Re: How hackers are getting traced back?
The problem is that when people are using ToR, they often don't tunnnel all data through ToR, i.e. DNS, Flash, Java, etc.
HD Moore from Rapid7/Metasploit made a decloaking tool, or maybe it was one of his colleagues that did, but this tool could decloak you even if you were behind a ToR network, because your browser didn't (or perhaps doesn't) route Java, DNS and/or Flash through ToR by default.
If you are going to use ToR, route everything through it. There's many best practices for "blackhat methodology & attacks", where some of this is e.g. never use the same computer for attacks and private stuff. And heaps more.
Didn't really have the time to respond, and I'd like to come up with a longer answer, but the thing is, ToR is good despite its slow, but, there has been so many problems with the ToR network as well, which you should Google a bit about. (i.e. the biggest problem is the exit-nodes, if a government is on an exit-node, your traffic is not as safe as they got one piece of the puzzle. There has also been problems with the ToR client as well, and even ToR problems relating to tracing back clients of the network.)
Heaps of stuff. About VPN, it's all about logs. Your computer has logs, your ISP has logs, your VPN provider has logs, and possibly all the routing nodes in between your ISP and your VPN provider, can have logs as well. All these logs, are traces leading back to you.
Most ISPs are bound by law to keep logs of your basic connections, i.e. DNS queries if you are using their name servers, and all connections to IP-addresses. If it's unencrypted, they may keep partial information about the packets too. If you live in India, there's a law about the strength of encryption you can use as well, it has to be low enough for the government to crack, hilarious.
Anyway, your ISP has logs of what connections you have made, which are directly related to you as the customer. In the past, a long time ago, the police had to do a live trace when a system got hacked, meaning if a hacker attacked Target 1, and came through Client 1, and also relayed/proxied traffic through Proxy 1 and 2, they would have to notice the attack at Target 1, then note the network address to Proxy 2, then note the address there to Proxy 1, and then note the address to Client 1, because these systems did not have logs, so it was a live trace.
Most of the time, they would put up "black boxes" on e.g. your home connection, so they could see where you would be connecting to if they thought you were suspicious, and then they would also have black boxes on the target end and possibly on the interconnecting nodes as well. This particular story is written down in Masters of Deception (MOD), the gang that ruled cyberspace. (It's a book, and it's really good. Old school stuff, but very cool.)
About TrueCrypt, if you are not using the FDE (Full Disk Encryption), and only containers, then there's a known flaw in most if not all versions of TrueCrypt that makes it trivial to decrypt. If you are encrypting a partition of your HDD, it may contain the same law as well, despite I can't remember if this way of encrypting a part of your drive has this flaw. Using a strong password, with upper and lower case letters, numbers, special/meta characters, etc., and no known words from wordlists, will make it almost impossible to crack with the technology available today.
However, in a court, you can be ordered to provide the decryption password or you may be seen as a criminal. I've heard cases of this in the states, and also other countries. Meaning, you could face more or less charges, depending on if you give the decryption password. A side note about this, is that a botnet server in the UK, was recently used to track down the "kingpins" behind, as they used the same C&C to check their facebook, etc.
That's why you always, use two separate computers, one for your personal business, the other for work. Another side note is trust. Max Vision (Wired magazine) wrote a larger article about him. How did he get busted? He used two separate apartments, had an alibi, and everything else under control. It was because he trusted too many people. I think he might've made some mistakes along the way, and/or trusted other people too much, and this is also one of the reasons why people get busted.
Most script kiddies get busted because they launch a DoS attack from their home computer with e.g. LOIC in the name of a fancy group that everyone knows, and then that attack is noted in the ISP logs, and then they get busted half a year or a year later and sometimes get jail time like the guy in the documentary about Anonymous from last year.
In a movie called Untraceable, which is a bit sick, but that featured a blackhat hacker where what was said in that movie, was technically correct. In one case, they traced an attack back to a regular family that could've never done any sophisticated attacks. What did the cyber police do? They took a look at who else lived in the neighbourhood, and guess who they found within wireless range? (normal range, not boosted) An IT-administrator who was possibly on a watch list already, so they busted that guy instead. And since his computer may contain evidence about he connected to that network, and that wireless network may have logs of his MAC address, he got busted that way.
So, despite this is becoming a blackhat post, about how not to get caught, this information is widely available on the Internet, including "Stealing the Network series" as well. (Fictional books that are technically correct, I read a few of the chapters.) The best way not to get caught, is to hack into a wireless network.
However, when you use your wireless adapter, the MAC address of it must always be changed to another vendor and identity. It must never be default, otherwise the proof is right next to your computer, or inside your computer. (That's why you use an external one.) Another thing is, don't use open networks, especially not those at cyber café's, or hotspots. These are often used for criminal activities already and may be under surveillance.
Hack into a wireless network that's either protected by WEP, or preferably WPA or WPA2 with a weak password. Check that this network can access anything and is not routing traffic through weird nodes (routers). Now make sure, that you force ALL of your computer traffic, through ToR to e.g. a VPN. If you can't route all traffic through ToR, deny that it may connect directly to the Internet at all.
Make sure that you have a firewall on your computer, that disallows ANY incoming data to be sent directly to it, and make damn sure you are not being "Man-in-the-Middle"'d either. (Check that you are not being DHCP or ARP spoofed, or DNS spoofed. Use OpenDNS or Google's public DNS server, or your own via your VPN provider.)
When you pay for your VPN service, you must pay for it with e.g. Bitcoins or Western Union, both are methods that are dodgy and somewhat untraceable. When you acquire bitcoins, you must use prepaid VISA cards or similar, that has been paid for with real money, so the only evidence where this money came from, is e.g. a store, preferably without video surveillance or without your face on camera.
If you got all this right, and you only use this computer for hacking, no chatting, not even to other hackers, you're almost untraceable. Next step is to keep quiet forever, never tell anyone, not even your hacker friends, and of course, have an alibi. A hacker recently scheduled in most of his attacks, to be done automatically while he was actually in school. His home computer would e.g. start up 11:34 (never use a perfect time such as 11:00), and then launch an attack. This automation has to be perfect of course.
If you do all this, you're almost, completely anonymous, not as in the group, but as it's very hard to find you. However, despite all these precautions, your wireless signal can still be located. Therefore, you should only use the computer to hack at random specified times, and make sure to take breaks as well. Make the attacks short enough so it won't be possible to locate where your signal is coming from. Preferably, switch between wireless access points often.
To make it even harder, you can use a directional antenna. If you do this, you can sit from much further away and access a lot more wireless networks, and your signal will take even longer to locate.
At this point, you're probably one of the most paranoid blackhats, and of course you got Full Disk Encryption too at the highest level, including BIOS passwords and two factor authentication for most, perhaps even your computer. You never mix work with pleasure.
But wait, despite all this, you should be careful about your home or hacking defined location too, which is not a public place. Always have the blinds down, preferably even if you're not hacking and when you are hacking, where you should remember your computer should do most if not all of the hacking, so you can have an alibi as well. You should never talk about any of the hacking you do at your hacking defined location, in case you're being eavesdropped, and make sure you don't use PS/2 keyboards either and as I already said, that the blinds are down or the curtains blinds the windows.
Why? Because it's actually possible to eavesdrop on sound, and figure out which keys you might be pressing. It is also possible to do the same, with lasers (and eavesdropping devices) pointing at your windows, and it's also possible to listen to what you type on a PS/2 keyboard, if it's connected to a regular computer with earthed power connection afaik. There's a blackhat talk about all of this. Do not use an old screen as well, as the "radiation" from this, can be read to indicate what you are doing as well from distances quite far away, it's crazy yes, but it is true. Therefore, use a laptop.
I can't think of any further topics at the moment, as we have gone from the top layers of the OSI model, to the lowest layers (the physical lower) and beyond, about how hackers are being traced back. It's possible this information will be abused, but it's been available to the public for many years, I just haven't bothered to sum it all up yet before now.
I hope you all enjoyed reading my comments about this topic, I enjoyed writing about it hehe one of the reasons I don't do black hat stuff, is partially because of my ethics and moral of course, the other part is because it's too much work, if you want to do "real business".