DarkCyber for May 21, 2019, Now Available
May 21, 2019
DarkCyber for May 21, 2019, is now available at www.arnoldit.com/wordpress and on Vimeo at https://www.vimeo.com/337093968.
The program is a production of Stephen E Arnold. It is the only weekly video news shows focusing on the Dark Web, cybercrime, and lesser known Internet services.
This week’s story line up includes: A new version of Tor; digital bits trigger bombs; highlights from the FBI’s 2018 Cyber Crime Report; more details about the Wall Street Market take down; DeepDotWeb seized; Telegram used to sell weapons; and the size of the Dark Web.
This week’s feature provides more details about the take down of the Dark Web contraband ecommerce site, Wall Street Market. DarkCyber reports that the operation involved law enforcement from several countries, including Germany and the US. One moderator of the site initiated a blackmail scheme as law enforcement prepared to seize the site’s servers and arrest its owners. As part of the takedown, providers of drugs were arrested in the US. The take down revealed millions in cash and digital currency accounts worth more than $14 million. Investigators also seized data and other information, including customer details.
Other stories covered in the May 21, 2019, DarkCyber video include:
First, information about the new release of the Tor software bundle. Firefox is used as the base for the Tor browser. Technical issues with Firefox required some scrambling to address technical issues. The new release is available on the Tor.org Web site. DarkCyber points out that in some countries, downloading Tor is interpreted as an indicator of possible ill intent.
Second, a cyber attack on Israel prompted a kinetic response. The incident marks the first time Israel has responded to an act it regarded as information warfare with a missile strike on the alleged perpetrators’ headquarters. DarkCyber points out that the US may have used force in response to an adversary’s leaking classified and sensitive information on a public Web site. The use of traditional weapons in response to a digital attack is a behavior to monitor.
Third, DarkCyber selects several highlights from the FBI’s report about cyber crime in 2018. Among the key points identified is the data about the most common types of online crime. Most attacks make use of email and use social engineering to obtain personal financial information or user name and password data. The FBI report verifies data from other sources about the risks associated with email, specifically enticing an email recipient into downloading a document with malware or clicking on a link that leads to a spoofed page; for example, a PayPal page operated by the attacker, not the legitimate company. DarkCyber provides information about how to obtain this government report.
Fourth, an international team of law enforcement professionals seized the Sheepdog, an online information service. This site was accessible using a standard browser, no Tor or i2p software was required. The site referred its visitors to Dark Web sites selling drugs and other contraband. The seizure is an indication that Europol, FBI, and other law enforcement agencies are expanding their activities to curtail illegal eCommerce.
Fifth, DarkCyber explains that a story about bad actors using Telegram, an encrypted messaging app, to sell weapons should be viewed with caution. The story originated with a report from MEMRI, the Middle East Media Research Institute. The organization was founded by a former Israeli intelligence offer and has been identified as an organization generating content which may have characteristics of disinformation. DarkCyber provides a link to the MEMRI organization to make it easy for viewers to follow its information stream.
The final story reports that another vendor has sized the scope of the Dark Web. The most recent size estimate comes from Recorded Future. The company reports that it was able to identify 55,000 Dark Web domains. Of that number, only about 8,400 are online. DarkCyber notes that of the active site, a relatively few sites dominate illegal eCommerce, sharing of sensitive information, and other questionable services.
DarkCyber appears each Tuesday and is available on YouTube, Vimeo, and directly from the DarkCyber news service.
Kenny Toth, May 21, 2019
DarkCyber for April 30, 2019, Now Available
April 30, 2019
DarkCyber for April 30, 2019, is now available at www.arnoldit.com/wordpress and on Vimeo at https://www.vimeo.com/332933089 .
The program is a production of Stephen E Arnold. It is the only weekly video news shows focusing on the Dark Web, cybercrime, and lesser known Internet services.
This week’s story line up includes: The British government’s online harms report; work methods of hackers; Qintar, a Sharia compliant crypto currency; a new Dark Web index; and a close look at Haystax Constellation cyber software.
This week’s feature examines Haystax Technologies’ Constellation system. The platform can perform a range of cyber functions, including analyzing and protecting facilities and events like the US Super Bowl. The system can also identify and monitor employees which are likely to present a high probability of risk to their employers. The insider threat capability reduces risk and helps reduce the loss of sensitive data. Constellation uses a range of patented systems and methods. The company relies, in part, on the mathematics of Sir Thomas Bayes. Like Autonomy plc, Haystax processes existing data and then integrates real time information in order to generate its predictive outputs.
Other stories in the April 30, 2019, DarkCyber video include brief “cybershots” about:
- The British government released a report about the activities of social media firms. The document is a harsh critique of the management and business tactics of a number of high profile firms. The facts uncovered by the government analysts, the examples presented, and the recommendations set forth in the document are likely to have considerable weight. Britain is contemplating new regulations to control the behaviors of US social media firms.
- DarkCyber provides basic information about how hackers (white hat and black hat varieties) perform their work. Not surprisingly, trial and error play a sign cant part. However, there are specific methods, and these have been disclosed by the WikiLeaks-type site edited by a persona which appears to be a former CIA agent. A way to download the report and access the site are included in the video.
- A new Dark Web indexing service called Darkmention. The viewer learns where a detailed technical description of the system can be obtained. Although there are numerous Dark Web indexing systems, the Darkmention approach is to process more than 350 different content platforms, not just Tor accessible sites.
- DarkCyber explains that a new Sharia compliant crypto currency is now available. Qintar is based on the Islamic blockchain technology. The crypto tokens may be purchased from the Qintar bank based in Geneva, Switzerland.
The video is available at www.arnoldit.com/wordpress.
Kenny Toth, April 30, 2019
DarkCyber for April 23, 2019, Now Available
April 23, 2019
DarkCyber for April 23, 2019, is now available at www.arnoldit.com/wordpress and on Vimeo at https://vimeo.com/331645696.
The program is a production of Stephen E Arnold. It is the only weekly video news shows focusing on the Dark Web, cybercrime, and lesser known Internet services.
This week’s story line up includes: Candiru, a vendor of cyber software; ways to obtain open source content for free; a shotgun equipped drone; and a look at the conclusions from the audit of the LAPD data driven policing effort.
This week’s feature looks at the conclusions reported in the audit of the Los Angeles Police Department’s data-driven policing programs. In the final part of this three-part series we look at the major weakness identified by the Inspector General’s team. The challenge will be to introduce workflows which reduce the errors in data provided to the analytic systems. Stephen E Arnold, producer of DarkCyber, said: “Investigators have work procedures in place for tangible evidence. Information streaming from GPS systems or automatic devices may vary from the after action reports filed by law enforcement professionals. With conflicting data, the analytic systems can produce outputs which are less accurate. Training can help, but specialists who review data may play a more important role as data-driven policing increases.” The audit reveals that the software used by LAPD helps reduce criminal activity. Data quality requires attention.
Other stories in the DarkCyber video include:
A low-profile cyber intelligence firm called Candiru develops tools for law enforcement and government agencies. The company markets in the Middle East and in some Asian countries. Candiru is just one of more than 100 firms providing cyber services from Tel Aviv. The company’s name evokes a powerful image of how the firm’s technology works.
Russia’s large defense contractor funded a program to develop weaponized drones. One of the more interesting engineering solutions involved a vertical takeoff and landing drone equipped with a shotgun. The drone flies near a target and a ground operator discharges the shotgun in order to disable the target. The drone makes it clear that autonomous or semi-autonomous technology combined with weapons can yield a potent force multiplier.
Social media content is available from commercial vendors, often at costs that range from $5,000 a month an up. DarkCyber reveals that there are low cost or no cost options available to investigators with technical expertise. There are more than a dozen application programming interfaces available. Each can deliver a stream of near-real time data for analysis in an IBM Analyst’s Notebook- or Palantir Technologies-type system.
Kenny Toth, April 23, 2019
DarkCyber for April 16, 2019, Now Available
April 16, 2019
DarkCyber for April 16, 2019, is now available at www.arnoldit.com/wordpress and on Vimeo at https://www.vimeo.com/330298628 .
The program is a production of Stephen E Arnold. It is the only weekly video news shows focusing on the Dark Web, cybercrime, and lesser known Internet services.
This week’s story line up includes… The LAPD’s review of Palantir Technologies; Australia’s forceful social media crackdown; Russia blocks virtual private networks; and X1 offer social eDiscovery.
This week’s feature continues DarkCyber’s review of the Los Angeles Police Department’s audit of its data-driven policing programs. In the second part of this series we look at the LAPD’s assessment of Palantir Technologies’ platform. The Palantir system provides a platform for integrating and analyzing data for the department’s identification of chronic offenders. The audit revealed that the program provided officers with a useful tool for reducing certain types of crimes. However, the challenge for the department is to provide the Palantir platform with more accurate and consistent data.
Other stories in the DarkCyber video include:
Australia’s crack down on US social media companies continues. In addition to fines, the country proposes mandatory three-year prison terms for offenders. The country, like New Zealand, is a member of the Five Eyes’ intelligence sharing group. Legislation in Australia often provides a model for similar legislation in Canada, Britain, and the United States.
Russia’s government has taken steps to prohibit the use of virtual private networks. This technology makes it more difficult for law enforcement and intelligence professionals to monitor Russian citizens’ communications. More than a half dozen VPN providers have been blocked by Russian Internet Service Providers. Crackdowns on obfuscation technologies is another example of the “Chinafication” of communications and privacy.
Software designed to compromise adults’ and children’s mobile phones is being distributed via the Google Play store. The mechanism Google uses to prevent compromised software or malware from being available on its electronic store for Android users has allowed thousands of individuals to install these programs. One government is alleged to have used the Google Play Store as a way to gain access to personal contacts and confidential information.
X1, a vendor of keyword search and retrieval, has introduced a version of its software tailored to social media eDiscovery. Founded in 2003, X1 allows a lawyer or investigator to search for people, places, events, and other content across a collection of open source data provided by X1 for a starting fee of $2,000. The eDiscovery product joins a growing list of investigative tools, including the personal investigative tool Hunchly which starts at $129 per year.
Kenny Toth, April 16, 2019
DarkCyber for April 9, 2019, Now Available
April 9, 2019
DarkCyber for April 9, 2019, is now available at www.arnoldit.com/wordpress and on Vimeo at https://vimeo.com/328921981
The program is a production of Stephen E Arnold. It is the only weekly video news shows focusing on the Dark Web, cybercrime, and lesser known Internet services.
This week’s story line up includes: Predictive Policing at the LAPD; How to spoof PDF signatures; How teens can hold secret chat sessions in front of parents and teachers; Tips for creating a credible online persona; and phishing lures that work.
This week’s feature examines the Los Angeles Police Department’s audit of its data-driven policing programs. In what will be a three part series about this report about advanced law enforcement technology, DarkCyber examines the evaluation of Predictive Policing’s system. This software analyzes data from field interviews and automated systems and produces maps of hot spots. Those with access to the system can plan patrol routes or take other preventive actions. DarkCyber explains the basics of the system and the challenges PredPol and similar systems face in a dynamic law enforcement environment. Sophisticated data analysis requires accurate, consistent data to generate high-value outputs.
The “cybershots” in this week’s program cover these four topics:
- Digitally-signed Adobe Portable Document Formats are presumed to be authentic. DarkCyber explains that a student in Europe has found ways to compromise the security of these widely-used files.
- Google Docs, used by middle school and high school students, can conduct chats within school work online. Teachers and parents may monitor this activity and be unaware that the school software makes it possible for users to exchange messages, set up drug deals, and disseminate the location of parties in a way that neither teachers nor parents are monitoring. The system allows these chat messages to be deleted with a single mouse click. DarkCyber explains how.
- Predators and con artists create false personas or online identities. What is needed to craft a credible online identity. DarkCyber reveals the methods used by bad actors outside the US.
- What are the five best subject lines to use in an email intended to steal a user’s password or other information? DarkCyber reveals the top five phishing lures. The research, conducted by Barracuda networks, was performed by analyzing 300,000 phishing emails.
A new blog Dark Cyber Annex is now available at www.arnoldit.com/wordpress. Cybercrime, Dark Web, and company profiles are now appearing on a daily basis.
Kenny Toth, April 9, 2019
Echosec: Dark Web Search for Those Who Qualify
April 2, 2019
A Canadian company has devised a way to search the Dark Web without the hassle of the Tor browser or proxy servers. HotHardware reports: “Beacon, a Dark Web Search Engine Can Be Your Eyes in the Internet Underworld.” The catch—one must prove to the company behind Beacon, Echosec, that they have a legitimate reason to use the “Google of the Dark Web.” The intention, we’re told, is for organizations to monitor whether any of their sensitive data has made it onto a Dark Web marketplace. Reporter Rod Scher writes:
“This could include stolen corporate emails, company documents, personal info, or other such data that could be detrimental to a company, its brand, or its customers. After all, if your data has been compromised, it’s always better to know than not to know. …
We noted this statement:
“While [CTO Mike] Raypold notes that it is possible to misuse Beacon, since the tool makes it easier for users to locate data they might otherwise have difficulty finding, he says that the company has taken steps to mitigate that danger. ‘First, every Echosec customer must go through a use-case approval process to determine how the customer is using the application and to make sure they are in compliance with the vendors from whom the data Is sourced,’ says Raypold. ‘If a potential customer cannot pass the use-case approval process, they do not get access to the system.’ Second, the company has built automated tools and manual processes into its platform and into the company workflows to notify the Echosec team if users attempt to run searches that are in violation of their approved use case.”
Not only will Echosec know if a user violates their agreement, certain queries simply cannot be run through Beacon. The company shares their acceptable-use policy here, and it is thorough. Founded in 2013, Echosec is based in Vancouver, British Columbia. If you want to see selected screenshots of the system’s output, check out the Dark Cyber video for March 26, 2019, at this link.
Stephen E Arnold, February 27, 2019
DarkCyber for April 2, 2019, Now Available
April 2, 2019
DarkCyber for April 2, 2019, is now available at www.arnoldit.com/wordpress and on Vimeo at https://www.vimeo.com/327544822.
The program is a production of Stephen E Arnold. It is the only weekly video news shows focusing on the Dark Web, cybercrime, and lesser known Internet services.
This week’s story line up includes: Online censorship increases; Dark Web drug czar goes offline; Dark Web tech comes to the Firefox browser; and more evidence of change in the Dark Web; plus a look at Megaputer’s fraud detection technology.
This week’s feature reviews Megaputer’s fraud detection technology. The firm uses a number of advanced mathematical and linguistic methods to make sense of large flows of data. Based in Bloomington, Indiana, the company serves a wide range of clients from finance, government, pharmaceuticals, and consulting services. The firm was the first to put advanced text analytics on the desktop at a time when other firms required Unix workstations and client server computing resources. The firm’s PolyAnalyst H makes it possible to process large volumes of data at extremely high speed.
This week’s “Cybershots” cover four subjects:
There are more indications that online censorship is becoming more aggressive. Russia has implemented regulations governing what sites can be accessed and what type of content is permissible. Germany’s statement legislators have begun work on a bill to criminalize use of Tor and other hidden Internet tools.
The individual who created RAMP or the Russian Anonymous Marketplace asserted that his customized encrypted chat client was one reason his site had eluded government authorities. The site is now offline.
Letterboxing, a technology which prevents certain types of online tracking, will be introduced in an upcoming release of Firefox, a popular Web browser. This feature has been part of the Tor browser since 2016 and is one more indication of Dark Web technology seeping into the public Internet or “Clear Net”.
The program explains how to get a summary of software and tools to access hidden Internet sites and service. Written by Veracode, a cyber security firm, the video provides information necessary to obtain a copy of this useful report.
A new blog Dark Cyber Annex is now available at www.arnoldit.com/wordpress. Cybercrime, Dark Web, and company profiles are now appearing on a daily basis.
Kenny Toth, April 2, 2019
DarkCyber for March 26, 2019, Now Available
March 26, 2019
The program is a production of Stephen E Arnold. It is the only weekly video news shows focusing on the Dark Web, cybercrime, and lesser known Internet services.
This week’s story line up includes: A call to block Tor in the European Union; Mimikatz, a key hacking tool; and SSL/TLS exploits; a look at IntSights’ marketing of its intelligence software and services; and a Bitcoin poster boy captured in Australia.
This week’s feature reviews IntSights, a cyber intelligence firm which has experienced rapid growth. Most firms providing services to law enforcement and intelligence agencies maintain a low profile. IntSights has published a sponsored book and promoted Digital Risk Protection for Dummies written by a former Forrester consultant. The company also released some financial information, which is a departure from the less open approach taken by other companies in this low profile niche.
The second major story concerns the founder of Auscoin, an Australian digital currency. The Australian Federal Police arrested an advocate of Bitcoin for dealing in controlled substances and operating a drug syndicate. The AFP seized about 60 pounds of cocaine, MDMA, and methamphetamines and the alleged wrongdoer’s bright green Lamborghini. Now faced with 14 charges related to controlled substances, the association of criminal activity and digital currency is difficult to ignore.
The “Cybershots” for this week include:
1. Wolfgang Sobotka’s call for blocking access to Tor (The Onion Router) within the European Union. Tor facilitates access to hidden Web sites, some of which facilitate the sale of drugs and other contraband. Tor may be criminalized after Sobotka’s presentation at the February 2019 European Police Congress.
2. The Mimikatz hacking tool is widely used by hackers around the world. DarkCyber describes this free software and explains where it can be obtained.
3. As cyber security becomes more effective, wrongdoers are seeking new ways to compromise systems. One active approach is to compromise SSL and TLS functions. DarkCyber provides information about obtaining a new, free report about this method of attack written by researchers at Georgia State University and the University of Surrey.
A new blog Dark Cyber Annex is now available at www.arnoldit.com/wordpress. Cybercrime, Dark Web, and company profiles are now appearing on a daily basis.
Kenny Toth, March 26, 2019
DarkCyber for March 19, 2019, Now Available
March 19, 2019
DarkCyber for March 19,2019, is now available at www.arnoldit.com/wordpress and on Vimeo at https://www.vimeo.com/324801049.
The program is a production of Stephen E Arnold. It is the only weekly video news shows focusing on the Dark Web, cyber crime, and lesser known Internet services.
This week’s story line up includes: Google search blockchain data; emojis puzzle lawyers; NATO soldiers fooled by social media come ons; big paydays for hackers; Dark Web search for marketers; and Iran’s hacker army
This week’s feature looks at the Beacon Dark Web search system. Developed by Echosec Systems in Canada, Beacon provides search and analytics for those interested in tracking brands, companies, and people in Dark Web content. The system’s developers enforce a code of behavior on licensees. If Echosec determines that a user violates its guidelines, access to Beacon will be cut off. Echosec offers a number of powerful features, including geofencing. With this function it is possible to locate images of military facilities and other locations.
The second feature in this week’s video focuses on Iran’s cyber warfare activities. One key individual—Behrooz Kamalian—has been maintaining a lower profile. Those whom he has trained have been suspected of participating in online gambling activities. Kamalian himself, despite his connections with the Iranian government, served a short stint in prison for this allegation. Iran has one of the large cyber warfare forces in the world, ranking fourth behind Russia, China, and the US.
The “Cybershots” for this week include:
- Google has made available a search engine for blockchain data. Those skilled in blockchain and digital currency transactions may be able to deanonymize certain aspects of a transaction.
- Emojis which carry meaning are creating issues for lawyers and eDiscovery systems. The colorful icons’ meaning are not easily understood.
- A social media test for NATO soldiers’ resistance to online tricks was completed by central command. The result was that soldiers can be easily tricked into revealing secret information.
- Organize hidden Web criminals are paying up to $1 million a year in salary and providing benefits to hackers.
A new blog Dark Cyber Annex is now available at www.arnoldit.com/wordpress. Cyber crime, Dark Web, and company profiles are now appearing on a daily basis.\
Kenny Toth, March 19, 2019
DarkCyber for March 5, 2019, Now Available
March 5, 2019
Cyber for March 5, 2019, is now available at www.arnoldit.com/wordpress and on Vimeo at https://www.vimeo.com/321045698 .
The program is a production of Stephen E Arnold. It is the only weekly video news shows focusing on the Dark Web and lesser known Internet services.
This week’s story line-up includes: A new feature called Cybershots with information about authentic AI, Psy-Group, Microsoft malware, and VKontakte; our feature Facebook as a digital problem; and illegal video streaming.
DarkCyber’s feature reviews the UK government’s report which states that Facebook acted as a “digital gangster.” DarkCyber provides a link from which the document can be downloaded. Among the conclusions set forth in the report were re mediating actions which range from increased regulation of social media firms to fines for their behavior. The report included information that suggests that other countries will take enforcement and regulatory action directed at Facebook. Among the countries identified were Brazil and Singapore.
The second principal story focuses on illegal streaming video services. Google has blocked some of these services and legal actions are underway. Nevertheless, streaming video continues to thrive with thousands of first run movies and major US television programs available. Some of the services are operated from Russia or other Eastern European countries. These services make use of sophisticated content delivery services and rely on technology which allows the criminals to spin up a new service when authorities close one in operation. Services available from some illegal streaming services offer Netflix-like interfaces, sell advertising, and charge subscription fees. Legal hurdles and the cost of pursuing enforcement action in some countries increases the difficulty copyright holders face in closing these services.
This week, DarkCyber introduces a new feature called Cybershots. The items in this section of the video news program reveal that one of the companies associated with weaponized social media has gone out of business. Microsoft has unwittingly allowed malware to be distributed from its online store. A company providing policeware has found that one of its marketing phrases has been picked up by a Chinese company and used as the firm’s name. Plus, a customer of the Russian social media service VKontakte received an unusual Valentine greeting, a cyber attack from a disgruntled customer.
Kenny Toth, March 5, 2019