> the company’s most lucrative scam business: Hundreds of sites peddling fake college degrees and diplomas. People who purchased fake certifications were subsequently blackmailed by Axact employees posing as government officials..
“Axact took money from at least 215,000 people in 197 countries — one-third of them from the United States.. earning the company at least $89 million”.. a Pakistan district judge acquitted 24 Axact officials at trial due to ‘not enough evidence’ and then later admitted he had accepted a bribe (of $35,209) from Axact
How about some Fake Lawyers with Fake Degrees they got from Axact, shove some bribe money in there. Its a global blackmail and bribery operation and domain Registrars like GoDaddy NameCheap Name.com Dynadot Tucows etc are allowing them to create millions of FAKE WEBSITES to scam people and that money goes right back into the west via offshore accounts, right into your real estate, treasonous bastards that accept "Sharia Investors" — It goes through Dubai, the Carribean, then right into Private LLCs and anonymous Private Equity Shareholders.
Islam is a master of bribery and sniffing out TRAITORS.
> FAZAL: Yeah, I thought the same; kind of creepy. But it’s far worse than that. I was talking with someone from another team and they said, go to facebook.com and try to log in with this e-mail and password. We were able to log in to these people’s Facebook accounts.
This is why MFA needs to be a requirement everywhere
As a minimal social media user, do any social media sites actually require MFA these days? You can have the best security features in the world but if they are opt in and even a slight degradation of UX the vast majority of people will not adopt them. Security often needs to be beaten over the head of the populace to be successful. Let’s Encrypt and HTTPS in the browser is a good example of this.
Wow, quite cunning. Charge people to do something fraudulent, then double dip by charging them to not expose the fraud. It’s another variant of the classic scam of getting someone to do something illegal and then blackmailing them for it, but this one is extra creative because it charges people to do the illegal original thing!
> KrebsOnSecurity reviewed the Google Ad Transparency links for nearly 500 different websites tied to this network of ghostwriting, logo, app and web development businesses. Those website names were then fed into spyfu.com, a competitive intelligence company that tracks the reach and performance of advertising keywords. Spyfu estimates that between April 2023 and April 2025, those websites spent more than $10 million on Google ads.
Probably something about margin vs volume. One complicated transaction that could net a huge profit vs lots of smaller transactions that result in less overall profit despite same cost.
He'll ive seen legit businesses get burned on the same mindset. More than once. It's just in the legal transaction space, the risk shifts more towards 'delivering a crappy product' than, say, 'your employees get arrested' when you are forced to hit a deliverable.
Not joking, there's actually a lawsuit from one of the homework aid sites against Google as the AI Overviews are providing the answers that were previously been teased and upsold on their site.
Left unsaid in the filing was that it seemed like _most_ of the pages on the homework site were in fact scanned from copy written textbooks and then solved and they were trying to SEO rank for _exactly_ the question in the homework.
People have been down voting me for years whenever I say this. It used to be so easy to buy fentanyl, cathinones, ketamine analogs, etc from China. Maybe it still is, I don't know
An interesting time to publish this, but no doubt Krebs was working on it before the India attack.
When I saw Krebs getting into international warfare politics, I thought he was out of his element, but doubtless he is pulling some relevant strings from the cyber aspect.
I'd be interested in seeing if he can get in on something close to the actual war like the NSO whatsapp exploits. So far Krebs has brought a lot of attention to scammers. But at any point he might make the jump and link cyber to actual attacks on life.
Reversible by who? Not the payer or it'll create fraud in the other direction similar to credit card chargeback fraud or Ebay's "I didn't receive my item, give me my money back" fraud.
I'm pretty sure institutional wires are reversible. Courts can also freeze accounts, the only weakpoint is absconding and quit scamming, but you lose the reputation of a whole bank in that.
Courts can freeze accounts within their jurisdiction. If a US scammer steals money the courts can reverse it. If an asian scammer does it there's no recourse, that's why it must be insured.
A- All accounts of the foreign company within their jurisdiction. i.e: foreign company can no longer do business with the state
B- Freeze accounts of foreign bank, or order them to cover the remedy,
C- Embargo country.
... and the Pakistani court sided with the scammers, after the judge was paid about $40000. So relying on the justice system doesn't help anyone here (and that's assuming you're willing to pay enough to run a court case on the other side of the world in the first place).
Please don't post insinuations about astroturfing, shilling, brigading, foreign agents, and the like. It degrades discussion and is usually mistaken. If you're worried about abuse, email hn@ycombinator.com and we'll look at the data.
Brian Krebs, the cybersecurity expert behind Krebs on Security, primarily generates revenue through banner advertisements displayed on his website. His website, which receives over a million visits per month, attracts this income. While he also receives information from law enforcement and other sources, his primary income stream is advertising, according to a WSJ article.
Turtles all the way down.
> the company’s most lucrative scam business: Hundreds of sites peddling fake college degrees and diplomas. People who purchased fake certifications were subsequently blackmailed by Axact employees posing as government officials.. “Axact took money from at least 215,000 people in 197 countries — one-third of them from the United States.. earning the company at least $89 million”.. a Pakistan district judge acquitted 24 Axact officials at trial due to ‘not enough evidence’ and then later admitted he had accepted a bribe (of $35,209) from Axact
>Axact That name sounds familiar Darknet Diaries: 142: Axact
Episode webpage: https://darknetdiaries.com/episode/142
Media file: https://www.podtrac.com/pts/redirect.mp3/dovetail.prxu.org/7...
https://archive.ph/Ej90N
How about some Fake Lawyers with Fake Degrees they got from Axact, shove some bribe money in there. Its a global blackmail and bribery operation and domain Registrars like GoDaddy NameCheap Name.com Dynadot Tucows etc are allowing them to create millions of FAKE WEBSITES to scam people and that money goes right back into the west via offshore accounts, right into your real estate, treasonous bastards that accept "Sharia Investors" — It goes through Dubai, the Carribean, then right into Private LLCs and anonymous Private Equity Shareholders.
Islam is a master of bribery and sniffing out TRAITORS.
> FAZAL: Yeah, I thought the same; kind of creepy. But it’s far worse than that. I was talking with someone from another team and they said, go to facebook.com and try to log in with this e-mail and password. We were able to log in to these people’s Facebook accounts.
This is why MFA needs to be a requirement everywhere
Kinda ironic that social media sites do it better than your bank. My airline even has passkeys!
As a minimal social media user, do any social media sites actually require MFA these days? You can have the best security features in the world but if they are opt in and even a slight degradation of UX the vast majority of people will not adopt them. Security often needs to be beaten over the head of the populace to be successful. Let’s Encrypt and HTTPS in the browser is a good example of this.
[dead]
Wow, quite cunning. Charge people to do something fraudulent, then double dip by charging them to not expose the fraud. It’s another variant of the classic scam of getting someone to do something illegal and then blackmailing them for it, but this one is extra creative because it charges people to do the illegal original thing!
One universal internet for the entire world was a mistake.
We need borders on the internet.
In America, billionaires scam you!
With apologies to Yakov Smirnoff...
[flagged]
This part was also amusing:
> KrebsOnSecurity reviewed the Google Ad Transparency links for nearly 500 different websites tied to this network of ghostwriting, logo, app and web development businesses. Those website names were then fed into spyfu.com, a competitive intelligence company that tracks the reach and performance of advertising keywords. Spyfu estimates that between April 2023 and April 2025, those websites spent more than $10 million on Google ads.
The one selling pick axes always wins
Why bother selling actual fentanyl when you've got a thriving business selling fake homework help? Seems like a lot less overhead to manage.
Probably something about margin vs volume. One complicated transaction that could net a huge profit vs lots of smaller transactions that result in less overall profit despite same cost.
He'll ive seen legit businesses get burned on the same mindset. More than once. It's just in the legal transaction space, the risk shifts more towards 'delivering a crappy product' than, say, 'your employees get arrested' when you are forced to hit a deliverable.
Surely LLMs put the homework help industry out of business.
Not joking, there's actually a lawsuit from one of the homework aid sites against Google as the AI Overviews are providing the answers that were previously been teased and upsold on their site.
Left unsaid in the filing was that it seemed like _most_ of the pages on the homework site were in fact scanned from copy written textbooks and then solved and they were trying to SEO rank for _exactly_ the question in the homework.
Best "they're stealing our homework answers" lawsuit ever :)
The two go together. Money laundering.
The high margin profits from the fentanyl are laundered as proceeds from the homework business.
More... money...
Because for some it’s less important to earn money and more important to destabilise your geopolitical rival.
People have been down voting me for years whenever I say this. It used to be so easy to buy fentanyl, cathinones, ketamine analogs, etc from China. Maybe it still is, I don't know
like Wu-Tang Financial said, you gotta diversify your bonds.
[flagged]
That’s how they may be financing the terror.
That's a good point. A little like the US and Israel's weaponry sales funding genocide.
https://youtu.be/_uMEE7eaaUA?si=nar1NcXX1YHb4X5G
An interesting time to publish this, but no doubt Krebs was working on it before the India attack.
When I saw Krebs getting into international warfare politics, I thought he was out of his element, but doubtless he is pulling some relevant strings from the cyber aspect.
I'd be interested in seeing if he can get in on something close to the actual war like the NSO whatsapp exploits. So far Krebs has brought a lot of attention to scammers. But at any point he might make the jump and link cyber to actual attacks on life.
Cross border/jurisdictional payments need to be insured and reversible. This will stop the scams.
Reversible by who? Not the payer or it'll create fraud in the other direction similar to credit card chargeback fraud or Ebay's "I didn't receive my item, give me my money back" fraud.
By the insurer. Credit card issuers are already privatized legal dispute courts.
I'm pretty sure institutional wires are reversible. Courts can also freeze accounts, the only weakpoint is absconding and quit scamming, but you lose the reputation of a whole bank in that.
Courts can freeze accounts within their jurisdiction. If a US scammer steals money the courts can reverse it. If an asian scammer does it there's no recourse, that's why it must be insured.
of course. But the court can freeze:
A- All accounts of the foreign company within their jurisdiction. i.e: foreign company can no longer do business with the state B- Freeze accounts of foreign bank, or order them to cover the remedy, C- Embargo country.
Insuring individual payments is a lot easier than embargoing countries over small sums of money.
It's not really about small sums of money is it? It's a drug case and at that point it's about contempt of the court.
... and the Pakistani court sided with the scammers, after the judge was paid about $40000. So relying on the justice system doesn't help anyone here (and that's assuming you're willing to pay enough to run a court case on the other side of the world in the first place).
[flagged]
[flagged]
[flagged]
that's about the lamest sockpuppetry I've ever seen, against stiff competition.
[flagged]
[flagged]
Please don't post insinuations about astroturfing, shilling, brigading, foreign agents, and the like. It degrades discussion and is usually mistaken. If you're worried about abuse, email hn@ycombinator.com and we'll look at the data.
https://news.ycombinator.com/newsguidelines.html
Fortunately if you click on the website, you can deduce the funding model in about 30 seconds:
https://krebsonsecurity.com/cpm/
But I'd imagine you don't ACTUALLY care about the funding source of Krebs, you're just hoping to distract from the topic at hand.
FWIW, that link 403s for me.
https://i.imgur.com/T3RUBiz.png
[flagged]
[flagged]
> You sure seem like nothing more than a troll with an agenda. Keep digging.
Please don't make accusations like this against other HN users, no matter how right you are or you feel you are.
https://news.ycombinator.com/newsguidelines.html
Here, I looked it up for you:
Brian Krebs, the cybersecurity expert behind Krebs on Security, primarily generates revenue through banner advertisements displayed on his website. His website, which receives over a million visits per month, attracts this income. While he also receives information from law enforcement and other sources, his primary income stream is advertising, according to a WSJ article.
[flagged]
Why does everything need to be tied to revenue? Genuine question.
Because the number of times $ arbitrary_event happens and money is a top contributing factor has got to be at least a trillion to one.
Or said differently: safe to assume money had something to do with it, whatever it is.
[flagged]
So what are your incentives? You made a brand new account just to anonymously question Krebs.
[flagged]
[flagged]
[flagged]