• Home
• About
• Writers
• Landscape
• Wizards Index
• Fraud
• Wanna Be Like Larry?

MSFT Harbors Crypto Mining in Third Party Apps

For those people not deep in the weeds, crypto currency mines are these shadowy pockets of servers that are out of our grasp, literally and figuratively. However, it was recently discovered this type of operation is a lot closer to home than most of us assume, and that’s a problem for security and intelligence professionals. We learned more from a recent TechRadar story, “Microsoft Store Apps Caught Illegally Mining Crypto Currency.”

According to the story:

“[U]nbeknownst to the users that download these apps, they secretly use the processors of the PC they are installed on to mine for crypto currency. According to Symantec, these apps come from three developers: DigiDream, 1clean and Findoo, and it is likely they were developed by the same person or group due to the malicious code Symantec found.”

A more meaningful review of apps in the Microsoft Store seems to be needed. Expensive? Yes. Likely to happen? Maybe.

Patrick Roland, March 11, 2019

DarkCyber for March 5, 2019, Now Available

Cyber for March 5, 2019, is now available at www.arnoldit.com/wordpress and on Vimeo at https://www.vimeo.com/321045698 .

The program is a production of Stephen E Arnold. It is the only weekly video news shows focusing on the Dark Web and lesser known Internet services.

This week’s story line-up includes: A new feature called Cybershots with information about authentic AI, Psy-Group, Microsoft malware, and VKontakte; our feature Facebook as a digital problem; and illegal video streaming.

DarkCyber’s feature reviews the UK government’s report which states that Facebook acted as a “digital gangster.” DarkCyber provides a link from which the document can be downloaded. Among the conclusions set forth in the report were re mediating actions which range from increased regulation of social media firms to fines for their behavior. The report included information that suggests that other countries will take enforcement and regulatory action directed at Facebook. Among the countries identified were Brazil and Singapore.

The second principal story focuses on illegal streaming video services. Google has blocked some of these services and legal actions are underway. Nevertheless, streaming video continues to thrive with thousands of first run movies and major US television programs available. Some of the services are operated from Russia or other Eastern European countries. These services make use of sophisticated content delivery services and rely on technology which allows the criminals to spin up a new service when authorities close one in operation. Services available from some illegal streaming services offer Netflix-like interfaces, sell advertising, and charge subscription fees. Legal hurdles and the cost of pursuing enforcement action in some countries increases the difficulty copyright holders face in closing these services.

This week, DarkCyber introduces a new feature called Cybershots. The items in this section of the video news program reveal that one of the companies associated with weaponized social media has gone out of business. Microsoft has unwittingly allowed malware to be distributed from its online store. A company providing policeware has found that one of its marketing phrases has been picked up by a Chinese company and used as the firm’s name. Plus, a customer of the Russian social media service VKontakte received an unusual Valentine greeting, a cyber attack from a disgruntled customer.

Kenny Toth, March 5, 2019

DarkCyber for February 26, 2019, Now Available

DarkCyber for February 26,2019, is now available at www.arnoldit.com/wordpress and on Vimeo at https://www.vimeo.com/77362226.

The program is a production of Stephen E Arnold. It is the only weekly video news shows focusing on the Dark Web and lesser known Internet services.

This week’s story line up includes: a nano drone for US Army operators; lonely heart cyber cons; a major denial of service takedown; and a snapshot of Cyberheist, a deep dive into financial cyber crime.

The first story explores FLIR’s Black Hornet nano drones. These devices are the size of one half sheet of paper and weigh as much as a single slice of bread. US Army operators will use the devices to see around corners and look over the next ridge. Each drone can transmit high definition video and still images and remain aloft for 30 minutes. The operator can fly the nearly invisible drones from a handheld mobile phone sized controller. The nano drones will be used by military forces in France as well as by US military personnel.

The second story explains how romance cons have become a growth business for cyber criminals. The method exploits online dating or “hook up” sites. Individuals seek females over the age of 50, build trust via online communications, and then use that relationship to obtain cash or financial information. Losses average, according to the UK authorities, about $10,000 per successful con. Victims are often reluctant to go to the authorities because they are embarrassed about their behavior.

The third story provides information about the recent takedown of individuals responsible for more than 200,000 denial of service attacks. One of the individuals arrested began his business based on making it easy to knock a Web site offline when he was 17. The method used flooded a Web site or service with a large number of requests. If the targeted service was not correctly configured, the DDOS attack would cause the Web site or service to become unresponsive.

The final story provides a summary of a free book called “Cyberheist.” The 260 document provides a wealth of information about the mechanisms used for stealing bank account information, credit card data, and other personal financial information. The volume reviews numerous types of online methods for deceiving an individual into providing information or for allowing the attacker to install malware on the target’s computing device. DarkCyber provides information about how to download this useful volume without charge.

Kenny Toth, February 26, 2019

Dark Web Directory: Updates Needed

If the Internet were an ocean, the Dark Web is a very shallow tide pool. While the Dark Web is shallow, we do not recommend diving in because you can still break your neck. The Dark Web has a limited number of Web sites listed on it, all of them using the .onion extension.

These Web sites are accessible using the Tor browser and you do not use a search engine to find them. Instead you rely on social media Web sites, such as reddit, forums, or the Dark Web News. The Dark Web News has the “Dark Web & Deep Web Market List With Up & Down Daily Updated Market Status.”

The market listing is described as “Are you wondering how to find deep net markets? Well, look no further! We have compiled a list of active hidden marketplaces available on the deep web.” It is followed by a guide on how to access the Dark Web, download the Tor browser, etc.

What is striking is the amount of warnings about losing your anonymity. The market listing states, no shouts, that a smart Dark Web user uses not only the Tor browser, but also has a VPN to encrypt their data.

After the anonymity warnings, there are the Dark Web market listings. Each market site is reviewed, given a small description, and its status is shared. The listings are very useful and help track the type of market you are searching for. The only downside is that it lists Silk Road and a few other places as still “open.” Methinks that the Dark Web market listing needs an update. Also they give another good warning: “Do your research before using any hidden marketplace. Reddit is a good place to start.”

The problem is that the Dark Web is not zipping along as it once was. The buying and selling action has shifted to online chat and closed discussion groups. As the Dark Web shrinks, maintaining a listing should be easier too.

Whitney Grace, February 22, 2019

Cyber Saturday for February 16, 2018

Sifting through the information flowing into DarkCyber was less than thrilling. We did spot several items which may presage more cyber excitement in the new world of the Internet.

Security Lapse of the Week

The British newspaper Guardian (paywall) reported that a former US intelligence operative joined Team Iran. The flip exposed information and operatives. The high profile government contractor Booz Allen employed this individual for five months in 2008. Insider threats are a major threat to the security of organizations and individuals engaged in intelligence work. The fancy and expensive software available from numerous vendors may prevent some embarrassing and dangerous activities. Booz Allen was the employer of Edward Snowden, and that company may be a prospect for vendors of next generation insider threat identification systems.

Be Afraid

Deep Fakes is a phrase which is used to described spoofed videos. DarkCyber learned that researchers are allegedly afraid of their own advances in what is called “deep fakes for text.” The Generative Pre Trained Transformer 2 or GPT 2 can punch out content that

comes so close to mimicking human writing that it could potentially be used for “deep fake” content.

You can learn more about DFT and the GPT from Ars Technica.

Plus There Is a Scary Future Arriving

In our weekly DarkCyber video news programs we report about image recognition. In the January 19, 2019, program we explain how making sense of images can be used to pinpoint certain human trafficking hot spots. The Guardian (registration required for some users) explains that pop star Taylor Swift “showed us the scary future of facial recognition.” The focal point of the story is a vendor doing business at ISM. More information about the company is at this link.

Also There Creepy Face Generating AI

Many bad actors attach their images to some social media posts. Some Facebook users have some pride in their law breaking achievements. What happens when the bad actor creates a Facebook account and then posts images with faces automatically generated by smart software? Good question. You can check out the service at this url for “This Person Does Not Exist.”

A Content Treasure Trove for Investigators

That delete button may not work the way you think. Whether you are reselling your old Macbook or deleting Twitter messages, those data may still be around and available for certain types of investigations. Twitter has allegedly retained messages sent to and from deactivated or suspended accounts. Security problem for some; big plus for others. For the Verge’s take, navigate to “Twitter Has Been Storing Your Deleted DMs for Years.”

Online Auction Fraud Group

The US Secret Service took down a gang running an online auction scam. The angle was that ads said:

“I’m in the military and being deployed overseas and have to sell fast.”

To find marks (suckers), the operation unfolded in this way:

Alleged conspirators in Romania posted fake ads on popular online auction and sales websites, including Craigslist and eBay, for high-cost goods (typically vehicles) that ran on air because they were figments of the imagination. They’d con people in the US with, among other lies, stories of how they were in the military and needed to sell their car before being deployed.

Then, according to the Naked Security story:

After their targets fell for it and sent payment, the conspirators allegedly laundered the money by converting it to crypto currency and transferring it to their foreign-based buddies. According to the indictment, the alleged foreign-based money launderers include Vlad-C?lin Nistor, who owns Coinflux Services SRL, and Rossen Iossifov, who owns R G Coins.

And That Fish You Ate Last Night?

An interesting scam has been quantified in Canada by the CBC. Those in the seafood supply chain mislabel their products. Seafood fraud is selling an undesirable species of fish for a more desirable one. How widespread is the practice? I learned:

Oceana Canada, a Toronto-based conservation organization, said it found there was mislabeling with 44 per cent of the seafood samples it tested this year and last in five Canadian cities  — and in 75 per cent of cases, cheaper fish were mislabeled as something more expensive.

And, Of Course, Stolen User Data

DarkCyber noted that another 127 million user records have been offered for sale. The vendor previously posted the availability of 620 million records. More about this now routine event at ZDNet.

Stephen E Arnold, February 16, 2019

Weapons via the Hidden Web

Gun control continues to be a major issue for Americans. However, if ever there was to be a tightening of gun ownership laws in this country, it’s interesting to wonder what the result might look like. Chances are, it would be a lot like Europe—even the problems that come with it, as we discovered in a recent Gunpowder Magazine article, “European Gun Ownership is Surging, Concerned Citizens Resort to Dark Web.”

According to the story:

“High threats of terror attacks and surging crime have left Europeans increasingly uneasy about their personal safety. And because gun control laws are so strict in Europe, citizens are resorting to illicit means to obtain firearms, to the point that, The Wall Street Journal reports, “unregistered weapons outnumbered legal ones” in 2017.”

It’s not just guns that are posing a threat on the dark web. Recently, a hacker posted over 600 million people’s information up for sale there. This is the reason why intelligence agencies are paying closer attention to the dark web, working on ways to crack its mysterious codes. The issue becomes staying in step or even a step ahead of the dark web, which isn’t as easy as it may sound.

Patrick Roland, February 15, 2019

The Dark Web Small Yet Still Dark Place

The Dark Web is an easy scapegoat to blame for all of the Internet’s woes and perils. Even the name “Dark Web” elicits images of negative activity. The truth about the Dark Web is much more complicated than we are led to believe. The Dark Web is a tool to browse and publish information anonymously on the Internet. Yes, criminals do use it to sell stolen goods and for sex trafficking, but it is also a haven for journalists in oppressive regimes, freedom of the press, and freedom fighters around the world.

ZeroFOX shares more details about the Dark Web and its uses in the article, “Evolving Landscape And Emerging Threats On The Dark Web.” ZeroFOX’s article first explains some basic information about what the Dark Web is and how it started as a US Navy project. The project developed into the Onion Router or Tor browser that can access Web sites with the .onion extension.

As the Dark Web grows, its users are experimenting with ways to improve anonymity. Some of the methods are moving to deep web sites that are membership or invite only. These types of Web sites are breeding grounds for criminal activity. The threats increase as technology improves.

The Web sites that pose the greatest threat are the ones that are the hardest to access. Organizations often lack the ability and knowledge to monitor the Dark Web. The most common crimes on the Dark Web are:

“Physical threats, doxxing, and chatter against top executives, public servants/figures, and journalists

Consumer data for sale or exposed, often credit card dumps and credentials leaks

Distribution of copyrighted materials, movies, music and TV

Hacking techniques, vulnerabilities, and planned attacks on cyber forums

Sales of drugs, counterfeit/stolen goods, proprietary technology”

With increased pressure from law enforcement, bad actors are shifting from the “old” Dark Web to alternative ways to obfuscate, communicate, and sell their products and services, exchange information, and chip away at some social norms.

Whitney Grace, February 15, 2019

Dark Web Leads To Dark Deals For Children

Illegal drugs and arms trafficking are some of the worst crimes on the Dark Web, but the most abhorrent crime is sex trafficking. A large majority of sex trafficking victims are women, but children (boys and girls) are also in the victim pool. The New York Post reports how over “123 Missing Children Found In Michigan During Sex Trafficking Operation.” On September 26, 2018, Michigan law enforcement and Operation MISafeKid recovered over one hundred missing children.

Michigan law enforcement were investigating 301 open missing children cases of which 123 were found. All the recovered children were interviewed about if they were sexually abused or trafficked in any fashion. Of the 123 children, only three of them reported being possibly victimized. The sting also revealed leads to missing children in Texas and Minnesota. It is horrible that the most vulnerable humans are sold for sex, but authorities are all the more dedicated to saving them.

“ ‘The message to the missing children and their families that we wish to convey is that we will never stop looking for you,’ the US Marshals Service said. Several agencies were involved in the operation including the US Marshals Service, Michigan State Police, Detroit Police Department, Wayne County local law enforcement, as well as the National Center for Missing and Exploited Children and the Department of Housing and Urban Development’s Office of Inspector General.”

It takes many law enforcement agencies to track, investigate, and prosecute the sex trafficking ringleaders. It is hard to imagine how these ringleaders kept their victims in line, because children are loud by nature. How much intimidation did they use to maintain a low profile?

Whitney Grace, February 14, 2018

LA Times and Its Counterfeiting Thriller

I read “Glowing Reviews Tout Counterfeit Cash on the Dark Web.” The news story is more like a thriller, however. The Dark Web, fake money, online investigations, and a shoot out.

DarkCyber noted several interesting factoids in the write up:

1. Reviews by customers of the Dark Web counterfeiting operation were important to the criminal’s business. The article refers to a “loyal fan base.”
2. The agency taking the lead in the investigation was the US Secret Service. DarkCyber has heard that this entity is the most capable team of cyber sleuths in the US government.
3. The “printing” was carried out on lasers and special paper.
4. The bad actor had a long history of illegal activities. (This suggests that pattern analysis may be a useful adjunct to a traditional investigation.)
5. The bad actor mailed counterfeit bills on several occasions from a traditional outdoor mail box across from a police station.
6. After neutralizing the bad actor, agents discovered “about $300,000 in fake $100 bills, lined up and hanging to dry in neat rows.”

Investigators have not solved the problem of the location of the digital currency to which the bad actor had access. Also, computers seized in the raid were encrypted, and these, according to the write up, have not yet been decrypted by the USSS.

Stephen E Arnold, February 5, 2019

DarkCyber for February 5, 2019, Now Available

DarkCyber for February 5,2019, is now available at www.arnoldit.com/wordpress and on Vimeo at https://www.vimeo.com/315073592. The program is a production of Stephen E Arnold. It is the only weekly video news shows focusing on the Dark Web and lesser known Internet services.

This week’s story line up includes: Alleged money laundering via the popular Fortnite game; and an excerpt from Stephen E Arnold’s “Dark Web, Version 2” lecture at the University of Louisville.

The first story explains how bad actors launder money via the online game Fortnite. The game allows players to purchase “digital assets” by purchasing via a credit card. The credit card funds allow the player to acquire V Bucks. These V Bucks can be converted to weapons, information, or other in-game benefits. But the digital assets can be sold, often on chat groups, Facebook, or other social media. In the process, the person buying the digital assets with a stolen credit card, for example, converts the digital assets to Bitcoin or another digital currency. Many people are unaware that online games can be used in this manner. Law enforcement will have to level up their game in order to keep pace with bad actors.

The second story is an excerpt from Stephen E Arnold’s invited lecture. He spoke on January 25, 2019 to an audience of 50 engineering students and faculty on the subject of “Dark Web, Version 2.” In his remarks, he emphasized that significant opportunities for innovation exist. Investigators need to analyze in a more robust way data from traditional telephone intercepts and the Internet, particularly social media.

Arnold said, “The structured data from telephone intercepts must be examined along with the unstructured data acquired from a range of Internet sources. Discovering relationships among entities and events is a difficult task. Fresh thinking is in demand in government agencies and commercial enterprises.” In the video, Mr. Arnold expands on the specific opportunities for engineers, programmers, and analysts with strong mathematics skills.

A new blog Dark Cyber Annex is now available at www.arnoldit.com/wordpress. Cyber crime, Dark Web, and company profiles are now appearing on a daily basis.

Kenny Toth, February 5, 2019

« Previous Page — Next Page »

• 

• Search the site

•  

  Subscribe to Beyond Search

  • 
  • 
   
  • 
   
  
  Feature archive
  News archive
   
  
  
  Stephen E. Arnold monitors search, content processing, text mining and related topics from his high-tech nerve center in rural Kentucky. He tries to winnow the goose feathers from the giblets. He works with colleagues worldwide to make this Web log useful to those who want to go "beyond search". Contact him at sa [at] arnoldit.com. His Web site with additional information about search is arnoldit.com.

• Categories

  • 3D-Printing
  • Acquisition
  • Advertising
  • Aggregation
  • AI
  • Alexa
  • algorithms
  • Amazon
  • Amazonia
  • Analytics
  • Appliance
  • Applications
  • Audio
  • Augmented Reality
  • Big data
  • Bing
  • Bitcoin
  • Bitext
  • Book review
  • Business intelligence
  • Business process
  • Business strategy
  • Censorship
  • Cloud computing
  • Company Profile
  • Conferences
  • Connectors
  • Consulting
  • Consumer
  • Content processing
  • Copyright
  • Corporate Concerns
  • Cost
  • Crawl
  • Crowdfunding
  • cryptocurrency
  • Customer support
  • Cyber OSINT
  • cybercrime
  • cybersecurity
  • Dark Web
  • DarkCyber
  • Data
  • Data mining
  • Database
  • Deepfakes
  • Digital Assistant
  • Digital Library
  • E2EE
  • ECommerce
  • EDiscovery
  • Editorial opinion
  • Education
  • Emoticons
  • Enterprise
  • Enterprise search
  • Entity extraction
  • Ethics
  • Facebook
  • Faceted search
  • Factualities
  • Feature
  • Federated search
  • Financial
  • Fogint
  • Google
  • Governance
  • Government
  • Hackers
  • healthcare
  • IBM Watson
  • Image search
  • Indexing
  • Infrastructure
  • Innovation
  • Integration
  • intelware
  • Interface
  • Internet
  • Interview
  • Investment
  • law enforcement
  • Legal matters
  • Library automation
  • Management
  • Marketing
  • Mathematics
  • Metadata
  • Microsoft
  • Mobile
  • Natural language processing
  • News
  • NGIA
  • Online (general)
  • Open Access
  • Open source
  • OSINT
  • Osint Radar
  • Overflight
  • Palantir
  • Patents
  • Personnel
  • Podcast
  • Policeware
  • Portals
  • Predictive coding
  • Privacy
  • Profile
  • Publishing
  • Quotation
  • Real time search
  • Reference tool
  • Rich media
  • Robot Writer
  • Search
  • Search enabled applications
  • search engine
  • Search quality
  • Security
  • Semantic
  • Sentiment analysis
  • SEO
  • SharePoint
  • Short Honks
  • Smart Technology
  • Social
  • Social Media
  • software
  • Statistics
  • Taxonomy
  • Technology
  • Text analytics
  • Text processing
  • Tools
  • Tor
  • Training
  • Translation
  • Twitter
  • Uncategorized
  • Unstructured Data
  • User experience
  • User Interface
  • Vertical search
  • Video
  • visualization
  • Voice search
  • Voice technology
  • Web 3
  • Web Services
  • Webinar
  • Windows
  • Work flow
  • XML
  • Yahoo

• Archives

  Archives Select Month March 2025 February 2025 January 2025 December 2024 November 2024 October 2024 September 2024 August 2024 July 2024 June 2024 May 2024 April 2024 March 2024 February 2024 January 2024 December 2023 November 2023 October 2023 September 2023 August 2023 July 2023 June 2023 May 2023 April 2023 March 2023 February 2023 January 2023 December 2022 November 2022 October 2022 September 2022 August 2022 July 2022 June 2022 May 2022 April 2022 March 2022 February 2022 January 2022 December 2021 November 2021 October 2021 September 2021 August 2021 July 2021 June 2021 May 2021 April 2021 March 2021 February 2021 January 2021 December 2020 November 2020 October 2020 September 2020 August 2020 July 2020 June 2020 May 2020 April 2020 March 2020 February 2020 January 2020 December 2019 November 2019 October 2019 September 2019 August 2019 July 2019 June 2019 May 2019 April 2019 March 2019 February 2019 January 2019 December 2018 November 2018 October 2018 September 2018 August 2018 July 2018 June 2018 May 2018 April 2018 March 2018 February 2018 January 2018 December 2017 November 2017 October 2017 September 2017 August 2017 July 2017 June 2017 May 2017 April 2017 March 2017 February 2017 January 2017 December 2016 November 2016 October 2016 September 2016 August 2016 July 2016 June 2016 May 2016 April 2016 March 2016 February 2016 January 2016 December 2015 November 2015 October 2015 September 2015 August 2015 July 2015 June 2015 May 2015 April 2015 March 2015 February 2015 January 2015 December 2014 November 2014 October 2014 September 2014 August 2014 July 2014 June 2014 May 2014 April 2014 March 2014 February 2014 January 2014 December 2013 November 2013 October 2013 September 2013 August 2013 July 2013 June 2013 May 2013 April 2013 March 2013 February 2013 January 2013 December 2012 November 2012 October 2012 September 2012 August 2012 July 2012 June 2012 May 2012 April 2012 March 2012 February 2012 January 2012 December 2011 November 2011 October 2011 September 2011 August 2011 July 2011 June 2011 May 2011 April 2011 March 2011 February 2011 January 2011 December 2010 November 2010 October 2010 September 2010 August 2010 July 2010 June 2010 May 2010 April 2010 March 2010 February 2010 January 2010 December 2009 November 2009 October 2009 September 2009 August 2009 July 2009 June 2009 May 2009 April 2009 March 2009 February 2009 January 2009 December 2008 November 2008 October 2008 September 2008 August 2008 July 2008 June 2008 May 2008 April 2008 March 2008 February 2008 January 2008 November 5

• Recent Posts

  • Microsoft: Marketing Is One Thing, a Cost Black Hole Is Quite Another
  • Microsoft Sends a Signal: AI, AIn’t Working
  • Automobile Trivia: The Tesla Cybertruck and the Ford Pinto
  • AI and Two Villages: A Challenge in Some Large Countries
  • A French Outfit Points Out Some Issues with Starlink-Type Companies

• Meta

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org