July 10, 2021

I am a reformed convicted computer hacker that caused over £70,000,000 in damage. AMA.

I am a reformed convicted computer hacker who was sentenced at the Central Criminal Court (Old Bailey) and spent time in HMP Belmarsh (high security) for causing over £70,000,000 in damage.

In 2015, I was arrested, released on bail for four years, and sentenced in 2019. The majority of my offences did not require extensive technical knowledge and were committed through easily identifiable web application vulnerabilities.

I was apprehended because I was an idiot. At the time, I didn’t care or even consider the possibility of the consequences of what I was doing. Despite using Tor, I did not adequately obfuscate transactions and reused Bitcoin addresses when making ransom demands. As a result, many of my offences were linked, providing the authorities with a larger surface to work with.

I spent two years in a prison cell for 23 hours per day and my honest opinion is that freedom is far more significant than anything that you will obtain from criminality. If you’re not willing to commit to a lifestyle of criminality, then don’t do it.

I believe that I am reformed because this experience has truly changed my perspective on life in general. While I was on bail, I engaged extensively in vulnerability disclosure using the responsible disclosure model and I have since reported vulnerabilities (P1 – P3) to the Crown Court Digital Case System (CCDCS), the National Crime Agency (NCA), the Ministry of Justice (MoJ), Parliament, the University of Cambridge, Deutsche Bank, the Australian National University, Stanford University, ESET, Yahoo, Royal Airforce (MOD), GCHQ, TD Bank, DBS Bank, AT&T, Esri, the BBC, Sony, Deutsche Telekom, the United Nations, Duke University, Adobe, AOL, Telegram, Sage, Amazon, Virgin Media, Houzz, NOAA, BT, University of Wales, BMW, Lamborghini, Financial Times, Europa, Jaguar, Harvey Nichols, Hugo Boss, Admiral, MIT University, Europa, HSBC, Chanel, Bank of Melbourne, the Royal Bank of Canada, Huawei, the Ministry of Defence, Swedbank, NHS, Telegraph, VICE, NASA, MSI, Costco, Gucci, ESPN, GumTree, Asos, Harvard University, Booking, CBC, Sandisk, Yahoo, Rambler, Acer, OVH, UK Fast, Independent, Telstra, University of Oxford, HP, Barclays, Litecoin, Aerohive Networks, and hundreds more over a 4 year period.

Please keep in mind that I will not respond to questions about criminal activity. Please don’t think I’m ignoring you, I’m not here to promote or advocate criminality. The purpose of this post is to inform others about my experience and share insight so that they can make their own decisions.

You can find my Twitter [here](https://twitter.com/ibuydan) and proof has already been supplied via PM which will be confirmed later.

Comments

ExcitedButthole

So…Manchester or Arsenal?

Andazah

Would you do it all again if you had the chance? I’m a ex police officer.

AnthraxPrime6

I’m interested in hearing about your past, like what got you into hacking? Follow up question: What led you down to becoming a blackhat at first?

OscillatOverthruster

Can you tell us about how you informed some of the aforementioned companies about security vulnerabilities? How does that process go down?

Honkler_world

How did you learn to look for vulnerabilities?

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: By filling this form and submitting your commen, you acknowledge, agree and comply with our terms of service. In addition you acknowledge that you are willingly sharing your email address with AiOWikis and you might receive notification emails from AiOWikis for comment notifications. AiOWiksi guarantees that your email address WILL NOT be used for advertisement or email marketting purposes.

This site uses Akismet to reduce spam. Learn how your comment data is processed.