Hello my curious community members!
This is my first post here. I noticed anonymity is a big topic here last few weeks. Today i will present you how paranoid blackhat hackers with large botnets stay anonymous and teoretically safe. I will post more about RATting since its not covered here by others ( who are doing really great job educating this community, big up OTW,phoenix,crackerhacker etc..).
So lets start... This is case study, so i do not tell anyone to do this, but how others do this.
- Get an old notebook, from second hand and not providing seller your personal info. You dont need a high-end machine since RAT software is just "executing commands".
- Get a good VPN operating under the jurisdiction of Sweden, Iceland or Seychelles, since this coutries has no data retention laws and good privacy laws. (pay with bitcoin since some vpn providers store payment info).
- get an Alfa AWUS036H with 5dBi or more antena range.
Buy some laptop from second hand and make sure the seller knows sh.t about you (ensure no cameras involved).
Encrypt the drive! (this is important!). Fire up kali or whatever system u use to hack. Spoof mac adress. Important thing is to have a good wifi reciever (alfa is the best thing you can go with or something with packet injection). Crack some wifi in range (im sure there is a lot of them in range).. When you succesfully hack a wifi network, next target is router.
Most of people dont change router passwords. Did you changed yours??
After getting an acces make sure you disable router logging and additionaly make a port forwarding but its not really neccesary since we will use portforwarding thorough our VPN service.
Now fire up tor, proxychains etc. and disable webRTC (in browser config or get plugin) and use incognito mode.
With tor and (or) proxychains running make an email account. With this email get a VPN, set portforward (nvpn is a good way to go, but its ur choice) and get no-ip service (noip.com).
Now you just set the things up. Since most RATs are for windows, fire up windows, spoof mac adress, connect to a cracked wifi, connect to VPN and start NO-IP client. Than make a RAT server and stub with no-ip dns and spread.
NOTE: Do not ever, never, start no-ip client before VPN (they propably keep logs)!!!!
If you do things right (you might add an extra twist if you are really mega paranoid) you will for 99,99% wont get caught.
Scenario of law:
Victim calls police. Law force gets an no-ip record from ur trojan. No-ip leaks and ip adress which is your VPN (its a good from time to time to change VPN's ip since u use no-ip dns host, it is no problem,) VPN leaks ip and it leads to the router. Router has no records(or spoofed mac so no support from manufactures), so there is only social factor, that your neighbour can say, it could be only the that wierdo from across the street. Raid comes up... drive is very well crypted and it could take years to crack....
Thanks for reading... expect more things from me and sorry for mistakes, alcohol is my enemy right now.
But remember, this is case study and curiosity is your best friend. Most of things i mentioned is covered here on null byte.
Topic Related Links: