DarkCyber for January 14, 2020, Now Available

January 14, 2020

The DarkCyber for January 14, 2020, is now available. The program includes stories about ToTok, cyber trends in 2020, and information about the new Amazon Blockchain Policeware report. You can view the video on Vimeo at this link: https://vimeo.com/384343454.

We want to thank the people who commented on our interview with Robert David Steele. We posted this video on December 31, 2019. If you missed that program, you can view it at this link: https://vimeo.com/382165736.

Kenny Toth, January 14, 2020

Black Friday On The Dark Web

December 9, 2019

This sounds newsy.

Black Friday not only affects retailers, but it also occurs on the Dark Web. Uazmi reports that “Drug Dealers Offer Black Friday Deals On the Black Web.” Drug dealers want their own slice of Black Friday sales. Digital Shadows, a cyber risk form, discovered 1,600 posts about Black Friday 2019 sales.

Drug dealers on the Dark Web are offering 30% discounts and even more discounts for buyers who spend more than $2,000. People who buy illegal drugs are always looking for ways to leave more green in the their pockets for next hit and sellers are willing to take advantage of that in the spirit of the season.

“‘People are always on the lookout for deals, regular consumer and cyber criminal alike. This is why towards the beginning of November, users on dark web forums typically flock to create threads dedicated to finding and sharing the best Black Friday deals,’ Digital Shadows research analyst Alex Guirakhoo told The Independent.

‘On dark web marketplaces, Black Friday is an excellent opportunity for site operators to increase sales and attract new buyers. Attracting new customers is particularly important, as consistent law enforcement action and repeated exit scams on popular marketplaces have thrown the ecosystem into disarray.’”

At least Dark Web drug dealers do not have to deal with mad mobs of people hoping to buy the hottest toy or fight over a flat screen TV. Black Friday sales on the Dark Web might bring new customers, but it also brings new law enforcement officials looking to catch more bad actors.

Whitney Grace, December 9, 2019

Dark Web Search: Beating a Small, Nearly Dead Horse

October 28, 2019

Despite popular opinion, search engines do not yield all the information on the Internet. Albrecht Ude recycles tips in Global Investigative Journalism Network’s article, “How To Become A Deep Web Super Sleuth” that only 4% of Internet content is shown in search results. The key to discovering information hidden on the Internet is not search for specific details, instead search for where that information should be. For example, if you are searching for someone’s email address, but cannot find it search instead for organizations related to the person. Digging through content and searching for clues is how to find the gold (aka the desired information).

The article also offers some advice how to become a super deep web sleuth. These tips are helpful for any type of information search, not only those linked to specific organizations or their databases usually not listed in search results.

Figure out who runs the database or organization, these will usually be individuals who would invest funds or stand to make a profit from the information. Interestingly enough databases can also be “hacked:”

‘Find databases by searching for your topic with “database OR directory OR catalogue OR registry” on a search engine. If you want some privacy, Dutch company www.startpage.com runs searches for you on Google, without giving the tech giant your information.”

As millions of students know, while you cannot use Wikipedia as a research tool, you can use the information they cite in their articles. Check out the external links in the bottom of articles as well as search for lists of academic or online databases. Do not forget to search Wikipedia in other languages for more diverse results.

Take advantage of what is available at your public or university library. Public and university libraries pay subscriptions for databases. They can be accessed on site or via a library card, generally these are free to local residents. The Wayback Machine and Archive.today are also great sources for Web site history, because sites disappear as quickly as they are made, but these archives store them.

Relying solely on search engines for research is a lazy move. Lazy.

Whitney Grace, October 28, 2019

DarkCyber for August 27, 2019, Now Available

August 27, 2019

DarkCyber for August 20, 2019, is now available at www.arnoldit.com/wordpress and on Vimeo at https://www.vimeo.com/.

The program is a production of Stephen E Arnold. It is the only weekly video news shows focusing on the Dark Web, cybercrime, and lesser known Internet services.

This week’s story line up includes: Amazon AWS as an attack launch pad for bad actors; obtaining fake paper and passports; cyber warriors have side gigs; adversarial fashions are for sale; and information about the new DarkCyber series about policeware starting in November 2019.

The feature story this week is reports that some bad actors are integrating Amazon Web Services into their phishing and malware activities. The reason is that the platform is widely available, easy to use, and has an excellent reputation. Many phishing attacks use multiples services, and AWS is becoming a resource that is gaining acceptance among bad actors.

Other stories in this week’s program are:

Jeffrey Epstein, accused of human trafficking activity, had several passports in his home at the time of his arrest. Passports and other documents like a driver’s license can be purchased on the Dark Web and via other channels. Valid passports are available from a number of countries, including Greece. The valid passport from St. Kitts and Nevis cost between $150,000 and $400,000 and up. The lower charge is for a donation to the country’s sustainable growth fund. The $400,000 is the minimum required for a real estate purchase on the island. Crossing a border with fake paper or multiple passports can invite the question, “Why do you have these documents?” Unsatisfactory answers can result in denied entry, fines, or incarceration.

DarkCyber reports that Chinese cyber warriors have discovered how to operate side gigs. The idea is that these individuals use their hacking skills to compromise financial accounts. Another approach is to obtain digital products which can be sold to online game enthusiasts. Gamers will pay for game cheats and special powers to obtain an in game advantage.

For individuals who are concerned about facial recognition, a new fashion trend may be building up steam. Adversarial Fashion has developed clothing which uses designs and colors that can confuse facial recognition systems and license plate optical character recognition readers. DarkCyber provides information about where to order these T shirts, jackets, and other items. Plus, DarkCyber gives the viewer instructions for downloading a report about the technological weaknesses in surveillance systems.

DarkCyber is a weekly production of Stephen E Arnold. The currency series of videos ends with the August 27, 2019, program. The new series of DarkCyber videos begins on November 5, 2019. The new series will focus on policeware with an emphasis on Amazon’s products and services for law enforcement, intelligence professionals, and regulatory authorities in the US, Canada, Australia, New Zealand, and the United Kingdom.

DarkCyber programs are available on Vimeo.com and YouTube.com.

Kenny Toth, August 27, 2019

DarkCyber for August 20, 2019, Now Available

August 20, 2019

DarkCyber for August 20, 2019, is now available at www.arnoldit.com/wordpress and on Vimeo at https://www.vimeo.com/354476523 .
The program is a production of Stephen E Arnold. It is the only weekly video news shows focusing on the Dark Web, cybercrime, and lesser known Internet services.

The story line up this week includes a feature about Anduril Technologies’ surveillance system for border monitoring. The show also includes a critique of a public report about robocalling and a comment about the increasingly loud calls for backdoors to mobile phones and encrypted messages by law enforcement in the US and other countries.

The feature story this week is about Anduril Industries, the company which is developing systems for the Department of Defense’s Project Maven. The company was founded in 2017 by Palmer Luckey. After creating the virtual reality product Oculus Rift, Luckey sold the company to Facebook. He then founded Anduril to develop next generation surveillance products and systems. His clients include US government agencies like the Department of Homeland Security. Anduril’s innovations allow software to monitor, analyze, and make decisions. These decisions can be taken without human involved, take place automatically, or employ human-machine interactions. The system can process data from digital cameras and specialized devices. These data are then federated and analyzed by the firm’s proprietary algorithms. The system can, for example, identify a herd of cattle as well as a group of people approaching a border. Anduril, however, is able to differentiate between the animals and the humans. If detection occurs at an Anduril monitoring tower, Anduril drones can also scan the area. If multiple Anduril drones are deployed in the area in which the anomaly was detected, the resolution of the system increases. In effect, Anduril has developed a way for surveillance to deliver detection, analysis, and increased resolution. An operator can immerse himself or herself in a virtual reality presentation of what the drones and the monitoring devices “see”. Anduril’s approach to US government work stands in direct contrast to that of Google. Google refused to work on Project Maven yet funded an educational artificial intelligence center in mainland China. Anduril welcomes US government work. One of the investors in Anduril suggested that Google’s attitude toward the US government could be interpreted as treasonous.

Two other stories round out this week’s episode.

Law enforcement agencies in the US and other Five Eyes member countries continue their call for a way for government agencies to access devices and messages by persons of interest. The “growing dark” problem in the US made headlines. Law enforcement investigating the Dayton, Ohio, killings have been unable to access the alleged shooter’s mobile phone data. DarkCyber anticipates increasingly loud calls for legislation to make it mandatory for technology companies to cooperate with law enforcement when courts permit access to mobile devices.

DarkCyber calls attention to an article which provides a road map for an individual who wants to run a robocall operation. The details of the method are reviewed. Plus, DarkCyber names two services which allow a robocall spammer to set up an operation with a few clicks online. One of these services includes a “press one feature” which allows the robocaller to charge the individual who happens to answer the telephone. DarkCyber finds these types of “how to” articles somewhat troubling. The information may encourage some individuals to launch a robocall business and runs scams anonymously.

A new multi part series about Amazon policeware initiative begins on November 5, 2019. DarkCyber programs are available on Vimeo.com and YouTube.com.

Note that DarkCyber will begin a new series of programs on November 5, 2019. The current series or “season” ends on August 27, 2019. We are developing the new series now. It’s about everyone favorite online bookstore with an emphasis on policeware and intelware.

Kenny Toth, August 20, 2019

DarkCyber for August 6, 2019, Now Available

August 6, 2019

DarkCyber for August 6, 2019, is now available at www.arnoldit.com/wordpress and on Vimeo at https://www.vimeo.com/351872293. The program is a production of Stephen E Arnold. It is the only weekly video news shows focusing on the Dark Web, cybercrime, and lesser known Internet services.

DarkCyber (August 6, 2019) explores reports about four high-profile leaks of confidential or secret information. Each “leak” has unique attributes, and some leaks may be nothing more than attempts to generate publicity, cause embarrassment to a firm, or a clever repurposing of publicly available but little known information. Lockheed Martin made available in a blog about automobiles data related to its innovative propulsion system. The fusion approach is better suited to military applications. The audience for the “leak” may be US government officials. The second leak explains that the breach of a Russian contractor providing technical services to the Russian government may be politically-motivated. The information could be part of an effort to criticize Vladimir Putin. The third example is the disclosure of “secret” Palantir Technologies’ documents. This information may create friction for the rumored Palantir INITIAL PUBLIC OFFERING. The final secret is the startling but unverified assertion that the NSO Group, an Israeli cyber security firm, can compromise the security of major cloud providers like Amazon and Apple, among others. The DarkCyber conclusion from this spate of “leak” stories is that the motivations for each leak are different. In short, leaking secrets may be political, personal, or just marketing.

Other stories in this week’s DarkCyber include:

A report about Kazakhstan stepped up surveillance activities. Monitoring of mobile devices in underway in the capital city. DarkCyber reports that the system may be deployed to other Kazakh cities. The approach appears to be influenced by China’s methods; namely, installing malware on mobile devices and manipulating Internet routing.

DarkCyber explains that F Secure offers a free service to individuals who want to know about their personal information. The Data Discovery Portal makes it possible for a person to plug in an email. The system will then display some of the personal information major online services have in their database about that person.

DarkCyber’s final story points out that online drug merchants are using old-school identity verification methods. With postal services intercepting a larger number of drug packages sent via the mail, physical hand offs of the contraband are necessary. The method used relies on the serial number on currency. When the recipient provides the number, the “drug mule” verifies that number on a printed bank note.

DarkCyber videos appears each week through the September 30, 2019. A new series of videos will begin on November 1, 2019. Programs are available on Vimeo.com and YouTube.com.

Kenny Toth, August 6, 2019

DarkCyber for July 30, 2019, Now Available

July 30, 2019

DarkCyber for July 30, 2019, is now available at www.arnoldit.com/wordpress and on Vimeo at https://www.vimeo.com/350567599. The program is a production of Stephen E Arnold. It is the only weekly video news shows focusing on the Dark Web, cybercrime, and lesser known Internet services.

DarkCyber (July 30, 2019) explores China’s aggressive method of dealing with encrypted messaging; Perceptics’ data breach and its consequences; a way to determine email links to other online services; and Palantir’s secret Gotham information exposed.

This week’s lead story concerns Palantir Technologies, a vendor of search and analytic tools for analysts. Founded in 2003, Palantir has draped a cloak of secrecy over one of its flagship products, now more than 16 years’ old. The information about the “secret” document appeared in Vice, an online information service. For those unfamiliar with investigative software, the revelations were of interest to some individuals. Vice’s public records request yielded a user manual written for police with access to the Palantir Gotham “intelware” system. The manual—described as secret and confidential—provides step-by-step instructions for performing certain investigative tasks; for example, how to obtain a profile of a person of interest, how to obtain information about a vehicle, and similar basic investigative questions.

Other stories in the July 23, 2019, program are:

First, China has introduced a very direct method of obtaining access to content on mobile phones and tablets. Citizens and allegedly some visitors have to install software from Xiamen Meiya Pico Information Company. The MFSocket software provides access to images, audio files, location data, call logs, messages, and the phone’s calendar and contacts, including those used in the messaging app Telegram. It is possible that the Meiya Pico organization has a cooperative relationship with the Chinese government. The company allegedly has 40 percent of the Chinese digital forensics market.

Second, a Web service named Deseat.me provides a useful service. Few people know what Web sites and Web services are linked to a person’s email address. Deseat.me makes locating this information easy. The service, at this time, is offered without charge. DarkCyber points out that many modern policeware systems offer a similar functionality for any email address. Deseat, along with a small number of similar services, makes the process of locating these linked sites and services easy and quick.

Finally, Perceptics, a company best known for its license plate identification system, suffered a security breach. Among the items of information compromised were US government data and a range of Perceptics’ proprietary data. The information allegedly included data related to recent border activities, a contentious issue in the United States. Perceptics may find that making sales to the US government more difficult. A loss of contracts would adversely impact the company’s revenue. A larger issue is that the security measures implemented by a company engaged in cyber services failed to deploy systems which guarded high-value data. The cost of a data breach can be high and create a public relations challenge for organizations more comfortable operating in a low-profile way.

DarkCyber videos appears each week through the September 30, 2019. A new series of videos will begin on November 1, 2019. Programs are available on Vimeo.com and YouTube.com.

Kenny Toth, July 30, 2019

DarkCyber for July 23, 2019, Now Available

July 23, 2019

DarkCyber for July 23, 2019, is now available at www.arnoldit.com/wordpress and on Vimeo at https://www.vimeo.com/349282829. The program is a production of Stephen E Arnold. It is the only weekly video news shows focusing on the Dark Web, cybercrime, and lesser known Internet services.

This week’s DarkCyber reports about Australia’s use of its anti-encryption law; tools for video piracy, a profile of SearchLight Security’s Cerberus system, and where to get information needed to join a Dark Web forum.

This week’s lead story concern easily findable software to facilitate video piracy and streaming. A report in TorrentFreak presents information from an unnamed source. This individual allegedly has been involved in video piracy and streaming for an extended period of time. The individual provides specific information about some of the software needed to remove digital rights management protections from commercial, copyrighted video content. The DarkCyber research team was able to locate software designed for the same purpose. No Dark Web and Tor were required. More significantly, these programs can be located by anyone with access to a browser and a Web search engine like Bing, Google, or Yandex. DarkCyber’s research has revealed that industrialized crime is now playing a larger role in streaming stolen video content.

Other stories in the July 23, 2019, program are:

First, Australia’s anti encryption law is now being put to use. The new regulations were used in the warrant to obtain content from a journalist. Australia is a member of the Five Eyes confederation. Australia’s law requires companies to cooperate with law enforcement and provide access to encrypted and other secured information. Canada, New Zealand, the United Kingdom, and the United States are likely to have elected officials who will seek to implement similar laws. News organizations in Australia perceive such laws as a threat.

Second, DarkCyber profiles a company founded in 2017 focused on providing law enforcement and intelligence professionals with an investigative tool. The company indexes a range of content, including forums, Dark Web sites and services, and social media content. Plus the company has created an easy-to-use interface which allows an investigator or analyst to search for a person of interest, an entity, or an event. The system then generates outputs which are suitable for use in a legal matter. The company says that use of its system has grown rapidly, and that the Cerberus investigative system is one of the leaders in this software sector.

Finally, DarkCyber provides information about a new report from IntSights, a cyber-intelligence firm. The report includes information which helps an individual to gain access to “cracker” forums and discussion groups which examine topics such as credit card fraud, money laundering, contraband, and similar subjects. The video provides the information required to download this report.

DarkCyber videos appears each week through the September 30, 2019. A new series of videos will begin on November 1, 2019. Programs are available on Vimeo.com and YouTube.com.

A new series of DarkCyber begin in November 2019.

Kenny Toth, July 23, 2019

DarkCyber for July 16, 2019, Now Available

July 16, 2019

This week’s program is now available at www.arnoldit.com/wordpress and on Vimeo at https://www.vimeo.com/348009146. The program is a production of Stephen E Arnold. It is the only weekly video news shows focusing on the Dark Web, cybercrime, and lesser known Internet services.

This week’s story line up includes: An Australian teen with 20,000 LSD doses; a money laundering operation run within a Florida prison; a how to guide for credit card fraudsters; Facebook’s digital currency triggers domain name land rush; and Interpol smashes a global child sex crime operation.

This week’s lead story talks about Facebook’s digital currency. Regulators in the US have expressed some reservations about what could be considered a sovereign currency. Facebook’s effort to unify its messaging applications and integrate encryption into the service poses one additional hurdle for investigators. The proposed digital currency called Libra may enable seamless, friction free financial transactions within the encrypted Facebook system. Bad actors are likely to test the system to find ways to use Facebook for illegal activities. Messaging apps can provide access to digital content like pirated videos, child pornography, commercial software with its security compromised, and similar digital contraband.

Other stories in the July 16, 2019, program are:

First, an Australian teenager used the Dark Web to purchase LSD, a controlled substance. The Australian Joint Agency Strike Team monitored the teenager’s activity which included setting up a mail drop in the central business district of Adelaide. When police moved in, they seized 20,000 doses or “tabs” of LSD. The contraband had an estimated street value of US$200,000. The legal representative of the alleged drug dealer pointed out that the young man had good family support. The teen also had knowledge of the Dark Web, a mail drop, and the 20,000 LSD tabs.

Second, Terbium Labs issued a new report which provides information about credit card fraud. For security professionals, the report is a concise review of key factors. To an individual looking for a primer explaining credit card fraud or “carding” the Terbium report is an interesting resource. Terbium points out that lesson plans for would be credit card fraudsters are available on the Dark Web. Most of the instructional material and guides cost between $4 and $13. Similar information can be located using Regular Web search engines. DarkCyber reveals that Yandex.com offers both current credit card fraud instruction guides as well as direct links to explanatory videos. This type of information may pose a dilemma for public search engines. For an individual seeking information about how to perform financial fraud, the abundance of available information is remarkable for its scope and its ready availability.

Third, convicted criminals in Pasco Country, Florida, operated a money laundering scheme from their cells. The angle was to obtain stolen credit cards from a Dark Web marketplace and transfer money from the credit card to a prisoner’s personal commissary account. Many US prisons allow inmates to purchase snacks and approved items from this prison store. Once the money was in a prisoner’s account, the ringleader then submitted a request for the prison to transfer the money to the account of an individual who was not in prison. Investigators identified the prisoners involved in the scheme, arrested one person who acted as an accomplice, and identified seven other individuals involved the the operation. A total of $8,000 was stolen in 40 separate transactions.

Finally, DarkCyber reports that Interpol’s Blackwrist investigated a global child sex crime operation. Dozens of individuals were arrested. One pedophile has been sentenced to more than 100 years in a Thailand prison. Others snared in the sweep are allegedly individuals who have abused children, some as young as 15 months. Blackwrist continues its investigations and more arrests are expected.

Kenny Toth, July 16, 2019

DarkCyber for July 9, 2019, Now Available

July 9, 2019

DarkCyber for July 9, 2019, is now available at www.arnoldit.com/wordpress and on Vimeo at https://www.vimeo.com. The program is a production of Stephen E Arnold. It is the only weekly video news shows focusing on the Dark Web, cybercrime, and lesser known Internet services.

This week’s story line up includes: Amazon’s drone-centric surveillance technology; Mauritania loses Internet access; cyber criminals stumble at the US Post Office; the US develops THOR to kill drone swarms; and cyber crime for vertical markets grows.

This week’s lead story pivots on Amazon’s patent US 10,313,638 “Image Creation for Geo-Fence Data.” This invention makes it possible for an Amazon drone delivering packages or performing some other function like verifying that a driver dropped off an order to perform other functions. The specific example described in the patent is for Amazon to parse drone footage within a specific area and then extract data about a person or other entity. The idea is to geo-fence a front yard, a back door, or some other location and then extract the image and assign metadata to that extracted object. In short, deliveries plus surveillance. The invention makes us of the Amazon Web Services’ suite of services; for example, cross correlation of drone captured data with facial recognition, purchase history, and financial information.

Other stories in the July 9, 2019, program are:

First, Bromium and the Surrey Crime Research Lab in the UK have published information about a new trend in cyber crime. Instead of Dark Web bad actors just offering generic malware, SCRL reports that specialized software has become more widely available. The “vertical” malware is purpose built to attack retail, health care, and financial institutions. The technology needed to compromise an employee’s mobile device and corporate network access has been fine-tuned to deal with the security procedures in place for banking, finance, and credit card providers. Instead of relying on general purpose exploits, malware like Ramnit is bundled with tools able to penetrate hospitals and retail operations. Bromium provides a summary of some of the SCRL results, and DarkCyber provides information necessary to register to obtain this high value report.

Second, the US government, assisted by three commercial enterprises, has develop a system to kill or disable a swam of drones. The technology makes use of a directed beam which interferes with the electronics of a group of drones. The idea is that a swarm of drones can operated in an autonomous and semi-autonomous manner to compromise US security or perform in an offensive manner; for example, deliver poison, explosives, or surveillance devices. The THOR (Tactical High Power Microwave Responder) can be set up by two people in less than three hours. The beam defense is operated with a hand held controller. The technology can be mounted on a variety of platforms, included land based vehicles.

Third, two individuals based in the US shipped more than 25,000 packages containing controlled substances. The duo collected more than $8 million from the sale of narcotics and fake prescription drugs like Adderall. US investigators broke the case because the team used Stamps.com, an online service for postage. One of the bad actors signed up for the service using his real name and home address. Agents purchased four batches of narcotics and then raided the operation. In that raid, a commercial pill press was seized along with other evidence. When arraigned, the duo pleaded “Not guilty.”

Finally, Mauritania, a northwest African nation with a population of four million lost Internet access. An estimated 800,000 citizens had been unable to send email, use Facebook, and other online services. The government took this step in order to help quell political unrest in that country. Other countries in that region’s Internet shut down zone are Ethiopia and Sudan.

Kenny Toth, July 9, 2019

Next Page »

  • Archives

  • Recent Posts

  • Meta