From Beyond the Internet: A Teenage Hacker’s Journey into the Dark Web’s Underbelly.
Hello everyone, and Welcome back
Before we dive back into this story, I want you to know that we’ve put in a lot of effort to make things clear and informative without getting too technical.
We’ve tried to strike a balance between giving you insights and keeping it easy to understand. Your feedback means a lot to us (me and the guy whose story this is) so feel free to share your thoughts on the reading experience, Becasue there was so much to tell without bombarding readers.
And here is Chapter 1: “The Exploration”, If you haven’t already read that:
Beyond the Internet: A Teenage Hackers Journey into the Dark Web’s Underbelly | Medium
So, let’s get started and explore Chapter 2 “The Chat Room” together.
Pase 1: Discovering the Chat Room
You know, dark web chat rooms aren’t exactly hidden treasures, but finding the good ones can be a bit like searching for a needle in a haystack. Most of them are just anonymous folks trash-talking, nothing too exciting.
But then, one day, I stumbled upon something entirely different, a chat room that stood out from the rest. I won’t spill the name here, but some of you might recognize it as you read my story.
Joining this chat room, though, was a whole adventure in itself. I’ll be honest; I didn’t think anyone would let me in after I requested to join. I pictured myself forever stuck reading chat room logs in the worst user interface ever created.
But one day, as I was casually checking my ProtonMail there was a mysterious email with an onion link that promised access to the chat room.
At first, I thought it was just another spammy trap, but it turned out to be the real deal.
Now, let’s talk about this chat room. It was unlike anything I’d encountered before. People in there talked like genuine hackers and cybersecurity experts.
I found myself reading conversations about things I barely understood, like encryptions and how to break them, ransomware, and hacks that could be pulled off on older versions of iOS, specifically targeting the iPhone 6. It was like stepping into a digital underworld where the real players gathered.
The chat room was like a never-ending stream of knowledge, flowing effortlessly, but in the beginning, I struggled to grasp it all.
I had to do countless Google searches just to understand the basics. But as time went on, I started to uncover valuable information that could have real-world applications.
My initial steps were cautious and relatively slow as I was learning Mail spoofing, phishing emails, and bypassing Google’s security measures to check phishing emails. (And it was kind of impossible to do that but somewhat possible with other mail providers).
It all started slowly but little did I know that this curiosity would escalate faster than a wildfire. Thus soon I found myself inside the inbox of a corporate official and the inbox did have sensitive information. I never intended to harm the company or anyone else but I was riding an adrenaline high.
And I didn’t stop there, I went on to hack into other official email accounts, but the thrill came from the act of hacking itself. Once inside, I had little interest in the contents.
It was as if I was chasing the thrill, not the treasure itself.
Ohh Sorry! I skipped the part explaining how I hacked those emails, I started with phishing but it wasn’t promising so I started looking for way around.
That’s when I stumbled upon an interesting fact: high-ranking employees in the company were using Yahoo mail or the company’s official domains for their email accounts. Yahoo’s security measures were pretty solid, But it was not “GOOGLE SECURE”, there was a way around it.
I came up with a plan. I purchased a domain that closely resembled the company’s official one. Then, I set up my own email service using that domain and crafted an email that looked just like an official company communication. It was a baited hook (the mail).
My first target fell for the trick (how lucky!!)and clicked on the link in my email, thinking it was the official company portal. Little did he know that he was logging into my web page.
Which in the end showed him a server error. Then I deleted that mail from his Yahoo and also shut down my domain and mail service.
Surprisingly, his Yahoo mail account password happened to be similar to his company login password. I used Tor to access his Yahoo mail account, and that’s when I struck gold.
There was a lot of information but nothing valuable to me. But I did find something, It appeared that all the login passwords followed a particular formula, which seemed to consist of the employee number, something tied to the branch code, and perhaps a position code.
While this information wasn’t public knowledge, possessing it would grant someone unrestricted access to all company mail accounts.
As time went on, I started getting worried. You see, the web page I used for my phishing scheme was hosted on my own server, and even though I used a proxy to hide my tracks, I didn’t feel very secure.
However, I stumbled upon a game-changer. I found out that I could use Tor directly on my server. This meant that even if the company hosting my domain decided to spill the beans about my server’s address, they wouldn’t be able to trace me. It was like adding an extra layer of invisibility. (I also learned this from the chat room)
Pase 2: The Chat Room in Detail
In that chat room, I found a treasure of knowledge, and folks were surprisingly helpful, even with my most basic questions.
There were three types of people in the chat room:
First, you had the tech wizards who seemed to know everything inside out. Then, there were folks like me, eager to soak up as much information as possible.
But there was this third group, like shadows in the corner, using the chat room as a sort of digital marketplace. They sold bizarre things like verified Uber accounts, and college student emails, and even dabbled in cryptocurrency exchanges. Occasionally, they’d drop weird messages like “Buy Uber accounts and college student emails.”
I couldn’t help but wonder about the folks who bought these verified Uber accounts. It struck me that maybe immigrants were using them to make a living. Not buying directly from the chat room, of course, but through middlemen who’d acquire them up and sell them locally.
People weren’t just stopping at the strange offerings; they were also selling other illegal stuff, It wasn’t exactly high-level criminal stuff, but it certainly tiptoed on the wrong side of the law.
Each day spent in that chat room was like a shot of adrenaline, pushing me further down the rabbit hole of hacking. Failures were commonplace, but so were those rare moments of success.
One of the most important lessons I learned was that no hack is perfect, and no security system is without its vulnerabilities.
Hacking isn’t just about furiously typing away at a keyboard. For instance, if I wanted to see what someone else was viewing on their computer or gain access to live CCTV footage, I didn’t always need to hack my way in through OS. Sometimes, a physical approach worked just as well.
I could tamper with a HDMI transmitter between the CPU and monitor or intercept the connection at some point and all the data flowing through HDMI will be transmitted to me. It’s like real-life spy stuff but with a bit more duct tape involved.
This will allow me to see exactly what was displayed on the monitor, and I could get creative with it. I might set up an HDMI Wi-Fi transmitter (to transmit hdmi feed to me through wifi) or even devise a more advanced version which can be connected to the internet.
But, like any great power, this had its drawbacks. These physical exploits were merely temporary solutions, each with its own set of limitations.
Money Laundering — Credit & Debit cards readers.
Now, let’s dive into some pretty shady stuff. I wasn’t really into this stuff, but I couldn’t help but overhear conversations. In the hidden corners of the chat room, I stumbled upon people selling credit and debit card readers that could snatch card details with a single swipe.
It’s not like one swipe would wipe out your bank account, but they’d gather up the stolen data and sell it to some not-so-nice folks.
Another topic that kept cropping up was money laundering. Not the mega-million-dollar kind, but still, it was pretty deep and dark. These discussions happened in private chat rooms.
Here’s the basic idea:
First, you’d shift your “black money” into a third-world country like India, Pakistan, Bangladesh, Ukraine or Brazil. There were various ways to do this, like using informal networks (hawala), stashing it in Swiss banks, or getting middlemen involved.
And to transform this “ill-gotten wealth” into “white money,” individuals set up shell companies in these third-world countries. These companies would then engage in transactions (buying services which dosen’t exists) with their own agencies or businesses in their own countries like the USA or the UK.
These transactions would be taxed and declared as legitimate earnings, effectively converting the money’s status to “clean.”
I’m not saying it was simple — there were lots of twists and turns in the process. But the main idea was that corruption was pretty widespread in these third-world countries, And you also have to avoid countries like Venezuela and Laos which may not have a good relationship with the USA.
And If you got caught, some folks believed you could grease the right palms and get out of trouble. And if the big guys like the CIA, FBI, or Interpol came after you, well, they thought they could buy their way out of that too, though it’d cost them more money.
Or, as a last resort, they’d go to jail and become even more connected and powerful on the inside.
As I mentioned earlier, the folks in the chat room, while helpful in their own way, weren’t exactly the friendliest bunch. I chose to keep my distance from most of them, not because I couldn’t engage, but rather because I didn’t want to draw the attention of the FBI or CIA.
I was a newbie, and I’ll be honest, I was pretty scared of all this stuff. Don’t get me wrong; I wasn’t innocent, but these things were undeniably risky.
Pase 3: The Worst Phase
As time went by, I found myself stuck in a bit of a rut. For nearly a month, I was stuck, not learning anything new. I kept revisiting the same old hacking techniques, searching tirelessly for fresh tools or hacking operating systems to elevate my skills.
But alas, my efforts yielded nothing, and even the chat room, which had once been a goldmine of knowledge, now seemed unhelpful. It was like facing writer’s block in the world of hacking.
There were other areas I could’ve explored, like web hacking and stuff related to WordPress, but I wasn’t too interested. Their security was as tough as a diamond, and starting from scratch would’ve demanded a significant amount of time just to grasp the theory of hacking a website, let alone implementing it practically.
Plus, web hacking often required a whole team, and I was just one person. However, I did manage to pick up some basic web attack skills upgrading my web-defacing and coding skills.
I stayed in this phase for what felt like forever. I was losing motivation to even open my laptop. But then, something changed. After some time, I crossed paths with someone I came to call “The Coach.” In the chat room, his/her username was “Ultra.”
This encounter marked the beginning of a journey that would eventually instil fear in me for the rest of my days. True to his/her nickname, The Coach became my mentor, my guide through the maze of hacking.
In fact, Ultra’s (the coach) role in my story is so pivotal that it deserves a chapter all to itself. My next chapter will be relatively short but dedicated entirely to “The Coach.”
As a sneak peek of what’s to come:
Chapter 3 — “The Coach”: A closer look at my mentor and our journey together.
Chapter 4 — “The Group”: This is the heart of the story, where everything comes together. Think of it as an epic, like the Avengers’ “Infinity War” and “Endgame” combined. This chapter encompasses the essence of my entire narrative.
Chapter 5 — “The Cooldown”
Chapter 6 — “Scam 2021”: The final chapter, where all loose ends are tied, and I conclude my story.
I hope you’ll stick around to discover the rest of my journey.
And Thanks for reading! We’d love to know what you think of our storytelling skills. Get ready, because the real excitement is just beginning. Your feedback means a lot, and we can’t wait to share more of this story with you. So stay tuned, because we have just started.
