Rendered at 15:31:44 GMT+0000 (Coordinated Universal Time) with Cloudflare Workers.
pocksuppet 2 days ago [-]
We should note these are not even slightly legitimate hosting companies, lest anyone worry too much about their non-KYC offshore servers. These aren't hosting companies that ask little, they are just directly front companies for Russian intelligence, owned by members of Russian intelligence, they don't do anything else, they don't provide hosting service to regular people even if you want it (I have tried).
Unlike in Germany where I lost several social media accounts because my email service provider (pissmail) went to jail because someone signed up for his service and sent spam.
orbital-decay 2 days ago [-]
>they don't provide hosting service to regular people even if you want it (I have tried)
That doesn't sound right. I used PQ.Hosting once when I needed a quick temporary VPS, just like many other legitimate users. Yes they never asked much, but they also used to ban users left and right even for torrenting, so it wasn't bulletproof in any meaningful sense. I'm sure they were into shady stuff though, since their IP quality used to be absolute crap, but they did provide legitimate services as well.
red-iron-pine 1 days ago [-]
legal threats of torrenting == lots of attention. not really something that the SVR or GRU want on their secret servers.
plus they just gobble bandwidth. you want a bit to ensure your company looks real / makes some $$$ but you don't want to threaten your C2 nodes
dominikz 11 hours ago [-]
Dear Dr [my name]
After reviewing your updated customer information, we have decided to deactivate your account because of some concerns we have regarding this information. Therefore, we have cancelled all your existing products and orders with us.
Best regards
Your Hetzner Online Team
---
This is the email that I received, after I mistyped my credit card data, when creating an account on Hetzner Cloud. You don't have to be a big cloud company to enforce the KYC rules to defend against fraud.
I wonder how big/small wa pissmail? Would be good to know where is the threshold of sanity:
1. staying with smaller providers is cheaper (and you usually get non-AI customer support)
2. at the risk of stepping into something that makes you lose your data (like you did)
MuffinFlavored 2 days ago [-]
> email service provider (pissmail)
I'm sorry this happened to you.
DetroitThrow 1 days ago [-]
it was a good alternative to cock.li for some time. alas
pocksuppet 22 hours ago [-]
German authorities arrest people for running email services and then they are confused about why doesn't Germany have a Silicon-Valley-style tech industry.
nalekberov 2 days ago [-]
Any source to back up your claims? Otherwise it seemed pretty much a conspiracy theory to me.
consp 2 days ago [-]
The company inherited all their customers and equipment from a sanctioned company (according to the Dutch news report). Should be enough for most people.
chatmasta 2 days ago [-]
That just means the sanctioned company was selling to sanctioned entities, not that it was only selling to them.
consp 2 days ago [-]
Who cares, that's a due diligence failure on their part. No consumers were involved. Do business with shady companies risk shady shit happening...
nalekberov 2 days ago [-]
Sanctioned company != works for the government.
1 days ago [-]
l23k4 2 days ago [-]
[flagged]
locknitpicker 2 days ago [-]
> The article literally has photos of their english-language customer-facing communications.
Providing a website is hardly evidence they were a legitimate business.
l23k4 2 days ago [-]
>Providing a website is hardly evidence they were a legitimate business.
legitimate business? Of course they weren't. This is a bulletproof hoster specializing in offering hosting to people doing illegal stuff.
That's not OPs claim.
You can go on the website and rent a server for a couple of dollars in cryptocurrency right now, you don't have to work for the Russian government to do so.
efitz 2 days ago [-]
I’ve been on the defender side of security my whole career.
I know in some markets crime pays more than legitimate work, but it never ceases to amaze me how much thought, effort, planning, and engineering goes into providing infrastructure IT services for cybercriminals. The people involved definitely have the skills to be profitable at legitimate work; it just puzzles me that they choose to support criminals.
Aurornis 2 days ago [-]
I watched the downfall and eventual jailing of someone who had a great job, career, and family after he started getting involved in cybercrime.
As far as I can make sense of it, he enjoyed the thrill of feeling superior to others: Evading the law, exploiting people who viewed as stupid, and enriching himself in the process.
He got caught through a mistake that was really dumb in retrospect. I think he believed his intellectual superiority combined with the stupidity of others so much that eventually he couldn’t imagine anyone catching him.
Rp8yXmdmr 1 days ago [-]
> he enjoyed the thrill of feeling superior to others [...] He got caught through a mistake that was really dumb in retrospect.
It seems to be common occurrence. I still can't get over that one hacker who dumped stolen data on forum, to sell it/prove his capabilities, in form of tar.gz archive, that accidentally included his entire home directory
kspacewalk2 2 days ago [-]
>As far as I can make sense of it, he enjoyed the thrill of feeling superior to others: Evading the law, exploiting people who viewed as stupid, and enriching himself in the process.
I sadly see this pattern of thinking far more often than I want to in my fellow eastern Europeans.
kirubakaran 2 days ago [-]
Let's not generalize, even if you feel like you can say that because you're a member of a group you're generalizing. It's unfair to most of the people in any group being generalized.
kspacewalk2 2 days ago [-]
Re-read my comment as it is written and note that my observation does not generalize.
coldtea 2 days ago [-]
Generalizing doesn't mean everybody or even most in the group. It means it's a common behavior in the group relative to other groups.
gessha 2 days ago [-]
Generalization is a tool, not something inherently bad or evil.
quantummagic 2 days ago [-]
[flagged]
jazz9k 2 days ago [-]
IQ tests are basically the ability to spot patterns.
It really tells you something about US culture, when spotting patterns is now seen as racist or bigoted.
Patterns also can save your life. They are a built-in defense mechanism and many women are taught to ignore them.
kirubakaran 2 days ago [-]
[flagged]
kspacewalk2 2 days ago [-]
Now I'm confused whether my observing patterns of behaviour and recurring beliefs clustered among people from my own part of the world are in fact racism or bigotry. Am I being indecent? Am I self-hating? Are others tolerhating? I only wish some white night would unambiguously tut-tut me or else give me a pass.
antonvs 2 days ago [-]
You're perhaps being parochial. If you lived in some other part of the world, are you sure you wouldn't observe something similar?
I've lived in four countries on three continents, from third world to first world, and human behavior is pretty constant across all of them.
JCTheDenthog 2 days ago [-]
Your comment assumes, a priori, that the stereotypes are in fact "unfair". I don't know enough about cybercrime rates per capita amongst Eastern Europeans vs. other populations to be able to say if it is actually an unfair stereotype, but it is an indisputable fact (supported by virtually every jurisdiction that tracks crime rates by things like national origin, ethnicity, etc.) that there are population level differences in crime rates.
hermannj314 2 days ago [-]
I don't think a person saying Eastern European are observed doing something more than expected is inherently racist. It is a claim he either does or doesn't have evidence for.
If he made the claim with insufficient evidence or made the claim in contradiction of the evidence, then it becomes racist, but I don't think making the observation and doing the calculation is the racist part. It is a simple chi-squared goodness-of-fit test.
Swizec 2 days ago [-]
I’m eastern-ish european, is it even racist to say that tech talent in the region is through the roof but for various accidents of history, the best opportunities available to talented people are in cybercrime (both sides)?
Not everyone has a hundred tech unicorns in their back yard. I think my country (Slovenia) produced one in its entire history so far and even that was mostly in the US
coldtea 2 days ago [-]
It's racism when it's (a) racially motivated, (b) not a correct fact.
In this case the person is itself a member of the group, and the statement they made isn't even a generalization to the group at large - just an observation about certain common tendencies seen in it.
kirubakaran 22 hours ago [-]
"observation about certain common tendencies" is literally what generalization is.
Racist remarks against your own people is worse, because not only does it perpetuate discrimination against a group by advancing a narrative about the group ("should we hire from this subgroup prone to x?"), it gives the bigots yet another vector ("even they themselves say it about their subgroup, so it must be true!")
We're on an international forum. Making "observations" like what the original commenter did can only decrease employment opportunities for an already geographically disadvantaged talent. Why do that?
coldtea 20 hours ago [-]
>"observation about certain common tendencies" is literally what generalization is
I know. Are you maybe confused? I qualified it that it's not generalization "to the group at large". Not that it's not any kind of generalization at all.
>Racist remarks against your own people is worse, because not only does it perpetuate discrimination against a group by advancing a narrative about the group ("should we hire from this subgroup prone to x?"), it gives the bigots yet another vector ("even they themselves say it about their subgroup, so it must be true!")
Oh, come on. ranger_danger put it perfectly "There can be other valid perspectives than your own. Not everyone is going to agree with your specific definition of what's racism or bigotry or whatever, and not only is that OK, but it's expected, and we shouldn't try to change other people's minds unless they asked for our opinion.".
ranger_danger 21 hours ago [-]
There can be other valid perspectives than your own. Not everyone is going to agree with your specific definition of what's racism or bigotry or whatever, and not only is that OK, but it's expected, and we shouldn't try to change other people's minds unless they asked for our opinion. There was especially no need to inject this discussion into the middle of an unrelated thread.
Trying to tell people their way of thinking is incorrect just because they disagree with you, is not only childish, but such dogmatic thinking is going to alienate you from a large part of society if you cannot learn to get along with people without constantly trying to correct everyone who you think is "wrong."
meindnoch 2 days ago [-]
[flagged]
elmomle 2 days ago [-]
If communism is the cause, then why would this same mentality be such a massive problem in America?
mixdup 2 days ago [-]
This mentality is a huge problem in America. We have insane amounts of corruption and just flat out crime. The corruption just rarely gets prosecuted in a courtroom
locknitpicker 2 days ago [-]
> If communism is the cause, then why would this same mentality be such a massive problem in America?
By communism I don't think people talk about the philosophical basis of an idealized society, but the totalitarian regime that oppresses a society and keeps the working class constantly in survival mode under the risk of losing it all.
AngryData 24 hours ago [-]
Then they should be rallying against totalitarianism and authoritarian policies, not broad and vague ideas of "communism" that most people cant agree on the definition of. All it does is let people and politicians weasel around them using authoritarian policies because they aren't communist.
locknitpicker 22 hours ago [-]
> Then they should be rallying against totalitarianism and authoritarian policies, not broad and vague ideas of "communism" that most people cant agree on the definition of.
You're nitpicking on semantics. Communism is the poster child of totalitarian regimes that oppress their citizens to extreme levels. When you talk about communism, people think of gulags, forced labor, murdering political opponents,and even force-admittong rivals to psychiatric hospitals.
pocksuppet 22 hours ago [-]
Are you sure that's the route you want to go down? Going by the statistics, democracy has killed more people - in the USA, Afghanistan, Iraq, etc - than commuinsm has. If we go down that route. Which I don't think we should.
1 days ago [-]
RRWagner 2 days ago [-]
[flagged]
pbgcp2026 1 days ago [-]
His stupidity was to let you see him. Let that sink in.
KellyCriterion 2 days ago [-]
sounds like Markus Braun & Jan Marsalek / Wirecard, the fraudsters :-D
cm2012 2 days ago [-]
Sounds like Breaking Bad
redsocksfan45 2 days ago [-]
[dead]
thewebguyd 2 days ago [-]
It's not easy to go legit, especially in today's job market, depending on where you live in the world also.
The US is unique with its high salaries for tech work (on the lower end of those of high salaries is pure ops work like this though). If you're in a country where the average sysadmin salary is substantially lower (to pick on Eastern Europe for a minute, you're looking at the equivalent of ~$30-35k USD/year), it's not hard to see why its tempting to go the cybercrime route.
locknitpicker 2 days ago [-]
> to pick on Eastern Europe for a minute, you're looking at the equivalent of ~$30-35k USD/year
This is a disingenuous claim. Not only are there software engineers in rich western European countries that in absolute terms earn less than that but also your east European software engineer still earns multiple times their country's average salary.
goobatrooba 2 days ago [-]
I think s/he meant that if you earn 30k it's easy to be tempted by crime because the numbers are big. What night not tempt a Google engineer might tempt a telecoms infrastructure key from Anytinytown, Moldova/Romania/...
That said I don't think there are many good software engineers that earn less than that in Western Europe. Net maybe, but certainly not gross, and if it's net that covers anything from pension security to healthcare, meaning you can live a decent life in most places.
locknitpicker 1 days ago [-]
> I think s/he meant that if you earn 30k it's easy to be tempted by crime because the numbers are big.
I'm pointing out that this reasoning doesn't pass the smell test. A 30k salary in those countries actually represents between 5-to-10x your average salary. You are already considered rich and we'll off and leading a comfortable life.
It's like claiming your average FANG engineer earning half a million a year would be easily tempted to engage in criminal activity if that meant they could aspire to earn a few millions instead.
> (...) meaning you can live a decent life in most places.
Yes, there are only a few countries on earth where your average software engineer earns more than that, and mostly because their average salary and cost of living is already way larger. Some sources even state that the average salary of s software engineer in Japan is as low as $36k/year. Japan has a higher cost of living than most east European countries, they have a reputation of competence and technical expertise, and still you don't see Japan as synonymous with cybercrime.
nerdsniper 20 hours ago [-]
The median annual salary in places like Moldova and Romania is $3-6k USD? Edit: apparently $5k and $10k, respectively.
r_lee 2 days ago [-]
why is this downvoted?
KellyCriterion 2 days ago [-]
...because on HN, experiences which somehow contradict the perspective when salaries are highly varying across countries, esp. when someone decides to pick an explicit example, which, even if it shows the truth, is against the base-assumption of the reader of a comment.
To put it somehow dimplomatic :-D
KellyCriterion 2 days ago [-]
[flagged]
KellyCriterion 2 days ago [-]
[flagged]
KellyCriterion 2 days ago [-]
[flagged]
parliament32 2 days ago [-]
Imagine working for an organization where 1) cybersecurity is actually the #1 priority, ahead of "shareholder value" and all the other gobblygook, 2) you get to design systems where you actually have to assume that every other entity is malicious (not the usual carve-outs like "oh yeah we do zero trust.. but our entire management plane is Azure-managed it's unavoidable"), 3) your budget is effectively unlimited, and 4) you get paid several factors more than you would in private industry.
r_lee 2 days ago [-]
> The people involved definitely have the skills to be profitable at legitimate work; it just puzzles me that they choose to support criminals.
I don't think it's that easy to go legit. having a tech job nowadays is already a luxury
derefr 2 days ago [-]
I wouldn't advise thinking of it as "providing infrastructure IT services to cybercriminals", as if these people are primarily IT people, running primarily infrastructure, who just happen to favor this audience.
I would rather advise thinking of these efforts as various cybercriminal groups going through the schlep of setting up their own backend IT infrastructure for their own use (because they couldn't find anyone to host them); and then, with built infra in hand, either:
1. realizing that their own needs were emblematic of a more-general unmet market demand for "don't ask, don't tell" hosting, and so branching out into hosting as a secondary business;
2. taking the charade of a hosting company they made up when e.g. registering for an ASN, and deciding that the more real they make that charade, the more it protects them; and so slapping together a facade of a hosting site (that serves no real customers and has no real control-plane);
3. or deciding that having real customers with actual legitimate traffic coming from their ASN further legitimizes them (and makes other ASNs more wary to just block them wholesale), and so actually standing up the facilities of your average VPS provider on some single sad box somewhere — probably running some turn-key IaaS appliance (usually not OpenStack, more likely some shoddy old thing they bought on a cybercrime marketplace);
4. or (and I think this is the most common route) chatting with cybercriminal friends of theirs, and those friends hitting them up for hosting when they realize that they've actually built something out for themselves; and this gradually just evolving into a de-facto hosting arm of the business (as they accept more of these "high-touch" word-of-mouth customers; eventually begin to feel burdened by manually configuring their systems to accommodate these customers; and so begin to automate things.)
pocksuppet 21 hours ago [-]
Both forms exist. There are real hosting companies that just turn a blinder eye to crime than others, and those ones should maybe be forced to divest from certain customers but shouldn't be completely raided. And there are cybercrime groups who form fake hosting companies. These ones were from the latter group. I tried to rent servers from them once, but they don't actually take customers because they aren't a real hosting company.
davidwritesbugs 2 days ago [-]
In a previous life I've employed contractors and software engineers to run a criminal website. Motivations for my guys were that it was well paid work that was technically challenging in order to evade enforcement agencies, and was 'fun' in that respect; they were "sticking it to than man (my service was regarded as moral by all my users & others); and there wasn't so much work about that they could pick and choose; lastly, I was a good employer because I had to be!!
fancythat 2 days ago [-]
Because they cannot be profitable. Job market is not the same on both ends. If you are east European and you try to get a job in an international corporation, the in all cases offer salaries adjusted for regional averages, unless you are willing to reallocate. Only few startups and FAANG like companies, often compensation in line what is received in the western world.
And there is also a thrill of doing it, which other guys already mentioned.
amelius 2 days ago [-]
Cybersecurity is always last on the budget list. It is not easy to make money working in cybersecurity.
The only upside here is that criminals will (through legislation) eventually force companies to invest more.
SoftTalker 2 days ago [-]
Some people are just born into it. Mafia families, etc. There were some very smart people in the American mob, running scams that were immensely profitable. Eventually they get caught though, and with the ease and pervasivness of electronic surveillance today, it's pretty much impossible to do it anymre at least if you're anywhere where the authorities care about it (edit to add: and aren't in on it).
seibelj 2 days ago [-]
[dead]
cryptoegorophy 2 days ago [-]
You were not born in eastern Europe that’s why. That’s the whole Eastern European mind set - the only way to succeed is to rip people off or scam. Anything else is already taken or no money in it or government will take it away from you.
sandeepkd 2 days ago [-]
If we use one of the comments from here that it was done at the behest of some government then its more like the offensive team of a legitimate government. Pretty much every thing can be colored grey that way and one just needs to find people that they can persuade or convince for their cause.
afroboy 1 days ago [-]
> it just puzzles me that they choose to support criminals.
Same reason for CIA and NSA engineers.
2 days ago [-]
thrownthatway 2 days ago [-]
Some people provide services exclusively, or partially, to government(s).
Crime really isn’t that much different.
2 days ago [-]
dist-epoch 2 days ago [-]
You fail to take into account the ideological angle.
Some people are ready to die for their beliefs. Others just to run businesses supporting their causes.
3 of the 4 persons named have russian links (a large number of Moldovan citizens are ethnic russians).
spwa4 2 days ago [-]
> Some people are ready to die for their beliefs.
Really? Because while I've seen this, rarely, in individuals. In many cases once you start tracing money the amounts involved in many "die for their beliefs" situations is absurd. Terrorism, for example.
cpursley 2 days ago [-]
What point are you trying to make other than bigotry? Ethic Russians are not the only Eastern Europeans perpetuating cyber crime. Anyways, Nesterenko is a Ukrainian surname - at least get your racism correct.
0xAstro 2 days ago [-]
> Stark Industries Solutions
jarvis, whats the status of my dutch servers
2 days ago [-]
consumer451 2 days ago [-]
When I was learning some homelab stuff, and was setting up pfSense, I was able to see the geos of all the scans/attacks on my home internet IP. I was surprised to see that Netherlands was up there with Russia and China in volume. They all got geo blocked.
What is it about the Netherlands that makes them so attractive to these people?
pocksuppet 21 hours ago [-]
Amsterdam is one of the biggest (perhaps the biggest) global internet hubs - European equivalent of North Virginia - and also not a totalitarian country like Germany (otherwise there'd be more in Frankfurt).
Cider9986 2 days ago [-]
That's where the servers are. See all the tor nodes in Netherlands. They aren't actually in the Netherlands.
l23k4 1 days ago [-]
What is this supposed to mean?
Most of the tor nodes in Netherlands are actually physically in Netherlands.
mvdwoord 2 days ago [-]
High bandwidth and (relatively) low sentencing would be my guess..
debarshri 2 days ago [-]
Those who are curious about notorious data centers, please see Cyberbunker [1]. I think conceptually it is cool. Also in the netherlands.
I see couple of issues here:
> 1) "Netherlands Seizes 800 Servers" - this should not have happened. Full stop. It's not US, UK or even DE. We are losing, people.
> 2) They did not turn those into "honey pots". meaning: they did not want a fix. They wanted a show.
> 3) I bet it's just a tip of an iceberg. Care to assume how many of those are hosted at "major cloud providers"? Money talks ...
l23k4 1 days ago [-]
> Care to assume how many of those are hosted at "major cloud providers"?
None of the servers seized from this small datacenter were hosted at a big cloud provider, they were hosted at the small datacenter and not a big cloud provider.
1 days ago [-]
2 days ago [-]
analog8374 2 days ago [-]
It would be nice if they named/prosecuted the people who paid them to perform the attacks.
dist-epoch 2 days ago [-]
The FSB? What are you going to do about that. Russia shot down an airliner full of Netherlands citizens and there were no repercussions.
parineum 2 days ago [-]
Law enforcement doesn't typically talk about ongoing investigations.
> those sanctions failed to target Stark’s remaining connection to the Internet — an Internet service provider based in the Netherlands called MIRhosting.
The fuck, i walk past the office of mirhosting every day
account42 1 days ago [-]
Now can we also seize some servers for the massive organized DDOS campaign that seems to be plaguing many small hosts lately or are the originators too big for that?
ziofill 2 days ago [-]
Maybe it's because I haven't had my coffee yet, but I swear my brain read: "Neanderthals Seize 800 Servers"
2 days ago [-]
DeathArrow 2 days ago [-]
[flagged]
msh 2 days ago [-]
The article spells it out clearly: charging them with violating sanctions law by directly or indirectly making economic resources available to EU-sanctioned entities.
htx80nerd 2 days ago [-]
>"making economic resources available to EU-sanctioned entities."
this is very vague
antonvs 10 hours ago [-]
It comes from EU law. E.g. Council Regulation No 269/2014 defines economic resources as "assets of every kind, whether tangible or intangible, movable or immovable, which are not funds but may be used to obtain funds, goods or services." (https://finance.ec.europa.eu/system/files/2020-06/200619-opi...)
Sanctions thing is such a hypocrisy. Russia pumped through ukraine about $1B worth of gas PER DAY after the war started and continued for about 2 years, yet they sanctioned some companies that were like a drop in the ocean of those billions paid to Putin
bunbun69 2 days ago [-]
I feel like you’re only asking this because you disagree with their charges, not because you genuinely have no clue why they’re arrested.
binaryturtle 2 days ago [-]
> …charging them with violating sanctions law by directly or indirectly making economic resources available to EU-sanctioned entities…
I guess that's why.
SecretDreams 2 days ago [-]
> charging them with violating sanctions law by directly or indirectly making economic resources available to EU-sanctioned entities.
Did you read this part?
DonHopkins 2 days ago [-]
[flagged]
runtime_terror 2 days ago [-]
I'm I the only one that read "Neanderthal Seizes 800 Servers..."?
Unlike in Germany where I lost several social media accounts because my email service provider (pissmail) went to jail because someone signed up for his service and sent spam.
That doesn't sound right. I used PQ.Hosting once when I needed a quick temporary VPS, just like many other legitimate users. Yes they never asked much, but they also used to ban users left and right even for torrenting, so it wasn't bulletproof in any meaningful sense. I'm sure they were into shady stuff though, since their IP quality used to be absolute crap, but they did provide legitimate services as well.
plus they just gobble bandwidth. you want a bit to ensure your company looks real / makes some $$$ but you don't want to threaten your C2 nodes
After reviewing your updated customer information, we have decided to deactivate your account because of some concerns we have regarding this information. Therefore, we have cancelled all your existing products and orders with us.
Best regards
Your Hetzner Online Team
---
This is the email that I received, after I mistyped my credit card data, when creating an account on Hetzner Cloud. You don't have to be a big cloud company to enforce the KYC rules to defend against fraud.
I wonder how big/small wa pissmail? Would be good to know where is the threshold of sanity:
1. staying with smaller providers is cheaper (and you usually get non-AI customer support)
2. at the risk of stepping into something that makes you lose your data (like you did)
I'm sorry this happened to you.
Providing a website is hardly evidence they were a legitimate business.
legitimate business? Of course they weren't. This is a bulletproof hoster specializing in offering hosting to people doing illegal stuff.
That's not OPs claim.
You can go on the website and rent a server for a couple of dollars in cryptocurrency right now, you don't have to work for the Russian government to do so.
I know in some markets crime pays more than legitimate work, but it never ceases to amaze me how much thought, effort, planning, and engineering goes into providing infrastructure IT services for cybercriminals. The people involved definitely have the skills to be profitable at legitimate work; it just puzzles me that they choose to support criminals.
As far as I can make sense of it, he enjoyed the thrill of feeling superior to others: Evading the law, exploiting people who viewed as stupid, and enriching himself in the process.
He got caught through a mistake that was really dumb in retrospect. I think he believed his intellectual superiority combined with the stupidity of others so much that eventually he couldn’t imagine anyone catching him.
It seems to be common occurrence. I still can't get over that one hacker who dumped stolen data on forum, to sell it/prove his capabilities, in form of tar.gz archive, that accidentally included his entire home directory
I sadly see this pattern of thinking far more often than I want to in my fellow eastern Europeans.
It really tells you something about US culture, when spotting patterns is now seen as racist or bigoted.
Patterns also can save your life. They are a built-in defense mechanism and many women are taught to ignore them.
I've lived in four countries on three continents, from third world to first world, and human behavior is pretty constant across all of them.
If he made the claim with insufficient evidence or made the claim in contradiction of the evidence, then it becomes racist, but I don't think making the observation and doing the calculation is the racist part. It is a simple chi-squared goodness-of-fit test.
Not everyone has a hundred tech unicorns in their back yard. I think my country (Slovenia) produced one in its entire history so far and even that was mostly in the US
In this case the person is itself a member of the group, and the statement they made isn't even a generalization to the group at large - just an observation about certain common tendencies seen in it.
Racist remarks against your own people is worse, because not only does it perpetuate discrimination against a group by advancing a narrative about the group ("should we hire from this subgroup prone to x?"), it gives the bigots yet another vector ("even they themselves say it about their subgroup, so it must be true!")
We're on an international forum. Making "observations" like what the original commenter did can only decrease employment opportunities for an already geographically disadvantaged talent. Why do that?
I know. Are you maybe confused? I qualified it that it's not generalization "to the group at large". Not that it's not any kind of generalization at all.
>Racist remarks against your own people is worse, because not only does it perpetuate discrimination against a group by advancing a narrative about the group ("should we hire from this subgroup prone to x?"), it gives the bigots yet another vector ("even they themselves say it about their subgroup, so it must be true!")
Oh, come on. ranger_danger put it perfectly "There can be other valid perspectives than your own. Not everyone is going to agree with your specific definition of what's racism or bigotry or whatever, and not only is that OK, but it's expected, and we shouldn't try to change other people's minds unless they asked for our opinion.".
Trying to tell people their way of thinking is incorrect just because they disagree with you, is not only childish, but such dogmatic thinking is going to alienate you from a large part of society if you cannot learn to get along with people without constantly trying to correct everyone who you think is "wrong."
By communism I don't think people talk about the philosophical basis of an idealized society, but the totalitarian regime that oppresses a society and keeps the working class constantly in survival mode under the risk of losing it all.
You're nitpicking on semantics. Communism is the poster child of totalitarian regimes that oppress their citizens to extreme levels. When you talk about communism, people think of gulags, forced labor, murdering political opponents,and even force-admittong rivals to psychiatric hospitals.
The US is unique with its high salaries for tech work (on the lower end of those of high salaries is pure ops work like this though). If you're in a country where the average sysadmin salary is substantially lower (to pick on Eastern Europe for a minute, you're looking at the equivalent of ~$30-35k USD/year), it's not hard to see why its tempting to go the cybercrime route.
This is a disingenuous claim. Not only are there software engineers in rich western European countries that in absolute terms earn less than that but also your east European software engineer still earns multiple times their country's average salary.
That said I don't think there are many good software engineers that earn less than that in Western Europe. Net maybe, but certainly not gross, and if it's net that covers anything from pension security to healthcare, meaning you can live a decent life in most places.
I'm pointing out that this reasoning doesn't pass the smell test. A 30k salary in those countries actually represents between 5-to-10x your average salary. You are already considered rich and we'll off and leading a comfortable life.
It's like claiming your average FANG engineer earning half a million a year would be easily tempted to engage in criminal activity if that meant they could aspire to earn a few millions instead.
> (...) meaning you can live a decent life in most places.
Yes, there are only a few countries on earth where your average software engineer earns more than that, and mostly because their average salary and cost of living is already way larger. Some sources even state that the average salary of s software engineer in Japan is as low as $36k/year. Japan has a higher cost of living than most east European countries, they have a reputation of competence and technical expertise, and still you don't see Japan as synonymous with cybercrime.
To put it somehow dimplomatic :-D
I don't think it's that easy to go legit. having a tech job nowadays is already a luxury
I would rather advise thinking of these efforts as various cybercriminal groups going through the schlep of setting up their own backend IT infrastructure for their own use (because they couldn't find anyone to host them); and then, with built infra in hand, either:
1. realizing that their own needs were emblematic of a more-general unmet market demand for "don't ask, don't tell" hosting, and so branching out into hosting as a secondary business;
2. taking the charade of a hosting company they made up when e.g. registering for an ASN, and deciding that the more real they make that charade, the more it protects them; and so slapping together a facade of a hosting site (that serves no real customers and has no real control-plane);
3. or deciding that having real customers with actual legitimate traffic coming from their ASN further legitimizes them (and makes other ASNs more wary to just block them wholesale), and so actually standing up the facilities of your average VPS provider on some single sad box somewhere — probably running some turn-key IaaS appliance (usually not OpenStack, more likely some shoddy old thing they bought on a cybercrime marketplace);
4. or (and I think this is the most common route) chatting with cybercriminal friends of theirs, and those friends hitting them up for hosting when they realize that they've actually built something out for themselves; and this gradually just evolving into a de-facto hosting arm of the business (as they accept more of these "high-touch" word-of-mouth customers; eventually begin to feel burdened by manually configuring their systems to accommodate these customers; and so begin to automate things.)
And there is also a thrill of doing it, which other guys already mentioned.
The only upside here is that criminals will (through legislation) eventually force companies to invest more.
Same reason for CIA and NSA engineers.
Crime really isn’t that much different.
Some people are ready to die for their beliefs. Others just to run businesses supporting their causes.
3 of the 4 persons named have russian links (a large number of Moldovan citizens are ethnic russians).
Really? Because while I've seen this, rarely, in individuals. In many cases once you start tracing money the amounts involved in many "die for their beliefs" situations is absurd. Terrorism, for example.
jarvis, whats the status of my dutch servers
What is it about the Netherlands that makes them so attractive to these people?
Most of the tor nodes in Netherlands are actually physically in Netherlands.
[1] https://en.wikipedia.org/wiki/CyberBunker
Zero (not a guess)
The fuck, i walk past the office of mirhosting every day
this is very vague
And of course "EU-sanctioned entities" is a rather well-defined list, details here: https://data.europa.eu/data/datasets/consolidated-list-of-pe...
I guess that's why.
Did you read this part?
Would have loved to read that article.