Malicious Life

Malicious Life

malicious.life
Tales of cybersecurity. The wildest hacks you can ever imagine, told by people who were actually there. Dig into a history you never knew existed.


No Honor Among Thieves
May 22 • 40 min
Amit Serper was doing a routine inspection on a client’s network, when he came across a suspicious-looking pen-testing tool, exhibiting RAT-like behavior. We’ll follow Amit’s investigation, and in the process learn the basics of cyber research.
Cybersecurity during a crisis: how remote work has impacted security – With Sam Curry
May 14 • 15 min
The COVID19 pandemic forced organizations to transition to a work-from-home model - and many of them were unprepared for such a radical departure from the ‘normal’ security perimeter. Sam Curry, Cybereason’s CSO, talks to Ran about the lessons learned…
The Problem With Passwords
May 8 • 44 min
At the end of our last episode, it kind of seemed like Huawei—the Chinese telecommunications company accused of aiding in state cyberspying—was completely innocent. They were being accused of crimes they may not have committed, based on evidence that…
The Huawei Ban, Part 2
Apr 23 • 37 min
At the end of our last episode, it kind of seemed like Huawei—the Chinese telecommunications company accused of aiding in state cyberspying—was completely innocent. They were being accused of crimes they may not have committed, based on evidence that…
The Huawei Ban, Part 1
Apr 9 • 30 min
Over the past 20 years, western governments have accused Huawei of everything from IP theft to financial fraud to cyber spying. Often, these claims are made either with no evidence, or only circumstantial evidence. Is Huawei really a national security…
The Max Headroom Signal Hijack
Mar 24 • 36 min
On November 22nd, 1987, a hacker took over the signals of two Chicago-area TV stations and broadcast two bizarre and somewhat vulgar messages. In this episode we explore this notorious hack, and its implications on the nature of hacking in general.
ToTok, Part 3: Becoming a Spyware Superpower
Mar 15 • 34 min
The fact that ToTok came out of the United Arab Emirates is no surprise: in recent years, the UAE has deployed some of the most sophisticated mobile device exploits ever seen. But they got a lot of help from one country in particular… today’s episode is…
ToTok, Part 2: The Masterminds of Mobile Malware
Mar 10 • 25 min
The corporate structure supporting ToTok involved at least half a dozen real companies, shell companies and intelligence groups, with the individuals who actually operated the app being hidden behind other individuals given sinecure jobs and ponied around…
ToTok, Part 1: How to Convince Someone to Download Spyware
Mar 5 • 31 min
Only a few months after its release, ToTok - an ordinary messaging app, with no exceptional features - had over five million downloads, and held the number 4 position in Apple’s App Store global charts. So what was it that made ToTok so popular, so…
How To Defend A Bank, Part 2: Right Of Bang
Feb 27 • 28 min
As much as we can imagine what it’s like to be a defender in a cyber-conflict, we don’t really know what it is - unless we’re in the shoes the time of it happening. That’s what simulations are for.
How To Defend A Bank, Part 1: Fusion Centers
Feb 13 • 27 min
Banks & other financial institutions face a variety of security threats: from state-sponsored cyber-attacks, to smaller acts of fraud, to thousands of random malware attacks from the web. To survive in this hostile landscape, these organizations turned to…
Triton, Part 2: The World’s Most Dangerous Malware
Jan 30 • 38 min
Petro Rabigh were facing lots of problems in defending their systems. But they did get lucky in one sense: their hackers were unprepared when their plan went awry. Who were the hackers that infiltrated the Saudi petrochemical plant, and what can this…
Triton: A Malware Designed To Kill Humans, Part 1
Jan 16 • 36 min
Industrial Security requires a different skill set—really, an entirely different mindset than working in IT does. In this episode we dive into the story of one of the most dangerous malware ever to be discovered in the wild: Triton/Trisis.
Deep Fakes, Part 2: Man Vs. Machine
Jan 2 • 37 min
Deep Fakes are set to revolutionize content creation, but alongside this technology’s benefits, it also has the potential two sow havoc, fear, and distrust via Social Networks. Just this week, Facebook disclosed a network of fake users it found, whose…
GAN and Deep Fakes, Part 1
Dec 19, 2019 • 43 min
Over the past two years, the internet has been inundated with celebrity Deep Fake videos of all kinds: Obama, Putin, and Trump deliver speeches they never gave, Gal Gadot “stars” in a porn video, and professional comedians such as Bill Hader eerily turn…
Sam Curry: The 2020 Crystal Ball
Dec 10, 2019 • 15 min
Sam Curry is Cybereason’s Chief Security Officer and an award-winning cyber security visionary. Sam & Ran discuss Sam’s upcoming webinar, in which he will present his insights into what 2020 will bring for the security industry: the rise of 5G cellular…
Human Side Channels
Dec 5, 2019 • 33 min
Even the best hackers are human, and humans are inescapably unique. Forensic Linguistics, Behavioral Signatures and Cultural Captchas can help defenders identify and (maybe) catch even the best of hackers.
What’s the problem with Cyber Insurance?
Nov 21, 2019 • 35 min
Thousands of companies are losing millions of dollars to cyber attacks. An insurance seems an ideal solution to their woes - yet this kind of insurance is much less common today, than it should be. What’s the problem with Cyber insurance?
Gozi B-Side: Amit Serper & Sam Curry
Nov 19, 2019 • 19 min
Nate Nelson speaks with Amit Serper & Sam Curry, notable veteran in Cyber Security, about Malware-As-A-Service, bullet-proof hosting, avoiding the lure of the ‘dark side’ and more.
Gozi, Part 2
Nov 14, 2019 • 35 min
In 2010, Nikita Kuzmin returned to the malware scene with Gozi 2.0, an improved version of the successful banking Trojan. How did Gozi 2.0 fair against Zeus & the new generation of Trojans, and what can we learn from Nikita’s story about how does one…
B-Side: Lodrina Cherne On Stalkerware
Nov 8, 2019 • 18 min
In this out-of-band episode, we’re bringing you the full interview with Lodrina Cherne, a Digital Forensics Expert, on Spyware : what is it, how it works, who sells it, and how you can avoid it yourself.
Gozi, Part 1: The Rise of Malware-as-a-Service
Oct 31, 2019 • 29 min
Nikita Kuzmin could have been a whiz programmer or a CEO of a successful startup. But as a teen in Moscow, he fell in with the wrong crowd, and his entrepreneurial skills found a different path: Gozi, the oddest and most brilliant malware operation ever…
How is Spyware Legal?
Oct 17, 2019 • 41 min
Today’s Cyber Stalkers have free access to almost government-grade spyware software with which they can terrorize their victims. Who’s enabling the commercial spyware market?
Listeners Survey Special
Oct 10, 2019 • 28 min
Ran and Eliad Kimhi, one of the show’s top producers, discuss the recent Listener’s Survey results: what do like and dislike about the show, ideas you gave us for future improvements - and what do our listeners think about Ran’s accent?…
Operation Aurora, Part 2
Sep 26, 2019 • 32 min
Google, it turned out, was only one of 35 major US corporations hit in Aurora. Was is an espionage campaign, or could it be that it all began with one top ranking Chinese official who googled his own name - and wasn’t happy with the search results?…
Operation Aurora, Part 1
Sep 12, 2019 • 34 min
In January 2010, Google revealed in its blog that it was hacked. This attack, since known as Operation Aurora, is attributed to China. In this series of episodes, we’ll expose the complicated and often turbulent relationship between the world’s largest…
Responding to a Cyber Attack with Missiles
Aug 29, 2019 • 55 min
Is the use of deadly force a legitimate – and practical – response to cyber attacks? what lessons did Israel learn from the Yom Kippur War of 1973 about the best way to manage it’s offensive cyber units? How can governments ‘signal’ to their opponents…
Are Ad Blockers Malicious?
Aug 15, 2019 • 33 min
Ad Blockers, such as AdBlock Plus, provide an important service to users who find web ads annoying, creepy and sometimes even dangerous. In recent years, how ever, the business models adopted by some blockers present us with a moral dilemma.
Conficker
Jul 18, 2019 • 40 min
Can a malware be *too* successful? This is the story of Conficker, one of the most advanced worms in history - and how its success led to its ultimate failure.
Operation SoftCell
Jul 4, 2019 • 34 min
A rare, inside look, at how Cybereason’s researchers were able to uncover one of the largest Cyber Espionage campaigns ever discovered, against multiple Telecommunications companies around the world.
‘Pa Bell’ Vs. Youth International Party Line
Jun 13, 2019 • 40 min
The YIPL phreaking magazine was the spiritual predecessor to the better-known ‘2600’ zine, and it was founded by a ideological party determined to bring down the largest monopoly in US history: Bell Telephone.
The U.S vs. Gary McKinnon
May 27, 2019 • 39 min
After the Challenger Disaster of 1986, NASA had a hard time convincing the public that the Galileo spacecraft, fueled by radioactive Plutonium, is safe to launch. The WANK worm, it turns out, was a message aim at NASA - from the two most powerful hackers…
The WANK Worm, Part 2
May 10, 2019 • 39 min
After the Challenger Disaster of 1986, NASA had a hard time convincing the public that the Galileo spacecraft, fueled by radioactive Plutonium, is safe to launch. The WANK worm, it turns out, was a message aim at NASA - from the two most powerful hackers…
The WANK Worm, Part 1
Apr 25, 2019 • 34 min
On October 16th, 1989, NASA’s scientists went into work preparing to launch a spacecraft that very day. But when they sat down to their computers, they were met with an unexpected greeting: “Your system has been officially WANKed. You talk of times of…
The Equifax Data Breach Pt. II: The Bits Hit The Fan
Apr 11, 2019 • 31 min
After its momentous breach, Equifax’s CEO Richard Smith said: “Equifax will not be defined by this incident, but rather by how we respond.” Well, he was spot on, but not in a good way.
The Equifax Data Breach Pt. I: A Big Data Bubble
Mar 27, 2019 • 3 min
In their 120 year history, Equifax never sold anything, or provided any service to ordinary folks - except collect DATA. In 2017, that huge data repository, a 1000 times larger then the Library of Congress, got hacked.
DeCSS: Hackers Vs Hollywood
Mar 13, 2019 • 44 min
Twenty years ago, a 15-years old Norwegian kid was put on trial for breaking the DVD Copy Prevention system. His case spawned a whole new “artistic” movement…
Marconi & The Maskelyne Affair
Feb 21, 2019 • 42 min
Guglielmo Marconi—the beloved, hated, disputed inventor of radio—gets trolled by a mustached magician in the world’s first ever, wireless, grey hat hack.
The Fall Of Mt. Gox – Part 2
Feb 6, 2019 • 46 min
In its prime, Mt. Gox was essentially the place where Bitcoin happened. But for two years, Mt. Gox was imploding from the inside - while soaring to unprecedented success on the outside.
The Fall Of Mt. Gox – Part 1
Jan 22, 2019 • 49 min
In its prime, Mt. Gox was essentially the place where Bitcoin happened. But for two years, Mt. Gox was imploding from the inside - while soaring to unprecedented success on the outside.
Dave Kennedy: The Psychological Principles of Social Engineering
Dec 25, 2018 • 37 min
Today on Malicious Life, tens of thousands of people get robbed. Then a community gets together to ask: should we take our money back, or let the hacker walk with it?
The Ethereum DAO Hack
Dec 13, 2018 • 39 min
Today on Malicious Life, tens of thousands of people get robbed. Then a community gets together to ask: should we take our money back, or let the hacker walk with it?
The Jerusalem Virus, Part 2
Nov 26, 2018 • 28 min
How did the Jerusalem virus trigger the birth of the entire Anti Virus industry in Israel? A high-stakes wager on Live TV, and more.
The Jerusalem Virus, Part 1
Nov 15, 2018 • 24 min
Although scary, the Jerusalem virus, discovered in Israel in 1987, was in fact a rather simple virus. How, then, did the virus trigger the birth of an entire national industry?
Gene Spafford on the Morris Worm & Cyber-security in the 1980’s
Oct 31, 2018 • 55 min
Eugene Spafford (aka Spaf), a professor of computer science at Purdue University, was the first researcher to publish a detailed analysis of the infamous Morris Worm. Gene talks to Ran about this incident, as well as how was security different in the…
China Vs. Github
Oct 16, 2018 • 41 min
It’s a weapon that harnessed the strength of millions of computers at once: a cannon so powerful it could break through any wall, take down any website. It is “the Great Cannon”.
The Ashley Madison Hack, Part 2
Oct 4, 2018 • 32 min
On the second installment of our Ashely Madison hack retelling, we look at the fallout of one of the hack, and the people who’ve suffered from it.
The Ashley Madison Hack, Part 1
Sep 19, 2018 • 29 min
When Ashley Madison got hacked, it made international headlines. Why? Because it wasn’t just a major event. It demonstrated how there’s information even more sensitive, even more significant than your credit card, or your social security number: your…
Interview Special: Graham Cluley
Sep 5, 2018 • 53 min
As we prepare to release an awesome 2-part story in two weeks, we decided to give you a chance to go back to some old favorites and check out some of the behind-the-scenes interviews of Malicious Life. Graham Cluley tells about his entry into the world of…
The Target Hack
Aug 23, 2018 • 33 min
If movies have taught me anything, it’s that if you want to rob a bank, you dress as the cleaning crew. The people behind the Target hack must have seen one action film too many, because when they decided to hack one of the biggest retailers in the world,…
WoW: Corrupted Blood
Jul 25, 2018 • 26 min
How does the outbreak of a “plague” inside a video game- a bug, essentially- affect real-life disease research?
The Stuxnet Virus Pt. 3
Jul 12, 2018 • 30 min
Stuxnet was a devastating weapon, but who wielded it? That is the question we try to answer with the final installment of our Stuxnet series. In this episode, we explore other, similar battles of the modern cyber war, and look further into the topic of…
The Stuxnet Virus Pt. 2
Jul 12, 2018 • 27 min
Stuxnet was a weapon, a kind of a smart bomb- perhaps one of the smartest bombs ever created. A bomb that couldn’t rely on operators, cameras, and laser targeting, instead it had to “think” its way to its destination. An invisible commando unit, dropped…
The Stuxnet Virus Pt. 1
Jul 12, 2018 • 33 min
Where armies once fought with bullets and bombs, they now engage in clandestine, invisible warfare. In 2010 a virus was discovered that would change the world’s perception of cyber warfare forever. Dubbed Stuxnet, this malicious piece of code has a single…
Shamoon – The Biggest Hack In History
Jun 29, 2018 • 26 min
The Shammon Virus. There is a single company, run by a royal family, which employs the majority of the Saudi working population. It’s worth more than Apple, Google, and Amazon…by a lot. The Saudi Aramco oil company is one of the most significant…
The Melissa Virus
Jun 14, 2018 • 21 min
Not all malware is created equal. Some malware will attempt to erase your files, demand ransom, or steal your information. Others will do no such thing- and still end up being worse. Don’t believe us? What if a virus made your computer send pornography to…
GhostNet
May 30, 2018 • 28 min
A young woman is arrested by the Chinese government while trying to cross the border to Tibet. Her interrogator, a Chinese spy, pulls out a dossier full of information regarding her activity online. It turns out she’s been visiting pro-Tibet websites, and…
The Morris Worm Pt. 2
May 16, 2018 • 22 min
In an attempt to halt the Morris worm’s path of destruction, a systems administrator at Harvard shut down the university router through which Andy Sudduth’s message would be sent to the internet. The post didn’t go through until after it was too late. In…
The Morris Worm Pt. 1
May 2, 2018 • 26 min
We’ve introduced you to some of the seminal malware attacks that have shaped cybersecurity history. Perhaps no other incident in history, though, has had the effect on how we think about computer security today as the Morris worm.
The Half Life 2 Hack
Apr 18, 2018 • 38 min
How far should a die-hard fan go, in order to bring closer to them the thing that they love? In one of the most interesting, yet relatively unknown cybersecurity stories, a young hacker attempts to steal his favorite game prior to its release and then…
The Legalities of the Cyber War
Apr 4, 2018 • 22 min
Catching a criminal is by no means easy, but there’s something we take for granted in any crime: that the criminal has a face and a name, that they used a specific weapon on a specific target, and that the crime had ended once it was complete. But what…
Fancy Bear, Cozy Bear
Mar 21, 2018 • 30 min
When representatives from the Democratic National Committee reached out to a silicon valley cybersecurity company, to investigate a potential breach in their computer system, it’s hard to imagine what they might have expected to come of it. It didn’t take…
Hack Back
Mar 7, 2018 • 33 min
Those who have experienced a cybercrime know the feelings of frustration and helplessness that come along with it. A hacker could be halfway across the world when they attack you, and you might have no way of figuring out who it was or catching them even…
Cyber Terrorism
Feb 21, 2018 • 31 min
What governments and powerful organizations regularly use, others will find ways to use as well. Cyber activity fits so incredibly well with terrorism. Actors can remain hidden, or reveal themselves to the world; Create propaganda campaign, or aim for…
Super Spies
Feb 7, 2018 • 34 min
The NSA has many means at its disposal. But how does it use these means, and for what goals? Discover the (literally) secret history of the NSA’s cyber activity. Travel with us to Russia and back, learn the origins of FISA, and find out more about the…
The Trojan Horse Affair
Jan 24, 2018 • 22 min
The early 2000s were an interesting time in Information Security. This is roughly the period when malware transitioned from viruses written by teenagers for fun, to cybercrime tools in the hands of sophisticated criminals. This week’s story took place in…
Friend or Foe
Jan 10, 2018 • 36 min
The largest hack in U.S military history may have been conducted by… The NSA. In 1997, a wargame conducted by the NSA showed just how unprepared we were for a potential cybernetic strike- in 4 days, NSA hackers were able to take down entire military…
Amit Serper Interview- Holiday Special Episode
Dec 27, 2017 • 39 min
It’s the holidays and everyone’s on vacation – but the Internet never rests and neither do the bad guys in cybersecurity. So, for this holiday special, we figured we’ll air an interesting interview we did a few weeks back with Amit Serper, Principal…
Deception
Dec 13, 2017 • 29 min
From the Bulgarian hacker scene of the 90’s, featured in episodes 1 and 2, we now move to the vibrant underground hacker scene of West and East Berlin. Working secretly for the KGB, a young Berliner hacker attempts to hack the U.S military network, only…
Weapons of Mass Disruption
Nov 29, 2017 • 41 min
The threat of fire and fury stands at the center of all modern conflicts- nuclear bombs that can eradicate life in seconds are the ultimate weapon of war, as they pose a huge threat to centers of population. But what of the cyber war? What threat could it…
The Soldiers of North Korea
Nov 15, 2017 • 33 min
Guerrilla warfare has been around for as long as conventional warfare has. The idea that a small force, through cunning and brazen action, could overtake a larger force is an old one. From pirates who would take merchant ships by surprise, to lengthy…
The Propaganda
Nov 1, 2017 • 39 min
Governments around the world have been making devious use of the internet as a platform to spread, not malware, but propaganda. As in all wars, propaganda is a huge part of the modern cyber war. Join us as we explore the roots, and the most creative uses…
The Whistleblowers
Oct 17, 2017 • 6 min
WikiLeaks has ushered in a new age in whistle blowing: Modern leakers such as Chelsea Manning – who’s story is the focus of our current episode – expose huge amounts of confidential information. But can these mega-leaks really influence the actions and…
Stuxnet, part 3
Oct 2, 2017 • 29 min
Stuxnet was a devastating weapon, but who wielded it? That is the question we try to answer with the final installment of our Stuxnet series. In this episode, we explore other, similar battles of the modern cyber war, and look further into the topic of…
Stuxnet, part 2
Sep 18, 2017 • 27 min
Stuxnet was a weapon, a kind of a smart bomb- perhaps one of the smartest bombs ever created. A bomb that couldn’t rely on operators, cameras, and laser targeting, instead it had to “think” its way to its destination. An invisible commando unit, dropped…
Stuxnet, part 1
Aug 30, 2017 • 33 min
Where armies once fought with bullets and bombs, they now engage in clandestine, invisible warfare. In 2010 a virus was discovered that would change the world’s perception of cyber warfare forever. Dubbed Stuxnet, this malicious piece of code has a single…
Hell to Pay
Aug 21, 2017 • 37 min
A global FBI manhunt for the world’s most wanted cyber criminal ends in the capture of a massive criminal network, but with the escape of the man himself. Security experts who operate within the gray areas of morality develop botnets that destroy personal…
The Roots of Evil
Aug 7, 2017 • 30 min
WannaCry’s widespread cyber attack on more than 200,000 computers all over the world made headlines – but only a few people remember a similar attack, named The AIDS Trojan, almost 30 years earlier… In this episode of Malicious Life, we go deep into the…
Big Cannons
Jul 24, 2017 • 44 min
2016 is known throughout the circles of information security as “The Year of The DDoS Attacks”, and rightfully so: 5 large scale DDoS attacks – ‘Distributed Denial Of Service’ – shocked the technology world. In this episode of Malicious Life, we examine…
Spam Empire
Jul 6, 2017 • 31 min
In this episode of Malicious Life, we take a look at one of the oldest forms of criminal activity on the web- the spam empires of the 90’s and 2000’s. Find out how these multi-million dollar industries operated, how they served as a half step towards the…
The Dark Avenger
Jun 30, 2017 • 30 min
In 1989, a message was found in a virus: “Eddie Lives…Somewhere in Time!”. ‘Eddie’ was a particularly nasty virus, and its discovery led a young Bulgarian security researcher down a rabbit hole, on a hunt for the prolific creator of the Eddie virus: The…
Ghost In The Machine
Jun 28, 2017 • 26 min
Cybercrime is one of the most notable threats we face as computer users, nowadays. But it wasn’t always so. Those of us who’ve been in the field long enough may remember a time when computer viruses were much more innocent, and virus authors were usually…