When thinking about your opsec, you shouldn't just consider the tools that you use, but also take a broader look at the meta data that you produce and which parties you are putting your trust in.
Let's take a look at a simple case study for this: pompompurin. They didn't get him because he forgot to turn on TOR or anything, they caught him by reading through years of forum posts and private messages on raidforums, where old pom had the brilliant idea to post his own personal gmail address and thought saying "btw that isnt my email" was enough plausible deniability.
Another example is this research paper that's kinda related: https://api.repository.cam.ac.uk/server/...d8/content
It's old but the principle still stays the same. Your hackerman name and your social patterns on forums betray you. As does your writing style. Lots of research has been done on classifying authors by certain grammatical patterns they like to use etc. When you start your career, you might want to use many different pseudonyms on different forums, even if it means building a brand becomes harder. Tough shit, this is the long game!
Also, expect the forum to be taken down/infiltrated by the feds. You never know what kind of opsec mistakes happen on the back end. How many forums active 3-5 years ago are still active? I only count 2 and cryptbb really isn't what it used to be... The typical DN forum/market life cycle is about 2 years IF NOTHING BAD HAPPENS.
Adjust your speech patterns accordingly. Mix it up, dumb down your english, then talk smart again, or use ChatGPT from time to time while you're at it.
These patterns are used by investigators to pin crimes on you that aren't linked to you by any log files or ip addresses, which buys a couple extra years behind bars if you're unlucky.
The same goes for your tools, especially the ones you made yourself. Coding style analysis from binaries is a thing and that is even worse than speech patterns on forums. Rewrite the stuff you use regularly, experiment with using different programming patterns (lots of literature about industry standards and patterns available on the internet, functional vs object oriented, different software architecture patterns) - your style will probably advance and change over time so keep rewriting so there is no clear connection in the malware you are using now and the malware you used 10 years ago.
Think about what kind of business model you want to make your money with, especially the risks involved, the punishments, which countries are most vulnerable, and how often the crime is discovered (ransomware vs ddos vs fraud vs identity theft for example). Also think about ways to launder your darknet money. You can get some inspiration from meat space criminals on that end, just don't expect the IRS to believe you when you say that your dad gave you a small loan of 1000 XMR.
These were just some things on the top of my head that I think should be discussed. What are your thoughts? Additional sources of meta data that should be considered?
EDIT: By no means am i claiming to be the alpha and omega expert on this, this is supposed to be somewhat of a discussion primer for everyone here
Let's take a look at a simple case study for this: pompompurin. They didn't get him because he forgot to turn on TOR or anything, they caught him by reading through years of forum posts and private messages on raidforums, where old pom had the brilliant idea to post his own personal gmail address and thought saying "btw that isnt my email" was enough plausible deniability.
Another example is this research paper that's kinda related: https://api.repository.cam.ac.uk/server/...d8/content
It's old but the principle still stays the same. Your hackerman name and your social patterns on forums betray you. As does your writing style. Lots of research has been done on classifying authors by certain grammatical patterns they like to use etc. When you start your career, you might want to use many different pseudonyms on different forums, even if it means building a brand becomes harder. Tough shit, this is the long game!
Also, expect the forum to be taken down/infiltrated by the feds. You never know what kind of opsec mistakes happen on the back end. How many forums active 3-5 years ago are still active? I only count 2 and cryptbb really isn't what it used to be... The typical DN forum/market life cycle is about 2 years IF NOTHING BAD HAPPENS.
Adjust your speech patterns accordingly. Mix it up, dumb down your english, then talk smart again, or use ChatGPT from time to time while you're at it.
These patterns are used by investigators to pin crimes on you that aren't linked to you by any log files or ip addresses, which buys a couple extra years behind bars if you're unlucky.
The same goes for your tools, especially the ones you made yourself. Coding style analysis from binaries is a thing and that is even worse than speech patterns on forums. Rewrite the stuff you use regularly, experiment with using different programming patterns (lots of literature about industry standards and patterns available on the internet, functional vs object oriented, different software architecture patterns) - your style will probably advance and change over time so keep rewriting so there is no clear connection in the malware you are using now and the malware you used 10 years ago.
Think about what kind of business model you want to make your money with, especially the risks involved, the punishments, which countries are most vulnerable, and how often the crime is discovered (ransomware vs ddos vs fraud vs identity theft for example). Also think about ways to launder your darknet money. You can get some inspiration from meat space criminals on that end, just don't expect the IRS to believe you when you say that your dad gave you a small loan of 1000 XMR.
These were just some things on the top of my head that I think should be discussed. What are your thoughts? Additional sources of meta data that should be considered?
EDIT: By no means am i claiming to be the alpha and omega expert on this, this is supposed to be somewhat of a discussion primer for everyone here