How hackers receive their stolen information?

Cyb3rNuX · 03-12-2019, 10:55 PM

I wonder how do they collect information they stole from someone's computer (e.g emails, credit cards...), without user being able to know where it went?

Sending emails or uploading their information somewhere may be seen by the victim using tools for sniffing, so it's probably not something attacker would do.

Any ideas?

Nyx · 03-12-2019, 11:26 PM

There are tons of ways to get information from someone's computer. Keylogger is the first idea that comes to mind.

Cyb3rNuX · 03-13-2019, 12:29 AM

(03-12-2019, 11:26 PM)Nyx Wrote: There are tons of ways to get information from someone's computer. Keylogger is the first idea that comes to mind.

It's not what I asked. I'm curious about how they receive information they stole (e.g keys captured with keylogger etc).

Nyx · 03-13-2019, 12:44 AM

(03-13-2019, 12:29 AM)Cyb3rNuX Wrote:
(03-12-2019, 11:26 PM)Nyx Wrote: There are tons of ways to get information from someone's computer. Keylogger is the first idea that comes to mind.

It's not what I asked. I'm curious about how they receive information they stole (e.g keys captured with keylogger etc).

Dump the keylogged activities to a random email account.

MimiE · 03-13-2019, 01:43 AM

Rating is my thought but, after you've dug hard enough and, extracted that information then, many ways of dumping that information.
Forums, Pastebin sites(most don't allow) & etc.

Of course, if you tried to search that email address, not results will show. The only way for the victim to realize is, for someone to make the first approach.

mothered · 03-13-2019, 03:00 AM

(03-13-2019, 12:29 AM)Cyb3rNuX Wrote: I'm curious about how they receive information they stole (e.g keys captured with keylogger etc).

Depending on the options In the keylogger/RAT's builder, the logs are sent to a nominated email address or via FTP.

You can set the Interval of the logs to be sent- example, every 15-30 minutes. I usually opt for every 60 minutes, hence my Inbox Is not flooded with log files.

Cyb3rNuX · 03-13-2019, 01:30 PM

(03-13-2019, 03:00 AM)mothered Wrote: Depending on the options In the keylogger/RAT's builder, the logs are sent to a nominated email address or via FTP.

You can set the Interval of the logs to be sent- example, every 15-30 minutes. I usually opt for every 60 minutes, hence my Inbox Is not flooded with log files.

Isn't that risky, as anyone can see source code and FTP information or attacker's email in it?

Cyb3rNuX · 03-13-2019, 01:35 PM

(03-13-2019, 12:44 AM)Nyx Wrote: Dump the keylogged activities to a random email account.

I was already thinking about that - getting random email and sending collected information to myself. Really good idea, appreciate it.

(03-13-2019, 01:43 AM)MimiE Wrote: Rating is my thought but, after you've dug hard enough and, extracted that information then, many ways of dumping that information.
Forums, Pastebin sites(most don't allow) & etc.

Of course, if you tried to search that email address, not results will show. The only way for the victim to realize is, for someone to make the first approach.

I like the pastebin idea as there are unlisted/private options for pastes I can upload. Thank you! Smile

mothered · 03-13-2019, 02:36 PM

(03-13-2019, 01:30 PM)Cyb3rNuX Wrote:
(03-13-2019, 03:00 AM)mothered Wrote: Depending on the options In the keylogger/RAT's builder, the logs are sent to a nominated email address or via FTP.

You can set the Interval of the logs to be sent- example, every 15-30 minutes. I usually opt for every 60 minutes, hence my Inbox Is not flooded with log files.

Isn't that risky, as anyone can see source code and FTP information or attacker's email in it?

Not at all.

In terms of the email, the logs are sent In the form of a text file, directly to a random email account that was created using fictitious details whilst connected to a dedicated device with unidentifiable details, hooked onto a neighbor's AP using a VPN- It's server located on the other side of the globe. MAC address Is also spoofed. No risk whatsoever.

Nyx · 03-13-2019, 07:49 PM

(03-13-2019, 02:36 PM)mothered Wrote:
(03-13-2019, 01:30 PM)Cyb3rNuX Wrote:
(03-13-2019, 03:00 AM)mothered Wrote: Depending on the options In the keylogger/RAT's builder, the logs are sent to a nominated email address or via FTP.

You can set the Interval of the logs to be sent- example, every 15-30 minutes. I usually opt for every 60 minutes, hence my Inbox Is not flooded with log files.

Isn't that risky, as anyone can see source code and FTP information or attacker's email in it?

Not at all.

In terms of the email, the logs are sent In the form of a text file, directly to a random email account that was created using fictitious details whilst connected to a dedicated device with unidentifiable details, hooked onto a neighbor's AP using a VPN- It's server located on the other side of the globe. MAC address Is also spoofed. No risk whatsoever.

Yep this is the answer. So long as you make sure none of your own information is being passed on while creating the email account you''ll likely be safe.

While connected to a VPN and connected to internet (that isn't your own) then you'd sign up for an email address at something like ProtonMail (based in Switzerland, any non 14 Eyes email provider would work though) under a completely anonymous handle (ex: a878dsn55@protonmail.com). As long as you don't use any personal information that could be used to identify you then it'd be incredibly hard for anyone to trace the account back to you.

And if you're using a FUD logger that is obfuscated they're probably not going to be able to even break it open to obtain the email address in the first case. They'd need to be fairly closely watching their packet sniffer to catch when the information is transferred since like @mothered mentioned he sets his to only relay information once an hour.

How hackers receive their stolen information? Linear Mode Threaded Mode View a Printable Version
Author Message