Black Hat USA 2024: Interviews with Extorters 'Ego' and 'Reiko'

I was introduced to all of this when I was younger, through a couple of friends I knew from Xbox. They had a knack for getting hold of people’s IPs they didn’t like and had this technique called ISP Doxing. Essentially, they’d contact the internet provider and somehow manage to extract information about the person behind the IP address. Things escalated, and they even started extorting money from the individuals they targeted. That’s how this whole saga began.

I got my invite thanks to a friend of a friend. They were already pretty established in the community and figured I’d fit right in, knowing I was already clued in on the subject.

Clique are people who are personally friends with the owner(s).

I’ve only ever used the clearnet website, I was not familiar with doxbin or really the dark net during those earlier times.

This quote really sums up the whole idea of the community. It’s on the users to keep their online security tight, but let’s be real, no matter how careful you are, someone might still track you down. Complete anonymity? Yeah, no. I’ve been there—I’ve managed to uncover big shots in the community that even the feds missed. There’s a bunch of stuff that goes into doxing, stuff most folks wouldn’t even guess, even some of the folks here.

Yes, considering I’ve seen it happen with my own two eyes. I’ve seen people get doxed and that ending up in them being bricked, getting their house shot up, getting a molotov thrown through their windows, gang stalked, all in an attempts to extort them for money. Then there’s those who take it a step further and break into the residence, torturing these individuals with anything from cutting their fingers off to killing them, all to take the crypto currencies they behold. Things gets pretty wicked online, much more than people realize.

I’ve witnessed some pretty gruesome incidents – like people having their fingers severed, another guy getting shot in the chest, and even someone nearly losing their hand. It’s pretty wicked. There have been instances where young teenagers were subjected to days of torture before being discarded in a ditch. These acts were usually driven by the motive to acquire cryptocurrency. It’s wild to think about, but I suppose if I were face-to-face with someone holding $40 million in crypto, I might be tempted to take similar actions.

Those who have the means often go for it, and some of the members even provide these services. The range of offerings is quite extensive, from bricking to resorting to firing shots at their homes from the outside.

Depends on who you ask, coming from someone who’s been involved for a majority of it, it’s softened up a bit for sure. There used to be a strict policy that anything uploaded stays uploaded, no excuses. However the clearnet website started off by offering to remove pastes for money, which well, earned well above 6 figures yearly. However towards the end, the owners wanted to honor the old code, and eventually stopped removing pastes for money. It’s all a matter of perspective. From my vantage point as someone who’s been deeply immersed in it, I can say that things have definitely mellowed out to some extent over time. There was a time when a stringent rule prevailed: once something was uploaded, it stayed there, no exceptions. But then the clearnet website introduced a new twist by offering to take down pastes in exchange for money. And well, that turned into quite the lucrative enterprise, raking in well over six figures annually. However, as things drew to a close, the original principles started to hold more weight again. The site owners decided to honor the old code and eventually ceased the practice of removing pastes for payment.

I’m relatively young, I’d say. I’ve never experienced the typical 9-5 work routine, and honestly, I don’t see that changing. My focus has been on studying networking, and I recently graduated with a degree in networking engineering. Along the way, I managed to pick up a few different network certifications. While I was studying, this has pretty much been my gig for the past year.

Anyone, as long as there’s someone there to pay me for it.

I generally don’t target individuals unless it’s for personal motives or in collaboration with my group. However, I did make an exception once. A young woman in my community confided in me, sharing a disturbing story about a guy who was part of the community back then. He had deceived her into meeting him at his apartment, where he ended up sexually assaulting her. This issue hits close to home for me because my own girlfriend went through a similar ordeal, but in this case, justice was served. You can find the details in the paste at https://doxbin.net/user/ego — it’s the only paste I have up there. Everything is explained in deep detail. It’s a fun read.

I don’t have a big family to discuss this with, so there’s no one to weigh in on it. The only person who really knows about my endeavors is my girlfriend, and even then, she barely knows anything.

Living with schizophrenia has made me rather emotionally detached. I don’t experience much remorse or empathy toward others, which strangely aligns well with the nature of the work I’m involved in.

My name was only associated with pastes when working with our group, and these instances were intended to draw attention to both the community and law enforcement in specific situations. We were well aware of being under surveillance by the authorities so that wasn’t difficult.

I’m not really bothered by it. If they’re determined to track me down, they’ll manage to do so. I’m realistic about the fact that if the US government is genuinely interested in locating me, they have the resources to do it. By the way, I’ve flown into the US multiple times since I started this, and I’ve had no issues whatsoever.

No not really. No one has even come close. Even my close friends with extensive experience couldn’t dig up anything substantial. All people really know about me is the name, age, and country I’ve put out there, and none of those details can be verified.

If I were to paste something, it would stay til the end of the website. No circumstances.

As you become more acquainted with the subject, you develop the skills to uncover information that isn’t readily accessible to the public. So, no.

Yes, nearly every time. I’ve taught loads of people to do the same.

Within the first 2 weeks or so, White had given his personal number out to another individual within the community. Which well, tells you enough.

Under KT’s ownership, the website consistently upheld its reputation. However, when it changed hands and was sold, its standing began to decline steadily. Fortunately, with its subsequent repurchase, the website’s reputation started to improve once again.

Yes.

Yes, the UK law enforcement has publicly admitted to this.

Many of my friends are involved in very similar activities on the daily.

It’s about time for them to step down and move on. This has been their project for the past 5 years, and has been built from the ground to where it stands today.

I don’t trust anyone, but in this situation, I suppose I can give him the benefit of the doubt. Whatever he chooses to do won’t affect me one way or another. I did some research on him when he first appeared, and it wasn’t hard to uncover what he does and has been up to before doxbin. So, based on what I know, yeah, I can confidently say he’s trustworthy.

It’s indeed disheartening to witness the situation unfold, seeing two friends facing legal consequences. Regardless of the circumstances that led to their situation, it’s tough to observe. The ripple effect on other group members adds to the difficulty. On a more positive note, I’ve maintained contact with both of them, and it’s reassuring to know that they’re staying strong. Wishing them all the best as they navigate through this challenging time.

No comment.

With the recent legal issues affecting two of our members and the impending sale of doxbin, we’ve collectively reached the decision to bring our journey to an end.

It’s no revelation that people often bend the truth to present themselves in a more favourable light. This is a widely acknowledged reality.

Absolutely, it’s quite common to come across articles that are riddled with falsehoods and lack any substantial evidence. Unfortunately, some resort to such tactics to generate a few more clicks, which is indeed a disappointing and unethical. This behavior is widely recognized and acknowledged within the industry.

When I mentioned journalistic articles containing falsehoods, I was referring to instances where media outlets inaccurately label individuals or groups, branding them as criminals or such without substantial evidence. These kinds of mischaracterizations can be damaging and misleading, as they can distort public perception and perpetuate stereotypes. It’s important for journalists to exercise diligence in their reporting, ensuring that claims are supported by credible sources and thoroughly fact-checked to maintain the integrity and accuracy of their work. But hey, that’ll never happen.

Individuals consistently employs identical email addresses across all their online accounts, along with reusing similar passwords for each one. They also opt for consistent or similar usernames across various platforms. They choose not to use VPNs. Moreover, they openly share their complete names and general location on social media platforms. To add to this, they freely post personal pictures, potentially compromising their own privacy and security.

Don’t do anything listed above.

I became involved with doxing in 2016. I was originally introduced to it on a social platform in which I wanted to expand on my cyber security knowledge and then had involved myself with a community of people who had gotten me to learn OSINT. Sadly, the community was not a good one, to say the least.

Well, I was a minor at the time and had come to find out that the group I had been involved with were swatting underage females behind my back for absolutely no reason. When I had found out, I immediately cut contact with those people and also destroyed any reputation the members had. I cannot comment on what the group was, sadly.

Originally, I had a friend group a few years back who had talked about the website. My OSINT ‘skills’ were not as advanced back then and upon being introduced to the website by some friends, I had skimmed over a few ‘pastes’.

Initially, I had found a solution within Doxbin that prevented users from being able to see their profile picture. I had contacted Operator explaining the solution and then we worked on it together. After this, I continued to help out development wise with features, changes and fixes towards the site until I was essentially labelled the Developer of Doxbin.

I do not. Doxbin is the first of its kind for me.

Yes. I used to be a leader alongside another individual for a group called Valhalla. The website for this group was quite popular and ViLE had even taken inspiration from the website. That is one of the ones I can remember. As for personal projects, I sometimes just get bored and work on a project and then don’t usually finish it. One of them was an anime site I was working on that I simply just left.

If you mean anonymity for Doxbin and our users, we do not store IPs and we do not store any personal information. Here is an example of what we only store: [21/Sep/2023:01:34:06 +0000] “GET / HTTP/1.1” 200 664 “https://doxbin.com/" “Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.3) Gecko/20100401 Firefox/3.6.3” This is also wiped from our servers after 7 days. As for bulletproof hosting, it is not necessary. Doxbin is not illegal. This is due to Section 230 of the Communications Decency Act.

We have jump servers and firewalls. We also have reverse proxies and so on. We also have a hosting control panel to make things easier for everyone. I cannot state anything else, sadly.

I used to pretend to be from somewhere I wasn’t when dealing with a situation that involved annoying people in a situation with a company owner. I cannot expand on that sadly. The company owner and associates believed I was in an Asian country since I presented a false time zone on my system, posted an uber eats screenshot that was in a completely different country and so on. Nowadays, people just know where I’m from.

I heavily agree with this quote. It is your responsibility to uphold your privacy on the internet. Have you ever been told in a school assembly about the dangers of the internet? Even schools teach children about being private on the internet. Why is something that is taught to people in schools that is very important and should be taken seriously, not utilized? In short, this quote is very true.

I utilize OSINT mainly on pedophiles. This is due to the fact that I dislike pedophilia with a passion.

I do, indeed. Let us take Courtney as an example. She is a 26 year old female who had engaged in sexual acts with 14-17 year old boys and mentally scarring them (possibly for life). I believe such a person should not be allowed to hide. The same goes with animal abusers and rapists. Those are the main types of people I dislike and will go out of my way to ‘paste’.

Yes, I have had some dilemma’s. I had been working on a pedophile case that the police could not do much about due to how the evidence was obtained. I had collected all the information but was not able to publish the ‘paste’ due to the fact that the pedophile could have also endangered his victims. However, I was able to figure out a solution which I cannot state and thus, the predator was put in prison and ‘pasted’.

The information was obtained through allowing me to gain access to an account through commonly used passwords. This is technically a form of hacking which would mean the evidence I present would be obsolete in a court of law and I could also get charged.

Doxbin does not allow for internal threats within our website. Whatever happens outside of doxbin is not our responsibility. Think of Doxbin as a whitepages alternative. You can search for a user that has been ‘pasted’ on our website and if the person is on our website, the results will show. The same can be applied for a whitepages search. If Doxbin must be criticized for allowing users to share such information, why should these same people who criticize Doxbin so much, not also criticize online directory services?

Sure. There’s a few instances where online situations can turn into physical matters in real life. An example of this is a person called ‘Mike Virus’. He had been jumped by a group of people which I will send you the video of. The reason why he was jumped was because of the countless attempts of harassment he had done to random people online.

I wouldn’t consider this threats of violence. At the end of the day, all it is, is an additional number to the over 120,000+ pastes on Doxbin. Nobody would “do their worst”. As for the suicide stuff. I wouldn’t say it’s a threat of violence at all. Technically, nobody is being threatened. An example of this is in my ‘paste’ on Courtney where I stated the following: “Oh! And as a final note to Courtney. Stop threatening people with your suicide. Nobody would truly miss you if you decide to do it. Not your mother, your sister, your friends, your relatives or anyone remotely close to you. Please go through with it.” This is not a threat of violence as nobody has been threatened. As for similar statements, there’s a huge difference between “I’m going to murder you” and “You should kill yourself”.

Well, to add someone to the hall of autism, you must pay for it. The team also has other considerations they must take towards allowing the person to be on the Hall of Autism but that usually just depends. You can’t just put someone on the hall of autism for absolutely no reason just because you have the money.

Their OPSEC. People are always vulnerable no matter what. An example of this could be: utilizing the same username for a service, stating personal information, showing their face, posting a picture of where they are at. The person willingly releasing this information increases their chances of having any information found out about them.

I would recommend not utilizing the same email for every service, not utilizing common passwords, not having the same username for each platform and also just having common sense. If you have to think twice about something you are going to share, post or do, it’s probably not best to do it.

Not really. Being doxed is not a concern for me simply due to the measures I have taken in place not to get doxed and if I do get doxed.

I believe that Operator has the skillset to make the platform better for our users. When I heard the news about KT and Brenton stepping down, I did know it was going to happen one day and that I knew the site would be in good hans as KT and Brenton would take more precaution than they did last time in exchanging ownership to a new Admin.

Operator has the skills and the ability to allow for Doxbin to become a better platform. I believe KT and Brenton must have seen the potential in Operator and how he would manage Doxbin. In short: KT and Brenton trusted Operator and that trust was efficient enough, as we can see.

No comment.

Operator did purchase Doxbin from KT and Brenton. I do know how much the site was sold for but I don’t believe I am able to state that. I’m not too sure of the conditions but I can bet you one of them was to simply just make sure the site is maintained.

Fuck yes. on doxbin.org/.env, it was an extremely funny thing KT left behind and I would like to continue to leave behind little easter eggs and so on to the site mainly just because it’s funny.

I would have to say some doxes made by ViLE. An example of these are:

• ‘Conreppin’ - A person who claimed to be in Lizard Squad and scammed KT for $1,000. I knew this individual. He passed away and was found to have been dating 14-16 year old girls while he was 24.
• ‘764’ - A group known for extortion. Mainly to little girls.
• ‘White’ - The person who bought Doxbin originally and then ruined the site. He was then doxed and it was a very nice and detailed paste. There is more but I would say those are some of the more infamous.

Uh. Let’s see. Here’s a piece of advice: Take your security seriously. In this modern era, no matter how safe you think you are, there is always a vulnerability to be exploited. That vulnerability is often humans. Limit who you trust and stay safe. Have a good day.