Video summary

ВЕСЬ МИР УЖЕ ВЗЛОМАН: Самое страшное расследование Интернета

Main summary

Key takeaways

Technology

Core premise / “whole world hacked” claim

The speaker argues that large parts of the internet—especially public-sector/CIS infrastructure—are effectively exposed due to:

  • Neglected security updates
  • Accumulated technological debt (e.g., old components and unpatched CVEs)

Project described: CVE Global (predictive cyber intelligence)

The video presents “CVE Global” as an AI-driven predictive technology analysis system. It is claimed to:

  • Perform infrastructure analysis (not a simple “scanning/handshake” interaction)
  • Build a map/layout of infrastructure, including:
    • IPs/subnets
    • subdomains
    • DNS records
    • organizations/providers
  • Identify likely vulnerable components, relevant CVEs, and attack paths/actions if administrators don’t patch
  • Produce predicted attacker steps, including remediation prioritization

“Analysis vs scanning” analogy

The speaker contrasts:

  • Scanning: likened to a basic network handshake
  • Analysis: described as passively inferring details about an “object” by observing the technology it uses

A demo is described where analysis is reportedly completed quickly (e.g., ~7 seconds).


Demo methodology and outputs

The speaker uses an example from a list of suspicious/illegal-related resources reportedly published by the Bank of Russia, focusing on one resource with negative reviews. The system is said to identify:

  • Vulnerabilities (example mentions DoS-related issues)
  • Insecure connections
  • A structure of subdomains and related DNS/org/provider data
  • Severity ratings and the age of vulnerabilities

Large-scale findings (CIS public sector)

The speaker claims that using the system they identified:

  • 904 CIS public-sector infrastructures
  • about 5,000 potential vulnerabilities across these targets

Examples cited

  • Kyrgyzstan government infrastructure
    • A server is said to include 55 vulnerabilities with a max rating around ~9.8
    • Includes DoS/process-corruption-type risk examples
  • Repeated compromise findings
    • Claims repeated encounters of database exposure (e.g., MariaDB on public IPs)
    • Mentions very old severe issues (example framed like an OpenSSH package tampering-type vulnerability from 2008)
  • E-visa-related infrastructure
    • Mentions a case with 118 CVEs
    • Describes long-standing “tailing” deployment debt (old components persisting)

DevOps negligence / operational risk framing

A repeated narrative claims DevOps and developers:

  • fail to update components
  • accidentally expose:
    • test infrastructure inside production
    • open directories/files
    • leftover admin/test tools
    • API keys / “handles” (credentials/identifiers)
    • insecure DNS/service setups

The speaker frames this as creating a “powder keg” that eventually leads to compromise and data theft.


Infrastructure “suspicious co-location” and geopolitical/provenance claims

The speaker investigates public IP associations where multiple services appear together, arguing this may indicate cross-border hosting/control issues.

Repeated infrastructure elements

  • Mentions provider/hosting references including Aza International / PTR Network / Enginex
  • References an ASN context described as AEA International and ties it to international networks

Examples

  • Telegram appearing on IP addresses alongside infrastructure associated with gov.ru / tax-service
  • Claims that Roskomnadzor-style blocking could have side effects if government domains and Telegram share infrastructure (e.g., blocking one could affect both)
  • Mentions “disguised sites” / domain redirections (e.g., a domain that leads to core.telegram.org)

These claims are presented as “questions without answers”, implying possible influence, reuse of hosting architecture, or deliberate placement.


Neighbor/graph analysis feature (“environment analysis marker”)

The video describes an additional capability to map a target’s neighbors in one click.

Telegram environment example

  • ~101,500 IP addresses across 556 subnets
  • Analysis speed claimed: ~65 IP/s

The speaker claims the neighbor graph reveals correlations with:

  • casinos/mixers/betting/money-laundering services
  • dark-web connections
  • darknet-adjacent correlations and shared traces on servers

Mass footprint contrast (Max.ru vs Telegram)

The speaker compares infrastructure footprints:

  • Max.ru: ~9,208 IP addresses
  • Telegram (comparison): ~622 IP addresses

They question why a “national messenger” has such a large distributed footprint, implying conflict-of-interest concerns.


Automated “regulator” / integrity verification idea

The speaker proposes an automated regulator to verify developer integrity and security hygiene in critical systems (e.g., databases and public infrastructure), using techniques described as patented-like.

The emphasis is on:

  • preventing incidents
  • rather than reacting after exploitation

Security training / future threat model

The video claims vulnerabilities and attack automation will increasingly impact:

  • industrial control systems (power plants)
  • medical systems
  • drones and detection systems
  • remote government workstations and “open paths” for brute force/RCE-type issues

It advocates studying:

  • proxy/VPN usage patterns
  • attacker methods for bypassing restrictions
  • sector-specific safety testing (industry/medicine/government)

Book/fiction framing

The speaker uses a “science fiction stories by a hacker” book as a thematic wrapper, connecting the fictional premise to claimed real-world developments in:

  • predictive cyber intelligence
  • future automated cyberwarfare

Call to action / monetization

The video mentions a giveaway involving:

  • three monthly “Global Audit” subscriptions

It asks viewers to comment on:

  • why they need the subscription
  • gratitude to the channel

For partners:

  • a feedback form plus an email address in the description is referenced.

Main speakers / sources (as presented)

  • Primary speaker: the channel’s host/hacker (first-person narrator; no name given in subtitles)

Referenced third-party authorities/sources

  • Dr. Ray Kurzweil (singularity/AI advocate; mentioned)
  • Bank of Russia (cited as a source of lists/resources used for examples)
  • US Treasury & UK sanctions lists (referenced regarding AEA International ties)
  • Roskomnadzor (discussed in the context of Telegram blocking)

Original video