Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
artful routing
41 views
Skip to first unread message
RichD
Aug 19, 2021, 10:50:35 PM8/19/21
to
I figure a crypto group is appropriate place to ask a
hacking question -
I read an article about a Microsoft contractor, a
member of a team testing their XBox store software.
The system was configured to dispense fake accounts
and purchases. He discovered a bug, which permitted
him to order legitimate XBox purchase codes, in any
amount. He then traded these for Bitcoin, on a few
Bitcoin exchanges. Eventually, Microsoft security busted him.
Anyhow, to cover his tracks, he routed his traffic
through servers in Japan and Russia. How is that
accomplished? I mean, TCP traffic is routed by each
router, independently, according to its algorithms.
I mean, one requests a Web page, and it flows through
the network, node to node, as determined by each
router, not by the destination's order.
How does someone sitting in his home office direct
the routing?
--
Rich
hacking question -
I read an article about a Microsoft contractor, a
member of a team testing their XBox store software.
The system was configured to dispense fake accounts
and purchases. He discovered a bug, which permitted
him to order legitimate XBox purchase codes, in any
amount. He then traded these for Bitcoin, on a few
Bitcoin exchanges. Eventually, Microsoft security busted him.
Anyhow, to cover his tracks, he routed his traffic
through servers in Japan and Russia. How is that
accomplished? I mean, TCP traffic is routed by each
router, independently, according to its algorithms.
I mean, one requests a Web page, and it flows through
the network, node to node, as determined by each
router, not by the destination's order.
How does someone sitting in his home office direct
the routing?
--
Rich
Chris M. Thomasson
Aug 19, 2021, 11:22:03 PM8/19/21
to
On 8/19/2021 7:50 PM, RichD wrote:
> I figure a crypto group is appropriate place to ask a
> hacking question -
>
> I read an article about a Microsoft contractor, a
> member of a team testing their XBox store software.
> The system was configured to dispense fake accounts
> and purchases. He discovered a bug, which permitted
> him to order legitimate XBox purchase codes, in any
> amount. He then traded these for Bitcoin, on a few
> Bitcoin exchanges. Eventually, Microsoft security busted him.
>
> Anyhow, to cover his tracks, he routed his traffic
> through servers in Japan and Russia. How is that
> accomplished?
Wondering if he had a group of compromised cell phones/computers/ect in
> I figure a crypto group is appropriate place to ask a
> hacking question -
>
> I read an article about a Microsoft contractor, a
> member of a team testing their XBox store software.
> The system was configured to dispense fake accounts
> and purchases. He discovered a bug, which permitted
> him to order legitimate XBox purchase codes, in any
> amount. He then traded these for Bitcoin, on a few
> Bitcoin exchanges. Eventually, Microsoft security busted him.
>
> Anyhow, to cover his tracks, he routed his traffic
> through servers in Japan and Russia. How is that
> accomplished?
Japan and Russia?
Chris M. Thomasson
Aug 19, 2021, 11:24:19 PM8/19/21
to
Max
Aug 20, 2021, 5:34:27 AM8/20/21
to
include clues to what happened.
Without further information I could only assume that he created those
purchase tokens by connecting to the XBox store via a hacked XBox/PC and
running some malicious client requests. So, "routing" may just mean that
he connected to the store via VPN/TOR.
Max
Ben Bacarisse
Aug 20, 2021, 5:54:03 AM8/20/21
to
RichD <r_dela...@yahoo.com> writes:
> Anyhow, to cover his tracks, he routed his traffic
> through servers in Japan and Russia. How is that
> accomplished? I mean, TCP traffic is routed by each
> router, independently, according to its algorithms.
> I mean, one requests a Web page, and it flows through
> the network, node to node, as determined by each
> router, not by the destination's order.
>
> How does someone sitting in his home office direct
> the routing?
Using VPNs and proxies, I would think, though there are probably other
> Anyhow, to cover his tracks, he routed his traffic
> through servers in Japan and Russia. How is that
> accomplished? I mean, TCP traffic is routed by each
> router, independently, according to its algorithms.
> I mean, one requests a Web page, and it flows through
> the network, node to node, as determined by each
> router, not by the destination's order.
>
> How does someone sitting in his home office direct
> the routing?
more subtle ways to do this.
--
Ben.
Rich
Aug 20, 2021, 9:17:24 AM8/20/21
to
RichD <r_dela...@yahoo.com> wrote:
> I figure a crypto group is appropriate place to ask a
> hacking question -
>
> I read an article
Ok, stop right there. First firmly keep in mind the Gell-Mann Amnesia
> I figure a crypto group is appropriate place to ask a
> hacking question -
>
> I read an article
effect:
https://www.epsilontheory.com/gell-mann-amnesia/
Once that is firmly in mind, then read the article.
> ...
>
> Anyhow, to cover his tracks, he routed his traffic through servers in
> Japan and Russia. How is that accomplished? I mean, TCP traffic is
> routed by each router, independently, according to its algorithms. I
> mean, one requests a Web page, and it flows through the network, node
> to node, as determined by each router, not by the destination's
> order.
Now, return to the Gell-Mann Amnesia effect. Keep in mind that in
> Anyhow, to cover his tracks, he routed his traffic through servers in
> Japan and Russia. How is that accomplished? I mean, TCP traffic is
> routed by each router, independently, according to its algorithms. I
> mean, one requests a Web page, and it flows through the network, node
> to node, as determined by each router, not by the destination's
> order.
*any* story authored by a reporter, if the reporter has used a
technical word, they have, with *very* high certianty, used it
incorrectly. So, what you think of as "routing" is most certianly not
what really happened, but that word sounded best to the reporter, as
incorrect as it was.
> How does someone sitting in his home office direct the routing?
1) several VPN's strung end to end
2) using several machines for which they have 'access' (whether hacked
or not) to string together a series of ssh sessions end to end.
But it is highly unlikely they were able to adjust the global internet
routing tables to "route" just their packets through Japan and Russia.
But to a reporter, with *no* technical knowledge, a multi-hop VPN would
seem like "/routing/ packets through Japan and Russia".
Then, while reading other stories for which you have actual knowledge,
keep the Gell-Mann Amnesia effect in mind. You'll notice how often the
stories *are* wrong (as in *very* wrong). Then, consider the fact that
if /every/ story you read for which you have actual knowledge, the
writer was /wrong/, then how likely are the other stories, written by
the same or other writers, on topics for which you don't have actual
knnowledge, going to somehow magically be /right/.
Chris M. Thomasson
Aug 20, 2021, 3:45:38 PM8/20/21
to
RichD
Aug 21, 2021, 7:03:34 PM8/21/21
to
On August 20, Max wrote:
> > I read an article about a Microsoft contractor, a
> > member of a team testing their XBox store software.
> > The system was configured to dispense fake accounts
> > and purchases. He discovered a bug, which permitted
> > him to order legitimate XBox purchase codes, in any
> > amount. He then traded these for Bitcoin, on a few
> > Bitcoin exchanges. Eventually, Microsoft security busted him.
> > Anyhow, to cover his tracks, he routed his traffic
> > through servers in Japan and Russia. How is that
> > accomplished? I mean, TCP traffic is routed by each
> > router, independently, according to its algorithms.
> > I mean, one requests a Web page, and it flows through
> > the network, node to node, as determined by each
> > router, not by the destination's order.
> > How does someone sitting in his home office direct
> > the routing?
>
> > I read an article about a Microsoft contractor, a
> > member of a team testing their XBox store software.
> > The system was configured to dispense fake accounts
> > and purchases. He discovered a bug, which permitted
> > him to order legitimate XBox purchase codes, in any
> > amount. He then traded these for Bitcoin, on a few
> > Bitcoin exchanges. Eventually, Microsoft security busted him.
> > Anyhow, to cover his tracks, he routed his traffic
> > through servers in Japan and Russia. How is that
> > accomplished? I mean, TCP traffic is routed by each
> > router, independently, according to its algorithms.
> > I mean, one requests a Web page, and it flows through
> > the network, node to node, as determined by each
> > router, not by the destination's order.
> > How does someone sitting in his home office direct
> > the routing?
>
> It might be helpful if you give the link to that article.
https://www.bloomberg.com/features/2021-microsoft-xbox-gift-card-fraud/
No paywall
search for 'Japan'
> Without further information I could only assume that he created those
> purchase tokens by connecting to the XBox store via a hacked XBox/PC and
> running some malicious client requests. So, "routing" may just mean that
> he connected to the store via VPN/TOR.
--
Rich
RichD
Aug 21, 2021, 7:06:46 PM8/21/21
to
On August 19, Chris M. Thomasson wrote:
> >> I read an article about a Microsoft contractor, a
> >> member of a team testing their XBox store software.
> >> The system was configured to dispense fake accounts
> >> and purchases. He discovered a bug, which permitted
> >> him to order legitimate XBox purchase codes, in any
> >> amount. He then traded these for Bitcoin, on a few
> >> Bitcoin exchanges. Eventually, Microsoft security busted him.
> >>
> >> Anyhow, to cover his tracks, he routed his traffic
> >> through servers in Japan and Russia. How is that
> >> accomplished?
> >> I read an article about a Microsoft contractor, a
> >> member of a team testing their XBox store software.
> >> The system was configured to dispense fake accounts
> >> and purchases. He discovered a bug, which permitted
> >> him to order legitimate XBox purchase codes, in any
> >> amount. He then traded these for Bitcoin, on a few
> >> Bitcoin exchanges. Eventually, Microsoft security busted him.
> >>
> >> Anyhow, to cover his tracks, he routed his traffic
> >> through servers in Japan and Russia. How is that
> >> accomplished?
> >> TCP traffic is routed by each
> >> router, independently, according to its algorithms.
> >> I mean, one requests a Web page, and it flows through
> >> the network, node to node, as determined by each
> >> router, not by the destination's order.
> >> How does someone sitting in his home office direct
> >> the routing?
>
> route spoofing? Proxy to a place that routed it differently?
I don't speak computerese.
> >> router, independently, according to its algorithms.
> >> I mean, one requests a Web page, and it flows through
> >> the network, node to node, as determined by each
> >> router, not by the destination's order.
> >> How does someone sitting in his home office direct
> >> the routing?
>
> route spoofing? Proxy to a place that routed it differently?
Can you translate that into English?
It's unclear whether he was transmitting the re-directed packets, or receiving.
--
Rich
Rich
Aug 21, 2021, 10:52:45 PM8/21/21
to
https://www.epsilontheory.com/gell-mann-amnesia/
The reporter writing that did not know one iota of computer networking.
So you can't take "routing" there to mean the technical, computer
network, definition.
As far as that reporter was concerned, using a vpn to a server in Japan
and a vpn to a server in Russia would be "routing [internet traffic]
through servers in Japan and Russia".
As well, as far as that reporter understood, someone doing:
$ ssh hac...@Japan.server.com
Welcome to Japan.server.com, hacker
$ ssh hac...@Russia.server.com (on the Japan.server.com machine)
Would have also been "routing [internet traffic] through servers in
Japan and Russia".
Nothing fancy, nothing exotic here at all. He either used a VPN, or he
used a hacked login on two different internet connected machines (one
in Japan, one in Russia) to "route his traffic through Japan and/or
Russia".
Max
Aug 22, 2021, 6:50:25 AM8/22/21
to
On 22.08.21 01:03, RichD wrote:
> On August 20, Max wrote:
[...]
> On August 20, Max wrote:
>>
>> It might be helpful if you give the link to that article.
>
> https://www.bloomberg.com/features/2021-microsoft-xbox-gift-card-fraud/
>
[... ]
>> It might be helpful if you give the link to that article.
>
> https://www.bloomberg.com/features/2021-microsoft-xbox-gift-card-fraud/
>
He apparently used a VPN by privateinternetaccess.com.
https://storage.courtlistener.com/recap/gov.uscourts.wawd.275443/gov.uscourts.wawd.275443.1.0.pdf
0 new messages