Human Trafficking: Popular and Pervasive
April 18, 2019
Sex trafficking is one of the greatest crimes in the world. Sex trafficking is one of the crimes facilitated by digital environments, but the same technology the bad actors use for their crimes is always being used to catch them. USA Today shares how the technology is used to put an end to sex trafficking in the article, “Technological Tricks Can Help End Sex Trafficking: Former IBM Vice President.”
In January 2019, the US Institute Against Human Trafficking launched the Reach Out Campaign in Tampa, Florida. The program used web scraping technology to gather phone numbers of Web sites selling sex in Tampa. It was discovered that most of the numbers linked to cell phones of people sold for sex so they could communicate and book appointments with their “clients.” Reach Out gathered over 10,000 numbers and a mass text was sent out to the numbers with information to leave the sex industry.
The Reach Out Campaign received a 13 percent response. The program needs to be launched across the country in order to assist more sex trafficking victims, who deal with complicated psychological issues. AI bots called Intercept Bots are deployed to create fake sex ads on the Internet, then when someone responds it collects the user’s information. The bot will then share that it is a lure and that the user’s information will potentially be given to law enforcement. While it is important to assist the victims, it is also helpful to address the perpetrators, generally men, and prevent them from committing the crimes in the first place:
It is important, however, that we not just focus on punishing those engaged in buying sex. Many of these men suffer from sex addictions that can be treated. This is why the Intercept Bots program also sends potential sex buyers information on where to get this help. A study in the medical journal Neuro psycho pharmacology estimates that between 3-6 percent of Americans suffer from compulsive sexual behavior. And studies estimate that the percentage of American men who have engaged in commercial sex at least once is 15 to 20 percent; compared to their peers, these men think about sex more often.
Thee are also ad campaigns targeted at people buying sex share the consequences of getting caught buying sex.
Combating trafficking is difficult, but spreading information and using technology to catch bad actors saves victims from further abuse.
Whitney Grace, April 18, 2019
Bad Actors Include Russian Crime Oligarchs: Wosar Speaks Out
April 12, 2019
Hollywood romanticizes computer hacking and other digital crimes. There is some truth to what happens on the screen, but the action is usually more downbeat and usually does not keep the bad actors at the edge of their seats. While the bad actors get a lot of screen time, the good guys, those who protect the average person, from cyber attacks rarely get praised. The BBC took the time to praise one digital hero’s actions in the article, “Hated And Hunted.”
Perhaps the most vicious type of malware is ransomware. Ransomware is a computer virus that once downloaded onto a computer, it scrambles all of the data and delivers a ransom note stating the user must pay a certain amount of money or all of their data will be deleted. Fabian Wosar is a good actor, because he understands the virus code and knows how to hack the hacker. In other words, he knows how to outsmart the hackers and beat them at their own game. The hackers are so upset with Wosar that they actually write mean notes to him in their virus code.
Wosar is an introverted individual, who loves to design anti-virus code for his cyber security company, Emsisoft. He spends hours working and often binges long hours at his job, often giving away his ant-ransomware away for free. Wosar compares writing code to writing a novel and how he can tell who wrote specific code based on individual styles. He also believes that he stopped over 100 different cyber gangs from their illegal activities.
Ransomware is one of the most profitable cyber crimes and its perpetrators can evade authorities for years, especially if they are smart about it. Ransomware victims often pay hundreds of thousands of dollars and pounds to the criminals, especially if they decide paying the ransom is considered cheaper than replacing a system. Cyber criminals are also quite intimidating:
The most successful cyber-crime gangs are run like mafia organizations with specific structures and divisions of labor.There are the virus coders, the money launderers, the protection heavies and the bosses who decide on targets and sometimes funnel the money into other, potentially more serious, criminal enterprises.Catching these gangs is extremely challenging. One of the most prolific recent ransomware gangs, responsible for two major ransomware families – CTB-Locker and Cerber – made an estimated $27m and eluded police for years.It took a global police operation involving the FBI, the UK’s National Crime Agency, and Romanian and Dutch investigators to bring them down. In December 2017, five arrests were made in Romania.
Wosar keeps his identity hidden and moves around to keep himself safe. While he does enjoy his work, he does suffer from health problems due to his sedentary lifestyle and might get a dog to force himself outside. Outside, however, may pose risks.
Whitney Grace, April 12, 2019
DarkCyber for April 9, 2019, Now Available
April 9, 2019
DarkCyber for April 9, 2019, is now available at www.arnoldit.com/wordpress and on Vimeo at https://vimeo.com/328921981
The program is a production of Stephen E Arnold. It is the only weekly video news shows focusing on the Dark Web, cybercrime, and lesser known Internet services.
This week’s story line up includes: Predictive Policing at the LAPD; How to spoof PDF signatures; How teens can hold secret chat sessions in front of parents and teachers; Tips for creating a credible online persona; and phishing lures that work.
This week’s feature examines the Los Angeles Police Department’s audit of its data-driven policing programs. In what will be a three part series about this report about advanced law enforcement technology, DarkCyber examines the evaluation of Predictive Policing’s system. This software analyzes data from field interviews and automated systems and produces maps of hot spots. Those with access to the system can plan patrol routes or take other preventive actions. DarkCyber explains the basics of the system and the challenges PredPol and similar systems face in a dynamic law enforcement environment. Sophisticated data analysis requires accurate, consistent data to generate high-value outputs.
The “cybershots” in this week’s program cover these four topics:
- Digitally-signed Adobe Portable Document Formats are presumed to be authentic. DarkCyber explains that a student in Europe has found ways to compromise the security of these widely-used files.
- Google Docs, used by middle school and high school students, can conduct chats within school work online. Teachers and parents may monitor this activity and be unaware that the school software makes it possible for users to exchange messages, set up drug deals, and disseminate the location of parties in a way that neither teachers nor parents are monitoring. The system allows these chat messages to be deleted with a single mouse click. DarkCyber explains how.
- Predators and con artists create false personas or online identities. What is needed to craft a credible online identity. DarkCyber reveals the methods used by bad actors outside the US.
- What are the five best subject lines to use in an email intended to steal a user’s password or other information? DarkCyber reveals the top five phishing lures. The research, conducted by Barracuda networks, was performed by analyzing 300,000 phishing emails.
A new blog Dark Cyber Annex is now available at www.arnoldit.com/wordpress. Cybercrime, Dark Web, and company profiles are now appearing on a daily basis.
Kenny Toth, April 9, 2019
DarkCyber for April 2, 2019, Now Available
April 2, 2019
DarkCyber for April 2, 2019, is now available at www.arnoldit.com/wordpress and on Vimeo at https://www.vimeo.com/327544822.
The program is a production of Stephen E Arnold. It is the only weekly video news shows focusing on the Dark Web, cybercrime, and lesser known Internet services.
This week’s story line up includes: Online censorship increases; Dark Web drug czar goes offline; Dark Web tech comes to the Firefox browser; and more evidence of change in the Dark Web; plus a look at Megaputer’s fraud detection technology.
This week’s feature reviews Megaputer’s fraud detection technology. The firm uses a number of advanced mathematical and linguistic methods to make sense of large flows of data. Based in Bloomington, Indiana, the company serves a wide range of clients from finance, government, pharmaceuticals, and consulting services. The firm was the first to put advanced text analytics on the desktop at a time when other firms required Unix workstations and client server computing resources. The firm’s PolyAnalyst H makes it possible to process large volumes of data at extremely high speed.
This week’s “Cybershots” cover four subjects:
There are more indications that online censorship is becoming more aggressive. Russia has implemented regulations governing what sites can be accessed and what type of content is permissible. Germany’s statement legislators have begun work on a bill to criminalize use of Tor and other hidden Internet tools.
The individual who created RAMP or the Russian Anonymous Marketplace asserted that his customized encrypted chat client was one reason his site had eluded government authorities. The site is now offline.
Letterboxing, a technology which prevents certain types of online tracking, will be introduced in an upcoming release of Firefox, a popular Web browser. This feature has been part of the Tor browser since 2016 and is one more indication of Dark Web technology seeping into the public Internet or “Clear Net”.
The program explains how to get a summary of software and tools to access hidden Internet sites and service. Written by Veracode, a cyber security firm, the video provides information necessary to obtain a copy of this useful report.
A new blog Dark Cyber Annex is now available at www.arnoldit.com/wordpress. Cybercrime, Dark Web, and company profiles are now appearing on a daily basis.
Kenny Toth, April 2, 2019
DarkCyber for March 19, 2019, Now Available
March 19, 2019
DarkCyber for March 19,2019, is now available at www.arnoldit.com/wordpress and on Vimeo at https://www.vimeo.com/324801049.
The program is a production of Stephen E Arnold. It is the only weekly video news shows focusing on the Dark Web, cyber crime, and lesser known Internet services.
This week’s story line up includes: Google search blockchain data; emojis puzzle lawyers; NATO soldiers fooled by social media come ons; big paydays for hackers; Dark Web search for marketers; and Iran’s hacker army
This week’s feature looks at the Beacon Dark Web search system. Developed by Echosec Systems in Canada, Beacon provides search and analytics for those interested in tracking brands, companies, and people in Dark Web content. The system’s developers enforce a code of behavior on licensees. If Echosec determines that a user violates its guidelines, access to Beacon will be cut off. Echosec offers a number of powerful features, including geofencing. With this function it is possible to locate images of military facilities and other locations.
The second feature in this week’s video focuses on Iran’s cyber warfare activities. One key individual—Behrooz Kamalian—has been maintaining a lower profile. Those whom he has trained have been suspected of participating in online gambling activities. Kamalian himself, despite his connections with the Iranian government, served a short stint in prison for this allegation. Iran has one of the large cyber warfare forces in the world, ranking fourth behind Russia, China, and the US.
The “Cybershots” for this week include:
- Google has made available a search engine for blockchain data. Those skilled in blockchain and digital currency transactions may be able to deanonymize certain aspects of a transaction.
- Emojis which carry meaning are creating issues for lawyers and eDiscovery systems. The colorful icons’ meaning are not easily understood.
- A social media test for NATO soldiers’ resistance to online tricks was completed by central command. The result was that soldiers can be easily tricked into revealing secret information.
- Organize hidden Web criminals are paying up to $1 million a year in salary and providing benefits to hackers.
A new blog Dark Cyber Annex is now available at www.arnoldit.com/wordpress. Cyber crime, Dark Web, and company profiles are now appearing on a daily basis.\
Kenny Toth, March 19, 2019
DarkCyber for March 12, 2019, Now Available
March 12, 2019
DarkCyber for March 12, 2019, is now available at www.arnoldit.com/wordpress and on Vimeo at https://www.vimeo.com/322579803 ,
The program is a production of Stephen E Arnold. It is the only weekly video news shows focusing on the Dark Web, cyber crime, and lesser known Internet services.
This week’s story line up includes: Cellebrite devices for sale on eBay; emojis can activate app functions; and sources selling bulk personal data.
The feature this week discusses speech analysis. Reports have surfaced which reveal that some US correctional facilities are building databases of inmates’ voice prints. The news appeared coincident with rumors that the US National Security Agency was curtailing its voice collection activities. Companies like Securus Technologies provide tools and services related to prison telephone and unauthorized mobile device use. The Securus Investigator Pro has been available and in use for almost a decade. Voice print technology which is analogous to a digital fingerprint system makes it possible to identify those on a call. Inclusion of behavioral tags promises to make voice print systems more useful. With a tag for the caller’s emotional state, investigators can perform cross correlation and other analytic functions to obtain useful information related to a person of interest.
Links are provided to explanations of Amazon’s policeware system which can be used to perform these types of analytic operations.
The final story provides a snapshot of a 100 page field manual about online deception. Published by the US Army, this document is a comprehensive review of systems and methods for military use of deception in an online environment. Checklists and procedural diagrams make clear why social media operations are successful in civilian and military contexts. The DarkCyber video includes a link so viewers can download this unclassified publication.
Kenny Toth, March 12, 2019
MSFT Harbors Crypto Mining in Third Party Apps
March 11, 2019
For those people not deep in the weeds, crypto currency mines are these shadowy pockets of servers that are out of our grasp, literally and figuratively. However, it was recently discovered this type of operation is a lot closer to home than most of us assume, and that’s a problem for security and intelligence professionals. We learned more from a recent TechRadar story, “Microsoft Store Apps Caught Illegally Mining Crypto Currency.”
According to the story:
“[U]nbeknownst to the users that download these apps, they secretly use the processors of the PC they are installed on to mine for crypto currency. According to Symantec, these apps come from three developers: DigiDream, 1clean and Findoo, and it is likely they were developed by the same person or group due to the malicious code Symantec found.”
A more meaningful review of apps in the Microsoft Store seems to be needed. Expensive? Yes. Likely to happen? Maybe.
Patrick Roland, March 11, 2019
DarkCyber for March 5, 2019, Now Available
March 5, 2019
Cyber for March 5, 2019, is now available at www.arnoldit.com/wordpress and on Vimeo at https://www.vimeo.com/321045698 .
The program is a production of Stephen E Arnold. It is the only weekly video news shows focusing on the Dark Web and lesser known Internet services.
This week’s story line-up includes: A new feature called Cybershots with information about authentic AI, Psy-Group, Microsoft malware, and VKontakte; our feature Facebook as a digital problem; and illegal video streaming.
DarkCyber’s feature reviews the UK government’s report which states that Facebook acted as a “digital gangster.” DarkCyber provides a link from which the document can be downloaded. Among the conclusions set forth in the report were re mediating actions which range from increased regulation of social media firms to fines for their behavior. The report included information that suggests that other countries will take enforcement and regulatory action directed at Facebook. Among the countries identified were Brazil and Singapore.
The second principal story focuses on illegal streaming video services. Google has blocked some of these services and legal actions are underway. Nevertheless, streaming video continues to thrive with thousands of first run movies and major US television programs available. Some of the services are operated from Russia or other Eastern European countries. These services make use of sophisticated content delivery services and rely on technology which allows the criminals to spin up a new service when authorities close one in operation. Services available from some illegal streaming services offer Netflix-like interfaces, sell advertising, and charge subscription fees. Legal hurdles and the cost of pursuing enforcement action in some countries increases the difficulty copyright holders face in closing these services.
This week, DarkCyber introduces a new feature called Cybershots. The items in this section of the video news program reveal that one of the companies associated with weaponized social media has gone out of business. Microsoft has unwittingly allowed malware to be distributed from its online store. A company providing policeware has found that one of its marketing phrases has been picked up by a Chinese company and used as the firm’s name. Plus, a customer of the Russian social media service VKontakte received an unusual Valentine greeting, a cyber attack from a disgruntled customer.
Kenny Toth, March 5, 2019
DarkCyber for February 26, 2019, Now Available
February 26, 2019
DarkCyber for February 26,2019, is now available at www.arnoldit.com/wordpress and on Vimeo at https://www.vimeo.com/77362226.
The program is a production of Stephen E Arnold. It is the only weekly video news shows focusing on the Dark Web and lesser known Internet services.
This week’s story line up includes: a nano drone for US Army operators; lonely heart cyber cons; a major denial of service takedown; and a snapshot of Cyberheist, a deep dive into financial cyber crime.
The first story explores FLIR’s Black Hornet nano drones. These devices are the size of one half sheet of paper and weigh as much as a single slice of bread. US Army operators will use the devices to see around corners and look over the next ridge. Each drone can transmit high definition video and still images and remain aloft for 30 minutes. The operator can fly the nearly invisible drones from a handheld mobile phone sized controller. The nano drones will be used by military forces in France as well as by US military personnel.
The second story explains how romance cons have become a growth business for cyber criminals. The method exploits online dating or “hook up” sites. Individuals seek females over the age of 50, build trust via online communications, and then use that relationship to obtain cash or financial information. Losses average, according to the UK authorities, about $10,000 per successful con. Victims are often reluctant to go to the authorities because they are embarrassed about their behavior.
The third story provides information about the recent takedown of individuals responsible for more than 200,000 denial of service attacks. One of the individuals arrested began his business based on making it easy to knock a Web site offline when he was 17. The method used flooded a Web site or service with a large number of requests. If the targeted service was not correctly configured, the DDOS attack would cause the Web site or service to become unresponsive.
The final story provides a summary of a free book called “Cyberheist.” The 260 document provides a wealth of information about the mechanisms used for stealing bank account information, credit card data, and other personal financial information. The volume reviews numerous types of online methods for deceiving an individual into providing information or for allowing the attacker to install malware on the target’s computing device. DarkCyber provides information about how to download this useful volume without charge.
Kenny Toth, February 26, 2019
Dark Web Directory: Updates Needed
February 22, 2019
If the Internet were an ocean, the Dark Web is a very shallow tide pool. While the Dark Web is shallow, we do not recommend diving in because you can still break your neck. The Dark Web has a limited number of Web sites listed on it, all of them using the .onion extension.
These Web sites are accessible using the Tor browser and you do not use a search engine to find them. Instead you rely on social media Web sites, such as reddit, forums, or the Dark Web News. The Dark Web News has the “Dark Web & Deep Web Market List With Up & Down Daily Updated Market Status.”
The market listing is described as “Are you wondering how to find deep net markets? Well, look no further! We have compiled a list of active hidden marketplaces available on the deep web.” It is followed by a guide on how to access the Dark Web, download the Tor browser, etc.
What is striking is the amount of warnings about losing your anonymity. The market listing states, no shouts, that a smart Dark Web user uses not only the Tor browser, but also has a VPN to encrypt their data.
After the anonymity warnings, there are the Dark Web market listings. Each market site is reviewed, given a small description, and its status is shared. The listings are very useful and help track the type of market you are searching for. The only downside is that it lists Silk Road and a few other places as still “open.” Methinks that the Dark Web market listing needs an update. Also they give another good warning: “Do your research before using any hidden marketplace. Reddit is a good place to start.”
The problem is that the Dark Web is not zipping along as it once was. The buying and selling action has shifted to online chat and closed discussion groups. As the Dark Web shrinks, maintaining a listing should be easier too.
Whitney Grace, February 22, 2019
-
- Subscribe to Beyond Search
Feature archive
News archive
-
