Catching Dark Web Attacks before Zero Hour
August 30, 2016
Hacking still has an air of fantasy about it, because most people do not know how to do it. Some people cannot even wrap their head around how their information can be stolen off their computer, phone, or tablet, much less figuring out how to find the underbelly “Dark Web” Internet. Ignorance is a big hindrance, but thankfully there are experts who are striving to protect everyone else. Andrea Fortuna shares how “Scan The Deep Web Could Be Useful To Discover 0-Day Vulnerabilities?”.
A group at the University of Arizona wrote a paper called “Dark Net and Deep Net Mining For Proactive Cybersecurity Threat Intelligence” describing how they used machine learning and data mining programs to search the Dark Web for anything relating to malware and other malicious code sold for bitcoin. Their abstract states:
“In this paper, we present an operational system for cyber threat intelligence gathering from various social platforms on the Internet particularly sites on the Dark Net and Deep Net. We focus our attention to collecting information from hacker forum discussions and marketplaces offering products and services focusing on malicious hacking. We have developed an operational system for obtaining information from these sites for the purposes of identifying emerging cyber threats. Currently, this system collects on average 305 high-quality cyber threat warnings each week.
Andrea Fortuna includes an infographic about how the University of Arizona team’s data mining and machine learning system works. The system appears simplistic in its approach to scraping and parsing the Dark Web, but did the team encounter any problems by using the Tor browser and running through .onion addresses? Also, several years ago, a university Dark Web forum project produced an interesting demonstration of spidering text from the Dark Web.
Whitney Grace, August 30, 2016
Another Day Another Possible Data Breach
August 19, 2016
Has the next Ashley Madison incident happened? International Business Times reports on breached information that has surfaced on the Dark Web. The article, Fling.com breach: Passwords and sexual preferences of 40 million users up for sale on dark web, sheds some light on what happened in the alleged 40 million records posted on the The Real Deal marketplace. One source claims the leaked data was old information. Another source reports a victim who says they never had an account with Fling.com. The article states,
“The leak is the latest in a long line of dating websites being targeted by hackers and follows similar incidents at Ashley Madison, Mate1, BeautifulPeople and Adult Friend Finder. In each of these cases, hundreds of thousands – if not millions – of sensitive records were compromised. While in the case of Ashley Madison alone, the release of information had severe consequences – including blackmail attempts, high-profile resignations, and even suicide. Despite claims the data is five years old, any users of Fling.com are now advised to change their passwords in order to stay safe from future account exploitation.”
Many are asking about the facts related to this data breach on the Dark Web — when it happened and if the records are accurate. We’re not sure if it’s true, but it is sensational. The interesting aspect of this story is in the terms of service for Fling.com. The article reveals Fling.com is released from any liability related to users’ information.
Megan Feil, August 19, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
There is a Louisville, Kentucky Hidden /Dark Web meet up on August 23, 2016.
Information is at this link: https://www.meetup.com/Louisville-Hidden-Dark-Web-Meetup/events/233019199/
No Dark Web Necessary
August 11, 2016
Do increased Facebook restrictions on hate speech and illegal activity send those users straight to the Dark Web? From The Atlantic comes and article entitled, American Neo-Nazis Are on Russia’s Facebook, which hints that is not always the case. This piece explains that location of an online group called “United Aryan Front” moved from Facebook to a Russia’s version of Facebook: VKontakte. The article describes a shift to cyber racism,
The move to VK is part of the growing tendency of white supremacists to interact in online forums, rather than through real-life groups like the KKK, according to Heidi Beirich, director of the Southern Poverty Law Center’s anti-terror Intelligence Project. Through the early 2000s, skinheads and other groups would host dozens of events per year with hundreds of attendees, she says, but now there are only a handful of those rallies each year. “People online are talking about the same kinds of things that used to happen at the rallies, but now they’re doing it completely through the web,” she said.
It is interesting to consider the spaces people choose, or are forced into, for conducting ill-intentioned activities. Even when Facebook cracks down on it, hate speech amongst other activities is not relegated solely to the Dark Web. While organized online hate speech analogous to rallies may be experiencing a surge in the online world, rallies are not the only avenue for real-world racism. At the core of this article, like many we cover on the Dark Web, is a question about the relationship between place and malicious activity.
Megan Feil, August 11, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
There is a Louisville, Kentucky Hidden/Dark Web meet up on August 23, 2016.
Information is at this link: https://www.meetup.com/Louisville-Hidden-Dark-Web-Meetup/events/233019199/
The Reach of Cyber Threat Intelligence Companies
August 10, 2016
The social media monitoring complex appears to be gaining a follower. LittleSis News shared an article highlighting their investigative findings, You are being followed: The business of social media surveillance. This post not only reveals the technology companies engaged in surveillance and developing tools for surveillance, those at LittleSis News also filed freedom of information requests to twenty police departments about their social media monitoring. The article concludes with,
“Because social media incites within us a compulsion to share our thoughts, even potentially illegal ones, law enforcement sees it as a tool to preempt behavior that appears threatening to the status quo. We caught a glimpse of where this road could take us in Michigan, where the local news recently reported that a man calling for civil unrest on Facebook because of the Flint water crisis was nearly the target of a criminal investigation. At its worst, social media monitoring could create classes of “pre-criminals” apprehended before they commit crimes if police and prosecutors are able to argue that social media postings forecast intent. This is the predictive business model to which Geofeedia CEO Phil Harris aspires.”
In addition to Geofeedia, the other cyber threat intelligence companies listed are: BrightPlanet, ZeroFOX, Intrado, LifeRaft, Magnet Forensics, Media Sonar Technologies, Signal Corporation Limited. These companies specialize in everything from analyzing deep web content to digital forensics software. Ultimately data is their specialty, not people. These technologies and their applications will undoubtedly stir up questions about the relationship between people, the data they produce on social media, and state actors.
Megan Feil, August 10, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
There is a Louisville, Kentucky Hidden/Dark Web meet up on August 23, 2016.
Information is at this link: https://www.meetup.com/Louisville-Hidden-Dark-Web-Meetup/events/233019199/
Dark Web Purchases Potentially More Challenging Than Media Portrays
August 8, 2016
German TV journalists recently discovered acquiring weapons on the Dark Web may be more challenging than media coverage suggests. Vice’s Motherboard published an article on this called TV Journalists Try Buying AK-47 on Dark Web, Fail. Producers for German channel ARD, working for a show “Fear of terror—how vulnerable is Germany” lost about $800 in bitcoin during the attempted transaction through a middleman. We learned,
“It’s not totally clear if this was because the seller wasn’t legitimate, or whether the package had been intercepted. Regardless, this shouldn’t be much of a surprise: The dark web gun trade is rife with scammers. One con-artist previously told Motherboard he would ask legal sellers to send him photos of weapons next to a piece of paper with his username. From here, he would “just send a bag of sugar,” when an order came in. And undercover law enforcement agents also sell weapons in order to identify potential customers.”
Motherboard is careful to reference cases of successful Dark Web gun sales. Not that readers would be so quick to assume guns cannot be easily purchased on the Dark Web after seeing numerous media coverage that is the case. For the average reader, is the knowledge of the Dark Web from media or personal experience? We see a lot of articles reporting number of web sites that exist, perhaps because of the inability to accurately report a number of users on the Dark Web. While that may not be retrievable, perhaps the number of Tor downloads may be.
Megan Feil, August 8, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
There is a Louisville, Kentucky Hidden /Dark Web meet up on August 23, 2016.
Information is at this link: https://www.meetup.com/Louisville-Hidden-Dark-Web-Meetup/events/233019199/
Legal Drugs Turned Illegal Primed for Dark Web Marketplaces
August 3, 2016
A few drugs that were once able to be legally sold will be outlawed in Britain. Express released an article, Legal high dealers to be forced onto DARK WEB by blanket ban, top police officer warns, that shares the story. Several deaths were linked to substances called “spice” and “hippy crack” which led to a ban on the sales of these items. The article’s source, a police chief Commander Simon Bray, says because of the future unavailability in brick-and-mortar stores, he suspects users will turn to the Dark Web to purchase these drugs. The article tells us,
“Commander Bray of the National Police Chiefs Council added: “Clearly, there will be some movement onto the dark net. “People find it lucrative to sell substances and where people are going to buy them. But of course, it is not going to be so easy for the average person to get hold of them.” Other experts have warned the ban will just drive use and sale of the drugs into the hands of criminal gangs. Tejinder Reehal, who manages Scorpion, a shop that has sold legal highs, said: “We have seen it before with mushrooms and mcat.”
At a bigger-picture level, this story is interesting in that it is one more artifact that lends toward the perspective that illegal activity will take place on the Dark Web when it cannot take place elsewhere. This may in fact happen, but what about the illegal activity that takes place in real life outside of brick-and-mortar stores?
Megan Feil, August 9, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
There is a Louisville, Kentucky Hidden /Dark Web meet up on August 23, 2016.
Information is at this link: https://www.meetup.com/Louisville-Hidden-Dark-Web-Meetup/events/233019199/
The Machine Learning Textbook
July 19, 2016
Deep learning is another bit of technical jargon floating around and it is tied to artificial intelligence. We know that artificial intelligence is the process of replicating human thought patterns and actions through computer software. Deep learning is…well, what specifically? To get a primer on what deep learning is as well as it’s many applications check out “Deep Learning: An MIT Press Book” by Ian Goodfellow, Yoshua Bengio, and Aaron Courville.
Here is how the Deeping Learning book is described:
“The Deep Learning textbook is a resource intended to help students and practitioners enter the field of machine learning in general and deep learning in particular. The online version of the book is now complete and will remain available online for free. The print version will be available for sale soon.”
This is a fantastic resource to take advantage of. MIT is one of the leading technical schools in the nation, if not the world, and the information that is sponsored by them is more than guaranteed to round out your deep learning foundation. Also it is free, which cannot be beaten. Here is how the book explains the goal of machine learning:
“This book is about a solution to these more intuitive problems. This solution is to allow computers to learn from experience and understand the world in terms of a hierarchy of concepts, with each concept de?ned in terms of its relation to simpler concepts. By gathering knowledge from experience, this approach avoids the need for human operators to formally specify all of the knowledge that the computer needs.”
If you have time take a detour and read the book, or if you want to save time there is always Wikipedia.
Whitney Grace, July 19, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
There is a Louisville, Kentucky Hidden Web/Dark
Web meet up on July 26, 2016.
Information is at this link: http://bit.ly/29tVKpx.
The Web, the Deep Web, and the Dark Web
July 18, 2016
If it was not a challenge enough trying to understand how the Internet works and avoiding identity theft, try carving through the various layers of the Internet such as the Deep Web and the Dark Web. It gets confusing, but “Big Data And The Deep, Dark Web” from Data Informed clears up some of the clouds that darken Internet browsing.
The differences between the three are not that difficult to understand once they are spelled out. The Web is the part of the Internet that we use daily to check our email, read the news, check social media sites, etc. The Deep Web is an Internet sector not readily picked up by search engines. These include password protected sites, very specific information like booking a flight with particular airline on a certain date, and the TOR servers that allow users to browse anonymously. The Dark Web are Web pages that are not indexed by search engines and sell illegal goods and services.
“We do not know everything about the Dark Web, much less the extent of its reach.
“What we do know is that the deep web has between 400 and 550 times more public information than the surface web. More than 200,000 deep web sites currently exist. Together, the 60 largest deep web sites contain around 750 terabytes of data, surpassing the size of the entire surface web by 40 times. Compared with the few billion individual documents on the surface web, 550 billion individual documents can be found on the deep web. A total of 95 percent of the deep web is publically accessible, meaning no fees or subscriptions.”
The biggest seller on the Dark Web is child pornography. Most of the transactions take place using BitCoin with an estimated $56,000 in daily sales. Criminals are not the only ones who use the Dark Web, whistle-blowers, journalists, and security organizations use it as well. Big data has not even scratched the surface related to mining, but those interested can find information and do their own mining with a little digging
Whitney Grace, July 18 , 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
There is a Louisville, Kentucky Hidden Web/Dark
Web meet up on July 26, 2016.
Information is at this link: http://bit.ly/29tVKpx.
Dark Web Drug Merchant Shiny Flakes Fesses Up
July 14, 2016
Authorities know a bit more about how criminals buy and sell drugs on the dark web, thanks to the cooperation of a captured dealer. DarknetPages’ article, “Dark Web and Clearnet Drug Vendor ‘Shiny Flakes’ Confessed his Crimes,” reveals that the 20-year-old Shiny Flakes, aka Maximilian S., was found with a bevy of illegal drugs, cash, and packaging equipment in his German home. Somehow, the police eventually convinced him to divulge his methods. We learn:
“[Maximilian] actually tried to make money on the internet legally in 2013 by copying fee-based pornographic websites. The thing is that the competition was pretty strong and because of that, he abandoned his idea soon after. So instead of spending the 2 thousand EUR he had at the time on porn, he thought it would be a better idea to spend it on drugs. So he went on to purchase 30 g of cocaine and shrooms from a popular German darknet market dealer and then sold them for a higher price on the dark web….
“Shiny Flakes was really worried about the quality of the drugs he was selling and that is why he always kept an eye on forum posts and read everything that his buyers posted about them. In fact, he took things beyond the opinions on the dark web and actually sent the drugs for testing. The tests conducted were both legally and illegally, with the legal tests taking place at Spain’s Energy Control or at Switzerland’s Safer Party. However, it seems that Maximilian also got in touch with the University of Munich where his products were tested by researchers who were paid in cocaine.”
Sounds efficient. Not only was Mr. Flakes conscientious about product quality, he was also apparently a hard worker, putting in up to 16 hours a day on his business. If only he had stayed on the right side of the law when that porn thing didn’t work out. To give him credit, Flakes had every reason to think he would not be caught; he was careful to follow best practices for staying anonymous on the dark web. Perhaps it was his booming success, and subsequent hiring of associates, that led to Shiny Flakes’ downfall. Whatever the case, authorities are sure to follow up on this information.
Cynthia Murrell, July 14, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Publicly Available Information Is Considered Leaked When on Dark Web
July 7, 2016
What happens when publicly available informed is leaked to the Dark Web? This happened recently with staff contact information from the University of Liverpool according to an article, Five secrets about the Dark Web you didn’t know from CloudPro. This piece speaks to perception that the Dark Web is a risky place for even already publicly available information. The author reports on how the information was compromised,
“A spokeswoman said: “We detected an automated cyber-attack on one of our departmental online booking systems, which resulted in publically available data – surname, email, and business telephone numbers – being released on the internet. We take the security of all university-related data very seriously and routinely test our systems to ensure that all data is protected effectively. We supported the Regional Organised Crime Unit (TITAN) in their investigations into this issue and reported the case to the Information Commissioner’s Office.”
Data security only continues to grow in importance and as a concern for large enterprises and organizations. This incident is an interesting case to be reported, and it was the only story we had not seen published again and again, as it illustrates the public perception of the Dark Web being a playing ground for illicit activity. It brings up the question about what online landscapes are considered public versus private.
Megan Feil, July 7, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
-
- Subscribe to Beyond Search
Feature archive
News archive
-
