Browse >
Home / Archive by category 'cybercrime'
DarkCyber for September 4, 2018, is now available at www.arnoldit.com/wordpress and on Vimeo at https://vimeo.com/287783314.
Stephen E Arnold’s DarkCyber is a weekly video news and analysis program about the Dark Web and lesser known Internet services.
This week’s program covers three Dark Web and security related stories.
The first story addresses Gephi, an open graph visualization platform. Unlike Excel, Gephi is a platform. The software system can be a useful complement to blockchain deanonymization tasks. An analyst can perform link analysis; that is, what hyperlink or item leads to another. The Gephi One feature allows the user to turn a graphical representation and explore it in three dimensions. A user can interact with the data, drilling down into a cluster or popping up one or more levels to see how a particular item relates to a broader grouping of data. The system can manipulate up to one million nodes and edges. Some commercial tools struggle to deal with more than a handful of nodes and edges. The video includes a link at which Gephi can be downloaded.
The second story describes a vehicle tracking and surveillance innovation called Zoomed. Developed by Cameroonia computer whiz Zuo Bruno, the system does not require the Internet. Instead, Zuo Bruno devised a system which operates via SMS. Once the device is placed in a vehicle, the location of the vehicle can be determined by placing a mobile call to the Zoomed device. The device drops the call and messages the location and other data of the vehicle. The Zoomed technology can perform other functions as well; for example, the audio in the vehicle can be recorded and the vehicle can be disabled.
The third story describes a free account takeover alerting service or ATO from Truthfinder. The idea is that after a person registers for the service, Truthfinder will notify that individual when his personal information is discovered by the monitoring service. DarkCyber explains how to sign up for the service and how to disable the notifications if they become a burden.
Kenny Toth, September 4, 2018
Applause are due to the European Union, who have instituted a unique plan for battling online extremism. We learned more about this tactic and were able to think about its potential stress points from reading an interesting Inquirer article, “EU Wants Tech Firms to Remove Terror Content Within an Hour of Facetimes.”
According to the story:
“In March, legislation passed that presented the hour-long purge window, but it was only marked under voluntary guidelines. But it looks like tech firms aren’t volunteering to work to these guidelines so the EU wants to force them to do so by imposing fines on firms that are blasé about terrorism-related materials on their services, networks and platforms.”
This is a very exciting prospect in the war on disinformation and violence planned online. However, it’s not time to celebrate quite yet. As reported recently, the EU is a complex machine itself and several countries failed to step in line with the cybersecurity deadline that loomed this summer. Beyond that, we are very curious to see how the various nations and governing bodies work together to oversee this new security measure. We hope it makes some headway, but will be watching from afar.
Patrick Roland, September 3, 2018
Next week, the publisher of Beyond Search and producer of DarkCyber (Stephen E Arnold) will be delivering a lecture in Washington, DC. The subject? The “new” Dark Web. Encrypted chat is becoming the go to system for certain types of information and product / service transactions.
What’s the angle?
The meteoric rise of group text and chatting tool, WhatsApp, has been well documented. In a world of tangled social media webs, this seemed like a smaller, more concentrated way to get updates from friends and family. However, the app has made some recent additions that may take it more toward the Facebooks and Twitters of the world. We learned more in a recent Make Use Of story, “The Best New WhatsApp Features You Might Have Missed.”
Among the new tools:
“Catch-up: A new @ button appears at the bottom right corner of the chat when you’ve been mentioned by someone, or if someone has quoted you, while you were away. It’s easier to catch up on something you might have missed.
“Protection From Re-Adding: WhatsApp groups don’t need your consent to add you to a group. Now, if you leave that group, an admin can’t just add you back immediately.”
In addition, there are search features and tools for deleting messages. It should come as no surprise that the program’s co-founder is a former (technically current) Facebook employee. Is this a step toward becoming a more direct competitor of the social giant? But encrypted chat has larger implications. If you are in DC, write Stephen at darkcyber333 at yandex dot com. You might be able to set up a short meet up at a physical coffee shop. No chat required.
Patrick Roland, August 29, 2018
Written by Stephen E. Arnold · Filed Under cybercrime, Dark Web, News | Comments Off on WhatsApp Veering Closer to Traditional Social Media
DarkCyber for July 24, 2018, is now available at www.arnoldit.com/wordpress and on Vimeo at https://vimeo.com/284579347 .
Stephen E Arnold’s DarkCyber is a weekly video news and analysis program about the Dark Web and lesser known Internet services.
This week’s program covers four Dark Web and security related stories.
The first story presents data about online drug sellers. The estimated number of vendors is in the 30,000 to 50,000 range. DarkCyber points out that such data are likely to be uncertain. Estimates of online sources for controlled substances are based on difficult-to-verify data. DarkCyber reports that as many as one half of the prescription drugs sold online may be fakes.
The second story reports that the Dark Web is changing. The shift from Tor-centric Web sites to encrypted chat and messaging systems is underway. Encrypted chat complicates the work of law enforcement and intelligence professionals. Plus, encrypted chat sessions can trigger mob actions which can spiral out of control and without warning. A lynching in India may be the direct result of forwarded encrypted chat messages.
The third story provides a snapshot of the NC4 policeware system Street Smart. A popular US magazine referenced the company without providing details about the system and its functions. DarkCyber explains that information about the software system are available on the NC4 Web site and in videos publicly available on YouTube.
The final story explains how 3D printing makes it comparatively easy for an individual to create what is called a “ghost gun.” The 3D printed weapon does not have an identification number, so tracing the gun is difficult. DarkCyber points out that copyright issues and regulations concerning the manufacture of weapons will consume time, money, and human resources.
Kenny Toth, August 14, 2018
The goal, most agree, is to keep sensitive information out of the hands of hackers and crooks, right? European officials might be planning to fly directly in the face of that logic, after we read a recent article in The Register, “Think Tank Calls for Post-Brexit National ID Cards: The Kids Have Phones, So What’s The Difference?”
Things got dicey here:
“The government intends to assign EU citizens unique numbers based on either a passport or national ID card number…he system will be accessed via GOV.UK or a smartphone app, and the report praised the security and privacy credentials promised for the database of citizen numbers…The data will be kept on Home Office servers in a tier 3 data centre, with individual pieces of information stored and encrypted separately.”
So, let’s get this straight? All of Europe will have its personal information on file in one location and they are just publicly telling the bad guys where to find it? What could go wrong? Google seems to be rolling out a program to warn governments when they are being hacked, which makes Google more “useful” to certain authorities.
But bad actors gravitate to data collections which have significant value. The ID card repository may become a high profile target.
Patrick Roland, August 9, 2018
Written by Stephen E. Arnold · Filed Under cybercrime, cybersecurity, News | Comments Off on Europe Creates a Potential Target for Bad Actors
Many in the media are making the Dark Web out to be a boogie man who will steal your identity and ruin your life. While that is possible, a greater threat lurks out there on the regular everyday Web that we all use. A fascinating recent study discovered that we are extremely vulnerable to anyone looking for our personal data. We learned just how vulnerable in a recent Which? story, “How The Internet Reveals Your Personal Data Secrets.”
According to the story, when 14 hackers were paid to do a test run and look for dirt on everyday citizens:
“None of the personal data sources we found were on the ‘dark web’ – a phrase that describes websites accessible only by a specialist browser geared up for anonymity. We were able to discover passwords and password hints, email and postal addresses, dates of birth, phone numbers, middle names and even signatures. There was also a wealth of ‘softer’ information revealing people’s interests, hobbies, religion and political preferences.”
If that isn’t enough to scare you, consider that the place where we are supposed to feel the most safe, is actually a hotbed of identity theft. According to US News and World Report, your doctor’s medical files on you is an ID thief’s dream come true.
Patrick Roland, July 24, 2018
DarkCyber for June 12, 2018, is now available at www.arnoldit.com/wordpress and on Vimeo at https://vimeo.com/274326974 .
Stephen E Arnold’s DarkCyber is a weekly video news and analysis program about the Dark Web and lesser known Internet services.
The first story focuses on torrents. ThePirateBay has long been associated with making it easy to access copyrighted content. With ThePirateBay offline, those in search of free copyrighted content have created a proxy list. The idea is that a bad actor can located copyrighted materials and sidestep paying for access. Although these torrent finder sites come and go, a list is easily available for anyone looking for what ThePirateBay made findable.
Next, Stephen reports that the Dutch police, in cooperation with other nation’s law enforcement agencies, have shuttered MaxiDed. The site, allegedly operated by citizens of Moldova, provided hosting and online services. MaxiDed allowed individuals and organizations wanting to distribute malware, host Dark Web sites, and engage in other online activities a safe harbor. The MaxiDed marketing explained that the service was “bulletproof.” DarkCyber reveals that MaxiDed was not.
The third story continues DarkCyber’s explanation of Amazon’s “policeware” initiative. The Amazon Rekognition service makes it possible for law enforcement to identify individuals in images and video. Unlike some other systems, Amazon’s approach allows real time facial recognition. Also, the system can identify up to 100 individuals in a group photo. This service complements Amazon’s streaming data service revealed in the June 5, 2018, DarkCyber video. Stephen E Arnold said: “Amazon’s push into services which seem tailor made for law enforcement, regulatory entities, and intelligence professionals continues. Its facial recognition service called ”Rekognition“ could revolutionize how authorities identify possible bad actors. The use of Amazon’s cross correlation method could significantly rework the law enforcement landscape in a very short period of time.”
The final story makes the economics of selling synthetic opioids clear. According to data compiled by Bloomberg, a kilogram of fentanyl or an analogue can generate orders of magnitude more money when sold on the street. Also, obtaining bulk quantities of fentanyl analogues is possible. China, for example, does not regulate analogues as closely as it does fentanyl itself.
Kenny Toth, June 12, 2018
For those unfamiliar with the practice of “doxxing,” Stuff has shared a clear introduction on the topic peppered with links to more information—“What is Doxxing, and Why Is It So Scary?” Reporter Jasmine McNealy describes the technique of discovering personal information available online and using it against one’s target. She also emphasizes how dangerous these attacks can be. McNealy writes:
“It’s not surprising that information has value – particularly information related to people’s identities, interests and habits. This is, after all, the age of big data, social media and targeted advertising. The Facebook-Cambridge Analytica scandal is just one of many events in which regular people found out just how much personal information is available out on the internet. People also found out how little power they had over their information. Generally, people want, and think they have, control over who knows what about them. Individual identity is in part performance: People decide and change who they are and how they act in different places, around different groups. This is particularly true online, where many sites and services allow users to be anonymous or pseudonymous or to hide their information from other users’ searches. Often, of course, each site itself has some private information about users, like an email address, for delivering service-related notices. But online platforms seem to offer users a measure of control over their identity and personal information.”
That control, however, is less absolute than these platforms would have their users believe. The write-up describes why this is so, and concludes by emphasizing McNealy’s central point—doxxing turns online information into a dangerous weapon.
Cynthia Murrell, June 7, 2018
Stephen E Arnold’s DarkCyber video news program for Tuesday, May 29, 2018, is now available.
This week’s story line up is:
- The “personality” of a good Web hacker
- Why lists are replacing free Dark Web search services
- Where to find a directory of OSINT software
- A new Dark Web index from a commercial vendor.
You can find this week’s program at either www.arnoldit.com/wordpress or on Vimeo at https://vimeo.com/272088088.
On June 5, 2018, Stephen will be giving two lectures at the Telestrategies ISS conference in Prague. The audiences will consist of intelligence, law enforcement, and security professionals from Europe. A handful of attendees from other countries will be among the attendees.
On Tuesday, June 5, 2018, Stephen will reveal one finding from our analysis of Amazon’s law enforcement, war fighting, and intelligence services initiative.
Because his books have been reused (in several cases without permission) by other analysts, the information about Amazon is available via online or in person presentations.
The DarkCyber team has prepared short video highlighting one research finding. He will include some of the DarkCyber research information in his Prague lectures.
The Amazon-centric video will be available on Tuesday, June 5, 2018. After viewing the video, if you want the details of his for fee lecture, write him at darkcyber333@yandex dot com. Please, put “Amazon” in the subject line.
Several on the DarkCyber team believe that most people will dismiss Stephen’s analysis of Amazon. The reason is that people buy T shirts, books, and videos from the company. However, the DarkCyber research team has identified facts which suggest a major new revenue play from the one time bookseller.
Just as Stephen’s analyses of Google in 2006 altered how some Wall Street professionals viewed Google, his work on Amazon is equally significant. Remember those rumors about Alexa recording what it “hears”? Now think of Amazon’s services/products as pieces in a mosaic.
The picture is fascinating and it has significant financial implications as well.
Enjoy today’s program at this link.
Kenny Toth, May 29, 2018
Written by Stephen E. Arnold · Filed Under Analytics, Cyber OSINT, cybercrime, cybersecurity, DarkCyber, News, Video, visualization | Comments Off on DarkCyber, May 29, 2018, Now Available
Forget the utility of the procedure for outdoor hikers described in “Plot a Hike on Google Earth.” My first thought was, “What a Mother’s Little Helper” for those involved in military orienteering. I particularly liked the use of Strava, an application with data of some value to those eager to locate certain types of behavior patterns inadvertently created by joggers. I also liked the bouncing between a desktop / laptop computer and mobile devices. No problem for personnel operating from a semi fixed base station. Finally, the “fly around” functionality is helpful. My problem with these capabilities is that they are available to anyone. My personal view is that certain types of technology applications can be put to what I would describe as questionable uses. Why go through the hassle of joining the military or law enforcement, cope with the rigors of FLETC and other training program, and sharpen one’s skills in the field. Take a short cut and put the capabilities in whatever context one wants. Sorry. Too much information.
Stephen E Arnold, May 26, 2018
« Previous Page — Next Page »
