Jun 8th, 2011
  1. moondog = Karim
  3. * moondog (~moondog@CA655518.4E086B07.EE1DCA7E.IP) has joined
  4. <moondog> Hello?
  5. <knobbles> hello.
  6. <hamster_nipple> hi
  7. <Espeon> HEllo.
  8. <hamster_nipple> karim?
  9. >moondog< CTCP VERSION
  10. <hamster_nipple> MOONDOG
  11. <hamster_nipple> WAKE UP LAD
  12. <moondog> Can't talk now but wanted to connect. Need to discuss. Yes  it's Karim.
  13. <moondog> You guys on perpetually?
  14. <hamster_nipple> yes
  15. <hamster_nipple> before you leave
  16. <hamster_nipple> what did you want to talk to us about?
  17. <moondog> Ok
  18. <hamster_nipple> moondog ?
  19. <Espeon> LimeChat for iPhone... client of kings...
  20. * moondog_ (~moondog@85485E68.8405F5D7.EE1DCA7E.IP) has joined
  21. <moondog_> Short version: need assurance you guys aren't hired by my competitors.
  22. * moondog has quit (Ping timeout)
  23. <knobbles> If we had a bank account I'd show you that we got no payments from your competitors.
  24. <Espeon> If we were hired by your competitors, we'd be taking their money and taking your company down
  25. * moondog (~moondog@DB285C25.1DC404E1.EE1DCA7E.IP) has joined
  26. <moondog> If you guys have the philosophy that you have lead me to believe then I rather shut my company down rather than let them have my data.
  27. <knobbles> Just out of curiousity, which philosophy might that be kind sir
  28. * moondog_ has quit (Ping timeout)
  29. <Espeon> his iPhone seems to be really bad at connecting
  30. <moondog> It would seem you have some level of concern that this data could be used to destroy (Libya as an example) which is far more my competitors agenda. How do I know you are not taking their money?
  31. <knobbles> We might destroy companies but we stick to our words. Which we can't say of most people in your branch.
  32. <Espeon> it would be best not to further question the people that are giving you a chance
  33. <Espeon> we talked yesterday about not fucking up the situation
  34. <Espeon> we're not working with anyone you know or will ever know, that's our word and that's it
  35. <moondog> To what end is having the botnet data going to help. My understanding will help me better get an idea of how to cooperate.
  36. <Espeon> we like botnets, we like data
  37. <Espeon> we like crushing things; we like inside info
  38. * Espeon shrugs
  39. <moondog> Can you help me figure out which botnets to go after?  It is darts for me today. Maybe you can give me focus.
  40. <Espeon> what's your status with Mariposa?
  41. <moondog> Trying to get custody of the domains. Davis still has the vast majority. Davis is now Endgames.
  42. <Espeon> yes heard about Chris joining from that conference; seems a lapse in technical skill
  43. <Espeon> hamster_nipple will have our exact botnet goals
  44. <moondog> Yep.
  45. <moondog> See
  46. <moondog> Understood.
  47. <moondog> Matt is really the talent behind Davis. That is why I have him. He is good.
  48. <Espeon> we just want to have a better understanding of the situation, hopefully you can find a way to get connected here frequently
  49. <moondog> I will.
  50. <Espeon> each of us does have a copy of a very indepth compilation of your company data, there is no copy on the cloud and everything is behind encryption
  51. <Espeon> nothing can be accidentally leaked
  52. <Espeon> at this point we're not using any of it to gain leverage in other places
  53. <moondog> Ok. Thank you.
  54. <moondog> Does Oakbot mean anything to you guys?  We think it might be an alias to Qakbot.
  55. <Espeon> you're right
  56. <moondog> Fuck. That was a wild guess!!
  57. <Espeon> mainly we don't want anything specifically
  58. <Espeon> see, if given the chance to eliminate or expose your competitors
  59. <Espeon> we will go off on our own tangent, leverage, to acquire what we need
  60. <Espeon> this is the inside info part
  61. <hamster_nipple> hi
  62. <knobbles> Give us all the info you can get and we will do with it what we can. Which is usually a lot.
  63. <moondog> Hello.
  64. <moondog> Can I take a guess at who you are?
  65. <Espeon> Karim
  66. <Espeon> we've been expecting you to be secretly guessing since day 1
  67. <Espeon> do share
  68. <moondog> 808chan.
  69. <hamster_nipple> ROFL
  70. <Espeon> heh, you think we're *chan insurgency?
  71. <hamster_nipple> are you serious bro
  72. <hamster_nipple> how dare you
  73. <Espeon> that's funny shit
  74. <hamster_nipple> call us a fucking chan
  75. <hamster_nipple> we're beyond chans bro
  76. <moondog> :)
  77. <moondog> Then tell me.
  78. <knobbles> D: /i/ all the wa.. i mean wait what
  79. <hamster_nipple> moondog
  80. <hamster_nipple> if we tell you who we are
  81. <hamster_nipple> you will shit yourself and shut the fuck up
  82. <hamster_nipple> but yes we are very well known
  83. <Espeon> I like Karim
  84. <Espeon> he's very comical
  85. <hamster_nipple> I'm offended he'd call us some fucking chan
  86. <hamster_nipple> I feel like leaking his shit
  87. <Espeon> at least it was 808, they're not the worst
  88. <knobbles> LOL
  89. <moondog> Lots of imposters out there. Extortion doesn't fit ur profile.
  90. <knobbles> Not the worst, everything is said by that.
  91. <Espeon> our profile hits all ends of every spectrum
  92. <hamster_nipple> moondog, what do you mean it doesn't fit our profile
  93. <Espeon> anyway, chitchat aside, what's enxt
  94. <hamster_nipple> what profile are you referring to
  95. <hamster_nipple> because I feel like you're trying to social engineer us
  96. <hamster_nipple> and we're sitting on all your emails
  97. <hamster_nipple> so you're either the best social engineer on the planet
  98. <hamster_nipple> or you're highly dense
  99. <moondog> Why be hostile? Just curious.
  100. <hamster_nipple> we're not a chan
  101. <hamster_nipple> don't refer to us as a chan
  102. <hamster_nipple> we are security researchers
  103. <moondog> No worries. You're not a chan.
  104. <hamster_nipple> heh
  105. <hamster_nipple> you're testing my patience
  106. <knobbles> Don't think you have to tell us we're not a chan. We're quite fine at knowing that ourselves.
  107. <Espeon> well judging from the acute details of moondog's observations, let's just assume he's saved and reviewed what we've said to him and assigned a trusted individual to monitor for correlations in cyberspace
  108. <hamster_nipple> anyway
  109. <Espeon> sounds like typical whitehat search-and-fail
  110. <hamster_nipple> absolutely
  111. <Espeon> anyway, 808chan, time to check it out
  112. <Espeon> maybe they've said something that looks like something we said?
  113. <hamster_nipple> google 808chan and the word nipples
  114. <hamster_nipple> maybe he googled it and got a result
  115. <hamster_nipple> and correlated both
  116. <hamster_nipple> I love whitehats.
  117. <hamster_nipple> anyway karim
  118. <hamster_nipple> we werent paid by your competitors
  119. <Espeon> :x maybe he used Maltego and reverse grammar/word engines to find our Bebo nude pictures
  120. <hamster_nipple> we straight up owned you and your company on our own
  121. <hamster_nipple> because it is what we do
  122. <hamster_nipple> we target whitehat security firms
  123. <hamster_nipple> now
  124. <hamster_nipple> lets move forward
  125. <hamster_nipple> do you agree with this?
  126. <Espeon> fun and games fun and games, but I'm bored, let's talk business
  127. <moondog> Sure. Why is it called Oakbot?
  128. <hamster_nipple> we don't give a fuck why its called oakbot
  129. <hamster_nipple> when do we get access to the linode account again
  130. <Espeon> why am I called Espeon, I prefer Digimon?
  131. <hamster_nipple> I want to hop on those vms and monitor your bots
  132. <knobbles> It was coded using a mobo that was made using an oaken hammer. Names do not have to mean anything or be interesting in any way.
  133. <hamster_nipple> and its not even oakbot
  134. <hamster_nipple> its qakbot
  135. <moondog> Agreed.
  136. <hamster_nipple> you're playing with us karim?
  137. <Espeon> I've seen some Oakbot and some Qakbot, probably someone dicking around
  138. <moondog> Just seeing what is worth chasing. You spoke of partnership. Testing the waters.
  139. <hamster_nipple> stop fucking around
  140. <hamster_nipple> thats it
  141. <hamster_nipple> you don't need to test the waters
  143. <hamster_nipple> keep that in mind mate
  144. <knobbles> So, we were talking business.
  145. <knobbles> Now lets not talk about why it's called business and not bread.
  146. <hamster_nipple> knobbles talk to him. I'm not in the mood for games
  147. <hamster_nipple> see wtf he wants
  148. <knobbles> So mate, we need all info we can get for the.. speciality... for your competition, agreed?
  149. <hamster_nipple> knobbles, do you have the clip of his conference we hijacked?
  150. <hamster_nipple> is it edited and ready to release?
  151. <hamster_nipple> send him a link to the fun let him listen in on his internal communication with partners
  152. <Espeon> no link
  153. <hamster_nipple> maybe that'll wake him up
  154. <Espeon> not ready
  155. <Espeon> <-- that's me dude
  156. <hamster_nipple> hai
  157. <moondog> How did I offend?
  158. <hamster_nipple> "Testing the waters"
  159. <hamster_nipple> you don't need to test the waters
  160. <knobbles> I got that one too espeon.
  161. <hamster_nipple> when we're here wasting our time trying to help your ass out
  162. <hamster_nipple> we told you we are willing to work with you on a relationship
  163. <Espeon> I'll get an edited version that cuts out the 3 minutes those morons decided it would be a great idea to disconnect and reconnect
  164. <hamster_nipple> ROFL
  166. <hamster_nipple> OK
  167. <hamster_nipple> *everyone leaves conference*
  168. <moondog> Fair enough. That was Deloitte not me.
  169. <knobbles> I did lol tho.
  170. <hamster_nipple> yeah
  171. <hamster_nipple> I laughed my balls off
  172. <hamster_nipple> ok moondog
  173. <hamster_nipple> so are we going to build a relationship with each other
  174. <moondog> You know they never called me since.
  175. <hamster_nipple> or are you going to keep playing games?
  176. <hamster_nipple> and sit on google googling our nicks hoping to correlate a link
  177. * Espeon stretches from boredom
  178. <Espeon> maybe we should just fuck Endgames and say it was Karim's fault
  179. <moondog> Trying to move toward that and away from the threats. Doesnt help anyone.
  180. <hamster_nipple> LOL
  181. <knobbles> Sorry but I am in fact bothered by the bullshit. We are not a chitchat club
  182. <hamster_nipple> if we root endgames.us and link to karim
  183. <hamster_nipple> that'll be lol
  184. <knobbles> Can we get down to business
  185. <hamster_nipple> ok karim no more threats. and no more games from you. thanks.
  186. <Espeon> speed rooting Karim's affiliates? sounds like a fun time
  187. <moondog> Done.
  188. <Espeon> threats over though, okay
  189. <Espeon> all jelly and ice cream and bots and 0day from now on
  190. <moondog> Sure.
  191. <hamster_nipple> so how do we help each other starting from today. karim?
  192. <moondog> Help me choose to what to go after hamster_nipple.
  193. <hamster_nipple> regarding what? botnet wise?
  194. <moondog> I am sure I will piss off others in this business. Yes. Botnets. I want your protection from others coming to get at the firm and me. Can you do that?
  195. <Espeon> are you implying that this protection is destroying said "others"
  196. <Espeon> or warding them off with fiery sticks?
  197. <knobbles> we cannot make magical internets barriers
  198. <knobbles> we can ruin something.
  199. <Espeon> because you can knife a bear or point sticks at it until it goes away
  200. <hamster_nipple> Ill give you examples
  201. <hamster_nipple> you are working towards a contract
  202. <hamster_nipple> a competitor comes out the left field and takes your shine
  203. <hamster_nipple> or is going after the same contract
  204. <hamster_nipple> tell us who they are
  205. <hamster_nipple> tell us any details involved in the situation
  206. <hamster_nipple> researcher names, emails, numbers if you know any
  207. <hamster_nipple> if there are servers involved or accounts let us know any logins you may have or anything that will help our research
  208. <hamster_nipple> we'll own them
  209. <moondog> What about other botnet masters?
  210. <hamster_nipple> we can go after them too
  211. <hamster_nipple> we just need to know where they're running their c&Cs or sinkholes
  212. <moondog> They are more likely to attack me.
  213. <moondog> Ok
  214. <hamster_nipple> you just got to give us enough info to work with
  215. <moondog> Understood.
  216. <knobbles> More info + more detailed info = better/faster
  217. <hamster_nipple> we're a well talented well rounded group and the best thing is we work great together. so far our success rates have been decent
  218. <hamster_nipple> what are we getting in return?
  219. <moondog> Any group that of limits in the botnet world that I should leave alone?
  220. <moondog> Information that we get.
  221. <moondog> Insider to us that we don't try to sell.
  222. <Espeon> want money for kills; we destroy then you pay
  223. <hamster_nipple> moondog, we hold no affiliations with any other groups
  224. <hamster_nipple> so by all means takeover the botnet of whoever the fuck
  225. <moondog> Ok
  226. <moondog> I can't ask you to get someone and stay a "legit" firm. Agreed?
  227. <hamster_nipple> what do you mean
  228. <hamster_nipple> are you saying you're scared of turning greyhat?
  229. <hamster_nipple> lol
  230. <Espeon> 35 years old? time to mix it up
  231. <hamster_nipple> theres no so things as whitehats you guys are as corrupt as we are
  232. <hamster_nipple> the only difference is we admit it
  233. <moondog> Can't operate in the world I am in that way.
  234. <Espeon> whitehats are just blackhats that have board meetings with lengthy rhetoric
  235. <hamster_nipple> and you get paid for it
  236. <moondog> Lol. Agreed.
  237. <hamster_nipple> moondog, I understand where you are coming from
  238. <knobbles> More to the point; if you're scared of feds on yoru doorstep: dont be.
  239. <hamster_nipple> but the same way you have a relationship with matt who takes over botnets for you
  240. <hamster_nipple> consider us a relationship who own shit
  241. <moondog> I never said I don't agree with most of what you believe about the industry.
  242. <Espeon> immoral, sure, if this gets out it'll be the story of a company hiring a hit squad to hack competitors
  243. <Espeon> that's why it won't get out
  244. <hamster_nipple> moondog, do you have access to lexusnexus or similar information portals?
  245. <moondog> Yes. I consider this a unique core competency. No I don't but may get it soon if I get some money.
  246. <hamster_nipple> I suggest you work to getting access it
  247. <hamster_nipple> as we want to share it with you
  248. <hamster_nipple> to*
  249. <hamster_nipple> do you have access to anything interesting that we don't already know about? any governement portal/info searches
  250. <hamster_nipple> anything that we can use
  251. <Espeon> inside FBI alerts
  252. <Espeon> want them
  253. <Espeon> if applicable :)
  254. <hamster_nipple> lol @ espeon I see what you did there
  255. <moondog> They are all over me as of late. Think Paul freaked when it wasn't him logging in.
  256. <hamster_nipple> they aren't all over you like that trust me
  257. <moondog> That CSFI is odd.
  258. <moondog> They took my data and ran.
  259. <hamster_nipple> really?
  260. <hamster_nipple> should we target them/ ;)
  261. <hamster_nipple> ?
  262. <moondog> Well it was a bit odd. And I don't know their intent. I it was what you referred to, I regret giving them data.
  263. <moondog> I = If
  264. <hamster_nipple> what data did you give them specifically?
  265. <moondog> Seriously. That is not my game.
  266. <hamster_nipple> it was regarding the libyan project correct?
  267. <hamster_nipple> espeon/knobbles: I suspect they are doing something very funky regarding libya
  268. <knobbles> id like to get my hands on that tbh
  269. <hamster_nipple> moondog: what data did you give them? botnet stats regarding libyan bots that are infected?
  270. <hamster_nipple> or?
  271. <moondog> Compromised hosts in Libya.
  272. <hamster_nipple> figured as much
  273. <hamster_nipple> they're probably looking for libyan hosts that are infected that are probably high profile
  274. <hamster_nipple> for use in penetrating libyan space
  275. <moondog> Yep.
  276. <hamster_nipple> karim
  277. <hamster_nipple> why would you do something like that ... knowing their intentions?
  278. <hamster_nipple> did you feel you had to in order to continue doing business?
  279. <hamster_nipple> honest question
  280. <moondog> I didn't know the intent and was in marketing mode. I am truly starving guys.
  281. <hamster_nipple> I understand man
  282. <hamster_nipple> thats why we're trying to help you
  283. <hamster_nipple> but wow thats pretty fucked up @ csfi
  284. <moondog> Be home shortly. Want to continue though.
  285. <hamster_nipple> ok lets continue this convo
  286. <hamster_nipple> we have a lot to learn from each other
  287. <moondog> Ok. Peace Hamster. Not yanking your chain man. Seriously. Bye for now.
  288. <Espeon> ;) bye bye business man
  289. <hamster_nipple> ok we'll be here. hurry back :)
  290. <knobbles> cya soon man
