An Interesting Use of Instagram

April 24, 2018

There is an opioid dealer nearby. In fact, this drug kingpin is not standing on the corner or lurking on college campuses, this supplier is right at your fingertips. Thanks to a recent article, the plague of drug sales through popular and public social media platforms has caught the attention of some powerful people. We learned about these developments in a recent Wired article, “One Woman Got Facebook to Police Opioid Sales on Instagram.”

While it’s a little confusing, the basic story goes that one woman who discovered opioid sales on Instagram (which is owned by Facebook) reached out to Facebook, urging them to take action, through a rival social platform, Twitter. The tactic worked, even getting the FDA involved.

According to the story:

“It shouldn’t take this much effort to get people to realize that you have some responsibility for the stuff on your platform…A 13 year old could do this search and realize there’s bad stuff on your platform — and probably has — you don’t need the commissioner of the FDA to tell you that.”

However, the act of policing drug sales on social media platforms and the dark web is not as easy as one might think. Yes, they shut down offending accounts, but beyond that there is little that can be done. According to the story, it outlawed certain hashtags, like it had done before. “Instagram previously restricted the drug-related hashtags, #Xanax and #Xanaxbar and banned #weedforsale and #weed4sale.”

It’s a small step, but hopefully one that will lead to greater and greater progress. For more information, learn more about CyberOSINT: Next Generation Information Access here.

Patrick Roland, April 24, 2018

DarkCyber for April 24, 2018, Now Available

April 24, 2018

DarkCyber for April 124, 2018, is now available at and on Vimeo at .

Stephen E Arnold’s DarkCyber is a weekly video news and analysis program about the Dark Web and lesser known Internet services.

This week’s lead story focuses on universities as unwitting accomplices for student cyber criminals. Five students at Manchester University began selling drugs via SilkRoad. The students “graduated” to their own brand and branched out. Before UK law enforcement shut down the students’ operation, more than 6,000 drug sales were completed. Plus, university computer systems have become targets for malicious crypto currency mining operations. A student can take classes in computer science and be up and scamming quickly.

Stephen E Arnold, producer of DarkCyber and author of “CyberOSINT: Next Generation Information Access” said: “The combination of easy access to high-value information about programming and computer systems plus the lure of easy money can turn a good student into a good criminal. Universities, despite their effort to implement more robust security, are targets for bad actors. Students can operate Dark Web businesses from their campus residence. Outsiders can exploit the institution’s computer system in order to install crypto currency mining software. At this time, colleges and universities are in a cat and mouse game with high stakes and stiff penalties for students, administrators, and school security professionals.”

DarkCyber revisits the security of virtual private networks. This week’s program answers a viewer’s question about improving the security of a VPN. In addition to changing the ports the VPN uses, DarkCyber points out that a tech savvy individual can operate his or her own VPN or use additional specialized software to shore up the often leaky security many VPN services provide.

Vendors of “policeware” are generally unknown to most tech professionals. DarkCyber highlights a new, UK based company doing business as Grey Heron. The company offers a range of cyber security services. The firm’s staff appears to include individuals once affiliated with the Hacking Team, another policeware vendor which found itself the victim of a cyber attack two years ago. If Gray Heron taps the Hacking Team’s technical talent, the firm may make an impact in this little known sector of the software market.

The final story in DarkCyber for April 24, 2018, highlights several findings from a study sponsored by Bromium, a cyber security company. The researchers at a UK university gathered data which provide some surprising and interesting information about the Dark Web. For example, the new report asserts that more than $200 billion is laundered on the Dark Web in a single year. If true, these newly revealed research data provide hard metrics about the role of digital currency in today’s online economy.

Beginning in May 2018, coverage of the Dark Web and related subjects will be increased within Beyond Search.

Kenny Toth, April 24, 2018

Cryptocurrency: A New Tool for Factions?

April 18, 2018

Cryptocurrency like BitCoin have been gaining a foothold as legitimate forms of financial transaction over the last several years. However, one of the richest areas in the world, The Middle East, has been reluctant to jump on the bandwagon. Religious beliefs have prohibited many Islamic investors from using crypto currency, though that may change according to a recent Economic Times story, “Cryptocurrency Traders Use Old Gold to Lure Islamic Investors.”

According to the story, “OneGram, is issuing a gold-backed cryptocurrency — part of efforts to convince Muslims that investing in crypto currencies complies with their faith.

“But because they are products of financial engineering and objects of speculation, crypto currencies sit uneasily with Islam. Sharia principles, in addition to banning interest payments, emphasize real economic activity based on physical assets and frown on pure monetary speculation.”

The Islamic world may not have to wait long. Just today a 22-page research paper was released that declared Bitcoin is compliant with Sharia Law and therefore acceptable in the Islamic religion. We are not ready to fully buy into this, since the story appeared on Bitcoin’s own Web site. However, if this is true, it could mean another massive surge in investors as the cryptocurrency gains more and more momentum.

For more information, learn more about the Dark Web, check out Dark Web Notebook.

Patrick Roland, April 18, 2018

Online Tracking of Weapons Can Be a Challenge

April 17, 2018

Gun sales online are prompting a lot of governmental concern, but not just in America. Australia, a nation with one of the lowest gun violence rates in the world, recently began cracking down on dark web sales of firearms with the help of US authorities. The results were promising, but still a little concerning. We learned more from a recent Daily Mail article, “Gun Trafficking Groups Selling to Australia Have Been Sentenced.”

According to the story, a seller of guns that were sent to Australia recently got three years in prison for the illegal transactions. We learned:

“The Atlanta-based group advertised guns for sale on the underground website BlackMarketReloaded that operated on The Onion Router, which masks the identity of its users, according to prosecutors.”

However, finding them through the murky waters of covert internet sites was nearly as tough as physically locating the guns. The story also pointed out, “In an attempt to avoid detection in the US Post or overseas the group hid the firearms in electronic equipment before placing them in packages.”

The Herculean effort needed to capture this dark web gun lord sounds similar to the recent arrest of one of Europe’s biggest online arms dealers, who was tracked down in Spain. This was the result of multiple countries and multiple agencies working for months to find this single person.

Clearly, the task of wiping the Dark Web clean of guns is difficult, but thankfully not impossible. We hope to hear about more success stories like this in the future. For more information, learn more about CyberOSINT (the Dark Web) here.

Patrick Roland, April 17, 2018

DarkCyber for April 10, 2018, Is Now Available

April 10, 2018

The DarkCyber video news program for April 10, 2018, is now available at and on Vimeo at DarkCyber is a weekly video news and analysis program about the Dark Web and lesser known Internet services tailored to security, law enforcement, and intelligence professionals.

The April 10, 2018, program reviews how law enforcement or intelligence entities can use software exploits to gather information from a suspect’s computing device. The procedure, according to Stephen E Arnold, author of CyberOSINT: Next Generation Information Access, supplements traditional methods such as interviews and traditional computer forensics. In DarkCyber, Arnold reviews an approach spelled out by cyber experts at Narus and the University of California—San Diego. The advantage of the Narus approach is that information can be collected which may not require decryption or direct access to a suspect’s computing device.

Also, DarkCyber reports about Turkey’s alleged use of intercept and content injection technology from the Canadian firm Sandvine. Turkish authorities used a surveillance system to gather information about Turkish and Syrian persons of interest. DarkCyber points out that countries like Lebanon, Turkey, and the United Arab Emirates are on a path to reach intelligence parity with countries like France, Germany, and the UK for mobile and Internet data surveillance and content interception capabilities.

DarkCyber reviews surprising findings from a Dark Web research report conducted by cyber security firm Armor. The data in the report which caught the attention of the Dark Cyber were compiled from a study of Dark Web sites selling false passport and personal financial information. The  video includes a link to the Armor study which is offered without charge

Arnold reveals electronic mail vendors providing encrypted email services. One of the services — Proton Mail based in Switzerland — allegedly was used by Cambridge Analytica. Proton’s service makes it very difficult if not impossible for law enforcement to retrieve messages within the system or if they have been deleted from the Proton mail servers. Several vendors of secure email are mentioned in the DarkCyber video.

Kenny Toth, April 10, 2018

The AI Spy Who Photographed Me

March 29, 2018

Artificial intelligence is one of the of the tools that law enforcement is using to thwart potential terrorist attacks and other illegal activities.  Applications use AI to run data analysis, scan the Dark Web, and monitor identity theft.  One major use for AI is image analysis and facial recognition.  IEEE Spectrum takes a look at how there is a huge demand for more accurate image AI, “Wanted: AI That Can Spy.”  While fear over spy satellites is not much a plot point anymore, the US has hundreds of satellites orbiting the planet capturing photographic data.  Humans are only capable of observing so many photographic data and the US government has FOMO “fear of missing out” on something important.

US intelligence officials sponsored an AI challenge to identify objects of interest in satellite images.  The entire goal is to improve AI standards and capabilities:

Since July, competitors have trained machine-learning algorithms on one of the world’s largest publicly available data sets of satellite imagery—containing 1 million labeled objects, such as buildings and facilities. The data is provided by the U.S. Intelligence Advanced Research Projects Activity (IARPA). The 10 finalists will see their AI algorithms scored against a hidden data set of satellite imagery when the challenge closes at the end of December.

The agency’s goal in sponsoring the Functional Map of the World Challenge aligns with statements made by Robert Cardillo, director of the U.S. National Geospatial-Intelligence Agency, who has pushed for AI solutions that can automate 75 percent of the workload currently performed by humans analyzing satellite images.

Lockheed research scientist Mark Pritt guessed that the US government wants to automatically generate maps, instead of relying on manual labor.  Pritt’s Lockheed team is one of the many teams competing for the $100,000 prize to develop the best deep-learning algorithm that can recognize specific patterns and identify objects of interest in satellite images.  Satellite images are more complex than other images because they are shot from multiple angles, cloud coverage is a problem, and a variety of resolutions.

Even if a deep-learning algorithm was developed it would not be enough, because the algorithm lacks the ability for refinement.  Think sentimental analysis, except with images.  The perfect solution for the moment is a combination of AI and human interaction.  The AI does the bulk of the work, while humans examine flagged photos for further investigation.

Whitney Grace, March 29, 2018

DarkCyber for March 27, 2018, Now Available

March 27, 2018

DarkCyber for March 27, 2018, is now available at and on Vimeo at

Stories this week: HyperionGray’s Dark Web map explored, Dark Web service firms shift into high-profile marketing mode, Bitcoin attracts more US government scrutiny, alleged Dark Web specialist Freedom Hosting hacked and its data location, and digital currencies attract more US government scrutiny.

Stephen E Arnold discusses four topics in this week’s Dark Web program.

HyperionGray’s Dark Web map makes it easy to get an overview of the Dark Web. The map, when clicked, displays thumbnails of Dark Web sites. Plus, the map allows the viewer to explore Dark Web sites which share feature and content similarities.

Freedom Hosting, a Dark Web services firm, was hacked before it went offline. DarkCyber reports that one hacker discovered a cache of CP (child pornography) data on the site. The hacker copied Freedom Hosting’s customer data and other information. The hacker then made that data publicly available online.

Dark Web consulting and services has become a significant line of business for some specialized firms. In the last six months, some of these companies have stepped up their marketing efforts. DarkCyber reports that more widely available information about the Dark Web has an upside and a downside. The upside is the likelihood of these companies’ attracting more sales leads. The downside is that bad actors now have an easier time keeping pace with techniques and technologies used by security and law enforcement professionals.

DarkCyber notes that the US government is stepping up its interest in digital currencies. One reason is that initial coin offering are being used by some to raise money for startups and that tax authorities may need a way to ensure that income tax payers are reporting and paying applicable taxes.

You can view the program at

Kenny Toth, March 27, 2018

DarkCyber for March 20, 2018 Now Available

March 20, 2018

DarkCyber, the weekly video news program about the Dark Web, is available at and at Produced by Stephen E Arnold and Beyond Search, DarkCyber covers software, systems, and applications.

DarkCyber reveals the alleged connections between Tor and the US government, why “baby data” are for sale on the Dark Web, the DarkMatter cyber intelligence firm’s capabilities and its Katim secure mobile phone, and how inmates at a Federal penitentiary ran a pornography business via mobile phones from their cells.

The featured story is a profile of DarkMatter is a company based in the United Arab Emirates. The firm is hiring specialists in a number of cyber related disciplines. The company’s capabilities span a wide range of services. The firm’s Web site suggests that the company has technology to intercept, modify, and divert traffic on IP and mobile networks. DarkMatter also sells a secure mobile phone named Katim. DarkMatter’s growth and its intelligence services make clear the technical capabilities available to customers in the Middle East and other parts of the world.

Journalist Yasha Levine made available documents about the relationship between the Tor Project and the US Central Intelligence Agency. Levine is the author of ’Surveillance Valley” published in 2018. The documents span many years and comprise a collection of more than 2,000 emails and other writings. Dark Cyber notes the relationship between among Tor, its Broadcasting Board of Governors, and the US government. The DarkCyber report includes the link to the document collection.
Personal financial information is offered for sale on the Surface Web and the Dark Web. Stephen E Arnold reports that a Baltimore based Dark Web specialist has located ’baby data’ for sale on the Dark Web. The newborns are a blank slate. With a baby’s identity, a bad actor can create obtain an income tax deduction or use the “clean identity” to set up bank accounts.

DarkCyber also reviews the eCommerce business operated by inmates at a US Federal Correctional Institution in New Jersey. Inmates were accessing the Dark Web and selling pornography business from their cells. The data were obtained via mobile phones. The content was distributed on memory cards and via the cloud.

The weekly video about the Dark Web and lesser known Internet services is available at

Kenny Toth, March 20, 2018

DarkCyber for March 13, 2018, Now Available

March 13, 2018

The March 13, 2018 DarkCyber video news program, produced by Stephen E Arnold, is now available. DarkCyber covers the Dark Web and lesser known Internet services.

The program is available at and on Vimeo at

The March 13 program explores the high-profile National Crime Agency arrest and sentencing of Matthew Falder. Mr. Falder, a faculty member at the University of Birmingham, was engaged in child pornography, blackmail, and related offenses. In the aftermath of the case, the difficulty of shutting down the Dark Web became evident to some in the United Kingdom.

Stephen E Arnold said, “The UK’s National Crime Agency has demonstrated its capabilities in data analysis of Dark Web metadata and its traditional investigative expertise. The identification, prosecution, and incarceration of an individual responsible for abuse of dozens of young people illustrates the effectiveness of the NCA’s blending of advanced technology and cyber expertise.”

DarkCyber takes a look at the information about the Defense Intelligence Agency’s National Media Exploitation Center. DarkCyber reveals that the capabilities of NMEC and other government agencies are significant and are extensible with the user of tools and methods developed by commercial firms like Cellebrite, now owned by a Japanese company.

The regulation of digital currency is gaining momentum in the US and elsewhere. Coinbase, a digital currency facilitator, has agreed to comply with a request from the US Internal Revenue Service. The IRS will receive the digital currency transaction histories of more than 10,000 Coinbase users. The door remains open for the IRS to gain access to additional transaction data. With this IRS activity, the deanonymization of digital currency transactions is underway.

DarkCyber reveals that TLS (transport layer security) certificates caught  the attention of Recorded Future’s analysts. Dark Web sites are selling hijacked TLS certificates. DarkCyber provides the names of Surface Web vendors which sell legitimate certificates for about $5, a fraction of what Dark Web vendors charge.

Kenny Toth, March 13, 2018

DarkCyber for March 6, 2018, Now Available

March 6, 2018

The DarkCyber weekly video news program is available at and at Produced by Stephen E Arnold and Beyond Search, the program covers the Dark Web and lesser known Internet services.

The March 6, 2018, DarkCyber video news program is now available. This week’s program features information about Stephen Allwine’s attempt to purchase an assassination from the Dark Web Besa Mafia site. Mr. Allwine was swindled and his wife remained alive. DarkCyber explains how an information technology professional killed his wife and staged a suicide. Mr. Allwine was convicted and is in jail with time to contemplate losing $6,000 paid to the Besa Mafia Dark Web site and his incarceration for murder.

DarkCyber reports about ASI Data Science’s smart software. The system can scan millions of videos and identify those with terrorist-related content. The system operates at an accuracy level greater than 90 percent.

Criminals operating from Ukraine stole $50 million in Bitcoin. However, the Dark Web was not the vehicle in this case. The criminals used Google advertising, spoofed Web sites, and gullible people. The fraudsters are now sought by Ukrainian authorities.

A multi-jurisdictional task force has shut down Infraud, a Dark Web site and discussion service. DarkCyber explains the method used to deanonymize the bad actors. One of the criminals used the handle “1stunna,” which is either a reference to the individual’s appearance or a misspelling of “first tuna.” Software correlates handles (aliases) with IP addresses and other data. DarkCyber reports that “tunna” was caught in the net. Arrests took place in the US, Australia, the UK, France, Italy, Kosovo, and Serbia.

Kenny Toth, March 6, 2018

Next Page »

  • Archives

  • Recent Posts

  • Meta