Joseph Harris, a former hacker turned ethical advocate, shares his gripping journey from video game account thief to notorious SIM swapper. He unveils the complexities of online gambling, moral dilemmas of hacking, and the dark art of cryptocurrency laundering. Joseph recounts the thrill and chaos of his cybercrimes, including a massive $15 million heist, plus the emotional highs and lows that followed. Ultimately, he reflects on his transformation and commitment to using his skills for good, navigating the fine line between right and wrong in the digital age.
Sim swapping allows hackers to bypass security measures and gain access to valuable accounts and digital assets.
Ethical hacking and bug bounty programs provide an opportunity for individuals to redirect their skills toward positive purposes.
Implementing two-factor authentication and storing private keys offline are vital steps in protecting against cybercrime.
Financial gains from cryptocurrency theft can be substantial, emphasizing the need for robust security measures in the digital asset space.
Deep dives
Using programming to analyze betting strategies in craps
The speaker recounts their college years when they were interested in both gambling and programming. They wanted to find an effective betting strategy for craps, so they created a program to simulate the game. After testing various strategies, they found that most of them resulted in significant debt. However, they discovered a strategy that involved betting on specific numbers, which showed positive results in their simulations. They tried to implement this strategy in an online casino but failed to consider the vig (5% charge for buying bets). Their program was based on flawed calculations, leading to incorrect results. Despite searching through multiple online casinos, they couldn't find a way to consistently win at craps.
Joseph Harris's early hacking exploits in online gaming
The speaker recalls their early foray into hacking, which began with trying to manipulate online multiplayer games like RuneScape and Club Penguin when they were 11 or 12 years old. They discovered a secondary market for high-level accounts and started stealing them to sell for real money. Their focus shifted to hacking email accounts associated with these game accounts and resetting passwords to gain control. They eventually transitioned to targeting Bitcoin holders, stealing accounts to access wallets and crypto holdings. They shared their experiences of getting into accounts, selling usernames and virtual items, and the financial gains they made in the process.
Exploiting vulnerabilities and sim swapping for cryptocurrency theft
The speaker details their involvement in a group targeting cryptocurrency investors. They explain their methods of gaining access to email accounts, social engineering techniques, and exploiting vulnerabilities in email providers like Yahoo and AOL. Sim swapping became their focus, allowing them to take over phone numbers associated with the targeted accounts, bypassing two-factor authentication and reset procedures. With access to email accounts, they searched for valuable information such as cryptocurrency wallets, private keys, and seed phrases. They also found a bug in Verizon's website that exposed customer account numbers, enabling them to reset passwords and gain unauthorized access. These exploits resulted in substantial financial gains from cryptocurrency theft.
Continued hacking exploits, bug finding, and growing profits
The speaker reveals their ongoing hacking activities, targeting accounts and databases associated with cryptocurrencies. They describe their skills in finding bugs and exploiting vulnerabilities in popular email providers and phone carriers. They recount stealing funds and valuable information from various accounts, searching for crypto wallets and private keys in cloud storage platforms like Google Drive and iCloud. While sim swapping and stolen credentials played a key role in their hacks, they also emphasize the importance of manual searching and creativity in extracting sensitive data. As the value of cryptocurrencies increased, their profits soared, marking a significant shift in their financial achievements.
The Rise of Cybercriminals and Cryptocurrency Theft
This podcast episode delves into the dangerous world of cybercrime, specifically focusing on the theft of cryptocurrency. The podcast highlights the main insights from interviews with a convicted hacker named Joseph Harris. Joseph reveals the tactics and techniques he used to gain unauthorized access to people's phones and steal their valuable digital assets. He shares his experiences of sim swapping, which involves taking control of someone's phone number to bypass security measures and gain access to sensitive accounts, including email and cryptocurrency wallets. Joseph explains how he targeted both individuals and companies, highlighting vulnerabilities in their security systems and exploiting them to steal large sums of money. The podcast also discusses the challenges faced by law enforcement in investigating cybercrimes and the potential consequences faced by individuals caught engaging in such activities.
Lessons Learned and the Impact of Incarceration
Throughout the podcast episode, Joseph shares the lessons he learned through his criminal activities and subsequent arrest and incarceration. He reflects on the loss of freedom and the stark reality of life in jail, highlighting the importance of valuing and protecting one's freedom. Joseph also discusses the moral repercussions of his actions, acknowledging the guilt he felt about the damages caused to the victims of his cybercrimes. He shares how he has redirected his skills toward ethical hacking, using his knowledge to identify and report vulnerabilities to companies through bug bounty programs. This shift represents a change in mindset and a commitment to using his abilities for positive purposes.
Security Measures and Protection against Cybercrime
The podcast episode offers valuable insights into effective security measures to protect against cybercrime. It emphasizes the importance of implementing two-factor authentication, using secure methods such as Google Authenticator or hardware tokens rather than relying on text messages. The episode also underscores the significance of safeguarding private keys and seed phrases for cryptocurrency wallets by storing them offline in fire-resistant devices or containers. Additionally, the podcast highlights the dangers of storing sensitive information in the cloud, encouraging individuals to be cautious about the links they click and the information they share online. By fortifying their digital lives, listeners can enhance their security and mitigate risks associated with cybercrime.
This is the story of Joseph Harris (https://twitter.com/akad0c). When he was a young teen he got involved with stealing video game accounts and selling them for money. This set him on a course where he flew higher and higher until he got burned.
Joseph sometimes demonstrates vulnerabilities he finds on his YouTube channel https://www.youtube.com/channel/UCdcuF5Zx6BiYmwnS-CiRAng.
Listen to episode 112 “Dirty Coms” to hear more about what goes on in the communities Joseph was involed with.
Sponsors
Support for this show comes from Axonius. Securing assets — whether managed, unmanaged, ephemeral, or in the cloud — is a tricky task. The Axonius Cybersecurity Asset Management Platform correlates asset data from existing solutions to provide an always up-to-date inventory, uncover gaps, and automate action. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks.
Support for this show comes from Synack. Synack is a penetration testing firm. But they also have a community of, people like you, who earn regular money by legally hacking. If you’re interested in getting paid to hack, visit them now at synack.com/red-team, and click ‘apply now.’
Remember Everything You Learn from Podcasts
Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.
