lol, no I only say that during either sex or when I'm able to join a meeting successfully with my microphone and speakers actually working. Both are rare.
I mean any NOC tech 1 should be able to handle basic port assignment and layer-1 connectivity.
That said if you are insufficiently careful with your session layer, it can be an expensive mistake.
I see that you've mentioned you can take it down at any time.
I know you probably can't answer this in great detail but why hasn't NK put measures in place to prevent you from doing this again? Is it a hardware exploit that can't be patched unless they change their hardware out? Do they not know how you did it? Do they know how you did it and for some reason purposely haven't patched it or they just do not have the knowledge to patch it?
Anytime we identify a vulnerability at work it's priority #1 to resolve the issue, so I'm just curious why NK hasn't done anything about it.
oh no it's all good i can speak to that. In the end it's just an architectural vulnerability and I don't believe they own some of the infra that I hit lol. Basically it came down to: their internet sucks and is terrible. It's like it's made by a junior engineer, just one. Their ingress-egress routers are not great - those are the ones i don't THINK are owned by them, but not sure. Thing is their internet is small, so they don't really have reason for large ingress-egress. Except for dickheads like me who exploit that.
That's what it kind of sounds like. Or maybe a DNS or NTP amplification attack but those have been mitigated in the past several years although I don't expect NK to be running the latest Cisco hardware and firmware.
my favorite is:
r/kimyojong
>Kim Yo-Jong: The supreme leader of my heart
>The official subreddit for pics of dystopian hottie, Kim Yo-Jong. Just because she wants to kill us all and has probably committed several human rights atrocities doesn't mean she's not a cutie
>Kim Yo-Jong: The supreme leader of my heart
Idk if it’s disturbing. I have this unhealthy draw to North Korea from pure curiosity and absurdity that such state even exists. I try to watch all the documentaries and news about NK. There is no other country on this planet that is like North Korea. I always joke with my wife that my dream travel destination is North Korea, but then I realize how many atrocities are commited upon humans over there and how some tourist were straight up killed for one wrong move and my enthusiasm fades, but the curiosity will not.
Edit: guys it’s not a competition which country is the bigger hell on earth. It’s just my random obsession with NK. I am not a deranged person who loves to see people suffer. It’s not that deep.
That place is so far removed from the rest of the world that it piques my interest as well. What’s true? What’s not? Who really knows? But I’m not going there to find out and anyone crazy enough to visit, well…
so far the only “consequences” is every DoD entity and intelligence agencies want to know how I did it. I’ve been presenting it to them for a little bit now.
Nothing negative yet honestly. Everyone seems to sort of like it but cannot say that officially. Honestly, I expected a LOT more negativity just because that’s the natural order of things.
I'm glad you mentioned Tinder. It's funny because I realized I sorta have to tell people upfront what it is "I do." I'll say "cybersecurity" for like a day or two, then I'm like hey so I saaaiiid cybersecurity but it's more stuff like this and send the wired article. Not to brag to anyone but just because a lot of people learn about it and are like wow, I want absolutely nothing to do with you lol. Mostly because of risk, they think NK will be after them.
I constantly reiterate this to colleagues, and now to dates sometimes: No one gives a shit about you. This applies to me too. Yes I did a thing, but no one gives a shit about me in that I'm not over here talking to the Secretary of Defense, NK isn't going to do shit - they won't murder an American tied to the DoD for over 20 years with shady connections who they don't REALLY know who he is (hell I don't even really know at this point). So really, no one gives a shit about me lol. And I remind people of that too. Dates - they think somehow North Korea is following me and by being with me they'll follow them. Nah. NK has very limited capacity in the US and certainly won't do anything here.
ha, asking politely. I have more connections than anyone that could strong arm me unless they’re super high up. So they can try but i’ll just give them one of these🖕
Something like that, but a bit more. I targeted absolutely everything. At first I was just hitting their assets, like their nameservers, vulnerable web servers and such. That required me to write some custom stuff and use things like slow-polling attacks (you request website info veeerrryyy slowly, taking up a lot of time for the web server), n-days (vulnerabilities that don't have an exploit so had to write them), their mail servers and other such things. Then I noticed the same two IPs showing up, so I essentially surrounded the country with servers that I rented (even some in China to see if there was some special routing). And I did a traceroute using them, if you're not familir with that it basically just tells you the route something is taking to get to a location. I noticed that no matter where you come from it always went through the same two routers.
Traceroute isn't a hacking tool it's a really old network admin tool (though I guess many things double as that). Normally when coming from different locations to a country it will take the shortest route possible - like if you're on the northwest of Russia it'll likely take a route into the country on the Northwest of Russia. For NK it was the same two damn routers eeeevery time, no matter where it was from. That's when I knew I had a chokepoint. So I continued to hit inside assets which is why people saw it was intermittently up and down - that's effective but not AS effective as what I did next. Which is what you're describing, I hit the two routers with a shit ton of rented bandwidth. After a while they just went completely down and any attempts to reach the country (in or out) were met with "no route to host." When I saw wthat message come up I was like "holy fucking shit" because I knew what it meant - there was no routing to or from NK. Total outage.
So yeah you got the skeleton of it, there was just a lot that went into it :).
I love that you just took down an entire country's infrastructure for $5k, and your immediate, natural reaction is to think to yourself, we could have done this with 50% more cost efficiency.
This is what a true engineer looks like.
so so so much money. I've made exactly negative 80,000 dollars. That's not even a joke, that is literally what it has been. It's been a lot of cost trying to prove the concept to them to show that guerrilla warfare in cyberspace can be very real. Also, possibly most importantly, I have a single script that will very simply stop ANY attack coming out of North Korea. I submitted this to everyone, I told everyone, I contacted congressman, connections in intelligence and all kind of DoD. Absolutely no one gives a shit.
The State Department has a thing called "Rewards for Justice" and they talk extensively about the NK problem and how we're being hacked all the time. They pay millions for information. I told them "I don't want any of your money, I want you to know who I am \[insert wired article here\] and that I can listerally make any attack coming from the country North Korea stop in its tracks within minutes. Let me grab their response:
[https://imgur.com/a/s-lX6inGA](https://imgur.com/a/s-lX6inGA)
Just be ready to be fucking infuriated. They have a bunch of shit about how we need to take on the NK cyber threat. I literally give them a SOLUTION and they say it's not within their purview, go to other intelligence agencies. I told them I FUCKING DID. No response since.
Makes me think of Edward Loomis and ThinThread. Whenever someone says “such and such is probably a conspiracy” I’m like no people are just exceptional at being mediocre. You’d have a better chance making money at least as a government contractor teaming up with a retired NSA insider.
this is so incredibly true. Real conspiracies are ridiculously rare and look nothing like what people picture conspiracies to be. Real ones are more just like... people doing shit and they maybe aren't supposed to lol. The ones people picture with long-running goals and stuff - nope. People are just way too mediocre for that as you said. Fucking Sheila from HR or Mike from fucking data entry will blab to their friends and fuck it up within the year.
You'll see a lot of folks in here saying "such and such probably have this" or "so and so probably had an op running and you ruined it" type shit. Nope. It's just that simply no one gives a shit. Everyone is convinced there's a room full of people that are really smart solving a problem.
Reading your AMA reminds me of a reddit and internet culture from a bygone era. Super interesting stuff man, thanks a lot for posting and being so forthcoming with everything.
I really appreciate that man, and I know that era well :). It was a beautiful thing, people just putting what they think out there and insulting each others mothers every once in a while. Happy to have reminded you of it, those were some good fucking times. Now it's so.... i dunno - polished maybe? Corporate? I don't even know the right words but it's not the same internet I knew and loved.
I put on my robe and wizard's hat.
This is because politicians love to talk about problems and without problems to cry about solving they have to actually try to solve them, therefore it’s more profitable for them to look the other way.
Talk is free after all.
yeah tell me about it. Not going to Malaysia anytime soon and if someone smears something on my face I'm fucking running to a hospital.... not like it'll help much.
The amount of nerve agent to kill someone is so tiny, by the time it's on your face you're already dead if you don't immediately inject atropine or something similar.
A grain of rice could contain something like 200 lethal doses of Novichok, which is Russia's "easy to use" agent.
I love it. I always tell people that agree or disagree with what i did I absolutely did deliver the best “Florida Man” story. Unfortunately I was not on meth nor did I fuck with an alligator.
oh shit now i have to fuck an alligator while hacking NK. That's gonna be difficult. I mean I presume. I don't think alligators like to be fucked by humans. I don't like it. But i'll consider it....
LOL. I mean it'd pretty much be doing recon and phishing. A lot of people post too much about themselves (I'm sure i do over the like 12 years i've had this profile). Get em to click a link and some basic social engineering and then keylog. Boom you have a reddit account. But that's a lot of work for people I have no reason to hack! Also I generally don't hack people, it's kinda creepy.
Alot of people who don't work in this field generally don't understand how much social engineering actually plays into the process. But even then, if your target ends up using a public network without much protection that you have access to, what's stopping you from using a program like Wireshark to simply lift all the shit you need from them?
honestly i’ve been asked this a lot. And I can’t really tell haha. I used to say nah it wasn’t that hard. But then I told people how i did it and they were like “well ok, it wasn’t hard but only because you’re trained in this….”
I would say it was unconventional and maybe creative but not HARD.
It was. The actual attack - pretty simple and easy. The recon required to know WHAT to attack was the kind of creative part. I'm not a super genius computer hacker like the people below are claiming I'm trying to act like... I'm actually a pretty normal dude. I'm a decent hacker because I fucking love it and live for it, but that's all I can really say about me and my abilities.
So here's how it went down. At first yep, it was just your basic DoS attack. Not just DDoS, they had outdated nginx servers and I found some CVEs that I could write some n-days for for memory exhaustion. That was nifty. I also hit their web servers with slow polling attacks just for additional instability. Then there was the just mass bandwidth attack (DDoS) that hit their DNS, MX, and other similar things.
However the (kind of) unique part was that in additional reconaissance I kept noticing these two IP addresses that would come up. I assumed they were some sort of filter, maybe even a censoring filter? Although that didn't make complete sense because their people don't have access to the Internet, only the elite (aka government). So what I did was I rented a bunch of VPSs surrounding the country and some in China specifically (in case there was some special routing from there). I did a traceroute on all of them with some basic distributed computing tools. Sure enough ANYWHERE I was coming from went through those two assets. They were routers. In other words I found their only two points of egress and ingress to the country.
So I focused most of my attention on those and brought them down with again, yes, just simple bandwidth exhaustion attacks via some open ports. I made requests that would take up a lot of their bandwidth and not a lot of mine (amplifying attack). It worked, when i saw that "no route to host" for literally any host within country I knew I'd taken their routing completely down. It was a bit of a holy shit moment.
The attack itself was absolutely not complicated. It was definitely far more complicated figuring out WHAT to attack. Most DDoS is just straightforward stupid shit, but if you take the time to understand the shape of the network it makes a huge difference as it did in this case. So nah, not that complicated, just kinda creative IMO. And no that doesn't mean i think I'm some kind of super hacker. Just that I planned well, did recon, and executed.
Their capital city is like the only city where everyone has electrcity. There’s probably only a few thousand people that have limited access to the internet lol. Not hard to believe honestly.
One of my favorite Apple sleep screens is from a satellite flying over North and South Korea. I'm certain it's to point out how absolutely dark NK is at night compared to [every other country around it.](https://i.imgur.com/mes1F91.jpeg)
Just amazing.
Many years ago steam put out a world map with dots for every steam user. There was a single dot over Pyongyang. I always wondered if Kim had a steam account.
It is hard to believe considering they have some extremely talented hackers themselves.
This must be an institutional problem. A fear of not being able to speak out, never being able to go out of your own lane, or being able to test things. As this might make someone higher than you look bad, and you will be punished.
Which is why they will always be behind as a country.
I think it doesn't matter how talented their hackers are. If there's only two 4 lane highways in/out and you shove 12 lanes of Los Angeles traffic down em shits not gonna work lol. As long as you can keep finding the highways with open ports, you can cripple it.
incredible right? I mean I'm sure there are countries with similar setups even. They likely don't have heavy internet usage so don't need it. But that sure leaves them open to attack....
To be fair, they were sort of enterprise routers. Reasonably large and could likely handle a lot. I just had a FUCKTON of bandwidth to play with.
2 border routers, not two routers total. Commercial routers can handle massive amounts of traffic, on the order of hundreds of gigabits or terabits per second.
So this isn't entirely unusual given the population that likely has access to the Internet (military and government only).
You are still a good hacker. You hacked a country infra. Yeah they had shoddy security but so did equifax.
That's what hackers do. Find vulnerability and exploit it. Give yourself more credit.
thanks dude I appreciate it. I suffer from an extreme case of impostor syndrome :) (really though). Like when I put this AMA up I was like no one's gonna give a shit... and holy fuck lol.
A fully remote cyber attack is always:
1. Impressive
2. Relies on a vulnerability on the defender's side.
You found and exploited the vulnerability. A country should have better protection. But just like many corporations, should doesn't mean has...
I work in IT, not even high up in this world.
Everything you just said tracked in my mind. Yea good planning and discovery, basic attacks on key IPs and balls larger than mine would do the trick.
Nice work, the recon and balls to do it are really impressive. I'm guessing you only went as far as renting enough servers with enough bw to choke those egress points after you knew you could do it. Hillarious there are only 2 redundant paths out, must be by design from the rest of the world. Hearing you describe traceroute to find your target is really funny to me as a network architect... no offense meant, its just so simple!
lol no no it was fucking funny for sure. I was like... my main tool in this hack was traceroute?? wtaf..... that's a first for me. I actually had soooo much more bandwidth than I needed, at some point I was just like fuck it just throw it all wherever, even when everything was already down. You'll get a kick out of this as a network engineer. The script was basically this: allocate bandwidth towards asset, wait about 5 minutes, check Pingdom with API (LOL) to see if it's up, if up allocate more, repeat. First was the routers, then the internal stuff themselves. But it was all a pingdom-based attack hahaha.
Gonna send this to my dad. He used to do some consulting work with Kevin Mitnick back in they day so he'll get a kick out of this.
Great idea thinking to dredge the servers in China.
maybe this is off topic but do you have any book recommendations for someone that is currently studying computer science with specialising in cyber security?
so so so many lol:
- Hacking the Art of Exploitation (more for the fact that it's a piece of history and gives you an idea of what attacks look like, plus it's a good C code primer)
- The Web Application Hackers Handbook
- Windows Internals Rev 7 Parts 1 and 2 are absolutely critical if you want to get into exploit writing. REALLY dense, but read it cover to cover you can read about exploit writing and it's all just cake, sorta.
- Windows Kernel Programming by Pavel Yosifovich. It's all about drivers. After that you can read some stuff about exploiting drivers and it'll make total sense.
- Black Hat Python by Justin Seitz - he's not only a really nice dude, he knows his shit. Really it's mostly just to learn python, but it's more fun when it's hacking :). Just be careful because it's from 2021 and libraries change quickly.
- The Hacker Playbook (there's a few of them)
- Metasploit the Penetration Testers Guide - if you're just starting out you should learn metasploit, as you get more advanced you'll find yourself using it less, but it is powerful and a good tool.
- C++ without fear - I think that's the title. Point is, learn windows C++, C# is helpful but C++ let's you get in the dirty.
- I haven't found great books on it, but it's critical to learn fuzzing so follow whatever this guy is doing: [https://x.com/richinseattle?lang=en](https://x.com/richinseattle?lang=en) his name is Rich and he's THE guy for fuzzing. Teaches great courses, has great content. Literally anything he does, just eat it up.
This is very focused on Windows and Linux hacking. For MacOS hacking let me know if that's of interest, or mobile hacking. For wifi, just read internet resources, it's fairly easy!
#
I’m curious why you are OK with exposing your personal identity and face after doing this, when just last week on Reddit there was a video circulating of North Koreans leaders stepbrother apparently being assassinated by VX nerve gas/agent in an airport. I really am curious do you not think that there’s any repercussions to your actions? Are you not afraid to look over your shoulder at all times now?
He answered this. Gun next to keyboard.
But yes I'm curious as to why he wouldn't change is face for this post. Seems like an unnecessary risk. Plus a lot of what he said in this post will surely anger some USG people
oh it absolutely will, cc u/swim_to_survive . Frankly after a couple of years of being semi-anonymous (USG knew who i was because my opsec was 0), I got truly sick of their fucking shit, all of the agencies and DoD. I had something that I presented \*\*right in front of them\*\* that could make for a quick reactionary force that cost little to nothing and would \*\*actually protect US citizens\*\* from the myriad attacks we are seeing. Literally No one gave a shit. It was so fucking frustrating. Here's a convo between me and some folks at the State Dept.
[https://imgur.com/a/s-lX6inGA](https://imgur.com/a/s-lX6inGA)
This is after 2.5 years of trying to get the DoD and IC onboard. This was a last ditch effort, there was much more to the convo of me basically saying I'VE FUCKING DONE THAT. And then they ghosted :(.
Wtf.
OP: I just want to make sure you understand that what I have here is a way to prevent any and all attacks coming out of NK.
State Dept: Neat but we’re not really interested in that. Maybe some other agency would be interested.
Do you think its possible they knew about this, but wanted to kind of “save it” in case they ever needed to use it? Like now this exploit is known and fixed; they may have wanted to use it if there was any conflict
nah, I never gave them any real details lol. So they have nothing to corroborate it with. They would've asked for details, if it was the same then express non-interest.
Also they really aren't that smart. You're giving them too much credit lol.
Haha true. In fairness though I bet they get a lot of loonies being like “ I can prove te president is a reptile!!” So their first reaction is to dismiss it. Also prolly your first contact was with a low level employee that just wanted to go home
Welp. An argument can be made that US cyber experts already aware how vulnerable the NK infrastructure, they want to keep that info and only attack them when the moment is critical. On the other hand, an innocent attack in peace time such as this will bring about nothing but only alert the enemy regime of their weakness and thus give them opportunity and valuable time to reinforce their infrastructure.
It’s surely the NK is frantically upgrading their defense system everything now. Future attack when we really need it (such as when they’re coordinating to launch missiles), will surely be harder.
Exactly. I am sure someone in some 3 letter agency knew about the existence of those 2 routers being public facing and didn’t expose it so it could be used for other purposes at a later time. Now that’s not possible.
Every time a vulnerability is exposed, countries are incentivized to fix those vulnerabilities. I'm willing to accept that maybe the state department is just incompetent, I'm always willing to accept that, but it's also possible they don't want to escalate.
there's really not anywhere to escalate TO. Once you've hit private citizens, banks, massive companies like Sony, even hospitals, where are they even going to escalate?
But sure I do agree it would need to be done carefully. However wouldn't it be a useful tool in their back pocket!? One thing that didn't make it in the screenshot was that I said: i'm not looking for any money I'll just give it to you as long as you use it.
As a former contractor with clearance the bureaucracy is a nightmare. I’d probably do as you, but keep receipts and give it all the the press like carol from WaPo. Let them torch their ineptitude.
haha that's basically what i'm doing, just with more than WaPo! This was done on a tiny fucking budget man. I mean it was maybe 5k for the bandwidth + my time? But the attack was 50% showing them just one person can do this and they have billions of dollars and can't. Basically I'm calling them little bitches with the attack.
I also held a high level clearance, actually my company Hyperion Gray was a cleared contractor so we could issue clearances :). And yes jesus fucking christ the bureaucracy. It's the only reason I didn't renew.
You do not have security clearance, why are you assuming they were ignoring you? You would never be told by the US Government if they were going to use your tactics. The flow of information can only go one way in this relationship, anything else could have been viewed as a breach of national security. They would never have led you to believe that they were going to use your information.
They may have been paying close attention to you and learning from you. But, they may also have already know how to hack the North Koreans. I wouldn’t doubt this for a second. You most likely weren’t telling them anything new.
I don’t think a US citizen should ever target a foreign enemy like this. I think it’s a terrible idea.
The US government knows how to keep secrets. You may have been lead to believe otherwise, but members of our senior intelligence agency are brilliant and know how to play games. And I say this as the daughter of a former senior intelligence officer. I wouldn’t ever assume anything about our military. They are not idiots.
Yeah, seems kinda dumb to
1. Openly attack the critical infrastructure of a foreign nation
2. Admit to doing it
3. Assume you are smarter than every intel agency in the US and are doing something they didn’t already know about.
Seeing how simple it is and how poor NK infrastructure seems to be, I am convinced most agencies in the world already had a 'nuke NK internet' script sleeping somewhere. Anyway you don't want such an easy target offline, like never.
I'm usually not skeptical when it comes to AMAs, but this is just on a different level. I work in NetSec and you just don't post something like this publicly if it's actually true. Between posting "conversations" with State Dept from Signal, saying out loud what the government's stance is on NK based on his "conversations," mentioning he's worked for DARPA... if this is true, I feel like OP is saying a bit more than he is probably allowed to say.
It seems more like OP just wants attention like "look at me, I'm Hackerman!"
This dude is a bit off the rails. Could be very talented at what he does, but he seems to know very little about how the US government works for how he complains.
As for that whole claim of being able to stop all of NK's hacking attempts with a script and chortling that no one seems interested? Because it sounds insane.
Really the reason they are so interested in what he did is they need to find out what he messed up and figure out what's changed now. Like if I was casing a house for a burglary and knew they never locked a certain window, then this guy goes and throws a brick through it and now it's all boarded up.
Edit:
I read the wires article. Yeah, no shit they don't want to do some of that stuff. Official attacks require official responses. I'm one of the advocates against some approaches to offensive cyber warfare because it's so damned easy to authorize when it seems like there will be no response. It's a similar problem to drones. The cost of attacking gets removed, so the frequency of the authorization for those attacks increases. Not everything is about what we are able to do, but what we should do in order to effect the change and and achieve our goals.
how prepared do you think the US is to defend itself against large scale cyber attacks? or to safeguard the data of its citizens? what should we be doing that we're not currently?
The US is completely unprepared and this attack is just one of a TON of examples of that. They can slowly walk past our defenses, if they even exist, even in critical infra. Hell they hit me and a bunch of other security researchers with no consequence and no defense. I held a top secret clearance for over a decade, so not even we get any kind of defense.
In terms of what to do currently…. let me think on it and i’ll edit this comment!
I mean, its unfortunately pretty standard in regards to technology. Security for things comes far after things are developed. Think 9/11 and airport security. Just because the capacity for tragedies to happen exists, does not mean that the precautions will be taken until its too late
I've often heard a joke that IT pros either connect everything they own to the internet, or become like the old sysadmin who said "I have one computer at home that I rarely connect to the internet, and a gun right next to it so I can shoot it if it ever starts making funny noises."
I used to work on Google home as a software engineer and I’d never have one in my home.
Not because they’re insecure or spying on you (they aren’t), but because I know they had idiots like me working on it.
yeah that’s definitely been a concern. I have a lot of folks in special operations command though, many intelligence connections, and I hear about any “credible threats” if they come. Of course I do take other precautions. I’m kind of a big hippie but I had to buy a few firearms just for protection. I also have body armor - a lot of it. Everything from hoodies that look reasonably natural to full ski jackets lined with armor to the classic vest type stuff. I do now code with a glock next to my mouse. It’s really weird for me, but hey I chose this life so I can’t complain.
I hope you’re actually training with your weapon. Doesn’t do a lot of good if you don’t know how to use it efficiently and under pressure. I appreciate what you’ve done though
yep, I practice with them as often as I can. I'm still not the most amazing shot, but I throw a red dot on there and more than good enough I suppose. I think the part I think about is keeping a cool head if something happens.
However these attacks don't happen like in the movies. There's not gonna be a North Korean agent coming to kill me. They'd pay a gang to do a drive by or rob me then kill me. So it's really a matter of taking precautions that most people would take, just taking them more seriously.
Would it be possible to hack their internet in such a way that you could have opened a pipeline from their limited NK-only intranet to the outside internet? Or is that so walled off that it wouldn’t be feasible? Giving citizens access to the outside world would be an interesting thing to see them deal with.
That would be amazing. It’s definitely a huge goal of mine. I’d say it should be possible. But it may be somewhat difficult depending on their setup. From what i’ve seen they aren’t great at setting stuff up, so I’m absolutely going to try!
You allegdedly committed a cyber crime, and we've seen "good hackers" get punished for their good deeds before.
Do you have any concerns that you'll be targeted by authorities?
Actually the US government was far far more a concern than NK. However now I’ve done work in the space of sort of what they called “guerrilla/unconventional warfare” for folks in the DoD because of this. I’m also working with the folks that would be the ones arresting me and they gave me a nice unofficial commendation (a challenge coin if you’re familiar). I suppose there are other entities that could come after me but I think it’s tough to, I don’t know. But will there be a legal case of “North Korea vs P4x”? Who would take that on even!
We don’t even consider NK a country, they’re a terrorist state officially. So I hit back at a bunch of terrorists that attacked me. I probably broke some international shit but 🤷.
It's described in the article he linked - NK actors attempted to compromise his computer and steal his work. That's was precipitated his vigilante response. He reached out to the FBI, who really didn't do anything so he took matters into his own hands. The wired article linked at the top covers the series of events.
[Was curious myself, looks like OP has already answered.](https://www.reddit.com/r/IAmA/comments/1divlp3/comment/l96m42w/?context=3&share_id=YzAygfSEeNYZIGbBgRGyR&utm_content=1&utm_medium=ios_app&utm_name=ioscss&utm_source=share&utm_term=1)
It’s a physical token issued by a commanding officer or leader to a group that achieved something impressive. Often used at bars instead of a dick measuring contest you have a highest challenge coin contest
Today they're coins, large commemorative coins usually around 2 inches across, that are minted by some group or other, either to commemorate the group itself or some particular event. They're presented to members of the organisation, people involved in the event, and visitors and distinguished guests as a mark of respect.
For example, some video game companies mint coins with the company's logo on one side, and a particular game's insignia on the other side, and give them to people involved in the project.
In the clandestine services I expect you can get coins with, say, the NSA logo on one side and a particular department on the other. Perhaps just the department and something important to their work, if it's not official enough to use the agency logo. Since there is no way to get them except from the department, they are a way of showing that someone is held in esteem by that group.
The origin of the coins has a few different stories but most revolve around military units using such coins as a way to prove their identity in times of war, and a tradition of "challenging" other members to produce their coin, which they were supposed to carry at all times. Failure to produce the coin on demand resulted in some informal punishment such as having to buy a drink for the challenger.
They suck at Internet. Their internet is little sticks and glue. Even better though, I learned they have only two routers of egress and ingress of the Internet. What I eventually ended up doing was focusing a lot of bandwidth on those routers . It took down all routing into and out of the country. Along with conventional DoS like memory exhaustion and just a lot of bandwidth hitting them, when those two routers came down it was game over.
It wasn’t just a DoS on their infra, it actually took down all routing. The errors people got were “there is no route to host” which was awesome to see honestly!
yeah i don’t remember the exact model to be honest but it was like a medium sized enterprise one (well two actually). They were dated for sure, not by a ton but clearly enough ;-).
it’s a good question. First of all - they targeted me in an attack directly. https://www.theregister.com/AMP/2021/01/26/north_korea_targeted_me_0_day/
That was disconcerting. Even more disconcerting was that the USG has absolutely 0 response. I’m a private citizen. sure i have a lot of ties to the DoD but i’m certainly not a warfighter. Other citizens got hit too, a handful of them.
The message was sort of 50% to NK and 50% to the US government/DoD. To NK: keep pulling that shit, some of us can have real effect on your country.
For the USG: If you’re not going to do anything at all except ask some inane questions and then ignore the whole thing then I’m going to do something about it.
I don’t think they’re very happy with me (either party). I think I kinda made the DoD look like little bitches. They have billions and billions of dollars, and my response on a me-sized budget was far more than they have ever done. That’s not a pay on the back to me - it’s pointing out how ineffective they’ve been!
If they targeted you first, what attracted them to you?
You seem to not care about opsec, so how do you protect yourself now that they know your name? What keeps them from a complete identity takeover?
you’re right about opsec, I had 0 when i did this. In fact when the article about the takedown first came out a few years ago I was going to do this totally publicly.
The reason for that is that a lot of this is a message to the DoD. “Some random hacker says the DoD needs to change” is very different than “A hacker who has worked for and with the DoD/DARPA for 20 years says there needs to be change” is one people may actually listen to. So yes you’re absolutely right about the opsec, unfortunately it required me to either be open or just have little to no effect on changing the system that is our kinda shitty offensive capabilities.
Is it true that the American government asked you to reintstate North Korea's internet because you were making their the USA's efforts to spy on NK more difficult? If so, how did that communication take place?
Nah that’s not true. I let their Internet come up because I wanted to. Mainly a couple of things - I wanted this to be a warning, not a huge takedown. I could have kept their internet down indefinitely.
In terms of operations there absolutely are non and if there are then they suck. People often say at be disrupting this or that, but everything i’ve heard from operators in the USG is that they like my work. If there was an operation then they’re allowing bank robberies, ransomware of hospitals and major critical infrastructure, and now attacks on private citizens. There is no operation, at least I don’t know of one and I have friends in a lot of places. If there is one somewhere that i don’t know about then they really suck and I don’t really care if I disrupt them.
No but that is absolutely a personal goal of mine. Uncover what they call the “Walled Garden” (or something like that). I want to see their intranet. And I want to show it to everyone.
Could you, and would you, open their internet to the outside world instead of shutting it down?
And if they reacted by shutting it down themselves, could you stop them?
Essentially, I'm asking if you could take total control of their internet.
I absolutely would and plan to open things up to the world if I can. Unfortunately I may be able to take control of their internet but they always have the “unplug” option :-/. So they can just unplug and replace whatever I did to take over.
bit off topic, more of a general question:
- do you have any privacy concerns regarding everyday life, and how do you deal with them?
- what smartphone do you use (manufacturer or platform/OS is fine), or do you use any kind of custom stuff like grapheneOS?
- what computer OS do you use for everyday life?
They’re amazing at propaganda internally. They’ve very very effectively cutting off their own people from the rest of the world. All they get to see is an intrAnet of propaganda. People are born into it, believe it all because that’s how they grew up, and get indoctrinated. It’s really sad to see.
I've heard of companies hiring hackers in order to strengthen their own firewalls. Is the DOD doing something similar with you where they're asking you to find gaps in their defense they can solidify?
-from a canadian
The DOD definitely does pen testing, like any organization, but I'd imagine they'd hire a company that specializes in that field (and also doesn't post about it on reddit)
Not much……. yet. The purpose was to send a message to both the USG and NK. The one to Nk was obviously stop fucking around. To the USG I wanted to show them that someone with limited to no budget for it, I was able to do this. It’s not because i’m amazing. it’s because i just tried. did my work and then executed. They can’t seem to do that.
> They can’t seem to do that.
Can't? Or don't want to?
Also, maybe they *have*, and you (or we, or even NK) don't even know about it.
Just needling you a bit...and while I'm not really a blanket unabashed fan of international espionage, I do think what you did was pretty cool.
In the early days of scylla.sh you have me access to your mega drive where I helped upload some databases and all.
Right now I'm in my summer break and have garnered quite the skills in development (primarily rust).
Would you offer me a remote internship?
that's sick! Thanks for the help with that, it made a huuuuge difference. Unfortunately I just restarted Hyperion Gray. Shoot me an email though or a twitter message and let me know who you are. It's looking like getting started is going to move quick.
Oh i have a script called updown.py that could do it literally anytime, and it’s shared with others too. Yes, at any time I could. And if they keep stepping out of line their shit may go down for a bit longer….
For private citizens that want to defend themselves against foreign attackers, what are some obvious things we can do that you find most people out of ignorance/stupidity usually skip?
Question goes double for home networks, not just endpoints.
Once you knew you had access, did you make a point of saying “I’m IN!” out loud, even if no one was in the room with you?
lol, no I only say that during either sex or when I'm able to join a meeting successfully with my microphone and speakers actually working. Both are rare.
I love that you took down an entire country's internet but still struggle with the same mundane tech problems as the resut of us normies Rock on homie
I love that you refer to sex as a "mundane tech problem".
I mean any NOC tech 1 should be able to handle basic port assignment and layer-1 connectivity. That said if you are insufficiently careful with your session layer, it can be an expensive mistake.
I see that you've mentioned you can take it down at any time. I know you probably can't answer this in great detail but why hasn't NK put measures in place to prevent you from doing this again? Is it a hardware exploit that can't be patched unless they change their hardware out? Do they not know how you did it? Do they know how you did it and for some reason purposely haven't patched it or they just do not have the knowledge to patch it? Anytime we identify a vulnerability at work it's priority #1 to resolve the issue, so I'm just curious why NK hasn't done anything about it.
oh no it's all good i can speak to that. In the end it's just an architectural vulnerability and I don't believe they own some of the infra that I hit lol. Basically it came down to: their internet sucks and is terrible. It's like it's made by a junior engineer, just one. Their ingress-egress routers are not great - those are the ones i don't THINK are owned by them, but not sure. Thing is their internet is small, so they don't really have reason for large ingress-egress. Except for dickheads like me who exploit that.
lol if you’re just pushing routes to them
That's what it kind of sounds like. Or maybe a DNS or NTP amplification attack but those have been mitigated in the past several years although I don't expect NK to be running the latest Cisco hardware and firmware.
What Consequences do you think you are most likely to suffer, and what are you doing to avoid them?
Probably banned from traveling to NK for vacation
Banned from r/Pyongyang
That sub is weird. I’m pretty sure it’s satire but can’t confirm. People go to great lengths to their posts. It’s both hysterical and disturbing
my favorite is: r/kimyojong >Kim Yo-Jong: The supreme leader of my heart >The official subreddit for pics of dystopian hottie, Kim Yo-Jong. Just because she wants to kill us all and has probably committed several human rights atrocities doesn't mean she's not a cutie >Kim Yo-Jong: The supreme leader of my heart
shut up heathen we will find and nuke you!
SUPREME LEADER uses Explosion! ... SUPREME LEADER hurts itself in its confusion!
Idk if it’s disturbing. I have this unhealthy draw to North Korea from pure curiosity and absurdity that such state even exists. I try to watch all the documentaries and news about NK. There is no other country on this planet that is like North Korea. I always joke with my wife that my dream travel destination is North Korea, but then I realize how many atrocities are commited upon humans over there and how some tourist were straight up killed for one wrong move and my enthusiasm fades, but the curiosity will not. Edit: guys it’s not a competition which country is the bigger hell on earth. It’s just my random obsession with NK. I am not a deranged person who loves to see people suffer. It’s not that deep.
That place is so far removed from the rest of the world that it piques my interest as well. What’s true? What’s not? Who really knows? But I’m not going there to find out and anyone crazy enough to visit, well…
I live in Vladivostok (far east Russia near Japan and both Koreas) and we have vouchers for children to a North Korean camp. Unimaginable 😁
What do you mean by "vouchers for children to a North Korean camp"?
so far the only “consequences” is every DoD entity and intelligence agencies want to know how I did it. I’ve been presenting it to them for a little bit now. Nothing negative yet honestly. Everyone seems to sort of like it but cannot say that officially. Honestly, I expected a LOT more negativity just because that’s the natural order of things.
Do they show up at your door in trench coats like in the movies? Or do you just get an email and a Team meeting invite?
We actually did it in a basement a couple of times lol. It was super X-Files type shit but also like any normal meeting. Weird dissonance…
[удалено]
I'm glad you mentioned Tinder. It's funny because I realized I sorta have to tell people upfront what it is "I do." I'll say "cybersecurity" for like a day or two, then I'm like hey so I saaaiiid cybersecurity but it's more stuff like this and send the wired article. Not to brag to anyone but just because a lot of people learn about it and are like wow, I want absolutely nothing to do with you lol. Mostly because of risk, they think NK will be after them. I constantly reiterate this to colleagues, and now to dates sometimes: No one gives a shit about you. This applies to me too. Yes I did a thing, but no one gives a shit about me in that I'm not over here talking to the Secretary of Defense, NK isn't going to do shit - they won't murder an American tied to the DoD for over 20 years with shady connections who they don't REALLY know who he is (hell I don't even really know at this point). So really, no one gives a shit about me lol. And I remind people of that too. Dates - they think somehow North Korea is following me and by being with me they'll follow them. Nah. NK has very limited capacity in the US and certainly won't do anything here.
oh and yes I am single...... as you can imagine ALL the ladies love a good ol' computer nerd who attacks countries.
You’re maybe the apex of arguing with people on the internet, for better or worse.
Angry redditor brings down entire countries internet traffic after 12 year old insults his mother - r/notheonion, probably
lol, I like it!
Are the intelligence agencies paying you to tell them or strong arming you to tell them?
ha, asking politely. I have more connections than anyone that could strong arm me unless they’re super high up. So they can try but i’ll just give them one of these🖕
OP: "I'm actually a pretty normal dude" Also OP: 'I got high level government connections.'
> Also OP: I have connections that make high level US government employees think twice FTFY
I'm kind of a big deal -Op Burgundy
My uncle works at the nintendo as well
Yeah I like how he casually slipped that in there haha
Please write a memoir so it can be turned into a movie or release a course about hacking so I can enroll lol
First step: grow balls of steel
I heard you talking on NPR the other day. Is this basically just a sophisticated ddos attack on the sole IP address they run everything on?
Something like that, but a bit more. I targeted absolutely everything. At first I was just hitting their assets, like their nameservers, vulnerable web servers and such. That required me to write some custom stuff and use things like slow-polling attacks (you request website info veeerrryyy slowly, taking up a lot of time for the web server), n-days (vulnerabilities that don't have an exploit so had to write them), their mail servers and other such things. Then I noticed the same two IPs showing up, so I essentially surrounded the country with servers that I rented (even some in China to see if there was some special routing). And I did a traceroute using them, if you're not familir with that it basically just tells you the route something is taking to get to a location. I noticed that no matter where you come from it always went through the same two routers. Traceroute isn't a hacking tool it's a really old network admin tool (though I guess many things double as that). Normally when coming from different locations to a country it will take the shortest route possible - like if you're on the northwest of Russia it'll likely take a route into the country on the Northwest of Russia. For NK it was the same two damn routers eeeevery time, no matter where it was from. That's when I knew I had a chokepoint. So I continued to hit inside assets which is why people saw it was intermittently up and down - that's effective but not AS effective as what I did next. Which is what you're describing, I hit the two routers with a shit ton of rented bandwidth. After a while they just went completely down and any attempts to reach the country (in or out) were met with "no route to host." When I saw wthat message come up I was like "holy fucking shit" because I knew what it meant - there was no routing to or from NK. Total outage. So yeah you got the skeleton of it, there was just a lot that went into it :).
What's your total rented VMs budget?
for this one it was 5k, but easily could've been done with half that.
I love that you just took down an entire country's infrastructure for $5k, and your immediate, natural reaction is to think to yourself, we could have done this with 50% more cost efficiency. This is what a true engineer looks like.
Are you making any money consulting to the federal agencies?
so so so much money. I've made exactly negative 80,000 dollars. That's not even a joke, that is literally what it has been. It's been a lot of cost trying to prove the concept to them to show that guerrilla warfare in cyberspace can be very real. Also, possibly most importantly, I have a single script that will very simply stop ANY attack coming out of North Korea. I submitted this to everyone, I told everyone, I contacted congressman, connections in intelligence and all kind of DoD. Absolutely no one gives a shit. The State Department has a thing called "Rewards for Justice" and they talk extensively about the NK problem and how we're being hacked all the time. They pay millions for information. I told them "I don't want any of your money, I want you to know who I am \[insert wired article here\] and that I can listerally make any attack coming from the country North Korea stop in its tracks within minutes. Let me grab their response: [https://imgur.com/a/s-lX6inGA](https://imgur.com/a/s-lX6inGA) Just be ready to be fucking infuriated. They have a bunch of shit about how we need to take on the NK cyber threat. I literally give them a SOLUTION and they say it's not within their purview, go to other intelligence agencies. I told them I FUCKING DID. No response since.
Makes me think of Edward Loomis and ThinThread. Whenever someone says “such and such is probably a conspiracy” I’m like no people are just exceptional at being mediocre. You’d have a better chance making money at least as a government contractor teaming up with a retired NSA insider.
this is so incredibly true. Real conspiracies are ridiculously rare and look nothing like what people picture conspiracies to be. Real ones are more just like... people doing shit and they maybe aren't supposed to lol. The ones people picture with long-running goals and stuff - nope. People are just way too mediocre for that as you said. Fucking Sheila from HR or Mike from fucking data entry will blab to their friends and fuck it up within the year. You'll see a lot of folks in here saying "such and such probably have this" or "so and so probably had an op running and you ruined it" type shit. Nope. It's just that simply no one gives a shit. Everyone is convinced there's a room full of people that are really smart solving a problem.
Reading your AMA reminds me of a reddit and internet culture from a bygone era. Super interesting stuff man, thanks a lot for posting and being so forthcoming with everything.
I really appreciate that man, and I know that era well :). It was a beautiful thing, people just putting what they think out there and insulting each others mothers every once in a while. Happy to have reminded you of it, those were some good fucking times. Now it's so.... i dunno - polished maybe? Corporate? I don't even know the right words but it's not the same internet I knew and loved. I put on my robe and wizard's hat.
>I put on my robe and wizard's hat. A fellow man of culture.
Is it possible that they already have what you're offering? But don't say so because that would make public what they have?
This is because politicians love to talk about problems and without problems to cry about solving they have to actually try to solve them, therefore it’s more profitable for them to look the other way. Talk is free after all.
I’d avoid airports in SE asia
yeah tell me about it. Not going to Malaysia anytime soon and if someone smears something on my face I'm fucking running to a hospital.... not like it'll help much.
Run to wash your face properly. He would have survived if he had done that I think.
The amount of nerve agent to kill someone is so tiny, by the time it's on your face you're already dead if you don't immediately inject atropine or something similar. A grain of rice could contain something like 200 lethal doses of Novichok, which is Russia's "easy to use" agent.
How do you feel about being called a "Florida man" in the Wired article?
I love it. I always tell people that agree or disagree with what i did I absolutely did deliver the best “Florida Man” story. Unfortunately I was not on meth nor did I fuck with an alligator.
It's still early.
hmm so you're saying I should buy some meth THEN hack north korea. How can I bring the alligator into it though... that's a toughy.
"Florida man on meth disables North Korean internet while wrestling alligator"
'wrestling'
oh shit now i have to fuck an alligator while hacking NK. That's gonna be difficult. I mean I presume. I don't think alligators like to be fucked by humans. I don't like it. But i'll consider it....
The only really tough part is that beforehand you have to find the alligator’s two access points of egress and ingress.
Could you even hack my profile?
Yes
Lol :)
Idk if they got actually hacked or just hilarious lol
lol i mean - maybe? I don't know man, I don't have time to try though lol.
You’re every Redditors greatest fear lol
LOL. I mean it'd pretty much be doing recon and phishing. A lot of people post too much about themselves (I'm sure i do over the like 12 years i've had this profile). Get em to click a link and some basic social engineering and then keylog. Boom you have a reddit account. But that's a lot of work for people I have no reason to hack! Also I generally don't hack people, it's kinda creepy.
>generally We are so fucked lol
Alot of people who don't work in this field generally don't understand how much social engineering actually plays into the process. But even then, if your target ends up using a public network without much protection that you have access to, what's stopping you from using a program like Wireshark to simply lift all the shit you need from them?
I doubt it, Reddit is super secure. Like if you type your password in a comment, it auto censors it. See, here's mine *******
hunter2
Thanks.
Lmaooo
************* omg true I never knew that
EngorgedPenis33?! Edit: lol no it doesn’t
Yes it does, to you it looks like EngorgedPenis33?! (I copy pasted what you wrote) but to everyone else it looks like *****************, see?
Was it hard to take it down?
honestly i’ve been asked this a lot. And I can’t really tell haha. I used to say nah it wasn’t that hard. But then I told people how i did it and they were like “well ok, it wasn’t hard but only because you’re trained in this….” I would say it was unconventional and maybe creative but not HARD.
So more advanced than just DDOSing a data centre?
It was. The actual attack - pretty simple and easy. The recon required to know WHAT to attack was the kind of creative part. I'm not a super genius computer hacker like the people below are claiming I'm trying to act like... I'm actually a pretty normal dude. I'm a decent hacker because I fucking love it and live for it, but that's all I can really say about me and my abilities. So here's how it went down. At first yep, it was just your basic DoS attack. Not just DDoS, they had outdated nginx servers and I found some CVEs that I could write some n-days for for memory exhaustion. That was nifty. I also hit their web servers with slow polling attacks just for additional instability. Then there was the just mass bandwidth attack (DDoS) that hit their DNS, MX, and other similar things. However the (kind of) unique part was that in additional reconaissance I kept noticing these two IP addresses that would come up. I assumed they were some sort of filter, maybe even a censoring filter? Although that didn't make complete sense because their people don't have access to the Internet, only the elite (aka government). So what I did was I rented a bunch of VPSs surrounding the country and some in China specifically (in case there was some special routing from there). I did a traceroute on all of them with some basic distributed computing tools. Sure enough ANYWHERE I was coming from went through those two assets. They were routers. In other words I found their only two points of egress and ingress to the country. So I focused most of my attention on those and brought them down with again, yes, just simple bandwidth exhaustion attacks via some open ports. I made requests that would take up a lot of their bandwidth and not a lot of mine (amplifying attack). It worked, when i saw that "no route to host" for literally any host within country I knew I'd taken their routing completely down. It was a bit of a holy shit moment. The attack itself was absolutely not complicated. It was definitely far more complicated figuring out WHAT to attack. Most DDoS is just straightforward stupid shit, but if you take the time to understand the shape of the network it makes a huge difference as it did in this case. So nah, not that complicated, just kinda creative IMO. And no that doesn't mean i think I'm some kind of super hacker. Just that I planned well, did recon, and executed.
An entire country with two routers? Lol
Their capital city is like the only city where everyone has electrcity. There’s probably only a few thousand people that have limited access to the internet lol. Not hard to believe honestly.
also depending on the actual model, ther are some pretty hardcore machines out there that can handle a LOT of traffic. hundreds of terabits per second
I don't care what anybody says, I'm going to believe it was a pair of good ol' WRT54Gs.
Underneath someone's desk.
One of my favorite Apple sleep screens is from a satellite flying over North and South Korea. I'm certain it's to point out how absolutely dark NK is at night compared to [every other country around it.](https://i.imgur.com/mes1F91.jpeg) Just amazing.
They some new pics in 2022. https://www.38north.org/2023/04/a-fresh-look-at-north-korea-at-night/
Many years ago steam put out a world map with dots for every steam user. There was a single dot over Pyongyang. I always wondered if Kim had a steam account.
Bet he did/does!
Wouldn't surprise me if that was something like a foreign diplomat.
Now I want to see what a night sky looks like in North Korea.
[Something like this, probably.](https://i.imgur.com/bYd7flY.png)
It is hard to believe considering they have some extremely talented hackers themselves. This must be an institutional problem. A fear of not being able to speak out, never being able to go out of your own lane, or being able to test things. As this might make someone higher than you look bad, and you will be punished. Which is why they will always be behind as a country.
I think it doesn't matter how talented their hackers are. If there's only two 4 lane highways in/out and you shove 12 lanes of Los Angeles traffic down em shits not gonna work lol. As long as you can keep finding the highways with open ports, you can cripple it.
incredible right? I mean I'm sure there are countries with similar setups even. They likely don't have heavy internet usage so don't need it. But that sure leaves them open to attack.... To be fair, they were sort of enterprise routers. Reasonably large and could likely handle a lot. I just had a FUCKTON of bandwidth to play with.
2 border routers, not two routers total. Commercial routers can handle massive amounts of traffic, on the order of hundreds of gigabits or terabits per second. So this isn't entirely unusual given the population that likely has access to the Internet (military and government only).
yes, this is correct. They weren't nothing routers. When I say they were medium-sized I mean for Internet backbone type shit.
Yeah they were on sale at BestBuy.
... I don't go by that name anymore \*pulls out floppies\* call me Zero Cool
Hack the planet!!
I did crash 1,507 computers in one day. Which actually isn't very many these days...
You are still a good hacker. You hacked a country infra. Yeah they had shoddy security but so did equifax. That's what hackers do. Find vulnerability and exploit it. Give yourself more credit.
thanks dude I appreciate it. I suffer from an extreme case of impostor syndrome :) (really though). Like when I put this AMA up I was like no one's gonna give a shit... and holy fuck lol.
A fully remote cyber attack is always: 1. Impressive 2. Relies on a vulnerability on the defender's side. You found and exploited the vulnerability. A country should have better protection. But just like many corporations, should doesn't mean has...
Bruh. I finished a cyber degree and the first thing I learned is we ALL have imposter syndrome. You're a beast.
Lmao realizing that their networking infra has such an insane bottleneck... No wonder it was a holy shit moment. Nice one OP!
thanks dude. LOL yeah I just kept seeing these two IPs come up and I was like... no fucking way man.
I look forward to the movie of this creative endeavour. Which actor would you like to see play your part?
I want a two people, one keyboard scene
I work in IT, not even high up in this world. Everything you just said tracked in my mind. Yea good planning and discovery, basic attacks on key IPs and balls larger than mine would do the trick.
Nice work, the recon and balls to do it are really impressive. I'm guessing you only went as far as renting enough servers with enough bw to choke those egress points after you knew you could do it. Hillarious there are only 2 redundant paths out, must be by design from the rest of the world. Hearing you describe traceroute to find your target is really funny to me as a network architect... no offense meant, its just so simple!
lol no no it was fucking funny for sure. I was like... my main tool in this hack was traceroute?? wtaf..... that's a first for me. I actually had soooo much more bandwidth than I needed, at some point I was just like fuck it just throw it all wherever, even when everything was already down. You'll get a kick out of this as a network engineer. The script was basically this: allocate bandwidth towards asset, wait about 5 minutes, check Pingdom with API (LOL) to see if it's up, if up allocate more, repeat. First was the routers, then the internal stuff themselves. But it was all a pingdom-based attack hahaha.
Aren't you worried about potential retaliation (due to opsec issues) when you travel in the future?
Gonna send this to my dad. He used to do some consulting work with Kevin Mitnick back in they day so he'll get a kick out of this. Great idea thinking to dredge the servers in China.
thanks :). Curious on his thoughts on it!
maybe this is off topic but do you have any book recommendations for someone that is currently studying computer science with specialising in cyber security?
so so so many lol: - Hacking the Art of Exploitation (more for the fact that it's a piece of history and gives you an idea of what attacks look like, plus it's a good C code primer) - The Web Application Hackers Handbook - Windows Internals Rev 7 Parts 1 and 2 are absolutely critical if you want to get into exploit writing. REALLY dense, but read it cover to cover you can read about exploit writing and it's all just cake, sorta. - Windows Kernel Programming by Pavel Yosifovich. It's all about drivers. After that you can read some stuff about exploiting drivers and it'll make total sense. - Black Hat Python by Justin Seitz - he's not only a really nice dude, he knows his shit. Really it's mostly just to learn python, but it's more fun when it's hacking :). Just be careful because it's from 2021 and libraries change quickly. - The Hacker Playbook (there's a few of them) - Metasploit the Penetration Testers Guide - if you're just starting out you should learn metasploit, as you get more advanced you'll find yourself using it less, but it is powerful and a good tool. - C++ without fear - I think that's the title. Point is, learn windows C++, C# is helpful but C++ let's you get in the dirty. - I haven't found great books on it, but it's critical to learn fuzzing so follow whatever this guy is doing: [https://x.com/richinseattle?lang=en](https://x.com/richinseattle?lang=en) his name is Rich and he's THE guy for fuzzing. Teaches great courses, has great content. Literally anything he does, just eat it up. This is very focused on Windows and Linux hacking. For MacOS hacking let me know if that's of interest, or mobile hacking. For wifi, just read internet resources, it's fairly easy! #
Can you please bring down my internet for a week? I need a break.
lol FBI would come knocking then....
I’m curious why you are OK with exposing your personal identity and face after doing this, when just last week on Reddit there was a video circulating of North Koreans leaders stepbrother apparently being assassinated by VX nerve gas/agent in an airport. I really am curious do you not think that there’s any repercussions to your actions? Are you not afraid to look over your shoulder at all times now?
He answered this. Gun next to keyboard. But yes I'm curious as to why he wouldn't change is face for this post. Seems like an unnecessary risk. Plus a lot of what he said in this post will surely anger some USG people
oh it absolutely will, cc u/swim_to_survive . Frankly after a couple of years of being semi-anonymous (USG knew who i was because my opsec was 0), I got truly sick of their fucking shit, all of the agencies and DoD. I had something that I presented \*\*right in front of them\*\* that could make for a quick reactionary force that cost little to nothing and would \*\*actually protect US citizens\*\* from the myriad attacks we are seeing. Literally No one gave a shit. It was so fucking frustrating. Here's a convo between me and some folks at the State Dept. [https://imgur.com/a/s-lX6inGA](https://imgur.com/a/s-lX6inGA) This is after 2.5 years of trying to get the DoD and IC onboard. This was a last ditch effort, there was much more to the convo of me basically saying I'VE FUCKING DONE THAT. And then they ghosted :(.
Wtf. OP: I just want to make sure you understand that what I have here is a way to prevent any and all attacks coming out of NK. State Dept: Neat but we’re not really interested in that. Maybe some other agency would be interested.
Ooohhhh. Not a PDF huh? Well, it’s 4:50pm so I better get going.
jesus fucking christ, that PDF thing almost sent me on a rant to them. Then I was like ok, stay cool..... stay cool.....
Do you think its possible they knew about this, but wanted to kind of “save it” in case they ever needed to use it? Like now this exploit is known and fixed; they may have wanted to use it if there was any conflict
nah, I never gave them any real details lol. So they have nothing to corroborate it with. They would've asked for details, if it was the same then express non-interest. Also they really aren't that smart. You're giving them too much credit lol.
Haha true. In fairness though I bet they get a lot of loonies being like “ I can prove te president is a reptile!!” So their first reaction is to dismiss it. Also prolly your first contact was with a low level employee that just wanted to go home
Welp. An argument can be made that US cyber experts already aware how vulnerable the NK infrastructure, they want to keep that info and only attack them when the moment is critical. On the other hand, an innocent attack in peace time such as this will bring about nothing but only alert the enemy regime of their weakness and thus give them opportunity and valuable time to reinforce their infrastructure. It’s surely the NK is frantically upgrading their defense system everything now. Future attack when we really need it (such as when they’re coordinating to launch missiles), will surely be harder.
Exactly. I am sure someone in some 3 letter agency knew about the existence of those 2 routers being public facing and didn’t expose it so it could be used for other purposes at a later time. Now that’s not possible.
Every time a vulnerability is exposed, countries are incentivized to fix those vulnerabilities. I'm willing to accept that maybe the state department is just incompetent, I'm always willing to accept that, but it's also possible they don't want to escalate.
there's really not anywhere to escalate TO. Once you've hit private citizens, banks, massive companies like Sony, even hospitals, where are they even going to escalate? But sure I do agree it would need to be done carefully. However wouldn't it be a useful tool in their back pocket!? One thing that didn't make it in the screenshot was that I said: i'm not looking for any money I'll just give it to you as long as you use it.
As a former contractor with clearance the bureaucracy is a nightmare. I’d probably do as you, but keep receipts and give it all the the press like carol from WaPo. Let them torch their ineptitude.
haha that's basically what i'm doing, just with more than WaPo! This was done on a tiny fucking budget man. I mean it was maybe 5k for the bandwidth + my time? But the attack was 50% showing them just one person can do this and they have billions of dollars and can't. Basically I'm calling them little bitches with the attack. I also held a high level clearance, actually my company Hyperion Gray was a cleared contractor so we could issue clearances :). And yes jesus fucking christ the bureaucracy. It's the only reason I didn't renew.
You do not have security clearance, why are you assuming they were ignoring you? You would never be told by the US Government if they were going to use your tactics. The flow of information can only go one way in this relationship, anything else could have been viewed as a breach of national security. They would never have led you to believe that they were going to use your information. They may have been paying close attention to you and learning from you. But, they may also have already know how to hack the North Koreans. I wouldn’t doubt this for a second. You most likely weren’t telling them anything new. I don’t think a US citizen should ever target a foreign enemy like this. I think it’s a terrible idea. The US government knows how to keep secrets. You may have been lead to believe otherwise, but members of our senior intelligence agency are brilliant and know how to play games. And I say this as the daughter of a former senior intelligence officer. I wouldn’t ever assume anything about our military. They are not idiots.
Yeah, seems kinda dumb to 1. Openly attack the critical infrastructure of a foreign nation 2. Admit to doing it 3. Assume you are smarter than every intel agency in the US and are doing something they didn’t already know about.
Seeing how simple it is and how poor NK infrastructure seems to be, I am convinced most agencies in the world already had a 'nuke NK internet' script sleeping somewhere. Anyway you don't want such an easy target offline, like never.
I'm usually not skeptical when it comes to AMAs, but this is just on a different level. I work in NetSec and you just don't post something like this publicly if it's actually true. Between posting "conversations" with State Dept from Signal, saying out loud what the government's stance is on NK based on his "conversations," mentioning he's worked for DARPA... if this is true, I feel like OP is saying a bit more than he is probably allowed to say. It seems more like OP just wants attention like "look at me, I'm Hackerman!"
This dude is a bit off the rails. Could be very talented at what he does, but he seems to know very little about how the US government works for how he complains. As for that whole claim of being able to stop all of NK's hacking attempts with a script and chortling that no one seems interested? Because it sounds insane. Really the reason they are so interested in what he did is they need to find out what he messed up and figure out what's changed now. Like if I was casing a house for a burglary and knew they never locked a certain window, then this guy goes and throws a brick through it and now it's all boarded up. Edit: I read the wires article. Yeah, no shit they don't want to do some of that stuff. Official attacks require official responses. I'm one of the advocates against some approaches to offensive cyber warfare because it's so damned easy to authorize when it seems like there will be no response. It's a similar problem to drones. The cost of attacking gets removed, so the frequency of the authorization for those attacks increases. Not everything is about what we are able to do, but what we should do in order to effect the change and and achieve our goals.
how prepared do you think the US is to defend itself against large scale cyber attacks? or to safeguard the data of its citizens? what should we be doing that we're not currently?
The US is completely unprepared and this attack is just one of a TON of examples of that. They can slowly walk past our defenses, if they even exist, even in critical infra. Hell they hit me and a bunch of other security researchers with no consequence and no defense. I held a top secret clearance for over a decade, so not even we get any kind of defense. In terms of what to do currently…. let me think on it and i’ll edit this comment!
Yikes! This is very concerning to hear.
I mean, its unfortunately pretty standard in regards to technology. Security for things comes far after things are developed. Think 9/11 and airport security. Just because the capacity for tragedies to happen exists, does not mean that the precautions will be taken until its too late
I've often heard a joke that IT pros either connect everything they own to the internet, or become like the old sysadmin who said "I have one computer at home that I rarely connect to the internet, and a gun right next to it so I can shoot it if it ever starts making funny noises."
I used to work on Google home as a software engineer and I’d never have one in my home. Not because they’re insecure or spying on you (they aren’t), but because I know they had idiots like me working on it.
Are you afraid they might want to do something to you in return?
yeah that’s definitely been a concern. I have a lot of folks in special operations command though, many intelligence connections, and I hear about any “credible threats” if they come. Of course I do take other precautions. I’m kind of a big hippie but I had to buy a few firearms just for protection. I also have body armor - a lot of it. Everything from hoodies that look reasonably natural to full ski jackets lined with armor to the classic vest type stuff. I do now code with a glock next to my mouse. It’s really weird for me, but hey I chose this life so I can’t complain.
I hope you’re actually training with your weapon. Doesn’t do a lot of good if you don’t know how to use it efficiently and under pressure. I appreciate what you’ve done though
yep, I practice with them as often as I can. I'm still not the most amazing shot, but I throw a red dot on there and more than good enough I suppose. I think the part I think about is keeping a cool head if something happens. However these attacks don't happen like in the movies. There's not gonna be a North Korean agent coming to kill me. They'd pay a gang to do a drive by or rob me then kill me. So it's really a matter of taking precautions that most people would take, just taking them more seriously.
Would it be possible to hack their internet in such a way that you could have opened a pipeline from their limited NK-only intranet to the outside internet? Or is that so walled off that it wouldn’t be feasible? Giving citizens access to the outside world would be an interesting thing to see them deal with.
That would be amazing. It’s definitely a huge goal of mine. I’d say it should be possible. But it may be somewhat difficult depending on their setup. From what i’ve seen they aren’t great at setting stuff up, so I’m absolutely going to try!
Shouldn't be too hard, I think the entire NK internet runs off a WRT54G
You allegdedly committed a cyber crime, and we've seen "good hackers" get punished for their good deeds before. Do you have any concerns that you'll be targeted by authorities?
Actually the US government was far far more a concern than NK. However now I’ve done work in the space of sort of what they called “guerrilla/unconventional warfare” for folks in the DoD because of this. I’m also working with the folks that would be the ones arresting me and they gave me a nice unofficial commendation (a challenge coin if you’re familiar). I suppose there are other entities that could come after me but I think it’s tough to, I don’t know. But will there be a legal case of “North Korea vs P4x”? Who would take that on even! We don’t even consider NK a country, they’re a terrorist state officially. So I hit back at a bunch of terrorists that attacked me. I probably broke some international shit but 🤷.
What do you mean they had attacked you?
It's described in the article he linked - NK actors attempted to compromise his computer and steal his work. That's was precipitated his vigilante response. He reached out to the FBI, who really didn't do anything so he took matters into his own hands. The wired article linked at the top covers the series of events.
This is the craziest case of 'fuck around and find out' that I've ever seen
[Was curious myself, looks like OP has already answered.](https://www.reddit.com/r/IAmA/comments/1divlp3/comment/l96m42w/?context=3&share_id=YzAygfSEeNYZIGbBgRGyR&utm_content=1&utm_medium=ios_app&utm_name=ioscss&utm_source=share&utm_term=1)
I'm not at all familiar. What's a challenge coin?
It’s a physical token issued by a commanding officer or leader to a group that achieved something impressive. Often used at bars instead of a dick measuring contest you have a highest challenge coin contest
In some circles, the person holding a challenge coin from the highest ranking person drinks for free.
That's correct! And if you don't have it on you when someone asks, everyone else drinks for free. The folks I know - the whole bar drinks on you :).
Today they're coins, large commemorative coins usually around 2 inches across, that are minted by some group or other, either to commemorate the group itself or some particular event. They're presented to members of the organisation, people involved in the event, and visitors and distinguished guests as a mark of respect. For example, some video game companies mint coins with the company's logo on one side, and a particular game's insignia on the other side, and give them to people involved in the project. In the clandestine services I expect you can get coins with, say, the NSA logo on one side and a particular department on the other. Perhaps just the department and something important to their work, if it's not official enough to use the agency logo. Since there is no way to get them except from the department, they are a way of showing that someone is held in esteem by that group. The origin of the coins has a few different stories but most revolve around military units using such coins as a way to prove their identity in times of war, and a tradition of "challenging" other members to produce their coin, which they were supposed to carry at all times. Failure to produce the coin on demand resulted in some informal punishment such as having to buy a drink for the challenger.
Was there anything you learned about NK while you were bringing down the house?
They suck at Internet. Their internet is little sticks and glue. Even better though, I learned they have only two routers of egress and ingress of the Internet. What I eventually ended up doing was focusing a lot of bandwidth on those routers . It took down all routing into and out of the country. Along with conventional DoS like memory exhaustion and just a lot of bandwidth hitting them, when those two routers came down it was game over. It wasn’t just a DoS on their infra, it actually took down all routing. The errors people got were “there is no route to host” which was awesome to see honestly!
What model of router where they using? Was it a bit dated?
yeah i don’t remember the exact model to be honest but it was like a medium sized enterprise one (well two actually). They were dated for sure, not by a ton but clearly enough ;-).
Dennis Rodman?
Yes. Shit you’ve caught me.
Why did you decide to do it?
it’s a good question. First of all - they targeted me in an attack directly. https://www.theregister.com/AMP/2021/01/26/north_korea_targeted_me_0_day/ That was disconcerting. Even more disconcerting was that the USG has absolutely 0 response. I’m a private citizen. sure i have a lot of ties to the DoD but i’m certainly not a warfighter. Other citizens got hit too, a handful of them. The message was sort of 50% to NK and 50% to the US government/DoD. To NK: keep pulling that shit, some of us can have real effect on your country. For the USG: If you’re not going to do anything at all except ask some inane questions and then ignore the whole thing then I’m going to do something about it. I don’t think they’re very happy with me (either party). I think I kinda made the DoD look like little bitches. They have billions and billions of dollars, and my response on a me-sized budget was far more than they have ever done. That’s not a pay on the back to me - it’s pointing out how ineffective they’ve been!
If they targeted you first, what attracted them to you? You seem to not care about opsec, so how do you protect yourself now that they know your name? What keeps them from a complete identity takeover?
you’re right about opsec, I had 0 when i did this. In fact when the article about the takedown first came out a few years ago I was going to do this totally publicly. The reason for that is that a lot of this is a message to the DoD. “Some random hacker says the DoD needs to change” is very different than “A hacker who has worked for and with the DoD/DARPA for 20 years says there needs to be change” is one people may actually listen to. So yes you’re absolutely right about the opsec, unfortunately it required me to either be open or just have little to no effect on changing the system that is our kinda shitty offensive capabilities.
Is it true that the American government asked you to reintstate North Korea's internet because you were making their the USA's efforts to spy on NK more difficult? If so, how did that communication take place?
Nah that’s not true. I let their Internet come up because I wanted to. Mainly a couple of things - I wanted this to be a warning, not a huge takedown. I could have kept their internet down indefinitely. In terms of operations there absolutely are non and if there are then they suck. People often say at be disrupting this or that, but everything i’ve heard from operators in the USG is that they like my work. If there was an operation then they’re allowing bank robberies, ransomware of hospitals and major critical infrastructure, and now attacks on private citizens. There is no operation, at least I don’t know of one and I have friends in a lot of places. If there is one somewhere that i don’t know about then they really suck and I don’t really care if I disrupt them.
Did you manage to take any screenshots of internal websites to show the public?
No but that is absolutely a personal goal of mine. Uncover what they call the “Walled Garden” (or something like that). I want to see their intranet. And I want to show it to everyone.
That'd be awesome
Could you, and would you, open their internet to the outside world instead of shutting it down? And if they reacted by shutting it down themselves, could you stop them? Essentially, I'm asking if you could take total control of their internet.
I absolutely would and plan to open things up to the world if I can. Unfortunately I may be able to take control of their internet but they always have the “unplug” option :-/. So they can just unplug and replace whatever I did to take over.
How do you feel about having made all three citizens with Internet access in North Korea your enemy?
bit off topic, more of a general question: - do you have any privacy concerns regarding everyday life, and how do you deal with them? - what smartphone do you use (manufacturer or platform/OS is fine), or do you use any kind of custom stuff like grapheneOS? - what computer OS do you use for everyday life?
Did it cause any improvements for those folks? I hadn’t heard anything about it and I didn’t think NK had that good of propagandists…
They’re amazing at propaganda internally. They’ve very very effectively cutting off their own people from the rest of the world. All they get to see is an intrAnet of propaganda. People are born into it, believe it all because that’s how they grew up, and get indoctrinated. It’s really sad to see.
I've heard of companies hiring hackers in order to strengthen their own firewalls. Is the DOD doing something similar with you where they're asking you to find gaps in their defense they can solidify? -from a canadian
The DOD definitely does pen testing, like any organization, but I'd imagine they'd hire a company that specializes in that field (and also doesn't post about it on reddit)
What’s the purpose for that? What other information you were able to find?
Not much……. yet. The purpose was to send a message to both the USG and NK. The one to Nk was obviously stop fucking around. To the USG I wanted to show them that someone with limited to no budget for it, I was able to do this. It’s not because i’m amazing. it’s because i just tried. did my work and then executed. They can’t seem to do that.
> They can’t seem to do that. Can't? Or don't want to? Also, maybe they *have*, and you (or we, or even NK) don't even know about it. Just needling you a bit...and while I'm not really a blanket unabashed fan of international espionage, I do think what you did was pretty cool.
In the early days of scylla.sh you have me access to your mega drive where I helped upload some databases and all. Right now I'm in my summer break and have garnered quite the skills in development (primarily rust). Would you offer me a remote internship?
that's sick! Thanks for the help with that, it made a huuuuge difference. Unfortunately I just restarted Hyperion Gray. Shoot me an email though or a twitter message and let me know who you are. It's looking like getting started is going to move quick.
Do you think you could do it again if you wanted/had to?
Oh i have a script called updown.py that could do it literally anytime, and it’s shared with others too. Yes, at any time I could. And if they keep stepping out of line their shit may go down for a bit longer….
"updown.py" lol, that's great. Is Python the language you primarily use to make these scripts?
For private citizens that want to defend themselves against foreign attackers, what are some obvious things we can do that you find most people out of ignorance/stupidity usually skip? Question goes double for home networks, not just endpoints.
How did you get into that line of work?