DarkCyber for July 16, 2019, Now Available

July 16, 2019

This week’s program is now available at www.arnoldit.com/wordpress and on Vimeo at https://www.vimeo.com/348009146. The program is a production of Stephen E Arnold. It is the only weekly video news shows focusing on the Dark Web, cybercrime, and lesser known Internet services.

This week’s story line up includes: An Australian teen with 20,000 LSD doses; a money laundering operation run within a Florida prison; a how to guide for credit card fraudsters; Facebook’s digital currency triggers domain name land rush; and Interpol smashes a global child sex crime operation.

This week’s lead story talks about Facebook’s digital currency. Regulators in the US have expressed some reservations about what could be considered a sovereign currency. Facebook’s effort to unify its messaging applications and integrate encryption into the service poses one additional hurdle for investigators. The proposed digital currency called Libra may enable seamless, friction free financial transactions within the encrypted Facebook system. Bad actors are likely to test the system to find ways to use Facebook for illegal activities. Messaging apps can provide access to digital content like pirated videos, child pornography, commercial software with its security compromised, and similar digital contraband.

Other stories in the July 16, 2019, program are:

First, an Australian teenager used the Dark Web to purchase LSD, a controlled substance. The Australian Joint Agency Strike Team monitored the teenager’s activity which included setting up a mail drop in the central business district of Adelaide. When police moved in, they seized 20,000 doses or “tabs” of LSD. The contraband had an estimated street value of US$200,000. The legal representative of the alleged drug dealer pointed out that the young man had good family support. The teen also had knowledge of the Dark Web, a mail drop, and the 20,000 LSD tabs.

Second, Terbium Labs issued a new report which provides information about credit card fraud. For security professionals, the report is a concise review of key factors. To an individual looking for a primer explaining credit card fraud or “carding” the Terbium report is an interesting resource. Terbium points out that lesson plans for would be credit card fraudsters are available on the Dark Web. Most of the instructional material and guides cost between $4 and $13. Similar information can be located using Regular Web search engines. DarkCyber reveals that Yandex.com offers both current credit card fraud instruction guides as well as direct links to explanatory videos. This type of information may pose a dilemma for public search engines. For an individual seeking information about how to perform financial fraud, the abundance of available information is remarkable for its scope and its ready availability.

Third, convicted criminals in Pasco Country, Florida, operated a money laundering scheme from their cells. The angle was to obtain stolen credit cards from a Dark Web marketplace and transfer money from the credit card to a prisoner’s personal commissary account. Many US prisons allow inmates to purchase snacks and approved items from this prison store. Once the money was in a prisoner’s account, the ringleader then submitted a request for the prison to transfer the money to the account of an individual who was not in prison. Investigators identified the prisoners involved in the scheme, arrested one person who acted as an accomplice, and identified seven other individuals involved the the operation. A total of $8,000 was stolen in 40 separate transactions.

Finally, DarkCyber reports that Interpol’s Blackwrist investigated a global child sex crime operation. Dozens of individuals were arrested. One pedophile has been sentenced to more than 100 years in a Thailand prison. Others snared in the sweep are allegedly individuals who have abused children, some as young as 15 months. Blackwrist continues its investigations and more arrests are expected.

Kenny Toth, July 16, 2019

DarkCyber for July 9, 2019, Now Available

July 9, 2019

DarkCyber for July 9, 2019, is now available at www.arnoldit.com/wordpress and on Vimeo at https://www.vimeo.com. The program is a production of Stephen E Arnold. It is the only weekly video news shows focusing on the Dark Web, cybercrime, and lesser known Internet services.

This week’s story line up includes: Amazon’s drone-centric surveillance technology; Mauritania loses Internet access; cyber criminals stumble at the US Post Office; the US develops THOR to kill drone swarms; and cyber crime for vertical markets grows.

This week’s lead story pivots on Amazon’s patent US 10,313,638 “Image Creation for Geo-Fence Data.” This invention makes it possible for an Amazon drone delivering packages or performing some other function like verifying that a driver dropped off an order to perform other functions. The specific example described in the patent is for Amazon to parse drone footage within a specific area and then extract data about a person or other entity. The idea is to geo-fence a front yard, a back door, or some other location and then extract the image and assign metadata to that extracted object. In short, deliveries plus surveillance. The invention makes us of the Amazon Web Services’ suite of services; for example, cross correlation of drone captured data with facial recognition, purchase history, and financial information.

Other stories in the July 9, 2019, program are:

First, Bromium and the Surrey Crime Research Lab in the UK have published information about a new trend in cyber crime. Instead of Dark Web bad actors just offering generic malware, SCRL reports that specialized software has become more widely available. The “vertical” malware is purpose built to attack retail, health care, and financial institutions. The technology needed to compromise an employee’s mobile device and corporate network access has been fine-tuned to deal with the security procedures in place for banking, finance, and credit card providers. Instead of relying on general purpose exploits, malware like Ramnit is bundled with tools able to penetrate hospitals and retail operations. Bromium provides a summary of some of the SCRL results, and DarkCyber provides information necessary to register to obtain this high value report.

Second, the US government, assisted by three commercial enterprises, has develop a system to kill or disable a swam of drones. The technology makes use of a directed beam which interferes with the electronics of a group of drones. The idea is that a swarm of drones can operated in an autonomous and semi-autonomous manner to compromise US security or perform in an offensive manner; for example, deliver poison, explosives, or surveillance devices. The THOR (Tactical High Power Microwave Responder) can be set up by two people in less than three hours. The beam defense is operated with a hand held controller. The technology can be mounted on a variety of platforms, included land based vehicles.

Third, two individuals based in the US shipped more than 25,000 packages containing controlled substances. The duo collected more than $8 million from the sale of narcotics and fake prescription drugs like Adderall. US investigators broke the case because the team used Stamps.com, an online service for postage. One of the bad actors signed up for the service using his real name and home address. Agents purchased four batches of narcotics and then raided the operation. In that raid, a commercial pill press was seized along with other evidence. When arraigned, the duo pleaded “Not guilty.”

Finally, Mauritania, a northwest African nation with a population of four million lost Internet access. An estimated 800,000 citizens had been unable to send email, use Facebook, and other online services. The government took this step in order to help quell political unrest in that country. Other countries in that region’s Internet shut down zone are Ethiopia and Sudan.

Kenny Toth, July 9, 2019

DarkCyber for July 2, 2019, Is Now Available

July 2, 2019

DarkCyber for July 2, 2019, is now available at www.arnoldit.com/wordpress and on Vimeo at https://vimeo.com/345294527. The program is a production of Stephen E Arnold. It is the only weekly video news shows focusing on the Dark Web, cybercrime, and lesser known Internet services.

This week’s story line up includes: Tor survives another court battle related to a child who overdosed on Dark Web drugs; a newspaper unwittingly provides a road map for undertaking credit card fraud; a profile of DataWalk, a next-generation intelligence platform with a secret sauce; and Recorded Future’s threat intelligence service runs from Amazon’s platform.

This week’s lead story is the revelation that Recorded Future relies on Amazon AWS to serve its new threat intelligence service. Recorded Future was founded in 2009 with initial investors Google and In-Q-Tel, the investment arm of the US Central Intelligence Agency. In May 2019, the predictive analytics company was acquired by Insight Partners, a leading global capital and private equity firm. The purchase price was about $700 million. Recorded Future’s threat intelligence service is in the same product category as FireEye’s information service. Providing threat information in a browser provides easier access to this information. Stephen E Arnold, author of CyberOSINT: Next Generation Information Access, said: “The use of the Amazon AWS platform, not the competing Google service, is significant. Recorded Future joins BAE, Palantir Technology, and a handful of other firms leveraging the AWS infrastructure. Amazon is emerging as the plumbing for law enforcement and intelligence software.”

Other stories for the July 2, 2019, program are:

First, a Utah court decided that Tor, the software bundle required to access the Dark Web, was not liable for a death. The parents of a young person who overdosed on drugs ordered from a online contraband vendor via Tor sued the foundation involved with the anonymizing technology. Other cases have been filed against Tor. The deciding factor in this most recent decision and other cases is the US law which treats online platforms differently from traditional publishers. The court uncovered information that there are about 4,000 people in Utah who use Tor and presumably the Dark Web each day.

Second, a British newspaper published an informational article about online credit card fraud. DarkCyber interpreted the information in the report as a road map for a person who wanted to commit an online crime. The news story provided sufficient information about where to locate “how to” materials to guide an interested individual. Tips for locating sources of stolen credit card data were embedded “between the lines” in the report. The newspaper did omit one important fact. Organized crime syndicates are hiring individuals to commit credit card fraud and other financial crimes.

Finally, DarkCyber profiles a start up called DataWalk. This company provides a next-generation intelligence analysis and investigation platform. Competitors include IBM Analyst’s Notebook and Palantir Technologies Gotham / Titan products. DataWalk, however, has patented its technology which implements the firm’s method of delivering query results from disparate sources of structured an unstructured content. Plus the company can provide an analyst with content from third-party content products such as Thomson Reuters and the specialist publisher Whooster. The service also scales to accommodate data analysis, regardless of the volume of information available to the system. DataWalk’s analytic system operates in near-real time. DataWalk allows a user to perform sophisticated investigative and analytic procedures via a mouse-centric graphical interface. A user can click on an icon and the system automatically generates a “workflow ribbon.” The ribbon can be saved and reused or provided to another member of the investigative team. More information about this firm is available at www.datawalk.com .

Kenny Toth, July 2, 2019

Google: Hunting for Not Us

June 26, 2019

There was a dust up about song lyrics. As I recall, the responsibility did not fall upon the impossibly magnificent Google shoulders. A supplier may have acted in a manner which some “genius” thinks is a third party’s problem. Yep, a supplier.

I just read “Tracing the Supply Chain Attack on Android.” The write up explained that malware with impossible to remember and spell names like Yehuo found its way on to Android phones via the “supply chain.” I don’t know much about supply chains, but I think these are third parties who do work for a company. The idea is that someone at one firm contracts with the third party to perform work. When I worked as a “third party,” I recall people who were paying me taking actions; for example, texting, visiting, emailing, requiring me or my colleagues to attend meetings in which some of the people in charge fiddled with their mobile devices, and fidgeted.

The write up digs through quite a bit of data and reports many interesting details.

However, there is one point which is not included in the write up: Google appears to find itself looking at a third party as a bad actor. What unites the “genius” affair and the pre installed malware.

Google management processes?

Yes, that’s one possible answer. Who said something along the lines that if one creates chaos, that entity must address the problems created by chaos?

But if a third party did it, whose problem is it anyway?

Stephen E Arnold, June 26, 2019

DarkCyber for June 18, 2019, Now Available

June 18, 2019

DarkCyber for June 18, 2019, is now available at www.arnoldit.com/wordpress and on Vimeo at https://www.vimeo.com/342544814.

The program is a production of Stephen E Arnold. It is the only weekly video news shows focusing on the Dark Web, cybercrime, and lesser known Internet services.

This week’s story line up covers: A next-generation content processing system funded by In-Q-Tel; Dark Web scans for personal information; a new spin on Crime as a Service tuned to steal financial data; Canada’s prisons get a drone detection systems; and the FBI Vault adds additional Clinton email data.

This week’s feature is a review of Forge.ai’s content processing system for law enforcement and intelligence applications. The system converts open source and other data into “structured intelligent event event feeds.” Unlike many commercial content processing and intelligence systems, Forge.ai is designed to handle data flows of virtually any size and perform processing in real time. The company recently received the support of In-Q-Tel, the CIA’s investment unit. Lt. General John Mulholland is accepted a position on Forge.ai’s board of advisers. General Mulholland was the deputy commander of Special Operations command and also served at the CIA.

Other stories in this week’s DarkCyber video news program are:

First, Dark Web scans to find personal information are advertised on television. DarkCyber looks at some of the methods used by vendors who offer free or low-cost scans of the Dark Web for PII or personal identification information. DarkCyber reports that many services do not deliver comprehensive results. There are specialized services available to law enforcement and intelligence professionals, but most of these are not available for public use.

Second, crime-as-a-service or CaaS continues to improve. Malware from two different sources have evolved into a symbiotic relationship. The Gazorp tool makes it easy to customize malware known as Azorult. Despite the odd names, the one-two punch facilitates the use of these tools by an individual or group of individuals without deep technical expertise. Gazorp is offered without charge, but the value of the software opens the door to monetization. Other bad actors are likely to build on the CaaS approach of Gazorp’s and Azorult’s developers and users.

Third, in this week’s drone news, DarkCyber reports that Version 2, a Canadian company, will deploy a drone detection system as six of Corrections Canada’s prisons. Drones have been sued to drop contraband into correctional facilities. Some drone have delivered drugs, mobile phones, and McChicken sandwiches to inmates. Donnacona, one of Canada’s most secure facilities, will be among the first group of institutions to receive the new technology in early 2020.

Finally, DarkCyber provides information so that a viewer can download more than 400 pages of information related to Hillary Clinton’s email. The collection of documents is available in the Federal Bureau of Investigation’s Vault service. Manual review of the documents is recommended. Some media reports have not presented a comprehensive picture of the information in this most recent release of information.

DarkCyber video news is a weekly program. It contains no advertising, and it is designed for law enforcement, security, and intelligence professionals interested in software, new developments, and investigative innovations. New programs become available on Tuesday of each week. Programs are available via YouTube and Vimeo.

Kenny Toth, June 17, 2019

Hackers Steal Millions in Cryptocurrency from Cryptopia

June 15, 2019

As the use of cryptocurrency continues to grow, more hackers are inspired to rob the digital vaults.

Medium reveals, “Hackers Allegedly Steal Millions from Cryptopia, a Cryptocurrency Exchange in New Zealand.” Naturally, local authorities and New Zealand’s high-tech crimes unit are on the case, but have not named a suspect. Writer Asgardia.space tells us:

“On January 13th, 19,391 ETH (Ethereum) worth around $2.5 million and 48,029,306 CENNZ tokens (Centrality) worth about $1.18 million were transferred from Cryptopia exchange to unknown wallets. As of now, the owner of the wallet is not yet confirmed. It could be the exchange itself or the hackers. The growing number of exchange hackings has caused a negative reputation to spread with cryptocurrencies. In 2018, CoinCheck, a Japanese cryptocurrency exchange, was hacked, and approximately $500 million of funds were stolen. If these crimes continue to happen then newcomers in the crypto space will lose trust in cryptocurrencies and in turn, the whole cryptocurrency market will suffer.”

Gee, who could have foreseen that digital currency would be vulnerable to cyber criminals? Industry leaders now advise that anyone brave enough to continue using cryptocurrency choose decentralized exchanges, which are considered safer than centralized exchanges. For its part, Cryptopia remains shuttered until the problem is resolved.

Cynthia Murrell, June 15, 2019

DarkCyber for June 4, 2019, Now Available

June 4, 2019

DarkCyber for June 4, 2019, is now available at www.arnoldit.com/wordpress and on Vimeo at https://www.vimeo.com/339717881 .

The program is a production of Stephen E Arnold. It is the only weekly video news shows focusing on the Dark Web, cybercrime, and lesser known Internet services.

This week’s story line up includes: A look at SafeSkyHacks; cyber crime data from the Global Drug Survey; bad actors shift to closed chat service; the real threat of GozNym malware; LookingGlass and GoldmanSachs announce cyber intelligence deal.,

This week’s feature is a look at the broader implications of the GozNym malware. This series of attacks netted the bad actors more than $100 million from 41,000 businesses and financial institutions. The malware was a combination of code, operating by deploying numerous exploits. As damaging as GozNym was, it signals a phase change in how modern digital attacks operate. DarkCyber identifies three key characteristics of GozNym. First, it was a multi-national force. Second, the hackers met and communicated via social media and chat. Third, the hackers operated like Amazon the AWS cloud, offering Crime as a Service. Attackers needed little or no technical expertise.

Stephen E Arnold, producer of DarkCyber and author of “The Dark Web Notebook,” said in his lecture on June 4, 2019, at the TechnoSecurity & Digital Forensics Conference: “The law enforcement crackdown on the Dark Web has been effective. The unanticipated consequence has been a shift to decentralized operations delivering Crime as a Service.” Point-and-click is now point-and-attack.”

Other stories covered in the June 4, 2019, DarkCyber video include:

First, a review of the software and services available on a hacker forum available to anyone with a standard browser. SafeSkyHacks provides free information about hacking, stolen data sets, and information about exploits. A members-only section of the Web site makes it possible to locate hackers with specific skills, services, software, and data. The DarkCyber video segment takes a close look at the profile posted by one of SafeSkyHack’s’ members. Hackers offer a number of services which may cross the boundary between general information and illegal activity.

Second, the Global drug survey for 2019 contains a wealth of information about the illegal use of narcotics available from the Dark Web and other sources. DarkCyber extracts items which reveal the countries which are now experiencing sharp increases in the use of controlled substances. The United States, for example, is at the top of the list of countries for opioid abuse. Another significant finding in the 2019 report links drug abuse with sexual assault. Assaults often happen when other people are nearby and reports of these attacks are rarely, if ever, reported to the police.

Third, DarkCyber reports about Stephen E Arnold’s remarks about the technology being adopted by bad actors. With information about distributed system widely available and the willingness of criminal elements to pay as much as $1 million for technical talent, law enforcement faces a new challenge. Services like illegal online gambling and video streaming services are becoming difficult to stop. When authorities seize one server, the bad actors deploy a replacement system at a different hosting location with a different Internet address. The new location for the illegal service is disseminated via closed chat and online forums. Often the access information is available on public content hosting sites like Pastebin.com. In some countries, the technical resources needed to disable an illegal online service structured like Netflix is a new challenge.

The final story is a report about the transfer of GoldmanSachs’ Sentinel cyber security software to LookingGlass, a cyber intelligence firm. Terms of the deal were not disclosed. LookingGlass is likely to integrate the Sentinel system into the LookingGlass services for financial institutions. Sentinel was recognized for excellence by the US Department of Homeland Security.

Kenny Toth, June 4, 2019

DarkCyber for May 28, 2019, Now Available

May 28, 2019

DarkCyber for May 28, 2019, is now available at www.arnoldit.com/wordpress and on Vimeo at  https://www.vimeo.com/338518927. The program is a production of Stephen E Arnold. It is the only weekly video news shows focusing on the Dark Web, cybercrime, and lesser known Internet services.

This week’s story line up includes: The Offensive Community hacking Web site; malware requires no user action to seize mobile phone data; Dutch police deal with prisoner monitoring failure; a snapshot of Cobwebs Technologies’ investigative software; and China’s Great Firewall burns Wikipedia.

This week’s feature provides information about hackers for hire on the regular Internet, no Dark Web surfing required. The Offensive Community Web sites offers a classified advertising service. Hackers can post their capabilities in order to attract customers. The information on the site references a range of exploits which can be used for positive as well as illegal activities. Forums provide information and sources for botnets, keyloggers, remote access controls, specialized scripts, and related functions.

Other stories covered in the May 21, 2019, DarkCyber video include:

First, malware, allegedly developed by a specialist vendor supporting government customers, can compromise a mobile phone. What makes this alleged exploit notable is that the standard way of placing malware on a user’s device is to require that the user click a link or take some other action. That action allows the attacker to place the exploit on the user’s phone. The new approach requires only that the target has Facebook’s WhatsApp installed. The attacker places an in app voice call to the target. The exploit automatically uses a programming error in WhatsApp to compromise the target’s phone. The method was allegedly used to track the journalist Jamal Khashoggi. The fact that this method is no longer secret provides sufficient information to ensure that other bad actors will seek to emulate this technique.

Second, a botched software update in the Netherlands disabled prisoner ankle bracelets. These devices are used to monitor prisoners under house confinement. When these devices go offline, the monitored individual can flee the country or return to his or her pre-arrest activities. The Dutch police experienced a similar outage in 2018 when the mobile phone system used to transmit data went down. The modern ankle bracelet includes the tracking technology, but can also include two-way communications, alcohol level monitoring, and anti-removal technology. There are videos allegedly showing how one removes these devices, but tampering with the devices typically leads to additional charges.

Third, DarkCyber provides a profile of the basic functions available in the investigative software developed by Cobwebs Technologies. This is an Israeli startup which allows a user to extract actionable information from open source content. The tools available include a search and retrieval system and analytics. Data can be displayed in a visual format, including maps. DarkCyber’s overview includes examples of the interface and analytic reports.

Finally, China’s Great Firewall has blocked Wikipedia, the online encyclopedia. The online information service publishes content in numerous languages, and China has blocked every version of the digital encyclopedia. China’s approach to information control is part of a larger effort to maintain order and ensure government control of citizen activity. The process is called “Chinafication,” and the censorship method is influencing other governments’ approach to ensuring civil order.

DarkCyber appears each Tuesday and is available on YouTube, Vimeo, and directly from the DarkCyber news service.

Kenny Toth, May 28, 2019

DarkCyber for May 21, 2019, Now Available

May 21, 2019

DarkCyber for May 21, 2019, is now available at www.arnoldit.com/wordpress and on Vimeo at https://www.vimeo.com/337093968.

The program is a production of Stephen E Arnold. It is the only weekly video news shows focusing on the Dark Web, cybercrime, and lesser known Internet services.

This week’s story line up includes: A new version of Tor; digital bits trigger bombs; highlights from the FBI’s 2018 Cyber Crime Report; more details about the Wall Street Market take down; DeepDotWeb seized; Telegram used to sell weapons; and the size of the Dark Web.

This week’s feature provides more details about the take down of the Dark Web contraband ecommerce site, Wall Street Market. DarkCyber reports that the operation involved law enforcement from several countries, including Germany and the US. One moderator of the site initiated a blackmail scheme as law enforcement prepared to seize the site’s servers and arrest its owners. As part of the takedown, providers of drugs were arrested in the US. The take down revealed millions in cash and digital currency accounts worth more than $14 million. Investigators also seized data and other information, including customer details.

Other stories covered in the May 21, 2019, DarkCyber video include:

First, information about the new release of the Tor software bundle. Firefox is used as the base for the Tor browser. Technical issues with Firefox required some scrambling to address technical issues. The new release is available on the Tor.org Web site. DarkCyber points out that in some countries, downloading Tor is interpreted as an indicator of possible ill intent.

Second, a cyber attack on Israel prompted a kinetic response. The incident marks the first time Israel has responded to an act it regarded as information warfare with a missile strike on the alleged perpetrators’ headquarters. DarkCyber points out that the US may have used force in response to an adversary’s leaking classified and sensitive information on a public Web site. The use of traditional weapons in response to a digital attack is a behavior to monitor.

Third, DarkCyber selects several highlights from the FBI’s report about cyber crime in 2018. Among the key points identified is the data about the most common types of online crime. Most attacks make use of email and use social engineering to obtain personal financial information or user name and password data. The FBI report verifies data from other sources about the risks associated with email, specifically enticing an email recipient into downloading a document with malware or clicking on a link that leads to a spoofed page; for example, a PayPal page operated by the attacker, not the legitimate company. DarkCyber provides information about how to obtain this government report.

Fourth, an international team of law enforcement professionals seized the Sheepdog, an online information service. This site was accessible using a standard browser, no Tor or i2p software was required. The site referred its visitors to Dark Web sites selling drugs and other contraband. The seizure is an indication that Europol, FBI, and other law enforcement agencies are expanding their activities to curtail illegal eCommerce.

Fifth, DarkCyber explains that a story about bad actors using Telegram, an encrypted messaging app, to sell weapons should be viewed with caution. The story originated with a report from MEMRI, the Middle East Media Research Institute. The organization was founded by a former Israeli intelligence offer and has been identified as an organization generating content which may have characteristics of disinformation. DarkCyber provides a link to the MEMRI organization to make it easy for viewers to follow its information stream.

The final story reports that another vendor has sized the scope of the Dark Web. The most recent size estimate comes from Recorded Future. The company reports that it was able to identify 55,000 Dark Web domains. Of that number, only about 8,400 are online. DarkCyber notes that of the active site, a relatively few sites dominate illegal eCommerce, sharing of sensitive information, and other questionable services.

DarkCyber appears each Tuesday and is available on YouTube, Vimeo, and directly from the DarkCyber news service.

Kenny Toth, May 21, 2019

DarkCyber Video News for May 7, 2019, Now Available

May 7, 2019

DarkCyber for May 7, 2019, is now available at www.arnoldit.com/wordpress and on Vimeo at https://www.vimeo.com/334253067.

The program is a production of Stephen E Arnold. It is the only weekly video news shows focusing on the Dark Web, cybercrime, and lesser known Internet services.

This week’s story line up includes: The use of Telegram for ecommerce; phishing with fake email undergoes a renaissance; Cisco Talos explains a serious attack on foundation servers; a review of weapons for sale on the Dark Web; and a look at advanced autonomous drone technology.

This week’s feature examines a new study about the sale of weapons on the Dark Web. The report explains that handguns are long rifles are for sale on some Dark Web sites. The majority of these weapons are handguns. Only a small percentage of the weapons are automatic rifles. The research comes from three academics involved in criminal justice. The data from the Dark Web were collection in 2016. Because information about the type of weapons offered for sale is limited, the report helps fill this data gap. DarkCyber points out that the Dark Web has undergone some significant changes in the last two years. As a result, the study provides information, but some of it may be outdated.

The May 7, 2019, program also reports on:

First, how Telegram, an encrypted messaging application, can be used to promote and sell certain types of contraband products, services, and data. Messaging technology may be “old school” but Telegram’s features create challenges for enforcement agencies.

Second, phishing and spear phishing are methods for stealing users’ credentials with a long history. Now these techniques are gaining more momentum. DarkCyber reports about a “smart” application which can automate phishing and spear phishing attacks. Unlike commercial specialist tools, the Dark Web phishing kit costs a few hundred dollars, and it features a “fill in the blanks” approach to these malicious attacks.

Third, Cisco’s cyber security unit Talos has published a detailed report about a denial of service attack on core Internet systems. There are 13 foundation or core servers which facilitate domain name services. One of these has been the focus of a digital assault by a bad actor, possible supported by a nation state. The denial of service method relies on a series of nested malware programs. The attack makes use of misdirection and several different methods designed to compromise a foundation server. If such an attack is successful, other types of malicious activity is simplified for the bad actors.

Finally, DarkCyber responds to a viewer’s request for an update on advanced autonomous drone technology. DarkCyber provides a look into the future of US drone capabilities.

Kenny Toth, May 7, 2019

Next Page »

  • Archives

  • Recent Posts

  • Meta