Browse > Home / Archive by category 'Dark Web'

Dark Web Images Pinpoint Bad Actors

October 7, 2016

Those Harvard students. I thought most of them drank latte and argued about Henry David Thoreau. Wrong.

I read “No Matter How Smart They Are, Criminals Always Leave Some Trace Behind.” I won’t make a big deal about the “always.” The write up points out that Dark Web images, like any other type of digital image, can contain information referenced by those in the know as “EXIF.”

The acronym means Exchangeable Image File Format. According to the write up:

Harvard students, Paul Lisker and Michael Rose, collected more than 223,471 unique images from the underground illegal markets and found 229 images with geolocation data.

Yep, I know that this represents about one percent of the image sample pool. Remember that “always.” Well, there is a reason categorical affirmatives can be logical tripwires.

The write up points out that the intrepid wizards identified GPS coordinates and the Dark Web markets with which the images were associated. Here’s a map produced by the industrious students:

image

The write up does not provide any information about companies which have this type of capability in their commercial products.

Stephen E Arnold, October 7, 2016

Written by Stephen E. Arnold · Filed Under Dark Web, News | Comments Off on Dark Web Images Pinpoint Bad Actors 

Technology Opens Cryptomarkets: An Opportunity and a Challenge

October 3, 2016

Cryptomarket’s rise is fueled by two things – anonymity and technological advancements. How these markets develop in future however will largely depend on technological breakthrough, particularly in the domain of cryptocurrencies.

In a blog published on Business Insider titled Here’s Everything You Need to Know About Drug Cryptomarkets Like the Silk Road, the author says that –

The hidden web, also known as the dark web, can only be accessed using anonymizing software that masks the internet user’s identity. Cryptocurrencies, the most famous of which is Bitcoin, are digital, non-identity-carrying forms of cash.

As trade and compensation for goods and services takes place with aid of defense grade technologies, the Dark Web was largely successful in masquerading itself from law enforcement agencies. That changed in 2013 when the FBI dismantled the well known cryptomarket Silk Road.

Bitcoin, a popular cryptocurrency also has been unable to gain complete confidence of its users. Frequent problems with exchanges, hacks exposes the digital currency to heavy fluctuations and raises security concerns for its holders.

The author of the article firmly believes that –

While trends indicate increased usage rates of drug cryptomarkets over time, there may be limits to their growth. One challenge could occur through compromises to the technologies on which cryptomarkets rely (such as Tor and Bitcoin).

In future, apart from drugs and illicit services, it is possible that even legal trades could be executed through cryptomarkets simply because they offer anonymity and would be efficient. The source does not address how widespread the use of cryptocurrency is among bad actors. That is understandable to some degree. Hopefully the forthcoming report from Interpol and Europol will provide hard data, not high level observations.

Kenny Toth, October 1, 2016

Written by Stephen E. Arnold · Filed Under Dark Web, Financial, News | Comments Off on Technology Opens Cryptomarkets: An Opportunity and a Challenge 

Digital Currencies: Anonymity and Trust Not Working at Peak Efficiency

September 23, 2016

No one knows if I am an addled goose. That’s part of the magic of the mostly anonymous Internet unless a person wants to create a “real” identity. Cryptocurrencies like Bitcoin operate on fancy technology and trust.

A single Bitcoin is trading at about $600 per token, frequent hacks are trashing reputation of the cryptocurrency for some users.

In an article that appeared on CryptoCoinNews.com, and titled Hacked BitcoinTalk.org User Data Goes Up for Sale on Dark Web, the author reveals that –

In May 2015, BitcoinTalk was the victim of a social engineering attack after an unknown hacker targeted an employee of NFOrce, BitcoinTalk’s ISP. In a revelation on Reddit at the time, forum operator and administrator Theymos hinted that password hashes, private messages, emails and other user details could be compromised.

The stolen data can be used to gain access to user accounts that further can be utilized for stealing Bitcoins. Earlier in August 2016, Bitcoins worth $72 million were stolen from the Bitfinex exchange in Hong Kong.

Other major issue with Bitcoin is that it is unregulated. It can lose its entire value in a single day. Moreover, its exchange rate and monetary value is still pegged against the mighty Greenback.

As a reminder of the risk associated with cryptocurrencies, the hacked Bitcoin.org data is on sale on Dark Net for 1 Bitcoin token.

Governments are trying to find a way to corral Bitcoin and other digital currencies. As Bitcoins are unregulated, and pose threat for conventional currencies, governments and financial institutions are up in arms against entities that use this digital currency. As tracking technology improves, we think the anonymity of some digital transactions will be stripped away.

Vishal Ingole, September 23, 2016

Written by Stephen E. Arnold · Filed Under Dark Web, Financial, News | Comments Off on Digital Currencies: Anonymity and Trust Not Working at Peak Efficiency 

Hundreds of Thousands of Patient Records Offered up on the Dark Web

September 19, 2016

Some of us suspected this was coming, despite many assurances to the contrary. Softpedia informs us, “Hacker Selling 651,894 Patient Records on the Dark Web.” Haughtily going by the handle TheDarkOverlord, the hacker responsible is looking to make over seven hundred grand off the data. Reporter Catalin Cimpanu writes:

The hacker is selling the data on The Real Deal marketplace, and he [or she] says he breached these companies using an RDP (Remote Desktop Protocol) bug. TheDarkOverlord has told DeepDotWeb, who first spotted the ads, that it’s ‘a very particular bug. The conditions have to be very precise for it.’ He has also provided a series of screenshots as proof, showing him accessing the hacked systems via a Remote Desktop connection. The hacker also recalls that, before putting the data on the Dark Web, he contacted the companies and informed them of their problems, offering to disclose the bug for a price, in a tactic known as bug poaching. Obviously, all three companies declined, so here we are, with their data available on the Dark Web. TheDarkOverlord says that all databases are a one-time sale, meaning only one buyer can get their hands on the stolen data.

The three databases contain information on patients in Farmington, Missouri; Atlanta, Georgia; and the Central and Midwest areas of the U.S. TheDarkOverloard asserts that the data includes details like contact information, Social Security numbers, and personal facts like gender and race. The collection does not, apparently, include medical history. I suppose that is a relief—for now.

Cynthia Murrell, September 19, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
There is a Louisville, Kentucky Hidden Web/Dark Web meet up on September 27, 2016.
Information is at this link: https://www.meetup.com/Louisville-Hidden-Dark-Web-Meetup/events/233599645/

 

Written by Stephen E. Arnold · Filed Under Dark Web, Data, News, Privacy, Security, Technology | Comments Off on Hundreds of Thousands of Patient Records Offered up on the Dark Web 

Ancient History Tumblr Hack Still Beats Myspace Passwords Sale

September 19, 2016

Personal information remains a hot ticket item on the darknet. Metro shared an article highlighting the latest breach, More than 65million Tumblr emails sold on the darknet. While the leak happened in 2013, Tumblr has now reported the magnitude of the database that was hacked. As a call to action, the article reports Tumblr’s recommendation for users to change their passwords and look out for phishing attempts. The article reports,

The database includes email addresses and passwords. These are heavily protected by a procedure which makes it extremely difficult to reproduce the passwords. The database has turned up on the darknet marketplace The Real Deal at a price of £102, reports Motherboard.

Troy Hunt, who runs the security research site Have I Been Pwned, said the leak is an example of a ‘historical mega breach’. Users who fear their credentials were involved in the Tumblr hack can find out here.

Let’s not forget the more recent hack of potentially the largest login credentials theft: Hacker offers 427 million MySpace passwords for just $2,800. Many are commenting on the low price tag for such a huge quantity of personal information as a sign of MySpace’s lack of appeal even on the Dark Web. When login information including passwords are stolen, phishing attempts on the site are not the only issue for victims to be concerned with; many individuals use the same login credentials for multiple accounts.

Megan Feil, September 19, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
There is a Louisville, Kentucky Hidden Web/Dark Web meet up on September 27, 2016.
Information is at this link: https://www.meetup.com/Louisville-Hidden-Dark-Web-Meetup/events/233599645/

 

Written by Stephen E. Arnold · Filed Under Dark Web, News, Security, Social Media | Comments Off on Ancient History Tumblr Hack Still Beats Myspace Passwords Sale 

Enterprise Technology Perspective on Preventing Security Breaches

September 16, 2016

When it comes to the Dark Web, the enterprise perspective wants solutions to prevent security breaches. Fort Scale released an article, Dark Web — Tor Use is 50% Criminal Activity — How to Detect It, speaking to this audience. This write-up explains the anonymizer Tor as The Onion Router, a name explained by the multiple layers used to hide an IP address and therefore the user’s identity. How does the security software works to detect Tor users? We learned,

There are a couple of ways security software can determine if a user is connecting via the Tor network. The first way is through their IP address. The list of Tor relays is public, so you can check whether the user is coming from a known Tor relay. It’s actually a little bit trickier than that, but a quality security package should be able to alert you if user behaviors include connecting via a Tor network. The second way is by looking at various application-level characteristics. For example, a good security system can distinguish the differences between a standard browser and a Tor Browser because among other things,Tor software won’t respond to certain history requests or JavaScript queries.

Many cybersecurity software companies that exist offer solutions that monitor the Dark Web for sensitive data, which is more of a recovery strategy. However, this article highlights the importance of cybersecurity solutions which monitor enterprise systems usage to identify users connecting through Tor. While this appears a sound strategy to understand the frequency of Tor-based users, it will be important to know whether these data-producing software solutions facilitate action such as removing Tor users from the network.

Megan Feil, September 16, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
There is a Louisville, Kentucky Hidden Web/Dark Web meet up on September 27, 2016.
Information is at this link: https://www.meetup.com/Louisville-Hidden-Dark-Web-Meetup/events/233599645/

Written by Stephen E. Arnold · Filed Under Dark Web, News, Search, Security, Technology | Comments Off on Enterprise Technology Perspective on Preventing Security Breaches 

Automated Tools for Dark Web Data Tracking

September 15, 2016

Naturally, tracking stolen data through the dark web is a challenge. Investigators have traditionally infiltrated chatrooms and forums in the effort—a tedious procedure with no guarantee of success. Now, automated tools may give organizations a leg up, we learn from the article, “Tools to Track Stolen Data Through the Dark Web” at GCN. Reporter Mark Pomerleau informs us:
“The Department of Veterans Affairs last month said it was seeking software that can search the dark web for exploited VA data improperly outside its control, distinguish between VA data and other data and create a ‘one-way encrypted hash’ of VA data to ensure that other parties cannot ascertain or use it. The software would also use VA’s encrypted data hash to search the dark web for VA content. We learned:

Some companies, such as Terbium Labs, have developed similar hashing technologies.  ‘It’s not code that’s embedded in the data so much as a computation done on the data itself,’ Danny Rogers, a Terbium Labs co-founder, told Defense One regarding its cryptographic hashing.  This capability essentially enables a company or agency to recognize its stolen data if discovered. Bitglass, a cloud access security broker, uses watermarking technology to track stolen data.  A digital watermark or encryption algorithm is applied to files such as spreadsheets, Word documents or PDFs that requires users to go through an authentication process in order to access it.

We’re told such watermarks can even thwart hackers trying to copy-and-paste into a new document, and that Bitglass tests its tech by leaking and following false data onto the dark web. Pomerleau notes that regulations can make it difficult to implement commercial solutions within a government agency. However, government personnel are very motivated to find solutions that will allow them to work securely outside the office.

The article wraps up with a mention of DARPA’s  Memex search engine, designed to plumb the even-more-extensive deep web. Law enforcement is currently using Memex, but the software is expected to eventually make it to the commercial market.

Cynthia Murrell, September 15, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
There is a Louisville, Kentucky Hidden Web/Dark Web meet up on September 27, 2016.
Information is at this link: https://www.meetup.com/Louisville-Hidden-Dark-Web-Meetup/events/233599645/

Written by Stephen E. Arnold · Filed Under Dark Web, Data, Marketing, News, Security, Technology | Comments Off on Automated Tools for Dark Web Data Tracking 

Law Enforcement Utilizes New and Traditional Methods for Dark Web Matters

September 15, 2016

While the Dark Web may be thought of as a home to drug dealers, several individuals have been apprehended by law enforcement. Edinburgh News published a report: FBI Helps Catch Edinburgh Man Selling Drugs on ‘Dark Web’. David Trail was convicted for creating a similar website to eBay, but on the Dark Web, called Topix2. Stolen credit card information from his former employer, Scotweb were found in the search of his home. The article states,

Detective Inspector Brian Stuart, of the Cybercrime Unit, said: ‘Following information from colleagues in FBI, Germany’s West Hessen Police and the UK’s National Crime Agency, Police Scotland identified David Trail and his operation and ownership of a hidden website designed to enable its users to buy and sell illegal drugs anonymously and beyond the reach of law enforcement. His targeting of a previous employer, overcoming their security, almost had a devastating effect on the company’s ability to remain in business.

As this piece notes, law enforcement used a combination of new and traditional policing techniques to apprehend Trail. Another common practice we have been seeing is the cooperation of intelligence authorities across borders — and across levels of law enforcement. In the Internet age this is a necessity, and even more so when the nature of the Dark Web is taken into account.

Megan Feil, September 15, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
There is a Louisville, Kentucky Hidden Web/Dark Web meet up on September 27, 2016.
Information is at this link: https://www.meetup.com/Louisville-Hidden-Dark-Web-Meetup/events/233599645/

Written by Stephen E. Arnold · Filed Under Dark Web, Data, News, Search, Security | Comments Off on Law Enforcement Utilizes New and Traditional Methods for Dark Web Matters 

A New Spin on Big Data and the Dark Web

September 12, 2016

While most of us are occupied with finding best Labor Day deals over the Internet, Chris White is developing technologies to save lives from the dark world of sex trade.

In the article  “The Man Who Lit the Dark Web ,” the author states that

An estimated 21 million people are being trafficked around the planet. More than half are women and girls. More than 1 million are children. Nearly one-quarter are bought and sold as sex slaves. Only 1-in-100 victims of human trafficking is ever rescued. It’s a booming business. High profits and low risk make human trafficking one of the fastest-growing and most lucrative crimes on the planet; the U.N. recently estimated that trafficking nets $150 billion a year.

With Dark Web, traffickers have realized that its easier for them to operate away from the eyes law enforcement. The article asserts:

The “surface” Web, or open Web, represents between 5 and 20 percent of what’s out there. The rest resides in places that most crawlers can’t reach or index. Some data are “deep,” in password-protected places like social media and message boards, or in increasingly common dynamic websites—which are more like apps than pages from a book, and change when you interact with them, like Kayak. The rest of the Web is “dark.”

White’s approach is to tackle the Dark Web with Big Data. The author of the article spent a decade of his life helping US Army track, penetrate and destroy financial networks of terrorist organizations. Will the Big Data approach actually work?

Certainly White, a Microsoft employee, is helping. Agencies like Defense Advanced Research Projects Agency (DARPA) and similar organizations may have to channel research funds into initiatives like White’s. Otherwise, the payoff from commercial innovations will put a lid on efforts like White’s.

Vishal Ingole, September 12, 2016

Written by Stephen E. Arnold · Filed Under Big data, Dark Web, News | 1 Comment 

Intuitive Interfaces Matter on Dark Web Sites Too

September 1, 2016

Did you know some sites on the Dark Web have a sleek look and intuitive user experience?  VeriClouds published this information, including screenshots and more in a piece called Dark Web: Sophisticated eCommerce platform trading in your personal information. Channels for cybercriminals allow users to search for Dark Web commodities such as personal or sensitive information by: category, product type, price, sale type, location and shipping options. Mirroring the processes and policies of traditional retail, some sellers also have refund options. The article states:

Platforms like these are so much more than just rudimentary command line setups or chat rooms. They offer many of the same features as online stores like Amazon or Ebay with vendor ratings, buyer feedback, detailed search options and facilitated transaction and delivery services. Collections of data are presented with detailed descriptions (similar to an ecommerce product pages), and some even provide tutorials on how to best utilize that data to scam victims.

On one level, this report shows us how much an intuitive user experience has become the expectation, not an added bonus — anywhere on the web. Related to this heightened expectation for even intangible “things” to have an effective look and feel, we are reminded this is the information age. As information is a commodity, it is no surprise to see the rise in cyber theft of such invisible goods on the Dark Web or otherwise. For example, as the article mentioned, last year’s estimate by the Federal Trade Commission showed 9.9 million victims of identity theft.

Megan Feil, September 1, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

Written by Stephen E. Arnold · Filed Under Dark Web, ECommerce, News, Privacy, Search, Security | Comments Off on Intuitive Interfaces Matter on Dark Web Sites Too 

« Previous PageNext Page »

  • Archives

  • Recent Posts

  • Meta