> the company’s most lucrative scam business: Hundreds of sites peddling fake college degrees and diplomas. People who purchased fake certifications were subsequently blackmailed by Axact employees posing as government officials..
“Axact took money from at least 215,000 people in 197 countries — one-third of them from the United States.. earning the company at least $89 million”.. a Pakistan district judge acquitted 24 Axact officials at trial due to ‘not enough evidence’ and then later admitted he had accepted a bribe (of $35,209) from Axact
adynaton · 1d ago
>Axact
That name sounds familiar
Darknet Diaries: 142: Axact
> FAZAL: Yeah, I thought the same; kind of creepy. But it’s far worse than that. I was talking with someone from another team and they said, go to facebook.com and try to log in with this e-mail and password. We were able to log in to these people’s Facebook accounts.
This is why MFA needs to be a requirement everywhere
dzhiurgis · 1d ago
Kinda ironic that social media sites do it better than your bank. My airline even has passkeys!
SOLAR_FIELDS · 1d ago
As a minimal social media user, do any social media sites actually require MFA these days? You can have the best security features in the world but if they are opt in and even a slight degradation of UX the vast majority of people will not adopt them. Security often needs to be beaten over the head of the populace to be successful. Let’s Encrypt and HTTPS in the browser is a good example of this.
SOLAR_FIELDS · 1d ago
Wow, quite cunning. Charge people to do something fraudulent, then double dip by charging them to not expose the fraud. It’s another variant of the classic scam of getting someone to do something illegal and then blackmailing them for it, but this one is extra creative because it charges people to do the illegal original thing!
profsummergig · 1d ago
One universal internet for the entire world was a mistake.
We need borders on the internet.
netsharc · 1d ago
In America, billionaires scam you!
With apologies to Yakov Smirnoff...
bryan0 · 1d ago
This part was also amusing:
> KrebsOnSecurity reviewed the Google Ad Transparency links for nearly 500 different websites tied to this network of ghostwriting, logo, app and web development businesses. Those website names were then fed into spyfu.com, a competitive intelligence company that tracks the reach and performance of advertising keywords. Spyfu estimates that between April 2023 and April 2025, those websites spent more than $10 million on Google ads.
morkalork · 1d ago
The one selling pick axes always wins
jfengel · 1d ago
Why bother selling actual fentanyl when you've got a thriving business selling fake homework help? Seems like a lot less overhead to manage.
whaleofatw2022 · 1d ago
Probably something about margin vs volume. One complicated transaction that could net a huge profit vs lots of smaller transactions that result in less overall profit despite same cost.
He'll ive seen legit businesses get burned on the same mindset. More than once. It's just in the legal transaction space, the risk shifts more towards 'delivering a crappy product' than, say, 'your employees get arrested' when you are forced to hit a deliverable.
SchemaLoad · 1d ago
Surely LLMs put the homework help industry out of business.
michaelbuckbee · 1d ago
Not joking, there's actually a lawsuit from one of the homework aid sites against Google as the AI Overviews are providing the answers that were previously been teased and upsold on their site.
Left unsaid in the filing was that it seemed like _most_ of the pages on the homework site were in fact scanned from copy written textbooks and then solved and they were trying to SEO rank for _exactly_ the question in the homework.
awesome_dude · 1d ago
Best "they're stealing our homework answers" lawsuit ever :)
ajkjk · 1d ago
More... money...
SanjayMehta · 1d ago
The two go together. Money laundering.
The high margin profits from the fentanyl are laundered as proceeds from the homework business.
golergka · 1d ago
Because for some it’s less important to earn money and more important to destabilise your geopolitical rival.
zoklet-enjoyer · 1d ago
People have been down voting me for years whenever I say this. It used to be so easy to buy fentanyl, cathinones, ketamine analogs, etc from China. Maybe it still is, I don't know
GuinansEyebrows · 1d ago
like Wu-Tang Financial said, you gotta diversify your bonds.
Havoc · 1d ago
[flagged]
golergka · 1d ago
That’s how they may be financing the terror.
LightBug1 · 1d ago
That's a good point. A little like the US and Israel's weaponry sales funding genocide.
throwaway48476 · 1d ago
Cross border/jurisdictional payments need to be insured and reversible. This will stop the scams.
foxglacier · 1d ago
Reversible by who? Not the payer or it'll create fraud in the other direction similar to credit card chargeback fraud or Ebay's "I didn't receive my item, give me my money back" fraud.
throwaway48476 · 1d ago
By the insurer. Credit card issuers are already privatized legal dispute courts.
TZubiri · 1d ago
I'm pretty sure institutional wires are reversible. Courts can also freeze accounts, the only weakpoint is absconding and quit scamming, but you lose the reputation of a whole bank in that.
throwaway48476 · 1d ago
Courts can freeze accounts within their jurisdiction. If a US scammer steals money the courts can reverse it. If an asian scammer does it there's no recourse, that's why it must be insured.
spwa4 · 1d ago
... and the Pakistani court sided with the scammers, after the judge was paid about $40000. So relying on the justice system doesn't help anyone here (and that's assuming you're willing to pay enough to run a court case on the other side of the world in the first place).
TZubiri · 22h ago
of course. But the court can freeze:
A- All accounts of the foreign company within their jurisdiction. i.e: foreign company can no longer do business with the state
B- Freeze accounts of foreign bank, or order them to cover the remedy,
C- Embargo country.
throwaway48476 · 14h ago
Insuring individual payments is a lot easier than embargoing countries over small sums of money.
An interesting time to publish this, but no doubt Krebs was working on it before the India attack.
When I saw Krebs getting into international warfare politics, I thought he was out of his element, but doubtless he is pulling some relevant strings from the cyber aspect.
I'd be interested in seeing if he can get in on something close to the actual war like the NSO whatsapp exploits. So far Krebs has brought a lot of attention to scammers. But at any point he might make the jump and link cyber to actual attacks on life.
betterThanTexas · 1d ago
[flagged]
tomhow · 8h ago
Please don't post insinuations about astroturfing, shilling, brigading, foreign agents, and the like. It degrades discussion and is usually mistaken. If you're worried about abuse, email hn@ycombinator.com and we'll look at the data.
Brian Krebs, the cybersecurity expert behind Krebs on Security, primarily generates revenue through banner advertisements displayed on his website. His website, which receives over a million visits per month, attracts this income. While he also receives information from law enforcement and other sources, his primary income stream is advertising, according to a WSJ article.
No comments yet
mmazing · 1d ago
Why does everything need to be tied to revenue? Genuine question.
baby_souffle · 1d ago
Because the number of times $ arbitrary_event happens and money is a top contributing factor has got to be at least a trillion to one.
Or said differently: safe to assume money had something to do with it, whatever it is.
> the company’s most lucrative scam business: Hundreds of sites peddling fake college degrees and diplomas. People who purchased fake certifications were subsequently blackmailed by Axact employees posing as government officials.. “Axact took money from at least 215,000 people in 197 countries — one-third of them from the United States.. earning the company at least $89 million”.. a Pakistan district judge acquitted 24 Axact officials at trial due to ‘not enough evidence’ and then later admitted he had accepted a bribe (of $35,209) from Axact
Episode webpage: https://darknetdiaries.com/episode/142
Media file: https://www.podtrac.com/pts/redirect.mp3/dovetail.prxu.org/7...
This is why MFA needs to be a requirement everywhere
We need borders on the internet.
With apologies to Yakov Smirnoff...
> KrebsOnSecurity reviewed the Google Ad Transparency links for nearly 500 different websites tied to this network of ghostwriting, logo, app and web development businesses. Those website names were then fed into spyfu.com, a competitive intelligence company that tracks the reach and performance of advertising keywords. Spyfu estimates that between April 2023 and April 2025, those websites spent more than $10 million on Google ads.
He'll ive seen legit businesses get burned on the same mindset. More than once. It's just in the legal transaction space, the risk shifts more towards 'delivering a crappy product' than, say, 'your employees get arrested' when you are forced to hit a deliverable.
Left unsaid in the filing was that it seemed like _most_ of the pages on the homework site were in fact scanned from copy written textbooks and then solved and they were trying to SEO rank for _exactly_ the question in the homework.
The high margin profits from the fentanyl are laundered as proceeds from the homework business.
A- All accounts of the foreign company within their jurisdiction. i.e: foreign company can no longer do business with the state B- Freeze accounts of foreign bank, or order them to cover the remedy, C- Embargo country.
An interesting time to publish this, but no doubt Krebs was working on it before the India attack.
When I saw Krebs getting into international warfare politics, I thought he was out of his element, but doubtless he is pulling some relevant strings from the cyber aspect.
I'd be interested in seeing if he can get in on something close to the actual war like the NSO whatsapp exploits. So far Krebs has brought a lot of attention to scammers. But at any point he might make the jump and link cyber to actual attacks on life.
https://news.ycombinator.com/newsguidelines.html
https://krebsonsecurity.com/cpm/
But I'd imagine you don't ACTUALLY care about the funding source of Krebs, you're just hoping to distract from the topic at hand.
https://i.imgur.com/T3RUBiz.png
Brian Krebs, the cybersecurity expert behind Krebs on Security, primarily generates revenue through banner advertisements displayed on his website. His website, which receives over a million visits per month, attracts this income. While he also receives information from law enforcement and other sources, his primary income stream is advertising, according to a WSJ article.
No comments yet
Or said differently: safe to assume money had something to do with it, whatever it is.