Introduction:
Alameen Karim Merali, my CFO from Arusha, Tanzania, is here with me today to participate in an interview regarding his cyber-security work. I, Madeline Escobar, the Spanish owner of Dark Horse Security Inc., manage a diverse portfolio of Alameen’s cyber-security projects, including cyber-defense, threat intelligence, open-source intelligence, and cyber-forensic investigations. Alameen oversees these projects, and I serve as the company’s CEO and media manager.
Renowned in the cyber-security industry for his vast work, Alameen is well-known for his ability to stop fraudsters operating from anywhere in the world by having the contacts and conducting in-depth security research. Though we are unable to go into great depth about his creations due to legal concerns, they have not been forgotten. But we’ll talk about one of them in this interview.
The interview:
Question: How did you enter the world of cybersecurity, Alameen?
Answer: Ever since I was a small child, my dream has always been to work with law enforcement as an investigator, police officer, or both. Upon realizing my increased interest in the digital realm and my extensive computer knowledge, I made the decision to pursue a career in cyber-security.
Question: How did you get these abilities, Alameen?
Answer: I have completed most of the courses and obtained the certifications needed for these skills; nevertheless, the majority of the abilities, including obtaining intelligence, I have learned on my own. I hold certifications in Mobile Security, CompTIA, Forensics, Social Engineering, and Corporate Cyber-Security Management. The portions on ethical hacking, open-source intelligence, threat intelligence, and threat hunting are ones that I learned on my own. Here is where you can view my certifications:
Question: When did you think hacking was morally acceptable, Alameen?
Answer: With the infrastructure owner’s consent, hacking can be morally and legally acceptable in order to conduct security research and fix holes in the system that lead to security breaches. If law enforcement or intelligence agencies supply you with a warrant, it can usually even be considered morally right to perform a federal investigation. It is illegal to perform hacking without authorization or a warrant, so never do so.
Public Service Announcement (Not part of the interview, but recommended by Alameen): You can learn more about the laws referencing obtaining a warrant from law enforcement from here and the process of obtaining the warrant from the court from here. Please keep in mind that the offenses must be a misdemeanor if the warrant you are requesting is not a federal warrant, just as the website linked from the district attorney’s website mentioned so. You can learn more about how governments use hackers from here and please keep in mind to follow applicable laws in your jurisdiction. If you plan to become an ethical hacker and security researcher like me, consider that you must understand legal and moral aspects and the laws referencing hacking. Never do anything that will break the law, this can result to civil liabilities and prosecution.
Question: How has your experience been tracking down cybercriminals, Alameen?
Answer: Cybercriminals possess little intelligence. They commit common operational security errors that are easily remedied by us. This is due to the fact that most cybercriminals are ignorant of cybersecurity and its operation. As an illustration, a security researcher I’ve observed conducting an investigation reveals that they can hire someone to code a website for them. However, the website coder makes simple mistakes like leaving the redirect IP address of a Dark Web website to fetch data from a clearweb IP address, which can lead to the main servers’ backend. Once the website is subpoenaed from the registrar, the criminals can be found. Consider the following screenshot, which shows an example of such an operational security mistake, credit to Pavel Maxim Kravkenko for this picture:
As you can see, the backend server’s IP address may be found by following the data on the website’s forwarding IP address. I might then gather that as important information to report to law enforcement and issue a subpoena to confiscate the site. This IP address may then be traced using specific tools to expose the information about the registrar. This is an illustration of a subpoena; the source of the link is a reliable news outlet covering cyber-security.
My own experience tracking down cybercriminals has been rather dramatic; I have had to denounce offenders from several websites and obtain their identities through information collection. I’ve been able to apprehend a good number of offenders over the years, and I’ve made the decision to retire by the age of 25 or earlier. Our CEO and Media Manager, as well as I, are aware of my work since we share information on investigations that are prepared for public release on Facebook and Twitter. We don’t share material that isn’t permitted for public release and that complies with legal requirements. You can obtain information on investigations by visiting our social media pages.
Question: Could you kindly provide us with an example of your work, Alameen?
Answer: Yes, I can provide an example of my malware analysis research, which primarily involved deconstructing the GBWhatsApp program and searching its code for malicious entries. Through this process, I discovered that the application is used to commit SMS fraud. I have shared my research document, which is available on my medium page, and I have made the sample available on malware bazaar so that other security researchers can examine the malicious entries in more detail.
We appreciate you coming to see us and participating in this interview. It has been a wonderful joy to have you here, Alameen.
