Browse > Home / Archive by category 'DarkCyber'

Aleph: Another Hidden Internet Indexing Service

January 23, 2019

Law enforcement and intelligence organizations have a new tool to navigate the Dark Web, the Mail & Guardian reports in, “French Start-Up Offers ‘Dark Web’ Compass, but Not for Everyone.” The start-up, called Aleph Networks, has developed a way to navigate the Dark Web, but they wish it to only be wielded for good. In fact, report writer Frederic Garlan, the company performs ethics reviews of potential clients and turns down 30-40  percent of the licensing requests it receives. We also learn:

“Over the past five years Aleph has indexed 1.4 billion links and 450 million documents across some 140,000 dark web sites. As of December its software had also found 3.9 million stolen credit card numbers. ‘Without a search engine, you can’t have a comprehensive view’ of all the hidden sites, Hernandez said. He and a childhood friend began their adventure by putting their hacking skills to work for free-speech advocates or anti-child abuse campaigners, while holding down day jobs as IT engineers. [Co-founder Celine] Haeri, at the time a teacher, asked for their help in merging blogs by her colleagues opposed to a government reform of the education system. The result became the basis of their mass data collection and indexing software, and the three created Aleph in 2012. They initially raised €200,000 ($228,000) but had several close calls with bankruptcy before finding a keen client in the French military’s weapon and technology procurement agency. ‘They asked us for a demonstration two days after the Charlie Hebdo attack,’ Hernandez said, referring to the 2015 massacre of 12 people at the satirical magazine’s Paris offices, later claimed by a branch of Al-Qaeda. ‘They were particularly receptive to our pitch which basically said, if you don’t know the territory — which is the case with the dark web — you can’t gain mastery of it,’ Haeri added.”

That is a good point. Garlan notes the DARPA’s Memex program, which is based on the same principle. As for Aleph, it is now working to incorporate AI into its platform. While the company’s clients so far have mostly been government agencies, it plans to bring in more private-sector clients as it continues to attract investors. Based in Pommiers, France, Aleph Networks was launched in 2012.

Cynthia Murrell, January 23, 2019

Written by Stephen E. Arnold · Filed Under cybercrime, Dark Web, DarkCyber, News | Comments Off on Aleph: Another Hidden Internet Indexing Service 

DarkCyber for January 22, 2019, Now Available

January 22, 2019

DarkCyber for January 22, 2019, is now available at www.arnoldit.com/wordpress and on Vimeo at https://www.vimeo.com/312358055. The program is a production of Stephen E Arnold. It is the only weekly video news shows focusing on the Dark Web and lesser known Internet services.

This week’s story line up includes… a report about a cyber crime  volunteer program in the Netherlands … a profile of the intelware company Numerica… a new Europol report about the hidden Web… and a Los Angeles’ online service points the finger at Craigslist with drug related allegations.

DarkCyber’s first story reports that Dutch police have begun a cyber crime volunteer program. Individuals with an interest in assisting law enforcement in researching Dark Web and related topics can participate in the new program. Skills required by the police include advanced mathematics and physics. More than 200 people have stepped forward to assist. An initial group of 14 individuals has been selected. One volunteer holds down a full time job but wants to contribute to the government’s efforts to reduce cyber crime.

The second story presents information about Numerica, a company which provides intelligence software or intelware to the US Department of Defense and law enforcement organizations. The Numerica approach relies on advanced technology and intuitive, easy-to-use interfaces for its products. The Lumen product allows jurisdictions to share data about incidents and suspects from a desktop computer or a mobile phone. The system can generate maps with geo-locations marked, brief “bubble gum” card summaries of suspects, and reports which include event and time information. The company is listed on the GSA schedule, which speeds procurement of the company’s solutions.

DarkCyber reviewed a 2018 Europol report about hidden Internet services. The report contains useful information about the relationship among digital currency, hidden Internet sites, and drug sales. Plus, the report identifies chat services as one communication channel which bad actors are using more frequently. The reason is that government efforts to shut down Tor centric Dark Web sites are forcing bad actors to find other means of hiding their activities. One of the chilling findings is that modern distributed services create more challenges for government authorities. Many hidden Internet services do not have a single focal point.

The final story reviews allegations by LA Taco, an online information service, that Craigslist is listing drugs in its online advertising service. The report alleges that Craigslist does not filter ad listings for code words used to allow insiders to locate certain drugs like fentanyl. According to LA Taco, dealers describe drugs as “white china plates.” The savvy drug buyer contacts the seller of what appears to be dinnerware and buys the controlled substances. These are serious allegations, but filtering for common words can delete many legitimate listings from the online service. No easy solution exists in the view of the DarkCyber research team.

A new blog Dark Cyber Annex is now available at www.arnoldit.com/wordpress. Cyber crime, Dark Web, and company profiles are now appearing on a daily basis.

Kenny Toth, January 22, 2019

Written by Stephen E. Arnold · Filed Under Dark Web, DarkCyber, News, Video | 1 Comment 

DarkCyber for January 15, 2019, Now Available

January 15, 2019

DarkCyber for January 15, 2019, is now available at www.arnoldit.com/wordpress and on Vimeo at https://www.vimeo.com/311054042 . The program is a production of Stephen E Arnold. It is the only weekly video news shows focusing on the Dark Web, cyber crime, and lesser known Internet services.

The first story discusses Discord, an in-game and chat service. The system takes a somewhat hands-off approach to monitoring user messages. Discord features what are called “magic emojis.” These emojis, when used among those who are  members of a specific social group within Discord, can convey messages. Some potential bad actors–for example, white supremacists–allegedly have been using the services as a communications channel.

The second story explores an allegation that Facebook WhatsApp makes it possible for those interested in child pornography to locate this type of content. Third party apps provide finder services. Facebook is introducing electronic payments within WhatsApp. The likelihood for bad actors to use WhatsApp as a mechanism to exchange objectionable content is high. Facebook’s content policies are likely to undergo scrutiny from government authorities in 2019.

The third story profiles Gamalon, a company which develops software for the Defense Advanced Research Projects Agency and commercial enterprises. The key to Gamalon system is that it uses advanced statistical procedures to identify and extract ideas from source content. The company’s technology makes use of Bayesian methods in order to create automatically machine learning models. The models can then create new models to deal with new ideas expressed in the source data processed by the system.

The fourth story reports on Spain’s 36 month effort to slow or halt the trade of weapons in the country via the Dark Web. Authorities have arrested more than 200 individuals and seized hand guns and automatic weapons. The investigation continues.

The final story points to a study which provides facts and figures about the hidden Internet. Some of the data in the study sponsored by a star of the hit cable television program Shark Tank is quite remarkable. To cite one example, the number of hidden sites on the Internet is 32 times the number of stars in the galaxy. That a very large number and difficult to match with DarkCyber’s research data.

Kenny Toth, January 15, 2019

Written by Stephen E. Arnold · Filed Under cybercrime, Dark Web, DarkCyber, News | Comments Off on DarkCyber for January 15, 2019, Now Available 

Zerodium Boosts Payouts for Zero Day Exploits to US$2 Million

January 14, 2019

The Hacker News reported that Zerodium will pay up to $2 million for an iPhone zero day exploit. The idea is that the market for iPhone hacks is robust even if Apple is struggling to hits its internal sales targets. The write up states:

Zerodium—a startup by the infamous French-based company Vupen that buys and sells zero-day exploits to government agencies around the world—said it would now pay up to $2 million for remote iOS jailbreaks and $1 million for exploits that target secure messaging apps.

The big payout is for a remote hack which jailbreaks an iPhone. The idea is that an entity can access an iPhone remotely and perform actions on that iPhone with having direct physical access to the device. The approach is known as a “zero click” exploit; that is, no user interaction required.

The company is also offering a payout of $1 million for WhatsApp exploits.

The reason? Hacker News explains:

The hike in the price is in line with demand and the tougher security of the latest operating systems and messaging apps, as well as to attract more researchers, hackers and bug hunters to seek complex exploit chains.

DarkCyber anticipates more price increases as bad actors shift to encrypted messaging for certain types of communications and transactions.

Stephen E Arnold, January 14, 2019

Written by Stephen E. Arnold · Filed Under DarkCyber, Hackers, News, Security | Comments Off on Zerodium Boosts Payouts for Zero Day Exploits to US$2 Million 

DarkCyber for January 8, 2019, Now Available

January 8, 2019

DarkCyber for January 8, 2019, is now available at www.arnoldit.com/wordpress and on Vimeo at https://www.vimeo.com/309717457 . The program is a production of Stephen E Arnold. It is the only weekly video news shows focusing on the Dark Web and lesser known Internet services.

The lead story is a profile of Sintelix, an Australian company developing software for law enforcement and intelligence professionals. The system can acquire content from the hidden Internet, the Surface Web, third-party sources, and content repositories in an organization; for example, arrest records. Sintelix provides IBM Analyst’s Notebook user with a streamlined, modern interface without giving up the unique features of the IBM Analyst’s Notebook. The three key features of the Sintelix technology are its speed of document and content processing. Hundreds of thousands of documents can be analyzed and indexed on a standard office desktop computer in a few hours. Sintelix also includes an application programming interface. This API makes it possible to use Sintelix with a wide range of third party solutions. Also, the system incorporates robust timeline features. Ana analyst can examine events over a month and then zoom into look at activities in an hour on a specific day.

The second story addresses a way to reduce the complexity of the Tor software bundle, which is required to access Dark Web sites, Many Tor users find the bundle confusing, which can lead to careless errors. . A number of user-induced errors can lead to the user’s loss of the privacy which the Tor software appears to offer. The fix is to use a hardware device which can run the Tor software. DarkCyber reports on an older system called PORTAL as well as a new Raspberry Pi approach. Will these devices provide a way to surf the Web in anonymity. Unlikely, but if properly configured, the devices may prevent some types of operator errors.

The third story discusses India’s legislation which mandates that technology companies provide access to encrypted content. Like Australia, India’s action is helpful to law enforcement and intelligence professionals. However, the mandatory decryption may increase the likelihood that bad actors will find a way to exploit the backdoor. The regulations require that a technology company like Apple or Facebook would have to respond to the government request within a day or two. Even with automated decryption technology, the time limit may prove difficult for some companies.

The final story describes a novel type of punishment for child abuse. The UK has begun deporting abusers to their country of origin and stripping the individual of his or her UK citizenship. So far one Indian who amassed 23 counts of child abuse have been flagged for deportation. Three abusers from Pakistan are likely to be deported as well. Once in their home country, authorities may take punitive action against the abusers.
A new blog Dark Cyber Annex will be available at www.arnoldit.com/wordpress. Cyber crime, Dark Web, and company profiles are now appearing on a daily basis.

Kenny Toth, January 8, 2019

Written by Stephen E. Arnold · Filed Under cybercrime, Dark Web, DarkCyber, News, Video | Comments Off on DarkCyber for January 8, 2019, Now Available 

Why Not Filter for These Hashtags?

January 4, 2019

This is one of our DarkCyber news items.

The DarkCyber research time noted some of the child porn hashtags. A list was released by the Child Rescue Coalition. If  you are a sworn law enforcement office, complete the form and request the full list.

In the news reports about the CRC’s list, we compiled some of the words and phrases used to allow bad actors to locate child porn.

Here’s a partial list of hashtags:

#babykini
#babypeeing
#bathtime
#bathtimefun
#bikinikids
#bikinikidslovers
#bikinikidsmodeling
#cantkeepclothesonhim
#cleankids
#diaperfree
#diaperfree
#kidbikini
#kidsshower
#kidsshowertime
#kidsswimwear
#lillootoddlerpotty
#lovesbeingnude
#modelingchild
#nakedbaby
#nakedchild
#nakedchildren
#nakedkid
#nakedkiddos
#nakedkids
#nakedkidsagain
#nakedkidsarehappykids
#nakedkidsclub
#nakedkidseverywhere
#nakedtoddler
#nakedtoddleralert
#nappyfree
#nudechild
#nudekids
#peeingkid
#potty
#pottydance
#pottydanceparty
#pottydancetime
#pottylife
#pottyparty
#pottytime
#pottytrain
#pottytrained
#pottytrainedbefore2
#pottytraining
#pottytraining101
#pottytraining4kids
#pottytrainingbootcamp
#pottytrainingboys
#pottytrainingdays
#pottytrainingdiaries
#pottytrainingfail
#pottytrainingfun
#pottytrainingguide
#pottytrainingsuccess
#pottytrainingsucks
#pottytrainingtime
#pottytrainingtwins
#pottytrainingwoes
#sexychildren
#sexykids
#sinkchild
#skinnybabybooty
#skinnybabybooty
#skinnybabybooty.
#startpottytraining
#toddlerbathfun
#toddlerbathing
#toddlerbaths
#toddlerbikinis
#toddlerbikinisrule
#toilettrain
#toilettraining
toddlerbikini

There are, of course, numerous variations, which should be relatively easy to map to an old school filter—unless of course the service doesn’t want to lose ad revenue or invest developer time in this offensive exploitation of indexing terms.

Several thoughts:

  1. Services should filter for these terms, note the individual or handle using the hashtag, and compile that data. The information may be useful to law enforcement.
  2. Why are social media services not blocking these hashtags? DarkCyber knows that bad actors will cook up new terms or use emoji combinations, but mapping the tags to identities may be useful in some investigations.
  3. These terms strike DarkCyber as obvious? What other hashtags are in use?

These “in plain sight” index terms are available to anyone with an Internet connection. No Dark Web, Tails, or Whonix required.

Stephen E Arnold, January 4, 2018

Written by Stephen E. Arnold · Filed Under DarkCyber, News | Comments Off on Why Not Filter for These Hashtags? 

Data Protection: Many Vendors, Many Incidents

January 4, 2019

This is one of our DarkCyber news items.

Search engines are getting smarter and better, especially since they began to incorporate social media in their indexing. It is harder than ever to protect personal information, then there is the rising Dark Web fear. While there are services out there that say they can monitor the Dark Web and the vanilla Web to protect your information there are things you can do to protect yourself. TechRadar shares some tips in the article, “AI And The Next Generation Of Search Engines.”

The article focuses on Xiliab’s Frank Cha, who works on South Korea’s largest AI developer. Xiliab recently developed the DataXchain data trading platform that is described as the search engine of the future. Cha explained why DataXchain is the search engine of the future:

“Dataxchain engine is the next generation of data trading engine which enables not only data processing such as automatic data collection, classification, tagging, and curation but also enables data transactions. These transactions are directly applied to human development without human intervention by pre-processing data matching and deep learning engine. These trials can be accessed to the implicit knowledge through the intervention of people that the traditional search engine already had.”

Cha stresses the biggest challenge with DataXchain is creating connections with clients. He said, “When this connection becomes a chain, we will be able to exchange value for private data of each individual or organization and it will bring innovation to sophisticated AI in dataXchain…”

It is also being for national defense, which can be translated into protecting an individual’s data without changing the algorithm.

It is a basic interview without much meat about how to protect your data. Defensive forces can use the same algorithm as regular people, but that does not sound reassuring. How about speaking in layman’s terms?

With many competitors why are their so many successful breaches?

Whitney Grace, January 4, 2019

Written by Stephen E. Arnold · Filed Under AI, DarkCyber, News, Security | Comments Off on Data Protection: Many Vendors, Many Incidents 

TruthFinder: Dark Web Scan Reseller

January 3, 2019

TruthFinder, founded in late 2014 or early 2015, provides background check services. We wanted to document that the firm offers Dark Web scans.

The company states:

Our new Dark Web Monitoring feature is an indispensable tool for people who want to protect their identity from data breaches. You can monitor your sensitive personal information — like your name, phone number, and even credit card number — and receive an instant notification if your data is found on the Dark Web. Cybercriminals buy and sell personal information on the Dark Web every day, but with TruthFinder, you can reduce your chances of becoming a victim of identity theft.

According to the company’s Web site, these services are provided by Experian. DarkCyber believes that Experian obtains Dark Web scanning services from another third party.

The firm also provides public records data to its customers. The services are provided on a fee basis.

In an interview published by Superbcrew, TruthFinder stated:

TruthFinder is also an essential resource for online daters and those who routinely interact with strangers online. With just a quick search, online daters can make sure they’re talking to a real person and not getting catfished. People can also use this service to see if people have prior criminal records, which is one of the many ways TruthFinder helps people stay safe in the real world.

Note: A “catfish” is someone who pretends to be someone else online. The idea is that an individual adopts a persona in order to mask his or her actual identity.

A customer can search by name, phone number, email address, or physical address. The company offers reverse address lookup (who lives at this address?) and reverse phone look up (who has this phone number?).

A TruthFinder report is assembled from the data the company pulls from various data sources. A report, presumably generated by the TruthFinder system, typically offers:

  • Personal Information: Your name, known aliases, and date of birth
  • Possible Photos: TruthFinder crawls images from various social media profiles, including those you may have forgotten existed
  • Jobs and Education: A list of places you have worked and studied, including relevant dates
  • Possible Relatives: View the name, age, and location of people who may be related to you
  • Related Links: Related links may include blogs, relevant news stories, and additional social profiles
  • Contact Information: View landlines, cell phone numbers, and email addresses associated with your name
  • Location History: A list of places you have lived, including the date you were last seen at the location
  • Criminal Records: TruthFinder reports may include arrest details, the outcome of the case, and prison status, when available
  • Sex Offenders: View a map of nearby sex offenders, details of their crime, and links to view their full background report
  • Social Media Profiles: Uncover social media profiles associated with your name, including accounts you may have forgotten
  • Assets
  • Evictions
  • Business associates.

DarkCyber wants to point out that Dark Web scanning is now an item on a punch list, not a rarified service available only to law enforcement and intelligence professionals. TruthFinder’s help section states that reports begin at about $30. An annual subscription runs about $280 per year.

Kenny Toth, January 3, 2019

Written by Stephen E. Arnold · Filed Under Dark Web, DarkCyber, News, Privacy | Comments Off on TruthFinder: Dark Web Scan Reseller 

Beyond Search for 2019

January 1, 2019

I started Beyond Search to focus on new developments in enterprise search. That was in 2008. After 10 years of focusing on search, I have decided to retain the url but shift Beyond Search to cover the hidden Internet and lesser known Internet services. The blog will undergo a modest redesign and be called “DarkCyber Annex.”

Why an annex?

The modified Beyond Search blog will include information which supplements my weekly DarkCyber video. DarkCyber has been in production for one year, and it is—as far as I know—the only weekly video news program reporting about intelware, hidden Internet sites, and cyber crime.

To keep the videos in the 10 minute range, my team and I have to prune stories and content.

DarkCyber Annex, therefore, will be the online location for some of our additional content. We will continue to include links in the weekly videos, but now a version of the video story will appear in the DarkCyber Annex and include hyperlinks to source documents.

The flow of stories to Beyond Search will go down, and those assisting me in creating content for DarkCyber Annex will increase the flow of stories on the themes I have identified.

I plan to leave the Beyond Search content online. The 16,899 stories will be searchable but frozen. Looking back, enterprise search companies often described a fantastical world in which instant access was both marketed and sold.

That contributed to the implosion of the enterprise search sector. Today, if one wants search, many choose Lucene / Solr. Vendors of old school proprietary information retrieval systems will still market aggressively, pay consulting firms to sing the praises of the systems, and hold conferences which recycle words and concepts which are decades old.

Enough. Stale conferences. Endless repetition of hard-to-believe claims. Weird Eisenhower / BCG charts comprised of subjective silliness. Flaccid essays in online blogs and news services about “content management.” Yada yada yada.

For me, the subject is not just uninteresting. Enterprise search is a case study in what is likely to happen to other technologies in search of a solution informed by watching Star Trek. Explaining enterprise search in terms of “governance” in our Facebook world is shallow.

In 2019, I will try to make clear that intelware, not search, is where information access is today. Banging in key words still works, but the innovators are pushing into function spaces that deliver on some of the wild and crazy claims made in the salad days of Autonomy, Convera, Endeca, Fast Search & Transfer, and the dozens upon dozens of other companies I tracked in my career.

Enterprise search has fallen on its sword. New solutions have become available, but so far enterprises remain unaware of some of the most promising vendors.

DarkCyber videos and DarkCyber Annex will try to fill the information void. After all, we know traditional search is not too useful, right?

Stephen E Arnold, January 1, 2018

Written by Stephen E. Arnold · Filed Under DarkCyber, Enterprise search, News | Comments Off on Beyond Search for 2019 

DarkCyber for January 1, 2019, Now Available

January 1, 2019

DarkCyber for January 1, 2019, is now available at www.arnoldit.com/wordpress and on Vimeo at https://www.vimeo.com/308764040. The program is a production of Stephen E Arnold. It is the only weekly video news shows focusing on the Dark Web and lesser known Internet services.

This week’s story line up includes… novelty currency and email collection services… Primer, a next-generation investigative tool with NLG… and homemade explosive device constituents become a regulators’ focal point.

First, there is confusion between novelty currency (a banknote worth one million dollars) and counterfeit currency. BuyBillsOnline.com seems to offer counterfeit bills one can use as a legal banknote. DarkCyber points out that the Surface Web service is an odd combination of useful information about how government’s protect their banknotes and a too-good-to-be-true offer of counterfeit currency. DarkCyber urges cautions. The Web site may be an online service designed to gather the email addresses and other information of unsuspecting, online users.

Second, DarkCyber profiles a company which has deployed smart software which uses NLG or natural language generation. Primer’s technology processes large volumes of information collected in an investigation, identifies the key entities in the content, and produces a report automatically. The company has clients in law enforcement, intelligence, and financial services. DarkCyber highlights the important innovations the company has revealed in its patents for its intellectual property.

The final story reports that homemade explosive devices can be created with easy-to-get chemicals and compounds. In 2019, more stringent controls may be placed on certain materials; for example, concentratged forms of hydrogen peroxide and sulfuric acid. An individual with some training in chemistry can assemble explosive devices, some of which can generate about 80 percent of the force of commercial TNT.

Kenny Toth, January 1, 2019

Written by Stephen E. Arnold · Filed Under Cyber OSINT, DarkCyber, News | 1 Comment 

« Previous PageNext Page »

  • Archives

  • Recent Posts

  • Meta