New Idea. How about breaking their Computer?

By joining our community you will have the ability to post topics and access other forums reserved for members. Registration is quick, simple and absolutely free. Join our community today by clicking here.

Hello I'm New here! Joined: 10 Apr 2007 Posts: 2

Hello,

I have been viewing this site on and off for about a year now. It is extremely funny the kinds of things you guys get the Scam Artists to do. With that said, I would like to participate as a Scam Baiter, or I would like to help someone else.

I have little to know experience dealing with Con Artists, but I can easily spot a Scam and Unsolicited Bulk Email.

With all of the aforementioned information, most of your first thoughts would be to probably advise me to leave this into the hands of the professionals, which is fine with me. I only wish to help.

I have recently come up with a way to more than annoy these SCAM artists; in fact, I honestly believe we can damage their computers. I.e. we can specifically break Windows in just about anyway we wish by getting them to do a few simple things. Here is how it works:

1. A Scam Baiter such as someone on this forum or I start a conversation and ear the trust of a Scam Artist. I.e. We get that person into a position where he or she (unlikely) believes we have money waiting via Western Union or some other feasible method.

2. We throw a hurdle into the mix by explaining that we can only send the information in an encrypted manner. This will actually be a ploy to get the unsuspecting individual to download and install our decryption software!

3. Essentially, we start a fake website that has a bunch of information about a fake decryption product. It will have a download section and all kinds of bullshit to make it look realistic. It will also have a copy of our fake decryption program.

4. Protecting the Innocent: When the software is downloaded, our good friend, the Scam Artist must submit a verification number in order to download the product. In other words, we make it impossible for a passers-by to download our fake software. This prevents the possibility of harming the innocent. Being the good friend that we are for all the things our scam artist has done for us to earn a money transfer, we can even convince the Scam Artist that we paid $50 for the software, so they can decrypt it. Remember, we are doing them a favor. If you would like, maybe we can get the Scam Artist to actually pay for it.

_______________

At this point, the Scam Artists downloads the fake software and installs it. It does whatever we want. We can close down their outgoing email ports, mess with their network settings, reconfigure Internet Explorer, set a homepage to our liking, apply some Group Policy Settings. I.e. setup their computer to act like a public computer by locking down settings. We can hide drive letters, we can install Spyware and Adware on their behalf...

We just need some ideas. Basically, what I do is use a SnapShot Utility that captures changes, saves them to an executable package, then applies them to a target computer. The reason for this technology is Medium Scale Application Deployment. In other words, we could make a package to install Adobe Acrobat Reader, Firefox, and Microsoft Office. But for our Scam Artist, I think we should install very little, but mess with a lot of settings.

Another idea is to install some Remote Control Packages and Configure them. One idea I have is to install VNC, and a Dynamic DNS client, so we will always have a domain name to reach their computer and be able to remote connect to it. Assuming the SCAM artist has Windows 2000 or XP, we can have a whole lot of fun with them. The most fun would be XP. We should be able to patch Terminal Services and allow concurrent remote connections. In other words, we could sit back in the USA and do a Remote Desktop to their computer even if they are logged in already. The biggest problem here is that we will need to find a way to create an account with Administrative Credentials, so we have full control over the computer. VNC would most likely be easier. We could configure a Dynamic DNS client and VNC to run as services with no tray icons, menus, or desktop icons. We could essentially, silently add soem remote administration stuff to their computer. If nothing else, it would be fun to watch the scam artist work. You would also have the option to lock their mouse and keyboard at your whim too. Very Happy

If you are watching and it becomes apparent the scam artist is not using the computer, we can ensue more fun. One of my really good ideas is to open Device Manager and find the Optical Drive or Drives and note down their model numbers and names. Then we can search for third party firmware on the Internet and how to do our very own Hex Edits. With this in mind, we can take control of their computer at an opportune time and take a real firmware, Break it in a hex editor, yet make sure it will still be installable. Then we take control and flash their optical drives. The end result is that their DVD Rom, CD-ROm, DVD Writer, whatever drives we flash with broken firmware will become unrecognizable on the IDE Interface Cables.

In other words, not only will the drives not work on Windows, but if we decide to break Windows, they will not be able to boot off of a Windows CD to re-install the OS. This would require our SCAM artist to physically buy or steal a replacement drive and install it into his/her computer, then do a clean install of Windows (or leave our stuff still on the computer), install drivers...

The end result is that even here in the United States, a competent computer specialist would have to backup his or her stuff, spend $30 to $70 to buy replacement drives, take apart the computer, then find all the disks and sit through a 2 hour ordeal of rebuilding all the software from scratch.

Something tells me if we manage to do the firmware trick, and break windows at the same time, that computer will probably never send SPAM again. They probably do not have the resources or intelligence required to fix the problem we can cause remotely.

____________

Another, far more simple option is next day revenge.

Quite simply, we delete C:\ntldr or ntskrnl.exe or hal.dll... All we really have to do is delete an important Windows File that is only required on Boot. If we do this, the computer will be running just perfectly fine after they run our utility. They will not even suspect we were up to anything...

However, when they restart, they will get an error such as NTLDR is Missing

I.e. look at this picture:

The problem is that each time Ctrl Alt Delete is pressed, they will be reading the same message. Chances are good they are probably not smart enough to put a Windows CD in and go to the recovery console and expand ntldr to recover the system to a bookable state.

What do you think?

I need your input. Another option may be to simply Deactivate Windows, so they have to call Microsoft and explain why they need to Re-Activate.

Posted: Tue Apr 10, 2007 5:14 am

No, the problem is that many of the lads use internet cafes and such, so this will hurt a innocent third party. Not all owners are in on the scams, and I doubt a lad would pay for damages. Plus it treads the legal line, it could get you into big trouble.

Hello I'm New here! Joined: 10 Apr 2007 Posts: 2

Darn, I never thought about that.

Thanks for the answer.

Posted: Tue Apr 10, 2007 6:04 am

HyperBanana wrote:

... it treads the legal line...

Not really treads, but crosses (in US)
UNITED STATES ATTORNEY�S OFFICE EASTERN DISTRICT OF VIRGINIA
"Richard Sylvestre, 43, of Boylston, Massachusetts, was sentenced yesterday to 12 months and one day in prison, followed by three years of supervised release, and ordered to pay a $10,000 fine and $25,007 in restitution, upon his conviction for damaging ... secretly programmed a series of malicious commands on five computers in NEPOCC�s network. Sylvestre designed these commands to disrupt and to damage the network while he visited the United States. On May 20 and 21, 2006, Sylvestre�s commands began to execute, causing two watch floor computers and a computer database filter to go offline."

Additionally Title 18, United States Code, Section 1030(a)(7)3. "Threat to Cause Damage to a Protected Computer
The term "damage" is defined in section 1030(e)( 8 ) and is discussed in the context of section 1030(a)(5) on page 34. Unlawful threats to cause damage include interference in any way with the normal operation of the computer or system in question, including denying access to authorized users, erasing or corrupting data or programs, slowing down the operation of the computer or system, or encrypting data and demanding money for the decryption key. See S. Rep. No. 104-357, at 12 (1996), available at 1996 WL 492169. In contrast, unlawful threats to the business that owns the computer system, such as threats to reveal flaws in the network, or reveal that the network has been hacked, are not threats to a protected computer under section 1030(a)(7). However, a threat to a business, rather than to a protected computer, is a classic example of a violation of the Hobbs Act, 18 U.S.C. � 1951.

The term "protected computer" is defined in section 1030(e)(2) and is discussed in the "Key Definitions" on page 3." ..... and much, much more Before going into state codes and laws.