Kingpin: How One Hacker Took Over the Billion-Dollar Cybercrime Underground

"Kingpin: How One Hacker Took Over the Billion-Dollar Cybercrime Underground" is an enthralling read that delves into the captivating world of cybercrime. The author masterfully narrates the story of Max Butler, a hacker who managed to seize control of the billion-dollar cybercrime realm. The writing style is engaging and accessible, making it easy for readers to follow the complex intricacies of hacking and cyber fraud.The book offers a detailed account of Butler's exploits, painting a vivid picture of the cybercrime underground and the individuals involved. It also provides valuable insights into the ever-evolving nature of cyber threats and the importance of cybersecurity measures. "Kingpin" is a must-read for anyone interested in true crime, technology, or cybersecurity, as it offers a rare glimpse into a world that is both fascinating and frightening. Highly recommended!

Every once and a while I like to break away from the stress that is pentesting and bunker down with a good fiction book. Normally I stick to sci-fi and fantasy but last week I got to keep my head in the game while still recharging my batteries, with Kevin Paulsen's Kingpin: How One Hacker Took Over the Billion-Dollar Cybercrime Underground. Having been a fan of what I thought to be similar titles like the Stealing the Network series and a researcher during the ShadowCrew era, I dove into Kingpin and managed to read it on a round trip plane flight between clients.Kingping is the story of Max Butler aka Iceman, a hacker and carder that took over the digital carding scene in 2008. When i say took over, i mean, he really did take over. From a small apartment in San Francisco Iceman forcibly and calculatingly popped almost every single carding forum that opposed him all in an effort to ensure the underground scene was free of law enforcement and scammers. The story chronicles Max and the Law enforcement agents that pursue him at every turn.While most editorial reviews focus on literary prose and plot development, I have less of that expertise and more of the "having lived it" expertise.Kingpin was a non-stop page turner. Well written, it grabs you right away and never lets go. The great thing about the story is it's based on true events and the author depicts the characters with stark realism, almost scarily so. Being a pentester you find yourself thinking " had i made one or two bad decisions, this could have been me" and if you've been in or around "the scene" in the past this story hits so close to home you might find yourself a bit shaken up.While not the half fiction half tech split that most hacking books have adopted these days, Kingpin is a pure chronicle. That's not to say that there's no tech, because there certainly is some sploits referenced in Kingpin but, it's more of passerby than books like STN or Dissecting The Hack.Now onto the verdict:Kingpin was so good, so shockingly real to true events, that it has entered my top 10 book list. Go read it. Now.For some people it will be story, for others a warning, and for some a guide. The book will open your eyes to how the real underground works; where hackers deal with carders, the carders work for the Russians, and Law Enforcement uses old school methods with new school tech to chase them down.Hopefully it will teach you what only the realists among us have realized. Real for-profit hackers do not care about 0-day exploits when larger issues go unpatched. Real hackers will attack weak links like passwords. Real hackers aren't about your informational level findings. Real hackers are about the data. They dont target your firewalls they target your employees. Your compromised network is often a conquest of opportunity from a net cast over the whole internet, and they are more often caught because of the people they confide in than the tech the used to hide.

As an engineer with a passing interest in computer security, I wasn't quite sure what to expect from this book. I ended up being pleasantly surprised, and would easily recommend this title to anyone at all interested in true crime, detective stories, or computer and financial crimes. I ended up reading the book in 3 or 4 sittings, and hated putting it down.The Good Stuff:First and foremost, the book is well written. The prose is lively without hysterics, and the characters and narrative fit together well. Poulsen captures not only the actions of the characters, but treats us to a look inside their motivations and conflicts. Fascinating stuff.The book does not get lost in technical details. For example, while the book talks about encryption of data, it does so in terms of "schemes that are easy to crack" and "schemes that are just about impossible to crack". Good enough detail to keep the narrative on track and avoid bogging the reader down in the arcane science of cryptography.The plot is intriguing. It very much reminded me of a good spy thriller, or more specifically the history of the WWII intelligence services with agents, double-agents, agents-provocateur.The Bad StuffI personally would have liked to see more technical details. To keep the text moving, Poulsen has ruthlessly removed all but the most simplistic overviews of the technical issues. Even keeping to his goal of a mass-market book, I believe more detail could have been added. At the very least it would have helped show off the skills of the main characters.The book also ends a little too abruptly. The actual trials and legal proceedings are only brief summaries-and this is probably one of the more important areas of the whole story-since the book details some of the first successful prosecutions of "hackers".SummaryI liked the book, and would recommend it to any fan of crime, detective or technical thrillers. If you have ever had your identity stolen, the book will shock you with just how easy it was (and probably still is) to land a live credit card number. Or how easy it is to land a couple thousand live credit card numbers.One area I would have liked Poulsen to have spent a little more time on is the responsibility of the corporate networks. When you hand your credit card to the clerk at TJ Maxx, you are entrusting not only the clerk, but the entire TJ MAXX computer infrastructure to safeguard it. The book dances around the point of the shoddy way in which Fortune 500 companies handle their (and their customer's) data.

Very interesting story about white hats and black hats. Great story about Max Vision's double-mind behavior and information security issues.

This book is not just the story of Max Ray Vision; it's an excellent and compelling overview of the history of the criminal hacking scene The book is written in a narrative style, following Max Ray Vision a.k.a. Max Butler and the many people who were involved or associated with him as a hacker. In doing so, the author unravels the history of the criminal hacker and his association to the carding scene.Now, when I say 'narrative style', don't expect literary-quality prose—it is certainly more journalistic than that! It is, nonetheless, nothing so dry as a history text or general non-fiction book. The author does seem to try too hard at grabbing the reader's attention using cute literary or structural tricks—I particularly noticed that at the beginning—but all in all, the writing's definitely solid, compelling and quite appropriate for the subject.The quality of the journalism seems top-notch. I don't claim to know much about the subject, but just the extensive endnotes commenting on the events occurring in the narrative and their sources thereof, along with Poulsen's own comments and acknowledgements, suggests that his research was very thorough. For those seeking facts on Max Ray Vision and his story, the endnotes should provide ample support to an otherwise dramatised biography.

Max ButlerFrom Wikipedia, the free encyclopediaJump to: navigation, searchMax Ray Vision (formerly Max Ray Butler, alias Iceman, born 10 July 1972),[1][2][3] a former computer security consultant,[4] is an online hacker charged with two counts of wire fraud and theft of nearly 2 million credit card numbers as well as approximately $86 million in fraudulent charges.[5]

...how they get away with it. Would be interesting to know how much the credit card issuers loose every year.

I liked this book as it details a different and more lawless time of e internet when sites that conducted obvious illegal activity still managed to be hosted in the US.It also talks about one of the most costly financial security blunders of our time... the mass use of insecure mag stripe cards for financial transactions.