 0 bytes free
Is it fine now
Umm, about the thing you said about chargebacks etc: It IS actually true. Partly. My GFs ex stole her cc info and used it to purchase shit on playstation, steam, amazon etc for like 2 years, totalling maybe 5 thousand dollars. We weren't able to get playstation or the others to do a single thing about it, but at least here in norway, we could just start a case on this with the police, provide evidence, receive our documentation, and then give that to the bank and the bank refunded her all of the money.
So while this might not be the case in USA, which I'm thinking you assume all your viewers are from, it definitely is for most of the rest of the developed world. It just takes a few extra steps. So in our case, it really was the bank he technically stole from in the end.
The police never did shit about the case btw, we just heard nothing from then, and then 2 months later the case was closed due to lack of evidence, despite us providing proof of her ex fully confessing to everything
The bank refunds the money, but that money has to come from somewhere… usually that’s the company that the goods were bought from.
But yea, the bank has the liability if that money can’t be recouped from the company from which the purchase was made.
@@Seytonic generally though this *would* mean that the actual target of the attack isn't assumed to be the victim in the end, in terms of the financial side of it, or? Not that I'm at all of the opinion that any of this stuff is good, i'm just nitpicking at a tiny detail in a comprehensive video, so I consider myself lucky you even responded to me
@@liveen I've owned many businesses and whenever there was a chargeback for an unauthorized charge, the bank would refund the money to the customer and then the bank would immediately take the money out of MY account (as the business owner) AND charge me a $35 fee. So no, you're wrong. They aren't stealing from the bank. They are stealing from small business owners which are usually just people like myself, not rich, just trying to make a living like everyone else.
@@teddyruxpin3811 its because US is ruled by the evil banks, payment processors, and cousins. You have no rights because you're their slave and the collective consciousness and moral integrity and character is broken and non existent.
It would be hilarious to watch you cry like a little girl after being attacking by a stray dog.
discord is like the bastard child of irc and a web forum, all the worst aspects with no redeeming features.
Well….. don’t use a library that doesn’t have at least tens of thousands of weekly downloads. Otherwise build it yourself
Biden Cash 🤣 Thanks Joe Biden!
That video where they are using the bot is fake . Do not give them your token . I highly doubt they have a bot that runs stolen credit cards through a registration . It’s obviously fake. If they had a working bot like that they would not be using it to buy discord registration , I can promise that.
5:09 you had about 2 hours. if that.
If I was 3 views earlier, I would be the 111,111st viewer!
7:40 remember, no russian.
I got a notification. Crap
Nice. I have a good excuse for not learning node.js.
Node has little to do with npm, besides that you need node installed to use npm. npm is used for all of javascript.
@@Wolfo70 Shhhh, don't.
@@Wolfo70 One of the best things you can do as a developer is learn how to make your own stuff, so you need as few 3rd party modules as possible. Why trust when you don't need to? This also shifts security left.
@@StephenGillie The thing is if you're a web dev you will always use npm no matter what. For things like react, axios, routing packages etc... Also npm is completely fine to use just don't download obscure stuff you can do yourself (as you said).
@@Wolfo70 You should try my serverless framework. No NPM involved.
2:58 excuse me does the bottom email say "Onlyfans" ayo
I’ve seen some crazy shit on very few discord servers. For example, one has ddos tools, deep web links, gore, credit cards, all purchasable with BTC or ETH.
where?
"Killnet" part didn't age well lol.
Theres alot more deep and darker communities on discord
Like???
I try to use discord for good purposes only.
Haha well I geuss killnet is gonna be betrayed soon😎
who could thout about that ;)
Hello world :D
telegram has a lot of wild stuff
Like ?¿?
Dang Joseph tryna hack me on discord 😮
This is laughingly the least worst thing about discord. what do any of you that use it know about who owns, runs, secures and harvests discords data. lof etc are the bottom feeders, discord itself is the shark perhaps :)
hello
"Pro-Russian group" tells me all I need to know.
Everybody merged to telegram
lol
I wonder how many wordpress plugins are infected...
A colleague once called Wordpress "a remote unauthenticated system administration tool that also happens to host a blog."
Trur
JFY ChildNet is just ddos group of kids. Nothing special to even talk about
First
Bidencash lul