DarkCyber for April 9, 2019, Now Available
April 9, 2019
DarkCyber for April 9, 2019, is now available at www.arnoldit.com/wordpress and on Vimeo at https://vimeo.com/328921981
The program is a production of Stephen E Arnold. It is the only weekly video news shows focusing on the Dark Web, cybercrime, and lesser known Internet services.
This week’s story line up includes: Predictive Policing at the LAPD; How to spoof PDF signatures; How teens can hold secret chat sessions in front of parents and teachers; Tips for creating a credible online persona; and phishing lures that work.
This week’s feature examines the Los Angeles Police Department’s audit of its data-driven policing programs. In what will be a three part series about this report about advanced law enforcement technology, DarkCyber examines the evaluation of Predictive Policing’s system. This software analyzes data from field interviews and automated systems and produces maps of hot spots. Those with access to the system can plan patrol routes or take other preventive actions. DarkCyber explains the basics of the system and the challenges PredPol and similar systems face in a dynamic law enforcement environment. Sophisticated data analysis requires accurate, consistent data to generate high-value outputs.
The “cybershots” in this week’s program cover these four topics:
- Digitally-signed Adobe Portable Document Formats are presumed to be authentic. DarkCyber explains that a student in Europe has found ways to compromise the security of these widely-used files.
- Google Docs, used by middle school and high school students, can conduct chats within school work online. Teachers and parents may monitor this activity and be unaware that the school software makes it possible for users to exchange messages, set up drug deals, and disseminate the location of parties in a way that neither teachers nor parents are monitoring. The system allows these chat messages to be deleted with a single mouse click. DarkCyber explains how.
- Predators and con artists create false personas or online identities. What is needed to craft a credible online identity. DarkCyber reveals the methods used by bad actors outside the US.
- What are the five best subject lines to use in an email intended to steal a user’s password or other information? DarkCyber reveals the top five phishing lures. The research, conducted by Barracuda networks, was performed by analyzing 300,000 phishing emails.
A new blog Dark Cyber Annex is now available at www.arnoldit.com/wordpress. Cybercrime, Dark Web, and company profiles are now appearing on a daily basis.
Kenny Toth, April 9, 2019
DarkCyber for April 2, 2019, Now Available
April 2, 2019
DarkCyber for April 2, 2019, is now available at www.arnoldit.com/wordpress and on Vimeo at https://www.vimeo.com/327544822.
The program is a production of Stephen E Arnold. It is the only weekly video news shows focusing on the Dark Web, cybercrime, and lesser known Internet services.
This week’s story line up includes: Online censorship increases; Dark Web drug czar goes offline; Dark Web tech comes to the Firefox browser; and more evidence of change in the Dark Web; plus a look at Megaputer’s fraud detection technology.
This week’s feature reviews Megaputer’s fraud detection technology. The firm uses a number of advanced mathematical and linguistic methods to make sense of large flows of data. Based in Bloomington, Indiana, the company serves a wide range of clients from finance, government, pharmaceuticals, and consulting services. The firm was the first to put advanced text analytics on the desktop at a time when other firms required Unix workstations and client server computing resources. The firm’s PolyAnalyst H makes it possible to process large volumes of data at extremely high speed.
This week’s “Cybershots” cover four subjects:
There are more indications that online censorship is becoming more aggressive. Russia has implemented regulations governing what sites can be accessed and what type of content is permissible. Germany’s statement legislators have begun work on a bill to criminalize use of Tor and other hidden Internet tools.
The individual who created RAMP or the Russian Anonymous Marketplace asserted that his customized encrypted chat client was one reason his site had eluded government authorities. The site is now offline.
Letterboxing, a technology which prevents certain types of online tracking, will be introduced in an upcoming release of Firefox, a popular Web browser. This feature has been part of the Tor browser since 2016 and is one more indication of Dark Web technology seeping into the public Internet or “Clear Net”.
The program explains how to get a summary of software and tools to access hidden Internet sites and service. Written by Veracode, a cyber security firm, the video provides information necessary to obtain a copy of this useful report.
A new blog Dark Cyber Annex is now available at www.arnoldit.com/wordpress. Cybercrime, Dark Web, and company profiles are now appearing on a daily basis.
Kenny Toth, April 2, 2019
DarkCyber for March 19, 2019, Now Available
March 19, 2019
DarkCyber for March 19,2019, is now available at www.arnoldit.com/wordpress and on Vimeo at https://www.vimeo.com/324801049.
The program is a production of Stephen E Arnold. It is the only weekly video news shows focusing on the Dark Web, cyber crime, and lesser known Internet services.
This week’s story line up includes: Google search blockchain data; emojis puzzle lawyers; NATO soldiers fooled by social media come ons; big paydays for hackers; Dark Web search for marketers; and Iran’s hacker army
This week’s feature looks at the Beacon Dark Web search system. Developed by Echosec Systems in Canada, Beacon provides search and analytics for those interested in tracking brands, companies, and people in Dark Web content. The system’s developers enforce a code of behavior on licensees. If Echosec determines that a user violates its guidelines, access to Beacon will be cut off. Echosec offers a number of powerful features, including geofencing. With this function it is possible to locate images of military facilities and other locations.
The second feature in this week’s video focuses on Iran’s cyber warfare activities. One key individual—Behrooz Kamalian—has been maintaining a lower profile. Those whom he has trained have been suspected of participating in online gambling activities. Kamalian himself, despite his connections with the Iranian government, served a short stint in prison for this allegation. Iran has one of the large cyber warfare forces in the world, ranking fourth behind Russia, China, and the US.
The “Cybershots” for this week include:
- Google has made available a search engine for blockchain data. Those skilled in blockchain and digital currency transactions may be able to deanonymize certain aspects of a transaction.
- Emojis which carry meaning are creating issues for lawyers and eDiscovery systems. The colorful icons’ meaning are not easily understood.
- A social media test for NATO soldiers’ resistance to online tricks was completed by central command. The result was that soldiers can be easily tricked into revealing secret information.
- Organize hidden Web criminals are paying up to $1 million a year in salary and providing benefits to hackers.
A new blog Dark Cyber Annex is now available at www.arnoldit.com/wordpress. Cyber crime, Dark Web, and company profiles are now appearing on a daily basis.\
Kenny Toth, March 19, 2019
DarkCyber for March 12, 2019, Now Available
March 12, 2019
DarkCyber for March 12, 2019, is now available at www.arnoldit.com/wordpress and on Vimeo at https://www.vimeo.com/322579803 ,
The program is a production of Stephen E Arnold. It is the only weekly video news shows focusing on the Dark Web, cyber crime, and lesser known Internet services.
This week’s story line up includes: Cellebrite devices for sale on eBay; emojis can activate app functions; and sources selling bulk personal data.
The feature this week discusses speech analysis. Reports have surfaced which reveal that some US correctional facilities are building databases of inmates’ voice prints. The news appeared coincident with rumors that the US National Security Agency was curtailing its voice collection activities. Companies like Securus Technologies provide tools and services related to prison telephone and unauthorized mobile device use. The Securus Investigator Pro has been available and in use for almost a decade. Voice print technology which is analogous to a digital fingerprint system makes it possible to identify those on a call. Inclusion of behavioral tags promises to make voice print systems more useful. With a tag for the caller’s emotional state, investigators can perform cross correlation and other analytic functions to obtain useful information related to a person of interest.
Links are provided to explanations of Amazon’s policeware system which can be used to perform these types of analytic operations.
The final story provides a snapshot of a 100 page field manual about online deception. Published by the US Army, this document is a comprehensive review of systems and methods for military use of deception in an online environment. Checklists and procedural diagrams make clear why social media operations are successful in civilian and military contexts. The DarkCyber video includes a link so viewers can download this unclassified publication.
Kenny Toth, March 12, 2019
MSFT Harbors Crypto Mining in Third Party Apps
March 11, 2019
For those people not deep in the weeds, crypto currency mines are these shadowy pockets of servers that are out of our grasp, literally and figuratively. However, it was recently discovered this type of operation is a lot closer to home than most of us assume, and that’s a problem for security and intelligence professionals. We learned more from a recent TechRadar story, “Microsoft Store Apps Caught Illegally Mining Crypto Currency.”
According to the story:
“[U]nbeknownst to the users that download these apps, they secretly use the processors of the PC they are installed on to mine for crypto currency. According to Symantec, these apps come from three developers: DigiDream, 1clean and Findoo, and it is likely they were developed by the same person or group due to the malicious code Symantec found.”
A more meaningful review of apps in the Microsoft Store seems to be needed. Expensive? Yes. Likely to happen? Maybe.
Patrick Roland, March 11, 2019
DarkCyber for March 5, 2019, Now Available
March 5, 2019
Cyber for March 5, 2019, is now available at www.arnoldit.com/wordpress and on Vimeo at https://www.vimeo.com/321045698 .
The program is a production of Stephen E Arnold. It is the only weekly video news shows focusing on the Dark Web and lesser known Internet services.
This week’s story line-up includes: A new feature called Cybershots with information about authentic AI, Psy-Group, Microsoft malware, and VKontakte; our feature Facebook as a digital problem; and illegal video streaming.
DarkCyber’s feature reviews the UK government’s report which states that Facebook acted as a “digital gangster.” DarkCyber provides a link from which the document can be downloaded. Among the conclusions set forth in the report were re mediating actions which range from increased regulation of social media firms to fines for their behavior. The report included information that suggests that other countries will take enforcement and regulatory action directed at Facebook. Among the countries identified were Brazil and Singapore.
The second principal story focuses on illegal streaming video services. Google has blocked some of these services and legal actions are underway. Nevertheless, streaming video continues to thrive with thousands of first run movies and major US television programs available. Some of the services are operated from Russia or other Eastern European countries. These services make use of sophisticated content delivery services and rely on technology which allows the criminals to spin up a new service when authorities close one in operation. Services available from some illegal streaming services offer Netflix-like interfaces, sell advertising, and charge subscription fees. Legal hurdles and the cost of pursuing enforcement action in some countries increases the difficulty copyright holders face in closing these services.
This week, DarkCyber introduces a new feature called Cybershots. The items in this section of the video news program reveal that one of the companies associated with weaponized social media has gone out of business. Microsoft has unwittingly allowed malware to be distributed from its online store. A company providing policeware has found that one of its marketing phrases has been picked up by a Chinese company and used as the firm’s name. Plus, a customer of the Russian social media service VKontakte received an unusual Valentine greeting, a cyber attack from a disgruntled customer.
Kenny Toth, March 5, 2019
DarkCyber for February 26, 2019, Now Available
February 26, 2019
DarkCyber for February 26,2019, is now available at www.arnoldit.com/wordpress and on Vimeo at https://www.vimeo.com/77362226.
The program is a production of Stephen E Arnold. It is the only weekly video news shows focusing on the Dark Web and lesser known Internet services.
This week’s story line up includes: a nano drone for US Army operators; lonely heart cyber cons; a major denial of service takedown; and a snapshot of Cyberheist, a deep dive into financial cyber crime.
The first story explores FLIR’s Black Hornet nano drones. These devices are the size of one half sheet of paper and weigh as much as a single slice of bread. US Army operators will use the devices to see around corners and look over the next ridge. Each drone can transmit high definition video and still images and remain aloft for 30 minutes. The operator can fly the nearly invisible drones from a handheld mobile phone sized controller. The nano drones will be used by military forces in France as well as by US military personnel.
The second story explains how romance cons have become a growth business for cyber criminals. The method exploits online dating or “hook up” sites. Individuals seek females over the age of 50, build trust via online communications, and then use that relationship to obtain cash or financial information. Losses average, according to the UK authorities, about $10,000 per successful con. Victims are often reluctant to go to the authorities because they are embarrassed about their behavior.
The third story provides information about the recent takedown of individuals responsible for more than 200,000 denial of service attacks. One of the individuals arrested began his business based on making it easy to knock a Web site offline when he was 17. The method used flooded a Web site or service with a large number of requests. If the targeted service was not correctly configured, the DDOS attack would cause the Web site or service to become unresponsive.
The final story provides a summary of a free book called “Cyberheist.” The 260 document provides a wealth of information about the mechanisms used for stealing bank account information, credit card data, and other personal financial information. The volume reviews numerous types of online methods for deceiving an individual into providing information or for allowing the attacker to install malware on the target’s computing device. DarkCyber provides information about how to download this useful volume without charge.
Kenny Toth, February 26, 2019
Dark Web Directory: Updates Needed
February 22, 2019
If the Internet were an ocean, the Dark Web is a very shallow tide pool. While the Dark Web is shallow, we do not recommend diving in because you can still break your neck. The Dark Web has a limited number of Web sites listed on it, all of them using the .onion extension.
These Web sites are accessible using the Tor browser and you do not use a search engine to find them. Instead you rely on social media Web sites, such as reddit, forums, or the Dark Web News. The Dark Web News has the “Dark Web & Deep Web Market List With Up & Down Daily Updated Market Status.”
The market listing is described as “Are you wondering how to find deep net markets? Well, look no further! We have compiled a list of active hidden marketplaces available on the deep web.” It is followed by a guide on how to access the Dark Web, download the Tor browser, etc.
What is striking is the amount of warnings about losing your anonymity. The market listing states, no shouts, that a smart Dark Web user uses not only the Tor browser, but also has a VPN to encrypt their data.
After the anonymity warnings, there are the Dark Web market listings. Each market site is reviewed, given a small description, and its status is shared. The listings are very useful and help track the type of market you are searching for. The only downside is that it lists Silk Road and a few other places as still “open.” Methinks that the Dark Web market listing needs an update. Also they give another good warning: “Do your research before using any hidden marketplace. Reddit is a good place to start.”
The problem is that the Dark Web is not zipping along as it once was. The buying and selling action has shifted to online chat and closed discussion groups. As the Dark Web shrinks, maintaining a listing should be easier too.
Whitney Grace, February 22, 2019
Cyber Saturday for February 16, 2018
February 16, 2019
Sifting through the information flowing into DarkCyber was less than thrilling. We did spot several items which may presage more cyber excitement in the new world of the Internet.
Security Lapse of the Week
The British newspaper Guardian (paywall) reported that a former US intelligence operative joined Team Iran. The flip exposed information and operatives. The high profile government contractor Booz Allen employed this individual for five months in 2008. Insider threats are a major threat to the security of organizations and individuals engaged in intelligence work. The fancy and expensive software available from numerous vendors may prevent some embarrassing and dangerous activities. Booz Allen was the employer of Edward Snowden, and that company may be a prospect for vendors of next generation insider threat identification systems.
Be Afraid
Deep Fakes is a phrase which is used to described spoofed videos. DarkCyber learned that researchers are allegedly afraid of their own advances in what is called “deep fakes for text.” The Generative Pre Trained Transformer 2 or GPT 2 can punch out content that
comes so close to mimicking human writing that it could potentially be used for “deep fake” content.
You can learn more about DFT and the GPT from Ars Technica.
Plus There Is a Scary Future Arriving
In our weekly DarkCyber video news programs we report about image recognition. In the January 19, 2019, program we explain how making sense of images can be used to pinpoint certain human trafficking hot spots. The Guardian (registration required for some users) explains that pop star Taylor Swift “showed us the scary future of facial recognition.” The focal point of the story is a vendor doing business at ISM. More information about the company is at this link.
Also There Creepy Face Generating AI
Many bad actors attach their images to some social media posts. Some Facebook users have some pride in their law breaking achievements. What happens when the bad actor creates a Facebook account and then posts images with faces automatically generated by smart software? Good question. You can check out the service at this url for “This Person Does Not Exist.”
A Content Treasure Trove for Investigators
That delete button may not work the way you think. Whether you are reselling your old Macbook or deleting Twitter messages, those data may still be around and available for certain types of investigations. Twitter has allegedly retained messages sent to and from deactivated or suspended accounts. Security problem for some; big plus for others. For the Verge’s take, navigate to “Twitter Has Been Storing Your Deleted DMs for Years.”
Online Auction Fraud Group
The US Secret Service took down a gang running an online auction scam. The angle was that ads said:
“I’m in the military and being deployed overseas and have to sell fast.”
To find marks (suckers), the operation unfolded in this way:
Alleged conspirators in Romania posted fake ads on popular online auction and sales websites, including Craigslist and eBay, for high-cost goods (typically vehicles) that ran on air because they were figments of the imagination. They’d con people in the US with, among other lies, stories of how they were in the military and needed to sell their car before being deployed.
Then, according to the Naked Security story:
After their targets fell for it and sent payment, the conspirators allegedly laundered the money by converting it to crypto currency and transferring it to their foreign-based buddies. According to the indictment, the alleged foreign-based money launderers include Vlad-C?lin Nistor, who owns Coinflux Services SRL, and Rossen Iossifov, who owns R G Coins.
And That Fish You Ate Last Night?
An interesting scam has been quantified in Canada by the CBC. Those in the seafood supply chain mislabel their products. Seafood fraud is selling an undesirable species of fish for a more desirable one. How widespread is the practice? I learned:
Oceana Canada, a Toronto-based conservation organization, said it found there was mislabeling with 44 per cent of the seafood samples it tested this year and last in five Canadian cities — and in 75 per cent of cases, cheaper fish were mislabeled as something more expensive.
And, Of Course, Stolen User Data
DarkCyber noted that another 127 million user records have been offered for sale. The vendor previously posted the availability of 620 million records. More about this now routine event at ZDNet.
Stephen E Arnold, February 16, 2019
Weapons via the Hidden Web
February 15, 2019
Gun control continues to be a major issue for Americans. However, if ever there was to be a tightening of gun ownership laws in this country, it’s interesting to wonder what the result might look like. Chances are, it would be a lot like Europe—even the problems that come with it, as we discovered in a recent Gunpowder Magazine article, “European Gun Ownership is Surging, Concerned Citizens Resort to Dark Web.”
According to the story:
“High threats of terror attacks and surging crime have left Europeans increasingly uneasy about their personal safety. And because gun control laws are so strict in Europe, citizens are resorting to illicit means to obtain firearms, to the point that, The Wall Street Journal reports, “unregistered weapons outnumbered legal ones” in 2017.”
It’s not just guns that are posing a threat on the dark web. Recently, a hacker posted over 600 million people’s information up for sale there. This is the reason why intelligence agencies are paying closer attention to the dark web, working on ways to crack its mysterious codes. The issue becomes staying in step or even a step ahead of the dark web, which isn’t as easy as it may sound.
Patrick Roland, February 15, 2019
-
- Subscribe to Beyond Search
Feature archive
News archive
-
