DarkCyber for March 19, 2019, Now Available

March 19, 2019

DarkCyber for March 19,2019, is now available at www.arnoldit.com/wordpress and on Vimeo at https://www.vimeo.com/324801049.

The program is a production of Stephen E Arnold. It is the only weekly video news shows focusing on the Dark Web, cyber crime, and lesser known Internet services.

This week’s story line up includes: Google search blockchain data; emojis puzzle lawyers; NATO soldiers fooled by social media come ons; big paydays for hackers; Dark Web search for marketers; and Iran’s hacker army

This week’s feature looks at the Beacon Dark Web search system. Developed by Echosec Systems in Canada, Beacon provides search and analytics for those interested in tracking brands, companies, and people in Dark Web content. The system’s developers enforce a code of behavior on licensees. If Echosec determines that a user violates its guidelines, access to Beacon will be cut off. Echosec offers a number of powerful features, including geofencing. With this function it is possible to locate images of military facilities and other locations.

The second feature in this week’s video focuses on Iran’s cyber warfare activities. One key individual—Behrooz Kamalian—has been maintaining a lower profile. Those whom he has trained have been suspected of participating in online gambling activities. Kamalian himself, despite his connections with the Iranian government, served a short stint in prison for this allegation. Iran has one of the large cyber warfare forces in the world, ranking fourth behind Russia, China, and the US.

The “Cybershots” for this week include:

  • Google has made available a search engine for blockchain data. Those skilled in blockchain and digital currency transactions may be able to deanonymize certain aspects of a transaction.
  • Emojis which carry meaning are creating issues for lawyers and eDiscovery systems. The colorful icons’ meaning are not easily understood.
  • A social media test for NATO soldiers’ resistance to online tricks was completed by central command. The result was that soldiers can be easily tricked into revealing secret information.
  • Organize hidden Web criminals are paying up to $1 million a year in salary and providing benefits to hackers.

A new blog Dark Cyber Annex is now available at www.arnoldit.com/wordpress. Cyber crime, Dark Web, and company profiles are now appearing on a daily basis.\

Kenny Toth, March 19, 2019

DarkCyber for March 5, 2019, Now Available

March 5, 2019

Cyber for March 5, 2019, is now available at www.arnoldit.com/wordpress and on Vimeo at https://www.vimeo.com/321045698 .

The program is a production of Stephen E Arnold. It is the only weekly video news shows focusing on the Dark Web and lesser known Internet services.

This week’s story line-up includes: A new feature called Cybershots with information about authentic AI, Psy-Group, Microsoft malware, and VKontakte; our feature Facebook as a digital problem; and illegal video streaming.

DarkCyber’s feature reviews the UK government’s report which states that Facebook acted as a “digital gangster.” DarkCyber provides a link from which the document can be downloaded. Among the conclusions set forth in the report were re mediating actions which range from increased regulation of social media firms to fines for their behavior. The report included information that suggests that other countries will take enforcement and regulatory action directed at Facebook. Among the countries identified were Brazil and Singapore.

The second principal story focuses on illegal streaming video services. Google has blocked some of these services and legal actions are underway. Nevertheless, streaming video continues to thrive with thousands of first run movies and major US television programs available. Some of the services are operated from Russia or other Eastern European countries. These services make use of sophisticated content delivery services and rely on technology which allows the criminals to spin up a new service when authorities close one in operation. Services available from some illegal streaming services offer Netflix-like interfaces, sell advertising, and charge subscription fees. Legal hurdles and the cost of pursuing enforcement action in some countries increases the difficulty copyright holders face in closing these services.

This week, DarkCyber introduces a new feature called Cybershots. The items in this section of the video news program reveal that one of the companies associated with weaponized social media has gone out of business. Microsoft has unwittingly allowed malware to be distributed from its online store. A company providing policeware has found that one of its marketing phrases has been picked up by a Chinese company and used as the firm’s name. Plus, a customer of the Russian social media service VKontakte received an unusual Valentine greeting, a cyber attack from a disgruntled customer.

Kenny Toth, March 5, 2019

Dark Web Directory: Updates Needed

February 22, 2019

If the Internet were an ocean, the Dark Web is a very shallow tide pool. While the Dark Web is shallow, we do not recommend diving in because you can still break your neck. The Dark Web has a limited number of Web sites listed on it, all of them using the .onion extension.

These Web sites are accessible using the Tor browser and you do not use a search engine to find them. Instead you rely on social media Web sites, such as reddit, forums, or the Dark Web News. The Dark Web News has the “Dark Web & Deep Web Market List With Up & Down Daily Updated Market Status.”

The market listing is described as “Are you wondering how to find deep net markets? Well, look no further! We have compiled a list of active hidden marketplaces available on the deep web.” It is followed by a guide on how to access the Dark Web, download the Tor browser, etc.

What is striking is the amount of warnings about losing your anonymity. The market listing states, no shouts, that a smart Dark Web user uses not only the Tor browser, but also has a VPN to encrypt their data.

After the anonymity warnings, there are the Dark Web market listings. Each market site is reviewed, given a small description, and its status is shared. The listings are very useful and help track the type of market you are searching for. The only downside is that it lists Silk Road and a few other places as still “open.” Methinks that the Dark Web market listing needs an update. Also they give another good warning: “Do your research before using any hidden marketplace. Reddit is a good place to start.”

The problem is that the Dark Web is not zipping along as it once was. The buying and selling action has shifted to online chat and closed discussion groups. As the Dark Web shrinks, maintaining a listing should be easier too.

Whitney Grace, February 22, 2019

DarkCyber for February 19, 2019, Now Available

February 19, 2019

DarkCyber for February 19,2019, is now available at www.arnoldit.com/wordpress and on Vimeo at https://www.vimeo.com/317779445. The program is a production of Stephen E Arnold. It is the only weekly video news shows focusing on the Dark Web and lesser known Internet services.

This week’s story line up includes: image analysis applied to hotel rooms used for human trafficking; compromising an iPhone via a text message or email; a new report about digital currency crime; and shipping arms the old fashioned way, via the mail.

Facial recognition systems continue to be criticized for inaccuracy and potential human rights violations. A group of researchers have applied artificial intelligence and image analysis to locate hotels allegedly used for human trafficking and the commission of child sex crimes. Plus the team compiled a database of more than 50,000 hotel rooms. The system matches a known hotel room against a photograph obtained from a human trafficker’s advertisement. By pinpointing the location, law enforcement can direct its resources at that venue. Anyone can contribute by uploading hotel room and short term property rentals to a public website.

The second story focuses on a new way to compromise iPhones produced in the period from 2016 to mid 2017. The technique was allegedly used by former US government personnel working for organizations based in the United Arab Emirates. The Project Raven team used a technique which required only a single email or text message. The payload was sent directly to a target’s iPhone. Once the iPhone received the message, that device was accessible to the Project Raven personnel and allowed text messages, images, and other data to be accessed without the iPhone user’s knowledge. Apple closed the security hole, but the technique was interesting because no clicks, downloads, or other actions on the part of the target were necessary.

The third story describes the free “Crypto Crime Report” available from Chainalysis. This company is one of the leaders in the deanonymization of digital currency transactions, including Bitcoin. With the Dark Web losing traction, Chainalysis reports bad actors have turned to encrypted message apps like Telegram and WhatsApp to conduct advertise and sell their products and services. Customers have shifted from Dark Web ecommerce sites to these distributed, anonymous messaging services. The report includes details of investigative methods used to steal digital currency. The majority of thefts were the work of two gangs. Investigators are engaged in an increasingly fierce game of Whack a Mole.

The final story recounts how a spy stole a secret US missile and shipped the device to Russia in the mid 1960s. Today the same method is used by arms dealers in Europe. Postal services and commercial shipping companies have to identify weapons which are disassembled. The components are then placed in cartons which contain parts for common products like vacuum cleaners and kitchen equipment. The old methods remain valid despite today’s modern technology and knowledge of the methods used by bad actors.

Kenny Toth, February 19, 2019

The Dark Web Small Yet Still Dark Place

February 15, 2019

The Dark Web is an easy scapegoat to blame for all of the Internet’s woes and perils. Even the name “Dark Web” elicits images of negative activity. The truth about the Dark Web is much more complicated than we are led to believe. The Dark Web is a tool to browse and publish information anonymously on the Internet. Yes, criminals do use it to sell stolen goods and for sex trafficking, but it is also a haven for journalists in oppressive regimes, freedom of the press, and freedom fighters around the world.

ZeroFOX shares more details about the Dark Web and its uses in the article, “Evolving Landscape And Emerging Threats On The Dark Web.” ZeroFOX’s article first explains some basic information about what the Dark Web is and how it started as a US Navy project. The project developed into the Onion Router or Tor browser that can access Web sites with the .onion extension.

As the Dark Web grows, its users are experimenting with ways to improve anonymity. Some of the methods are moving to deep web sites that are membership or invite only. These types of Web sites are breeding grounds for criminal activity. The threats increase as technology improves.

The Web sites that pose the greatest threat are the ones that are the hardest to access. Organizations often lack the ability and knowledge to monitor the Dark Web. The most common crimes on the Dark Web are:

“Physical threats, doxxing, and chatter against top executives, public servants/figures, and journalists

Consumer data for sale or exposed, often credit card dumps and credentials leaks

Distribution of copyrighted materials, movies, music and TV

Hacking techniques, vulnerabilities, and planned attacks on cyber forums

Sales of drugs, counterfeit/stolen goods, proprietary technology”

With increased pressure from law enforcement, bad actors are shifting from the “old” Dark Web to alternative ways to obfuscate, communicate, and sell their products and services, exchange information, and chip away at some social norms.

Whitney Grace, February 15, 2019

Dark Web Leads To Dark Deals For Children

February 14, 2019

Illegal drugs and arms trafficking are some of the worst crimes on the Dark Web, but the most abhorrent crime is sex trafficking. A large majority of sex trafficking victims are women, but children (boys and girls) are also in the victim pool. The New York Post reports how over “123 Missing Children Found In Michigan During Sex Trafficking Operation.” On September 26, 2018, Michigan law enforcement and Operation MISafeKid recovered over one hundred missing children.

Michigan law enforcement were investigating 301 open missing children cases of which 123 were found. All the recovered children were interviewed about if they were sexually abused or trafficked in any fashion. Of the 123 children, only three of them reported being possibly victimized. The sting also revealed leads to missing children in Texas and Minnesota. It is horrible that the most vulnerable humans are sold for sex, but authorities are all the more dedicated to saving them.

“ ‘The message to the missing children and their families that we wish to convey is that we will never stop looking for you,’ the US Marshals Service said. Several agencies were involved in the operation including the US Marshals Service, Michigan State Police, Detroit Police Department, Wayne County local law enforcement, as well as the National Center for Missing and Exploited Children and the Department of Housing and Urban Development’s Office of Inspector General.”

It takes many law enforcement agencies to track, investigate, and prosecute the sex trafficking ringleaders. It is hard to imagine how these ringleaders kept their victims in line, because children are loud by nature. How much intimidation did they use to maintain a low profile?

Whitney Grace, February 14, 2018

DarkCyber for February 12, Now Available

February 12, 2019

DarkCyber for February 12, 2019, is now available at www.arnoldit.com/wordpress and on Vimeo at https://www.vimeo.com/316376994. The program is a production of Stephen E Arnold. It is the only weekly video news shows focusing on the Dark Web and lesser known Internet services.

This week’s story line up includes: Italy’s facial recognition system under fire; Marriott trains 500,000 employees to spot human traffickers; a new Dark Web search system from Portugal; and the most popular digital currencies on the hidden Web.

The first story explores the political criticism of Italy’s facial recognition system for law enforcement. The database of reference images contains about one third of Italy’s population. The system integrates with other biometric systems including the fingerprint recognition modules which is operating at several of Italy’s busiest airports. Despite the criticism, government authorities have no practical way to examine images for a match to a person of interest. DarkCyber believes image recognition is going to become more important and more widely used as its accuracy improves and costs come down.

The second story discusses Marriott Corporation’s two year training program. The hotel chain created information to help employees identify cues and signals of human trafficking. The instructional program also provides those attending with guidelines for taking appropriate action. Marriott has made the materials available to other groups. But bad actors have shifted their mode of operation to include short term rentals from Airbnb type vendors. Stephen E Arnold, producer of DarkCyber and author of “CyberOSINT: Next Generation Information Access, said: ”The anonymity of these types of temporary housing makes it easier for human traffickers to avoid detection. Prepaid credit cards, burner phones, and moving victims from property to property create an additional set of challenges for law enforcement”

The third story provides information about a new hidden Web indexing service. The vendor is Dogdaedis. The system uses “artificial intelligence” to index automatically the hidden services its crawler identifies. A number of companies are indexing and analyzing the Dark Web. Furthermore the number of Dark Web and hidden Web sites is decreasing due to increased pressure from law enforcement. Bad actors have adapted, shifting from traditional single point hidden Web sites to encrypted chat services.

The final story extracts from a Recorded Future report the most popular digital currencies on the Dark Web. Bitcoin is losing ground to Litecoin and Monero.

A new blog Dark Cyber Annex is now available at www.arnoldit.com/wordpress. Cyber crime, Dark Web, and company profiles are now appearing on a daily basis.

Kenny Toth, February 12, 2019

Is Dark Web Search Getting Crowded?

February 7, 2019

Stephen E Arnold said in a recent DarkCyber video news report:

The Dark Web is one of the most crawled, most index content sources in the world.

The Dark Web may feel like a lawless Wild West for law enforcement and intelligence communities. A cesspool where illegal drugs and weapons and activities roam freely. But, the challenge of monitoring the actions on this covert online forum is getting easier because there are fewer sites to crawl and index, about 4,000 depending on the day one takes a count. Of these fewer than 60 account for most activity of interest to government authorities.

We learned in a recent Deep Dot Web article, “Categorizing Content on the Dark Web Via a Novel Crawler.”

According to the story:

“This crawler is developed to specifically crawl hidden services on the Tor network. Results were assessed via two steps: First, an initial group of hidden services were manually grouped into different categories and used to train a special document classifier (Support Vector Machine), which represents a statistical categorization algorithm that utilizes machine learning for content classification purposes. Secondly, an automated classifier was utilized to complete categorization of the remainder of dark web pages.”

While crawling through the muck of the deep web is currently the provenance of military, law enforcement and intelligence communities, that is poised to change.

Are there enough customers to support incumbents like Recorded Future and Digital Shadows as well as the newcomers?

Patrick Roland, February 7, 2019

The Job Requirements Of A Dark Web Hunter

February 5, 2019

Batman is one of the best superheroes ever created. Batman’s gimmick is that he is a master of criminal activity, except he does not use his powers for evil, but for good. If Batman wanted to he could be the kingpin of crime, but he would rather save Gotham and innocent lives. Batman is a fictional superhero, but there are real world equivalents. One type of real world Batman are ethical hackers, i.e. IT experts who use their powers for good. What does it take to be an IT Batman, though? We picked up a Verizon job posting that lists the requirements for a: “Dark Web-OSINT Investigative Research Consultant.”

Verizon is a leading North American mobile phone and Internet provider and they have a team dedicated to tracking and preventing threats to their network, customers, and sensitive data. The job posting is for an opening on the Verizon Threat Response Advisory Center Intelligence Team, specifically for an expert in the surface, deep, and Dark Web. The Dark Web consultant will support Verizon’s Threat Intelligence Platform Service, the Rapid Response Retainer, and will provide threat intelligence for the company at large.

Moving further into the posting it reads like a “superhero want ad”:

“In order to proactively detect and identify such activity or investigate on-going attacks from foreign adversaries and cyber criminals, VTRAC requires a seasoned Surface, Deep, and Dark Web Investigative Research Consultant (Darkweb Hunter) that can conduct in-depth and investigative research, identification, and detection of adversarial attempts to degrade and disrupt their landscape, supply chains, physical infrastructure, personnel, and ecosystem.

In order to identify and detect such activity, VTRAC requires a seasoned Surface, Deep, and Dark Web Investigative Research Consultant who has in-depth physical and cyber tradecraft methodology and Tactics, Technics and Procedures (TTP) knowledge of foreign intelligence services, state-sponsors of terrorism, U.S. and international criminal organizations, and hacktivists.”

The job tasks include open source intelligence (OSINT) investigative research, intelligence that protects the company’s infrastructure, security intelligence, report analysis, and consultation. Interested personnel need at least a bachelor’s degree or four or more years of experience, OSINT experience, knowledgeable in cyber threats and deep and Dark Web. Applicants will rise to the top of the pile if they have a master’s degree, counterintelligence experience, are an ethical hacker, and are familiar with CISSP.

With all this knowledge, the Dark Web consultant could probably become Batman with the right technology, tools, and a giant robot to take over the physical tasks. As for the bottomless fortune part, maybe the Dark Web consultant could be a Robin Hood-steal the money from the bad guys and use it for good.

Whitney Grace, February 5, 2019

DarkCyber for February 5, 2019, Now Available

February 5, 2019

DarkCyber for February 5,2019, is now available at www.arnoldit.com/wordpress and on Vimeo at https://www.vimeo.com/315073592. The program is a production of Stephen E Arnold. It is the only weekly video news shows focusing on the Dark Web and lesser known Internet services.

This week’s story line up includes: Alleged money laundering via the popular Fortnite game; and an excerpt from Stephen E Arnold’s “Dark Web, Version 2” lecture at the University of Louisville.

The first story explains how bad actors launder money via the online game Fortnite. The game allows players to purchase “digital assets” by purchasing via a credit card. The credit card funds allow the player to acquire V Bucks. These V Bucks can be converted to weapons, information, or other in-game benefits. But the digital assets can be sold, often on chat groups, Facebook, or other social media. In the process, the person buying the digital assets with a stolen credit card, for example, converts the digital assets to Bitcoin or another digital currency. Many people are unaware that online games can be used in this manner. Law enforcement will have to level up their game in order to keep pace with bad actors.

The second story is an excerpt from Stephen E Arnold’s invited lecture. He spoke on January 25, 2019 to an audience of 50 engineering students and faculty on the subject of “Dark Web, Version 2.” In his remarks, he emphasized that significant opportunities for innovation exist. Investigators need to analyze in a more robust way data from traditional telephone intercepts and the Internet, particularly social media.

Arnold said, “The structured data from telephone intercepts must be examined along with the unstructured data acquired from a range of Internet sources. Discovering relationships among entities and events is a difficult task. Fresh thinking is in demand in government agencies and commercial enterprises.” In the video, Mr. Arnold expands on the specific opportunities for engineers, programmers, and analysts with strong mathematics skills.

A new blog Dark Cyber Annex is now available at www.arnoldit.com/wordpress. Cyber crime, Dark Web, and company profiles are now appearing on a daily basis.

Kenny Toth, February 5, 2019

Next Page »

  • Archives

  • Recent Posts

  • Meta