WackSec Radio Episode 10

Show Notes




WackSec is soon being streamed to youtube, where podcasts will be available to watch when the show is over.


CTF was a huge success! TheLoneWolf or Towel kicked everybodys ass.




  • Important! Relevant and newsworthy
  • Interesting however; not much new
  • Just tech news. Not completely infosec


Time 21:00:00 DST

IP Cams Vulnerable To Remote Attack…. DUH!


Amazon Echo Vulnerable



Series of Monumental OpSec Mistakes Led to AlphaBay’s Demise




This is important talking about.

    1. While Europol + Dutch PD were taking down Hansa, a rival darknet market. They compromised Hansa, and used it as a honeypot to capture AlphaBay FBI Took Down AlphaBay
    2. Investigators began sting operations on small time drug dealers in the beginning. This got them nowhere. Ordering drugs, meeting up, or waiting for delivery, and then arresting. They only caught small timers. They wanted to go after AlphaBay.
    3. AlphaBay’s operators decided to add a forum back in December 2014
    4. Users who registered on AlphaBay’s forum got a greeting message from the site’s admin.
    5. The email header contained “[email protected]”, the Admin’s main personal email.
    6. From there they doxed him completely and utterly. SPOF.
    7. Thai police raided Cazes’ home on July 5th 17
    8. He was using his laptop, which was unencrypted, logged-in under the “Admin” account on AlphaBay and the admin account for AlphaBay’s data center provider.
    9. $35.5 million was the total of funds he had made
    10. No killswitch or camera’s or encryption for the world’s online drug market admin…
    11. He had every reason to be paranoid. Not paranoid enough.


  • Committed suicide July 12, Towel around his neck.



Time 21:20:00 DST

45,000 Facebook Users Leave One-Star Ratings After Hacker’s Unjust Arrest


  1. Teenager, 18, finds that he can pop open developer console, inspect element, modify the page’s source code to alter a ticket’s price, so literally click, change the price, and then click buy.
  2. There was no client side or server side validation
  3. He then reported it to them.
  4. They called the police, and had him arrested! WTF
  5. Over 45k of people respond by spamming the facebook page with 1 star reviews.
  6. It seems their http://www.bkk.hu/ website has been DDoS’d or shutdown


Time 21:30:00 DST

Hacker “BestBuy” Admits to Hijacking Deutsche Telekom Routers With Mirai Malware



  1. Hacker says a Liberian ISP hired his services
  2. They doxed him
  3. Time to rant about how Mirai was a waste. DDoS bro, seriously?


Time 21:40:00 DST

Adobe to Kill Flash Media Player in 2020



Time 21:45:00 DST

Banking Trojan Uses Mouse Movements to Distinguish Users From Virtual Machines



Time 21:55:00 DST

Closing Comments/Shouts

Conferences? Derby? DEF CON?


Get some swag for the cons?



0x00sec Buttons (these are super popular right now) They’re a cheap way to support the community and show off your inclusion in the internet’s coolest security network!