Transcription performed by LeahTranscribes
[START OF RECORDING]
JACK: Was this after you went to prison?
DEFAULT: What was after when I went to prison?
JACK: You had a million dollars in crypto?
DEFAULT: No, that was before.
JACK: Okay. Well, I want to get into all that.
DEFAULT: Yeah. It’s honestly a lot.
JACK: Okay, well, this is good. I’m glad that your story is strange — well, it’s — for a movie. DEFAULT: It is very long and strange, and honestly, for me, I lived it and told it so many times, that it’s so normalized, that I’m just like, yeah, I did this and that and I went to federal prison for five years. They’re like, holy shit. I’m like, yeah, I know. It’s crazy, right?
JACK: Well, then, I’m excited…
DEFAULT: There’s a lot to cover.
JACK: Yeah, I’m excited to do it. I want…
DEFAULT: Do you want to start all the way — like, even give me any kind of reference for how you want to go about this.
JACK: So, I just want to get a verbal confirmation for, I don’t know, legal reasons or whatever. Is it okay to record this call to use on the podcast Darknet Diaries? Is that okay with you?
DEFAULT: Yeah, of course.
(INTRO): [INTRO MUSIC] These are true stories from the dark side of the internet. I’m Jack Rhysider. This is Darknet Diaries. [INTRO MUSIC ENDS]
JACK: Explicit content warning; this episode has some language in it that might not be suitable for all audiences. Okay, hi. Welcome to the show. I want you to meet a fella named — well, let’s just call him Default.
DEFAULT: As a teenager I was in Newport News, Virginia, with my dad. He worked for the government, so…
JACK: So, as a teenager, what was your relationship with the government? Were you politically active? Was your dad politically active?
DEFAULT: No, not whatsoever. I didn’t pay attention to that kind of stuff when I was younger. I was just a nerd, you know? I liked to play video games, was very active in sports. Very active in sports, actually; I used to play four soccer teams year-round and was big into competitive video games like Halo, Call of Duty, even Super Smash Bros. Eventually if you’re into gaming, you stumble down the rabbit hole of finding hacks to increase your experience in the game, whether it’s modding or J-tagging or whatever it may be.
JACK: [MUSIC] So, as a teen he was playing RuneScape, and one day he got into an argument with someone in the game who threatened to hack him. Suddenly, his computer went to a blue screen and wouldn’t boot up after that. That’s what got him interested in hacking.
DEFAULT: Since as far back as I can remember, I’ve always had a very inquisitive mindset, like extremely. I always questioned everything, and not just questioned everything; I wanted to know how things work. I’m like, why does this happen? How does this happen?
JACK: This led him to understand that you can get computers to do things that you shouldn’t be allowed to do. He got curious and wanted to learn more about how they work. Then one day, his mom grounded him; banned from the internet for a week. Well, curious little Default tried to crack his neighbor’s WiFi, and sure enough, was able to do it, and he got back online.
DEFAULT: That was — it opened my eyes to the possibilities that I’m not even aware of. I’m like, I want to know more about this. [MUSIC] My mom just took away my internet. I just downloaded this program, hacked my neighbor’s WiFi, and I’m back online within ten minutes. To me, that was so powerful. I took the power back from my parents or whatever. So, I started delving deep into this stuff.
JACK: An AltaVista search about hacking might have led you to a message board, and the message board would have introduced you to hacker tools, and those tools might be made by a certain group of people, and those groups would be present on IRC, a chatroom. Getting in the chatroom might not be so easy, though. It might be invite-only. So, you gotta message the channel operators to ask permission to join, but they’ll deny you because they don’t know you. But you notice the person who denied you to get in is also in another chatroom, so you join that one to see what’s going on there, and you eventually find your way into some hacker chatrooms. Now, the year was 2008, and being on IRC and in hacker chatrooms in 2008 was a very, very special time and place to be. Those who were there will never forget those years. In fact, the whole world will never forget what happened then. This was the hay day of Anonymous, and Default found his way right into the heart of it.
DEFAULT: Even when I look back now at quote, unquote, Anonymous, I still cringe, but I still feel like it was necessary. It was a necessary stepping stone in the hacking collective, conclave, whatever, to get to where we’re at today. It was necessary. It was people congregating for similar belief systems and standing up for something. It had its place and time.
JACK: [MUSIC] The Anonymous chatroom was a hot mess, the biggest disaster of a chatroom you’ve ever seen. Whatever you can imagine is the most awful picture ever, double that and then spam it to the chatroom. That’s what was going on there; gore, brutality, pornography, vile and disgusting imagery. It was kind of a hazing experience that you had to get through in order to find your way deeper into Anonymous. Sometimes, new people would be asked to eat a stick of butter or a tube of toothpaste on camera to prove yourself. Because here’s the thing; cops, feds, journalists, security researchers, and normies would show up in these chatrooms, and if they pop in to see what’s going on and it’s just full of gory imagery, a lot of them can’t handle it. They might vomit, even, and then just nope right out of there. Spamming the most graphic and awful pictures was like a firewall of some kind, but if you could tolerate it, building calluses on your eyes and start talking with people through the noise, you might be welcomed deeper into the pockets of Anonymous.
DEFAULT: It was a double-edged sword. Yeah, we’re all anonymous, but so are the feds that are infiltrating it that you don’t know about. So, that’s why all of the really elite programmers and hackers spawned off into their own little small groups where they can vet the members and make sure that they’re not feds. Like, oh, well, go hack this website and basically commit a crime to prove to me that you’re not a fed, whereas Anonymous is just like, you don’t know who’s in here.
JACK: This made the edges of Anonymous even more fuzzy. New groups were forming out of it and they had their own ideas and agendas, and they’d look back at the Anonymous chatrooms and think, those cats are cringe. We don’t want to be affiliated with that stupid stuff. We’re our own group, and IRC hacking groups would come out of Anonymous. Some were loosely affiliated. Some were even anti-Anonymous themselves. There was infighting, too, doxxing people from other Anonymous groups and other hacking groups. It was a real mess. Some other groups that were springing up in that time coming out of Anonymous were like, LulzSec, Team Poison, UGNazi, HTP, and some people in these groups were getting arrested and then working with the feds to catch other hackers. [MUSIC] Things weren’t safe. You always had to be looking over your shoulders in these chatrooms. You just didn’t know who to trust in there.
DEFAULT: It became very obvious; we need to move more underground and be a lot more selective with the individuals that we’re interacting with on a daily basis. So, I moved on to basically my — doing stuff myself and kind of becoming associates with other hacking groups. I started learning from Team Poison, MLT — I actually knew Trick, too. I don’t know if you’re aware of who Trick was.
JACK: Yeah, in fact, I do know who Trick was very well. I did a whole episode about him called Team Poison. That’s Episode 109. But this scene was so hard to navigate to know who to trust. It almost became a thing that if you were hacking into stuff, breaking laws, then you were trusted. You must not be a fed if you’re able to break the law. Everyone else; keep them at arm’s length. Now, the thing is, at this little time and place in the world, hacks were happening everywhere you looked, some from Anonymous, some from Anonymous-adjacent, some from crews that were anti-Anonymous. But what was their motivation? Some were politically motivated. Some wanted to get revenge. Some wanted to amplify a cause or an idea, and if you deface a big website and write with big letters on the front page something about your cause, it brings more awareness to it. Default was hacking into stuff, too, but what was his motivation?
DEFAULT: So, I didn’t really develop any kind of altruistic ideology for a little while. It was more just all curiosity-based and learning. I was obsessed with learning more and more, as much as I could, because I thought it was so intriguing. If I could shell this website, then if I can root it, and then if I can get access to all the other subdomains — it was really just a bunch of challenges. So, I always was just pushing myself to learn new things.
JACK: Okay, I see; he’s interested in learning and his crime is curiosity. It reminds me of that scene from the movie Hackers, which came out in 1995. Listen.
AGENT BOB: This is our world now, the world of the electron and the switch, the beauty of the baud. We exist without nationality, skin color, or religious bias. You wage wars, murder, cheat, lie to us and try to make us believe it’s for own own good, yet we’re the criminals. Yes, I am a criminal. My crime is that of curiosity. I am a hacker and this is my manifesto. Huh? Right? Manifesto? You may stop me, but you can’t stop us all.
JACK: Now, even though that’s a scene from the ninetie’s movie Hackers, that manifesto was actually written in 1986, a full twenty years before Anonymous would start making a name for itself. Yet, it feels like that’s absolutely something Anonymous would say.
DEFAULT: [MUSIC] So, I joined into a group called AnonGhost, which — there were some really competent people in there, but as time progressed, their leaders started becoming radicalized members supporting ISIS, so I had to diverge away from them. Then I joined a group called AnonSec, which people — I hated the name and wanted to change it because it got associated with Anonymous so much, and I had a disdain for Anonymous at that time, heavily, because that’s not where the most technologically advanced hackers were at. None of them are in Anonymous, and that really bothered me that some of our hacks got attributed to Anonymous. I eventually ended up taking over the group, but that’s — I think that’s where I started to get more politically motivated. Then we did a whole bunch of different operations. I think one of — our first one was Operation Detroit, where they were having — really similar to the Flint, Michigan issue with the water, but it had more to do with the corruption and the government there and the fact that they have a really messed up system for how their water is distributed.
JACK: Okay, so, this was a big deal. Default and the crew he was in wanted to take out Detroit’s water payment system. Someone in the channel suggested they hit the site with LOIC, the Low Orbit Ion Cannon. This is a basic tool; you just point and shoot it, but it floods the target IP with loads of traffic, overwhelming it so it can’t handle legitimate customers. Sometimes it’ll even drop dead from the flood of connections. But then someone else is like, nah, screw LOIC. That’s lame and it isn’t safe. Let’s use Tor’s Hammer. So, someone started passing Tor’s Hammer around the chat, and this also floods the target with a whole bunch of traffic, but it uses Tor to route all the traffic through it, hiding where the attack is coming from. So, the members all fired this up and together launched an attack on Detroit’s water payment system, and immediately it went offline. No one could pay their water bill.
DEFAULT: So, that was our first segue into politically-motivated stuff, because it pissed me off and it was like, I can — we can actually do something about this. It’s like, okay, well, now nobody’s gonna pay you, so you’re not getting any payments. So, what are you gonna do now? Honestly, we kept their — that part of their web server down for like, I think two months. So, I’m not really sure the equivalent of financial loss that they had for that, but it was significant enough for them to make announcements and changes and launch investigations into who was doing this. [MUSIC] Actually, one of the members of our group got arrested for this.
JACK: There’s something empowering about pulling off something like this. You feel like the world bends to you and your whims. There’s a shift in control, and that control can become intoxicating.
DEFAULT: It was kind of like, us sitting around in our IRC chatrooms and being like, well, what pisses you off or what do you hate? I remember somebody being like, I can’t stand pedophiles. I think they’re the scum of the Earth. I was like, yeah, I think any — I think everyone can agree with that. I think everyone can get on board with this.
JACK: Hm, pedophiles have been sort of hated universally within Anonymous. In these chatrooms where anything was allowed and free speech rules, pedophilia was not allowed, which I’ve always been fascinated by that. That’s the common denominator that everyone agreed on? It didn’t matter what group you were in or political affiliation or cause that was important to you; pedophilia was wrong to everyone. Which, you might think, yeah, duh, of course that’s wrong. Draw that line. [MUSIC] But why there? Why not ban pictures of murdered people or pictures of people having sex with animals or pictures of torture? All that was approved. Hell, there was a video of two girls eating poo, which was a real big hit in these channels. Like, nothing you could possibly present to this crowd shocked them or made them care, except pedophilia. That was going too far. So, imagine, if you will, being a teenager, having these hacking skills, looking around for something to use it on, and seeing that everyone hated pedophiles. All the hackers on all the channels, the cops, even, the normies — there was even a TV show called Catch A Predator where they’d set up sting operations for pedophiles. It felt like if this was who you wanted to try to hack into or mess with, the universe was on your side. It felt like what you were doing was right in every way. It was helping the world, and nobody would say you’re wrong. Yet, at the same time, hacking feels so counter-culture and rebellious. This is a powerful cocktail to be mixing up as a teenager.
DEFAULT: You can go into the forums where they don’t post and they just — it’s all text, and you find out, oh, where they’re messaging people, whether it’s on, I don’t know, AOL or whatever it may be. Then you get their handles, and then you go create alt accounts and then interact with them. Kind of set them up, basically. Then you send them a file. Like, hey, oh yeah, I would love to hang out, yadda, yadda, yadda. They’re all excited. Then you’re like, here’s a picture of me or here’s a video of me, and you put some malware in it. It could be very simplistic; just — I just need a port, I just need a back connection into this guy’s computer, and then just download everything that he has and get all of his location data and pretty much dox the guy, and then just send it to his local authorities. We would check up on these people, and a lot of them would get arrested. It felt good, you know? You’re making a change in the world. You’re making the world a better place. People preying on children is just — it’s one of the worst things that somebody could ever do.
JACK: Getting pedophiles arrested meant getting respect among the hacker groups, which meant getting more members. Things were progressing for them, and their hacks got bigger.
DEFAULT: This is one of the ones that I think I’m the most proud of, I could say, was Operation Denmark. [MUSIC] So, bestiality was not banned in Denmark, okay? That’s generally banned everywhere. So, I guess a lot of sickos were taking advantage of this lack of laws against bestiality there. There was literally dens and private places you could go — and people’s animals were going missing and they were ending up in these — they called them dog brothels. It’s so sick. It’s so crazy. I had a dog, so that really pissed me off just thinking about the fact — like, well, what if — being — trying to be objective and be like, well, what if someone took my dog and that happened to my dog? I would freak out. So, we — I think we took down the official Denmark government website and then we actually defaced it and said, did you know that your government allows bestiality and there’s bestiality dens where people can go and pay money to do these things to animals, and most of them are people’s pets? A lot of people weren’t even aware. The average person was not aware of that because they’re just going about their lives. So, everyone freaked out and it was like, all over the news.
JACK: Geez, mate. You got me fact-checking the weirdest stuff in this episode. So, he’s right; in 2014, it was legal in Denmark to have sex with animals, and there was some weird-ass animal sex tourism going on over there. Because a year earlier, Sweden and Germany banned sex with animals, so it was a weird moment where some places it was illegal and some places it wasn’t. Yeah, shortly after this hack, Denmark changed the law. They made sex with animals illegal. I can’t tell if this hack had anything to do with the laws changing, but the timing is very coincidental. Now, stuff like this, hacking into places, making the news, and getting people arrested and stuff, is like a drug.
DEFAULT: Yeah, the sleep schedule didn’t exist, and it is — I would be lying if I didn’t say it was exhilarating and gave you a sense of power. You start to crave that rush of serotonin. It’s just like, you get so worked up and you’re like, this is so awesome. This feels great. Not only are we doing something good, but it’s exciting and I want to do it again and again. Sometimes it’s like you’re — almost like you’re chasing a high, and that can lead you off the trail.
JACK: Let’s take a quick ad break, but stay with us because when we come back, we’re going off the trail. Okay, so, Default was on a path. He didn’t know where the path was taking him, but he already made his way through Anonymous and into different hacker groups. AnonSec was the group where this first exciting stuff was happening. He kind of took over that group. But do you realize there’s a whole infrastructure to these hacker groups? There’s data stores to keep records of the stuff you collected or the passwords you’ve cracked, and there’s a tool shop to quickly grab hacking tools and how to use them. But to build on that infrastructure, they decided they needed to build a botnet. A botnet is just having control of a bunch of computers. You typically try to infect a huge swath of IPs and hope that a bunch of computers get infected and become under your control. But the reason why they wanted a botnet was to route their attacks through it. Instead of malicious traffic or connections coming from the AnonSec members themselves, they set up this botnet to pipe their traffic through someone else’s computer to get to their target. But when you infect a bunch of computers with a botnet, I start to get curious. What are these computers that are in our control now?
DEFAULT: So, all these different devices that are part of the botnet — it’s like going through and seeing where they’re at or what they have access to. Some of the stuff that randomly would just get popped would be an Apple TV, an Iranian WiMAX base station for cell phones.
JACK: One of these servers belonged to the Windsor University. This is a medical school.
DEFAULT: You just pull it up, and I start looking. I’m like, oh, this is some kind of institution, university. [MUSIC] So, pull up the URL, check the domains, go to the home page, and can easily access admin panel. Once I log in, just pull up the finances of all the people and all the debt that they have.
JACK: I saw a screenshot of this. He was in the admin panel of the university, and there in front of him was a list of all the students who owed money to the school. It all added up to $9 million. He started to think; could I, should I mess with this?
DEFAULT: These people might really enjoy having their slate wiped clean, as it were. If you look, some of them owe a substantial amount of money, like, $70,000. I think some people owed upwards of over $100,000. It’s a lot of money, you know what I’m saying? It’s perpetual debt that sometimes just lasts for decades.
JACK: There were 391 students listed here. He scrolled to the bottom of the page, and there was a button; Delete All. Why was there a Delete All button? I have no idea, but there it was.
DEFAULT: So, I just deleted everything. I went into the PHP shell and just sent everything to dev/null and just shredded it. So, whatever I sent there is not coming back.
JACK: Wow, crazy. How did you feel after that?
DEFAULT: You feel good, you know? Whenever you can make a positive impact in people’s lives — and the power of doing that remotely from your house is — it’s almost intangible. The amount of power you can exert over the internet, it’s something that your average person just will never understand.
JACK: [MUSIC] Default kept going further down this path, getting into place after place, and the places he was hitting were starting to really add up.
DEFAULT: Literally, anything from banks, like I said, Apple TVs — we landed inside the Netherlands Defense Gateway. Like, what? Y’all have the default SSH password set? You just haven’t done anything with — okay, cool. More schools, School of Computer and Intelligent Systems, host providers; that was really cool. That was honestly a gold mine ‘cause we could literally just keep spinning up virtual private servers whenever we need. Just free web hosting, free storage space. We stumbled across a weird NSA SKYNET program on a Siris Aviture server by — also was co-hosted with the US Air Force. Super weird stuff. We’re sitting on a admin login panel for Coinbase, which had access to hot wallets. Very scary stuff. Thankfully we didn’t do anything with that. The Twitter and Facebook zero-days — it was both just a four-digit PIN reset.
JACK: Now, each of these have their own story and I’ve listened to him tell me some of these himself, and they’re insane. I’m sorry I can’t include them all here, but I do want to stop at the Facebook login exploit he had.
DEFAULT: I became kind of obsessed with having the tightest opsec that I could have because I didn’t ever want to get caught, obviously, and that kinda led to my arrogance, also, of being able to — literally, I got to the point where I thought I’d never be caught no matter what I did, and that just opened the door for doing anything hacking-wise. I didn’t care if it was Facebook or Twitter, which we had a zero-day on, and could access anyone’s account.
JACK: What they did was get a Facebook username and then try to log in as them, but then say, oh, I forgot my password. At the time, Facebook would then send you a four-digit code to your e-mail that you had to type into the site to prove it was really you, because after all, if you had control of the e-mail that was registered to this user, it must really be you, right? Well, it was a four-digit code, which means there’s about 10,000 possibilities of what it could be. These guys learned that they could just keep submitting codes to Facebook over and over and over, cycling through all the possible four-digit codes, until they found the one that worked. They could do this pretty quickly, too, and just reset anyone’s password that way and then log into Facebook as them.
DEFAULT: We got into big accounts. I got into Seth Rogen’s account, got his cell phone number, and called him just to tell him that I love his movies. He was like, who is this? I was like, I’m just a big fan. You’re hilarious. He was like, click. Completely deactivated his cell phone ten minutes later. Cardi B before she really blew up, Chief Keef, which he was honestly really cool about, ‘cause we gave him the account back. We gave all these people the accounts back. We had no malicious intent. It was just fun. It was a challenge.
JACK: [MUSIC] So, while all this started out as fun and a challenge, over time it morphed. I mean, how can one feel this kind of power and then watch news and see everything wrong in the world and decide not to use this power to make change? It really is like a superpower to just topple over a computer or get inside a system that isn’t yours. With great power comes great responsibility, right?
DEFAULT: I think it was the Snowden release that kinda set me off, where he was talking about the prison program and how literally it’s not a conspiracy that people have been saying the government is spying on everyone. They’re like, oh, you’re — it’s like, nope; actually, you could see here that these very classified documents — that they’re literally rag-netting every single packet in the United States and they’ve co-opted all of these companies through the prison program, and — all of your data is ours, and we’re building a giant storage facility to keep all this forever. So, if you ever become a potential threat to us, we’ll know everyone about you. So, it really just set us off and kinda gave us this mentality; like, okay, so, basically you’re hacking all of us, so we’re going to start targeting y’all and start showing that we can do to y’all what y’all are doing to us, also. Then nobody’s immutable. We drove that point home very hard. Like, literally sat around and came up with lists of high-level individuals in the intelligence community and then just started targeting them one by one.
JACK: What? What the hell? They made a list of people to hack into that were high-profile members of the intelligence community? This just went up to 11. Okay, at this point — I mean, I’m fascinated by this because I’m always surprised how high-profile people in government pretty much dox themselves, right? They give their real name and talk on TV, and they have a phone number to their office, e-mail address, physical address. All this stuff is public information. We know who their boss is. Chances are, there’s a Wikipedia article on them listing all this, or there might even be a whole biography written about them. Yeah, I always wondered; doesn’t that make them extremely vulnerable targets for attacks? I am glued to this story right now. [MUSIC] Okay, let’s back up a second. At this point, Default has left AnonSec, which didn’t affiliate itself with Anonymous at all, and in fact, they were anti-Anonymous. But Anonymous seemed to get credit for everything they did, since it was called AnonSec. So, he was sick of that and left. But he knew people in this little pocket of the internet, and a group that he thought was doing some cool shit was CWA. This stood for Crackas With Attitude, and the head of CWA was a guy named Cracka.
DEFAULT: Started talking to him and he just — we were on the same page about being really pissed off, about the government, and also a lot of the things going on in the Middle East. Just a lot of injustice in the world. Just kind of pissed off, you know? I wanted to direct that somewhere for a greater good, as it were.
JACK: So, he starts hanging out with these folks from CWA and joins in on their hacktivism.
DEFAULT: That ended up being exposing the lack of security within our own government. We are very vulnerable, and the people running the show are not practicing proper operational security whatsoever, either. So, we’re going to show the world this, and it was actually really easy. It was not super-advanced. Most of it was just social engineering and then taking that initial social engineering, information we gathered, and pivoting and leveraging that information.
JACK: Who was one of the first ones you targeted?
DEFAULT: It was James Clapper. Yeah, James Clapper was numero uno, and he’s the Director of National Intelligence.
JACK: What the hell? This would be a strong ‘no’ for me. I would be out. You can’t attack the head of US’s intelligence agency like this and expect everything to be okay. I don’t care how good your opsec is; hide behind five VPNs, use your neighbor’s WiFi, use Tor, move to an underground bunker. It doesn’t matter. If you make it personal, they’ll make it personal. They will find you. But at the same time, Default was seeing stupid stuff on the news. Listen; this is James Clapper.
JAMES: What we do not do is spy unlawfully on Americans, or for that matter, spy indiscriminately on the citizens of any country. We only spy for valid foreign intelligence purposes as authorized by law, with multiple layers of oversight to ensure we don’t abuse our authorities.
JACK: The Snowden leaks clearly proved otherwise. The NSA was grabbing metadata off of millions of Americans’ phone calls. This is spying on regular, good-standing Americans. To hear James Clapper say otherwise meant that some were accusing him of criminal perjury, lying under oath. This enraged Default and Cracka. Our leaders were caught in a lie. What more can we find on them? But Cracka was the one who acted on this. I believe he acted alone, actually. Cracka got into the online account for James Clapper’s internet and phone service. Somehow from there, he was able to get Clapper’s wife’s social security number and posted that publicly. Then he routed all the calls coming into James’ phone to a free Palestine hotline. Cracka posted proof of all this to Twitter.
DEFAULT: I gave him a head nod. Like, dude, that was a sick hack. Respect. Started talking to him; I was like, that was awesome. You really exposed this guy.
JACK: James Clapper was actually not the first person from the intelligence community that CWA hacked into. Their first was Homeland Security Secretary, Jeh Johnson. Cracka got into his Comcast account somehow, and Default was seeing all this and chatting more with Cracka.
DEFAULT: So, we just started to actually sit down and think of different people that we should hack.
JACK: Together, they teamed up, and — well, you know what? I’ll just let Lester Holt from CBS News take it from here.
LESTER: [MUSIC] Good evening. Did a high school student really manage to hack his way into the personal e-mail of one of this country’s top spy bosses? Federal agents are urgently trying to answer that question tonight after what appeared to be private and possibly sensitive information was posted online. Given the high profile of the target of the attack and the relatively low-tech method used, it’s both a disturbing and cautionary tale that NBC’s Pete Williams picks up from here.
PETE: The apparent victim isn’t just any American or government official; it’s John Brennan, the CIA director since 2013, and a long-time key player in the US intelligence community. A man who says he’s an American high-school student claims he hacked his way into Brennan’s personal AOL e-mail account by fooling Verizon and AOL into revealing enough information to reset the account password. ‘Hello, guys. This Twitter account is going now’, the apparent hacker says, posting what appears to be an actual spreadsheet of names and e-mails of current and former intelligence officials. The hacker blanked out their social security numbers. The hacker also says he got into the Comcast billing account of the Homeland Security Secretary, Jeh Johnson. This was the personal e-mail account of Brennan, not his government account, and it appears no classified information was compromised.
JACK: Okay, so, tell me how you got into John Brennan’s account.
DEFAULT: John Brennan’s account, if I remember correctly…
JACK: Okay, you know what? I’ll help you out. I mean, the year was 2015. Who remembers little details like this from eight years ago? My research shows that they first found John Brennan’s mobile phone number, and they did a mobile number lookup and discovered he was a Verizon user. So, time to put on the ruse. They were gonna call up Verizon, pose as a technician on-site trying to help out a customer, John Brennan, but for some reason were having trouble. So, they called Verizon asking for help on his account. Verizon is like, what’s your employee code? They made one up, and it worked. The support technician at Verizon asked, well, why can’t you just get into the account yourself? They said, uh, the tools are down and we need to get this going quick because the customer is waiting. So, the support technician was like, okay, sure, I’ll help. What do you need to know? This is how they got John Brennan’s Verizon account number, his four-digit PIN, a backup mobile number to his account, the e-mail associated to his account which was an AOL e-mail, and the last four digits of his bank card. Now that they had this extra information on him, how can they leverage that to take this a step further? Well, they know his AOL e-mail address, which when you log into AOL, the username is the e-mail.
So, they had John Brennan’s e-mail username, but not the password. Well, time to call AOL. So, they called AOL, this time acting like John Brennan. Hi, I’ve been locked out of my e-mail account. Can you help me get back in? Sure, Mr. Brennan, but I’ll need to verify it’s you. Okay. Can you tell me the last four digits of your credit card number? Why, yes, yes I can, because they had this information from the data they got from Verizon. Clever, clever. So, when they gave this information to AOL, this let them reset his password and get into John Brennan’s AOL e-mail. On October 12, 2015, they gained access to the inbox of the Director of the CIA. Whoa. They started looking through his e-mails, reading one after another, looking at attachments sent. One attachment had a list of US intelligence officials, which included their social security numbers. Why in the world was John Brennan using his AOL account to send e-mails that included social security numbers of US intelligence officials? Ugh, this is such bad opsec. Why, Director of the CIA? Why? You know better. I think it just goes to show that no matter how much you know about privacy and security, we’re still human and screw up this whole security thing.
DEFAULT: This AOL e-mail account had not only stuff about the war in Iraq and Afghanistan — I have no idea why — he also had his SF-86 form in there.
JACK: Ooh, this is no good. The SF-86 form is the form that you fill out to apply for secret clearance, which means it has your entire background listed clearly in the form; social security number, e-mail address, telephone number, place of birth, aliases, passports used, prior addresses, names of your neighbors, what school you went to, your military history, past employers. It’s everything on a person, and now Default and Cracka had it all.
DEFAULT: So, you call to reset the password and it does not matter if you sound like a fourteen-year-old girl on the phone. You got the CIA director’s social? You have to be him. I don’t really have a choice but to reset the password for you. It was over.
JACK: [MUSIC] Unreal, and Cracka’s just posting this stuff straight up to Twitter as Cracka. It wasn’t just these two guys and CWA; there were some other members there for the ride, but Default was suspicious about one of the members in CWA.
DEFAULT: He had somehow eluded capture when he was involved with other groups that mysteriously went down after he had joined them. Also, there was a lot of psychological flags, like red flags. Just like, trying really hard to befriend us. You know, it was kind of weird, kind of obvious. Then when I — I actually — I publicly called him out, he became a completely different person. That was just another confirmation. It is hard to understand fully my train of thought of thinking that we would get away with this, but after some time, we knew that we weren’t gonna get away with it. So, we just mashed the gas and we’re like, let’s hit as many as we can before it’s over. It did — really, they had to issue a memo because they were probably terrified ‘cause it was vast. It was upwards of ten or eleven people all within CIA, FBI, White House, DOJ, Department of Homeland Security, Quantico, and then defense contractors. So, that was — it was pervasive and far-reaching to all arms and subcontractors of the intelligence community. They were like, what is going on? Yeah, we were actually calling some of these people, too, by the way. I actually called — I called John Brennan on his cell phone.
JACK: What did you say to him?
DEFAULT: I told him he was a piece of shit.
DEFAULT: He asked how much money I wanted. I said, I don’t want any money. I want you all to stop being so corrupt and committing crimes while prosecuting people for the same stuff y’all are doing. So hypocritical. Basically, y’all are awful people, really. You’re not doing any net-positive things for the world. You’re just not. He was audibly shaken up. I could hear it in his voice.
JACK: Well, just a random phone call is not gonna be that big of a deal, but did you say I’ve also got…
DEFAULT: It was his personal cell phone number. We read him his social security number to him. If you get a random phone call on your private cell phone number that nobody except for a select few people is supposed to know about and some random kid reading you your social security number, I would imagine that’s a pretty jarring experience.
JACK: They were so relentless that people started going into hiding.
DEFAULT: At the time, the threat level was literally unknown. He was very stressed out. It’s like, the extra security they had to hire to relocate the CIA director and then the deputy director of the FBI to a secure location because they didn’t know at the time what the threat level was. They had no idea who we are, what we were, what we were affiliated with, what our purpose was. We were some kids, literally, and — just pissed off at the government, but they didn’t know.
JACK: At some point they got into Amy Hess’ account. She was the FBI Executive Assistant Director for Science and Technology.
DEFAULT: Once you log into the portal, you can see the connected TVs. Honestly, it’s like — I think it’s hilarious ‘cause I think — it reminded me of something out of a movie, like Hackers. So, we played that movie.
JACK: I think what they did here is they called up Comcast pretending to be her and get her password reset. Yeah, it worked. Once they got in her Comcast portal, they were able to control her TV at home, and they just started playing the movie Hackers on it. This is a problem with connected and smart devices; you’re not the only one who can control them. Amy claimed she suffered from psychological damage from this. [MUSIC] Once they got into someone’s account and messed around there, they just went down the list to the next person.
DEFAULT: Jenny Psaki, the White House spokesperson. I literally just — I took that upon myself because she was calling Edward Snowden a traitor, and that triggered me so hard. I was like, I have to hack this lady. I know that maybe these aren’t her words and she might just be reading off of a sheet that they want her to say, but I couldn’t stand to hear that kind of stuff.
JACK: So, these guys were just ripping through all these high-level people’s accounts. It was insane the people that they were able to breach. But at some point, the two started talking and realized, wait a minute, we have all this information on US intelligence members. What databases do they have access to? This turned their attention to LEEP, which stands for…
DEFAULT: The Law Enforcement Enterprise Portal. It had the information on all FBI agents in the United States, like personal information.
JACK: So, somewhere in all this, they hacked into Mark Giuliano’s accounts. He was the Deputy Director of the FBI. Using his information, they were able to leverage that to get into LEEP, which I think is really taking this to another level. To basically pose as the Deputy Director of the FBI, to access a database that only officials should have access to? I don’t know, this just seems crazy to me that this can even happen, because why is this LEEP database even accessible from the internet at all?
DEFAULT: Yeah, and I think because they have agents all over, they could have taken security measures, but I think it would have been too much trouble for them. [MUSIC] I’m like, y’all just really don’t care.
JACK: Mm-hm. That sentiment right there is what I think fueled Default to go further. This idea that the US government thinks that there’s some elite hacking force able to break into anything and steal anything yet has a database of FBI agents’ personal details on a public website which is vulnerable to a teenage social engineer to be able to get into it? They wanted to put their thumb right in the eye of the government and make it hurt. How can we trust you with our private data if you can’t even protect your federal agents’ data? Why is the Department of Defense hacking into things instead of defending their own network? On top of that, why is the world even like this at all? Why is security so bad everywhere that the intelligence community can’t even secure their own stuff? So, Default and Cracka got into the LEEP database and downloaded all the information they could on as many FBI agents as they could. Okay, but what are you gonna do with this?
DEFAULT: Hit up Wikileaks and — it was Julian at the time running the account and he was very interested in it, obviously, as he always is. It happened very fast. Just hand it over and he published it all, including his SF-86 form and the documents about the war in Iraq and Afghanistan, along with the LEEP data. It’s still on the Wikileaks website if I’m not mistaken.
HOST: The CIA Director’s personal e-mails posted by Wikileaks after a cyber-criminal said they’d broken into his AOL account…
JACK: I don’t think Wikileaks posted any of the stuff on the LEEP database, but they sure did post John Brennan’s information. They got into other databases, too.
DEFAULT: JABS, the Joint Agency Booking System; everyone that’s put into that from county, state, and federal level in the prison system.
JACK: Yeah, okay, so any person who’s put in prison is in this system, and they found access to this very useful. They were doing things like looking up other hackers that were caught and keeping an eye on them. Like, trying to figure out, did they become informants? But also, they were suspicious of some of the other people in CWA, and there might be an informant within them. So, access to this system was kind of like a way to run a criminal report on anyone you wanted very quickly. So, they were just downloading stuff from these databases and looking through it, and that’s when they found in these databases, there was a bunch of information about the Miami Dade Police Department. Now, let’s talk about Miami Police.
DEFAULT: Yeah, that was another one, the Miami Dade Police. At the time, I really didn’t care. I just — that was towards the end of the run and was just, like, all bets are off, you know? [MUSIC] It had gone all the way down the rabbit hole. I had just become very disillusioned with people’s complacency and their lack of care for what was going on. So, it’s like, we’re gonna bring attention to this with chaos and mayhem.
JACK: So, what happened to the police department? Now we got your motive; what did you do?
DEFAULT: Well, we dropped their dox, pretty much.
JACK: This time it wasn’t Wikileaks, though. I’m looking at a tweet here which has a link to Pastebin, and in there is a list of eighty Miami police officers; their name, title, phone number, and e-mail address.
DEFAULT: Me and Cracka are talking and we’re both physically shaking because it’s like, terror and excitement at the same time. We’re like, I’m accessing a top-secret database. Holy shit. I’m gonna get caught, but this is exhilarating. I don’t really like — it’s like, what do I do? It’s like, okay, we’re gonna drop this database. Okay, what else are we gonna do? It’s like, I’m about to get the fuck off this thing.
JACK: At the time, Cracka was just a teenage high-schooler, but Default was in his twenties.
DEFAULT: Yeah, I think I was like, twenty-three.
JACK: What was home life like?
DEFAULT: It was terrible, really toxic. I lived with my dad. Living there was really bad, which I think kind of fueled some of this. Just like, no oversight, no real father figure to tell me what to do and what not to do. So, just like, bets are off. I’ll do whatever I want. Really, it became my whole life. Hacking really did. It was like, go to work, come home, hack. Go to work, come home, hack. It was all it was. It got to the point where I estranged myself from all my friends, and they didn’t know why ‘cause I never told them. You can’t. That’s just part of it. It’s a very lonely existence, especially if you’re committing all these crimes. At that time, I had a significant amount of money in Bitcoin and I really just — that was actually a key factor in all of this. Money was no longer an issue, so now what? You’re twenty-two years old and you have several million dollars in crypto…
JACK: Yeah, let’s talk about that, then. So, how’d you get the several million?
DEFAULT: Literally mining and buying from — since 2011. I was so early to getting ASIX. I was like, oh my god. These things were like, thirty to forty times more powerful than the average graphics processing unit at mining Bitcoin. So, yeah, started mining a lot of Bitcoin.
JACK: So, John Holdren — I have written down here that someone tried to swat him?
DEFAULT: Yeah, not me. I have no — honestly, I don’t even remember him getting swatted.
JACK: So, the idea was using — posing as him to call the police from his phone…
DEFAULT: Oh, the police shit. Yeah, see, that was…
JACK: …and then getting — saying there was a violent incident here and then them coming to his house.
DEFAULT: Dude, that pissed me off so much that that even got attributed somewhat to me, because technically a conspiracy is if I know about someone committing the crime and don’t instantly go tell on them. I’m complicit. So, it’s like, because I was in the chatroom with one of the people while they did this, now I’m a party to the crime. I’m like, what the fuck? I don’t even want to be a part of the swatting. I hate that shit. People have died from that.
JACK: There was some sort of current — there was an undercurrent of people online at the time, right, that you were mixed up in that was also very involved in this sort of thing. Talking about Anonymous, for example, right; Anonymous was always calling out injustices of the world and threatening this and that because people were just being evil. It felt like being part of that was the winning side, right? It felt like…
DEFAULT: Yeah. You’re doing what’s morally right.
JACK: Mm-hm, and I don’t know if that exists today. I think today we’ve kind of lost that pulse.
DEFAULT: The empathy is at an all-time low, just like, caring for your fellow man and the bigger picture. But people have just become very complacent and would rather be content with the way things are, and that’s a dangerous road to go down because while that’s going on, I can assure you that the NSA and the Five Eyes and all these other people that are occluding together are not being complacent. They’re actually getting more aggressive with the spying and the hacking. I think it was Rule 41 pass, where it’s like, they can literally hack people now. They don’t need to go physically kick in your door. No, they can just hack you. I’m pretty sure that’s how I got caught, is that the NSA got involved, and I know I got hacked two days before I got raided.
JACK: Well, let’s talk about that. So, how do you think the — how did they catch you?
DEFAULT: It’s threefold. There’s three things that contributed to it. Because the official shit that they say is so fucking hilarious — because I never used my home IP address. I had a giant WiFi satellite dish that could reach up to a mile away, okay? So, I was usually using the Dairy Queen that was half a mile away. It had free WiFi. So, their bullshit answer of, oh, well, we pulled Twitter logs and he had his IP in there. No, I didn’t. I’ve never fucking used my home IP address on that Twitter account. That’s why I bought this, so I would never do that. I was so overkill on my opsec, it was a process. Literally, my hard drives for my desktops I had to completely de-encrypt which took thirty to forty minutes, and then I — I don’t have internal WiFi cards in my laptops or anything. I have to connect it to stuff so it’s not automatically connecting to anything around me. Super paranoid, dude. You kinda have to be. Then after that, I’m connecting through Tor nodes and my botnet. I think it was threefold.
One I know was a contributing factor, 100%, because he told me. One of my friends, or I thought was my friend — and this is crazy, over a female, of course. What had happened was I ended up hooking up with a girl. I had asked him prior to this; I was like, do you mind? You dated her a while ago, whatever. Do you mind if I hook up with her, talk to her, whatever? He said, no. I was like, okay, well, I asked you, so speak now or forever hold your peace, bro, ‘cause I’m gonna do it. Literally, he got mad at me and I was like, why didn’t you be a man and tell me you still had feelings for her? I would have respected that. He was like, I don’t know. So, that kinda started it all. I didn’t know he had ill intentions toward me. So, whatever, we moved past that, and then the CWA thing happens. We’re drunk one night and we’re on Xbox Live or whatever. I slip up for the first time ever, being fucking arrogant and cocky. It comes on the news; CIA Director hack, blah, blah, blah, all this stuff. I’m like, oh, that was us, blah, blah. I was drunk, talking, and just totally gave myself away. But I didn’t think he would take me serious, I guess. I don’t know, I was drunk.
But he did and he actually reported me to the FBI. Then he told me that he reported me to the FBI. I’m not gonna name-drop him but he knows who he is, and that’s some real scumbag stuff to do over that. I just could never imagine — I would never do something like that to another person, I guess is — I don’t know. So, that’s one prong. That’s definitely — maybe got them to look into me ‘cause of an anonymous tip. The other one is the person in our group that I know was a snitch, but on what information was he able to collect about me? I don’t know. He was always posting weird links in our chat, like a URL shortener, or could have done some sketchy stuff with that. I really did never click on those. The other one was Julian saying that the NSA got involved and me knowing that I got hacked.
JACK: Yeah, so, when they gave John Brennan’s SF-86 form to Julian Assange at Wikileaks, this really angered the Department of Defense, and Julian somehow got word that the NSA was aiding in the investigation. So, Julian told Default to be careful. Then one day, Default’s computer started acting up. Something wasn’t right. It was crashing and glitchy. He looked at the network traffic and saw come connections to Langley, Virginia, where the CIA is based out of.
DEFAULT: I knew I was hacked. My computer was acting crazy. It was having weird connections. I shut it off. I was like, fuck. So, I shut it off for a while, and a couple days go by. One day — and then the second day, I turn it back on. After I get home from school and start decrypting it, it takes thirty, forty minutes — okay, but I noticed when I got home, there was a black van or a suburban sitting across the street. [MUSIC] I didn’t think anything of it. Also, now that I remember, very, very sketchy people had moved in across the street, this little house, and they just sat on the front porch smoking cigarettes, looking at my house nonstop. So, literally, minutes after my desktop decrypted and came online, they came in. Like, what are the chances of that? Like, literally waited and waited. Usually they’d bum rush you right when you get home, or you’re in the house, or you’re somewhere they can confine you in a space. What it is, probably, is they waited for that to come on and ping whatever remote-controller they had, whatever server it was connecting back to, to verify that my desktop was unencrypted.
JACK: What happened? They knock on the door? Tell me about that incident of…
DEFAULT: No, dude. They definitely don’t knock on the door.
JACK: Okay, what’d they do?
DEFAULT: They definitely don’t knock on the door, bro. They kick that shit in. They hit it in with a fucking ram. All I heard was, ‘FBI, search warrant’.
JACK: That’s your dad’s house, right?
DEFAULT: Yeah. I just — before I could — all I had to do was pull the plug. They had sub-machine guns pointed at my face, and I blacked out.
JACK: He had his computer set up in such a way that if he disconnected the power to it, it would re-encrypt his hard drive. He just needed to grab the cord and pull it. But when you’re sitting there at your computer with assault rifles pointed at you, I don’t think you’re gonna reach for that power cord. So, at gunpoint, he had no choice but to let them seize the computer.
DEFAULT: They had it all, and I knew I was fucked. I was like, there’s so much data on there. They’re gonna have a field day. They don’t even know what they have yet, but I know. So, I pretty much knew it was over at that point.
JACK: They pulled you out of that room and someone else went in there to start taking your computer.
JACK: They can’t unplug it and take it; they know they’ve got to…
DEFAULT: No, they immediately hooked up something to flash copy my hard drive. Secret Service was there as well, because I think someone hacked Donald Trump’s website or some shit, which I had no idea about. They were like — they assume you’re lying about everything. They’re like, come on, you know about that. I’m like, I honestly, literally have no idea what you’re talking about. Why would I hack Donald Trump’s website? I don’t give a shit about Donald Trump’s website, bro. But I guess Secret Service has got to get involved. So, I’m sitting across from BJ King and some very stereotypical tall, muscular Secret Service agent boding down on me, asking me if I’m part of HTP, and where’s Nack Hash? I’m like, dude, I don’t know what you think this is. It’s not gonna go down like this. I think they were doing a coordinated attack where they were raiding us all at the same time, because they didn’t want anyone to be able to notify each other.
JACK: It’s true; around the same time, Cracka was also raided by the police, but it turned out he was living in the UK and he was a high-schooler. So, they took Default straight to jail. Police just weren’t sure how dangerous he was and they didn’t want to take changes. I think due to the nature of this, they likely did time it so that when his computer was online, that’s when they would raid him and capture as much evidence as they could. How they knew his computer was online is a mystery to me still. Were they looking through the window? Did they hack into his computer and wait for it to signal out or something? His theory is that they did hack him. His computer was now in the hands of federal authorities, completely unlocked and decrypted, and, well, the stuff they found on there was clearly enough to convict him of many crimes. Screenshots that you had taken, Bandicam videos…
DEFAULT: Oh god, that was the dumbest thing I ever did.
JACK: But how did they get the videos if you never posted them?
DEFAULT: Because literally, like I said, I basically did all the heavy lifting for them because I’m obsessive-compulsive with archiving data, stuff that probably shouldn’t be archived. Like, oh, I think it would be cool to record me doing this crime and I’ll look back on it later, and it’ll be safe ‘cause it’ll be on my encrypted hard drive. Well, what if your hard drive’s not encrypted? Then, now they have literal, irrefutable proof that you recorded yourself committing a crime that they would have no idea you had anything to do with.
JACK: There was one device in particular that he watched them take. He knew what was on it, something that was very important to him, so important that I just imagine as he watches them walk off with it, that his world just goes quiet and almost becomes slow motion. But he couldn’t say anything and just watched them take it, because this was a secret.
DEFAULT: One of the things they took from me was one of my external hard drives, which I wanted back very, very much so. What it was was my Bitcoin wallet. I had a lot of Bitcoin on there, man, almost a thousand Bitcoin.
JACK: They had all the evidence they needed to convict him. He knew it. There was no way to get out of this, so he pleaded guilty. The judge sentenced him to five years in prison. Was prison rock bottom for you?
DEFAULT: Oh yeah, for sure. I got in trouble for exposing the prison that I was at and how they weren’t adhering to any Covid polices. It’s like open dorms. So, it’s like, if Covid gets in here through one of these guards, everyone’s gonna get Covid. People are gonna die, and y’all are still coming in our rooms and touching all of our shit and flipping everything upside-down. So, I recorded all of this with a phone I had and sent it to some reporters I knew. Of course, someone told on me the next day. SIS came and scooped me up and took me to the SHU, which is solitary confinement. From there, they weren’t letting me back on the compound and they weren’t shipping people because it was lockdown, full lockdown, ‘cause of Covid. So, I spent a year back there, a year in solitary confinement. It was the hardest thing I’ve ever done in my entire life. There was a lot of people back there that unfortunately killed themselves because it’s extremely psychologically testing to be locked in this tiny little cell, 24/7. You don’t get out at all. Even in the worst prisons in America, the penitentiaries, you have to let them out at least one hour at day. It’s called 23-in-1. We didn’t get that. It was 24/7 for 365.
JACK: [MUSIC] He read a lot of books in prison, learned about the importance of morals from an Italian gang, and picked up stock market trading skills from a stockbroker. When he got out, he was banned from the internet entirely. It was part of his probation for a while. Same with Cracka; Cracka was banned from the internet for a while, too, and he ended up with a two-year prison sentence even though he was only sixteen. But all that time has passed now, and both of them are out and back online. Default struggled to get back on his feet. He couldn’t find a job, especially being banned from the internet, especially having a felony record, so he eventually got into trading stocks and cryptocurrencies. He still doing this now, and he feels like he’s good enough to make a living from it.
DEFAULT: Just sharing my story with people I think is — not just because it’s an interesting story and people enjoy listening to it, but I think there’s a lot of net-positive results and things that people can learn from this that — maybe they’re not in prison or they’re not going to prison or whatever, but they’re at a low point in their life. It’s like, look, dude, it’s not the end of the world. Literally, you can bounce back from anything. You can change your life. You can change — you decide who you want to be every single day. Just ‘cause you made some mistakes doesn’t mean that that determines who you are and what your character is as a person.
JACK: [MUSIC] You know, something I keep thinking about while listening to this story is well, digital privacy, and I’m not gonna go on another rant like I did in the last episode. But in this case, government officials were doxxed. These guys stole their information. They used it against them and then published it to Wikileaks. How does someone come back from getting their private information published to Wikileaks? I mean, I’m looking at John Brennan’s SF-86 form right now. It’s still there on Wikileaks, and it’s the very first hit on Google when you search for it. Everyone knows everything about him. It seems like anyone should just be able to do a password reset on him, you know? You could impersonate him over the phone because you have all his information. You can essentially be him, the Director of the CIA, because we all have all his information. It’s possible for someone to get a new social security number. It’s not easy; you really have to prove to the social security office that you’re in danger. I bet government officials at this level might be able to skate through that whole process easier, and I think it’s easy enough to get a new phone number and e-mail address.
It’s not so easy to just up and move to a new house, though, but that’s doable. It’s possible to change your name, too, but what’s the point of that when you’re a public figure? That doesn’t fix any of the problems of knowing all your previous addresses and who your neighbors were or your past employers, your friends, date of birth, home town, height, eye color. See, I think with all the doxxing going on in the world, I wish there was a simple way to just burn your identity and start fresh. Hell, I’d even be interested in doing it yearly myself, just to always keep distance from whoever might be trying to track me out there, and everyone is trying to track us. I wish I knew what John Brennan did to recover from this. I didn’t reach out to him because I assume he wouldn’t want to talk about it because it would just be giving away more of his private information. But I feel like we need a better system to help us, the regular people out there, when we get in this situation. Private information is not a thing of the past. We still need our privacy. But I think what might help is just better tools to stay private in general. You want my address? Oh, sorry, I only give out my proxy address, a postbox that receives mail for me, opens the letters, and then sends me pictures of those letters. You want my phone number?
Sorry, I only give out burner phone numbers. You want my social security number? No, I don’t give that out to anyone. What, it’s for my security clearance? Sorry, that’s not even a safe place to give it. Didn’t you hear about what happened to John Brennan? These pieces of information on us are important that they remain out of the public view, yet time and time again, they get into the public view, and it’s not just from doxxing; data breaches, companies sharing your data, or you just giving your information to the wrong people. For instance, I had to give my social security number to buy Bitcoin, and now the CEO of that company that I gave my social to is in prison. So, who knows where my data went? So, I think we’re way overdue for a better system to protect our most important data. I think we need to stop giving it out to just anyone who asks for it. I mean, I was at the store buying bananas the other day and they were asking for my phone number and my zip code and all this stuff. I think there needs to be fewer situations where we need to provide it. I think we need to be less reliant on our private information as a way to authenticate it’s really us, and I think we need a way to recover from situations where it’s been completely exposed.
Which, I think with the Equifax breach, most of us Americans have had our private data completed exposed, anyway. I think this is a problem that needs to be solved, and while I think some solutions are out there, it’s piecemeal and complicated. I don’t see anyone doing it holistically right now. There’s something that still rattles around in my head from this story; that hard drive that the feds took. It still has his Bitcoin wallet on it. The feds never got access to that Bitcoin. It’s still sitting there, untouched, and they still have that hard drive and won’t give it back. The reason they kept it is because it has evidence on it, data that he stole from various places. He asked them, just take what you want off it and give me back the drive, but they refused. 1,000 Bitcoin still sits on that hard drive. 1,000 Bitcoin today is worth $25 million. Just imagine $25 million sitting in some storage locker in a federal building and the feds have no idea it’s there. So, it sits for years and will probably one day be destroyed by some lowly computer technician.
(OUTRO): [OUTRO MUSIC] A big thank-you to Default for coming on the show and sharing this insane story with us. This one I was like, wait, what? So many times. It’s just unreal. If you liked this episode, you should probably check out Episode 109, called Team Poison. It’s another story that was sort of running alongside this one in parallel in sort of the same time and place of the internet. Okay, what housekeeping is…? Oh yeah, a lot of you are telling me you’re finally caught up and have listened to all the episodes. If that’s you, I want you to know there are ten bonus episodes on Patreon. You can support the show and hear more stuff if you want. Go to patreon.com/darknetdiaries. My favorite online hangout these days is the Darknet Diaries Discord. We have 17,000 members but I can squeeze you in, so come on. Just go to discord.gg/darknetdiaries, and come say hi. This episode was created by me, the slow loris, Jack Rhysider. It was assembled by the corpulent porpoise, Tristan Ledger, mixing done by Proximity Sound, and our theme music is by the mysterious Breakmaster Cylinder. I tried teaching my mom how to build a PC, but all we did was make my motherboard. This is Darknet Diaries.
[END OF RECORDING]