Whats the tech stack that top-tier hackers use for staying undetectable?
What’s the ultimate technology stack that top-tier hackers use for staying undetectable (chatting, online browsing, OS, etc.)?
I feel that this is a rather poor question, and comes off as a little immature and naive. If I had to give it a bash however, I'd reckon that a phone would be completely unecessary. Reducing your technological devices down to solely your computer limits your surface. Then I suppose a librebooted QubesOS (although this is hard to do admittedly), using as much open sourced hardware as possible. All internet would be routed through Tor, and I suppose an even better idea would just to boot the entire thing on Tails or even Kali when needed for convenience off a clean USB. Encrypted hard drive along with avoiding proprietary drivers too. For software, messaging would be done via Matrix or Signal, no software other than what's strictly necessary for the task either.
There's so, so much more that goes into staying anonymous as well as secure other than just your tech stack, as other commenters have pointed out.
Beyond software, I'd take a guess that the biggest strength of somebody who is really good who wants to stay undetectable is discipline and extreme paranoia.
* They probably buy a used machine they bought with cash and has no way to tie to them.
* They never connect to their home network or login to anything personal on that computer.
* They do their funny business discretely at coffee shops, libraries, etc, and don't return there, even if the coffee is really nice.
* Once a project is done, they trash the computer and records.
* If they need to communicate with co-conspirators, they probably have a system arranged to do just that and avoid having written communications that can be traceable.
Being in a country which is not sympathetic to their targets. Then you can have office buildings and payroll and everything, right out in the open.
Check out the Darknet Diaries podcast if you don't already. There are some episodes that reveal how top hackers were taken down by the FBI. It's the randomest stuff you would never expect too, usually not related to tech stack.
Friendly reminder that your viewing of this product is tracked by Amazon and is ultimately accessible by the government ;)
It depends on how you define top-tier hackers. State sponsored attackers (hackers with ties to governments, regime, etc.) have a lot more capital at their disposal. Sometimes they work inside government funded facilities. They could use matrix, signal, forums, IRC, for chat. Browsing usually comes to preference but a hardend version of firefox is preferred. OS, whatever they want. Usually you would attack from a custom distro or a kali box. These hackers are well funded.
Lone hackers, they would probably use Tor, Signal, Tails, Kali, to remain anonymous online but have the tools necessary. The most important thing for them to stay anonymous is to have jumpboxes. You would use stolen credit cards or gift card to rent a VM from a host like Linode or Digital Ocean, and use that system to proxy the attacks. You can add any number of jumpbox to make it harder to track the origin of the attack.
Live boot on the smallest USB drive you can find, surveillance cameras at points of entry. If you see trouble coming, swallow the drive.
It's the stack they understand the most so they appreciate the advantages and limitations of said stack.
For example I know Linux far more than Windows, to the point where I can administer Linux and the security policies, firewalls, etc. If I need to connect to a wi-fi hotspot "anonymously" I know how to scramble the MAC address of my laptop's wi-fi interface. I don't even know if that's possible in Windows or not...
I can't speak for hackers, but cybercriminals use exactly the same systems that you and I would typically use. There is nothing surprising in that area.
In terms of OSes, seized hardware almost always hosts either a Linux Ubuntu, sometimes Kali but not that much, or a Windows 10 system. They always have VMs running, almost exclusively on virtualbox. Running non-mainstream systems would just make them more discernable from everyone else which is not good.
What differentiates regular users from cybercrime is their "opsec", aka their operational security. They encrypt their data (with an actually robust key), they patch and harden their OSes (nobody else does this), and their online presence is mostly exclusively run through third party systems, which they likely compromised already.
Honestly, you'd learn far more useful things by reading court decisions, they often include very interesting details about their opsec.
Other people's computers.
For starters, nothing beats a clean laptop on a network that cannot be traced back to the user.
Also, just not talking about it on the wires makes a lot of difference, not to avoid being caught, but to at least prevent potential charges to go further into the conspiracy territory.
There is no "ultimate stack" - if you settle on one thing you'll never expand and that is the way anyone stays at the top of their field. Ability to learn and apply new technologies in logical ays is the only way you'd be considered top tier - not the version of is or laptop you use
Top-tier hackers mostly use Windows 10 computers with the biggest norton utilities subscription installed for extra securities. They mostly use professional grade machines like Dell or HP.
* Sits back to enjoy the downvotes because his humor is largely misunderstood.
Is it really doable these days? Nearly all procesors have ME-like modules connected to network. So long as that super-hacker connects to the internet, the ME module will sniff on him: gather nearby wifis, send those ids and receive commands. For this reason, a really uncatchable hacker never touches computers, uses snail mail to tell others do everything on his behalf and does boring woodwork as his daytime job. He's also an adept at appearing a simpleton. He even uses a special double-speak lingo in his mails so if he's caught red handed, his letter would contain an advice to his buddy Joe about lumber he should use for his tree house.
Technology is one part of it, but you also need to use it properly. The tools themselves cannot teach you that. I recommend that you read up on the concept of “OPSEC”.
Tails or any other Amnesia OS
Burner phones. All you need.
Pencil
Paper, paper, never data