DarkCyber for June 26, 2018 Now Available
June 26, 2018
This week’s DarkCyber is now available at www.arnoldit.com/wordpress and on Vimeo at https://vimeo.com/?276722659? .
DarkCyber’s story line up for this week’s program includes four stories.
First, the FBI and other US enforcement agencies shut down a child pornography ring. After a three month sweep, officials from 61 different law enforcement organizations identified 195 offenders, primarily in the United States.
Second, investigators arrested OxyMonster (aka Gal Vallerius). The bearded drug kingpin inadvertently leaked information about his identify via a mismanaged Bitcoin wallet. When arrested at the Atlanta airport, Mr. Vallerius sported a bright red orange beard. He also had documents revealing that he was a citizen of France, Israel, and the United Kingdom.
The third story provides information about Warwire’s image identification and analysis software. An investigator can automatically review, identify, classify, and metatag images from popular sites such as Facebook and Twitter. Data can be displayed on a map so that images related to a particular event or incident can be reviewed in a fraction of the time required for manual review of visual imagery.
The fourth story provides updated cybercrime statistics. Among the data presented in this week’s DarkCyber program is a revised estimate of the dollar value of illegal drugs, services, and transactions. Arnold also provides information about the growing financial impact of ransomware and compromised personal financial information.
Kenny Toth, June 26, 2018
DarkCyber for June 19, 2018 Now Available
June 19, 2018
DarkCyber for June 19, 2018, is now available at www.arnoldit.com/wordpress and on Vimeo at https://www.vimeo.com/275466464
Stephen E Arnold’s DarkCyber is a weekly video news and analysis program about the Dark Web and lesser known Internet services.
This week’s program covers five cybercrime related stories.
The first story profiles Hunch.ly a low cost open source intelligence investigative tool. The system allows an investigator to keep track of sites visited, capture complete Surface Web and Dark Web page, and generate an audit trail. The Hunch.ly system costs less than $130 per year per user.
The second story reviews two Romanian universities accused of harboring a Dark Web drug cartel. More than 600 officers arrested more than 60 individuals. Many of these university students were studying law and medicine.
The third story reveals that Europol has created a dedicated team within in its cyber crime center. A dedicated team will allow investigators to focus on Dark Web crime and not be pulled from a Dark Web investigation to work on an unrelated matter. The dedicated team will work in a cross border environment so that police actions can be more effectively coordinated.
The fourth story explains that Cyberlitica has introduced a new Dark Web scanning service. The DarkCyber report points out that password reuse is common and creates significant security vulnerabilities.
The final story reveals that a 2013 analysis of the Stuxnet virus is again available without charge. The report provides specific operational details of the Stuxnet exploit designed to interrupt nuclear fuel enrichment.
DarkCyber is one of a very small number of weekly video news programs focusing on policeware, the Dark Web, and related topics.
Kenny Toth, July 19, 2018
DarkCyber, June 12, 2018, Now Available
June 12, 2018
DarkCyber for June 12, 2018, is now available at www.arnoldit.com/wordpress and on Vimeo at https://vimeo.com/274326974 .
Stephen E Arnold’s DarkCyber is a weekly video news and analysis program about the Dark Web and lesser known Internet services.
The first story focuses on torrents. ThePirateBay has long been associated with making it easy to access copyrighted content. With ThePirateBay offline, those in search of free copyrighted content have created a proxy list. The idea is that a bad actor can located copyrighted materials and sidestep paying for access. Although these torrent finder sites come and go, a list is easily available for anyone looking for what ThePirateBay made findable.
Next, Stephen reports that the Dutch police, in cooperation with other nation’s law enforcement agencies, have shuttered MaxiDed. The site, allegedly operated by citizens of Moldova, provided hosting and online services. MaxiDed allowed individuals and organizations wanting to distribute malware, host Dark Web sites, and engage in other online activities a safe harbor. The MaxiDed marketing explained that the service was “bulletproof.” DarkCyber reveals that MaxiDed was not.
The third story continues DarkCyber’s explanation of Amazon’s “policeware” initiative. The Amazon Rekognition service makes it possible for law enforcement to identify individuals in images and video. Unlike some other systems, Amazon’s approach allows real time facial recognition. Also, the system can identify up to 100 individuals in a group photo. This service complements Amazon’s streaming data service revealed in the June 5, 2018, DarkCyber video. Stephen E Arnold said: “Amazon’s push into services which seem tailor made for law enforcement, regulatory entities, and intelligence professionals continues. Its facial recognition service called ”Rekognition“ could revolutionize how authorities identify possible bad actors. The use of Amazon’s cross correlation method could significantly rework the law enforcement landscape in a very short period of time.”
The final story makes the economics of selling synthetic opioids clear. According to data compiled by Bloomberg, a kilogram of fentanyl or an analogue can generate orders of magnitude more money when sold on the street. Also, obtaining bulk quantities of fentanyl analogues is possible. China, for example, does not regulate analogues as closely as it does fentanyl itself.
Kenny Toth, June 12, 2018
Doxxing Explained
June 7, 2018
For those unfamiliar with the practice of “doxxing,” Stuff has shared a clear introduction on the topic peppered with links to more information—“What is Doxxing, and Why Is It So Scary?” Reporter Jasmine McNealy describes the technique of discovering personal information available online and using it against one’s target. She also emphasizes how dangerous these attacks can be. McNealy writes:
“It’s not surprising that information has value – particularly information related to people’s identities, interests and habits. This is, after all, the age of big data, social media and targeted advertising. The Facebook-Cambridge Analytica scandal is just one of many events in which regular people found out just how much personal information is available out on the internet. People also found out how little power they had over their information. Generally, people want, and think they have, control over who knows what about them. Individual identity is in part performance: People decide and change who they are and how they act in different places, around different groups. This is particularly true online, where many sites and services allow users to be anonymous or pseudonymous or to hide their information from other users’ searches. Often, of course, each site itself has some private information about users, like an email address, for delivering service-related notices. But online platforms seem to offer users a measure of control over their identity and personal information.”
That control, however, is less absolute than these platforms would have their users believe. The write-up describes why this is so, and concludes by emphasizing McNealy’s central point—doxxing turns online information into a dangerous weapon.
Cynthia Murrell, June 7, 2018
DarkCyber for June 5, 2018: Amazon and Its LE and Intelligence Services
June 5, 2018
The DarkCyber for June 5, 2018, is now available at www.arnoldit.com/wordpress or on Vimeo at https://vimeo.com/273170550.
This week’s DarkCyber presents an extract from Stephen E Arnold’s lectures at the Prague Telestrategies ISS conference. The conference is designed for security, intelligence, and law enforcement professionals in Europe.
Stephen’s two lectures provided attendees with a snapshot of the services Amazon’s streaming data marketplace offer to customers, developers, and entrepreneurs.
Stephen said:
The Amazon platform is positioned to provide a robust, innovative way to anonymize digital currency transactions and perform the type of analyses needed to deal with bad actors and the activities.
The information was gleaned from Amazon conference lectures, Amazon’s Web logs and documentation, and open source documents.
For example, one public document stated:
“… A law enforcement agency may be a customer and may desire to receive global Bitcoin transactions, correlated by country, with USP data to determine source IP addresses and shipping addresses that correlate to Bitcoin addresses.”
Coupled with Amazon’s facial recognition service “Rekognition” and Amazon’s wide array of technical capabilities, Amazon is able to provide specialized content processing and data services.
Stephen stated:
Instead of learning how to use many different specialized systems, the Amazon approach offers a unified capability available with a Kindle-style interface. This is a potential game changer for LE, intel, and security service providers.
In this week’s DarkCyber video, Stephen provides an eight minute summary of his research, including the mechanisms by which new functions can be added to or integrated with the system.
A for fee lecture about what Stephen calls “Amazon’s intelligence services” is available on a for fee basis. For information, write darkcyber333 at yandex dot com.
Kenny Toth, June 5, 2018
DarkCyber, May 29, 2018, Now Available
May 29, 2018
Stephen E Arnold’s DarkCyber video news program for Tuesday, May 29, 2018, is now available.
This week’s story line up is:
- The “personality” of a good Web hacker
- Why lists are replacing free Dark Web search services
- Where to find a directory of OSINT software
- A new Dark Web index from a commercial vendor.
You can find this week’s program at either www.arnoldit.com/wordpress or on Vimeo at https://vimeo.com/272088088.
On June 5, 2018, Stephen will be giving two lectures at the Telestrategies ISS conference in Prague. The audiences will consist of intelligence, law enforcement, and security professionals from Europe. A handful of attendees from other countries will be among the attendees.
On Tuesday, June 5, 2018, Stephen will reveal one finding from our analysis of Amazon’s law enforcement, war fighting, and intelligence services initiative.
Because his books have been reused (in several cases without permission) by other analysts, the information about Amazon is available via online or in person presentations.
The DarkCyber team has prepared short video highlighting one research finding. He will include some of the DarkCyber research information in his Prague lectures.
The Amazon-centric video will be available on Tuesday, June 5, 2018. After viewing the video, if you want the details of his for fee lecture, write him at darkcyber333@yandex dot com. Please, put “Amazon” in the subject line.
Several on the DarkCyber team believe that most people will dismiss Stephen’s analysis of Amazon. The reason is that people buy T shirts, books, and videos from the company. However, the DarkCyber research team has identified facts which suggest a major new revenue play from the one time bookseller.
Just as Stephen’s analyses of Google in 2006 altered how some Wall Street professionals viewed Google, his work on Amazon is equally significant. Remember those rumors about Alexa recording what it “hears”? Now think of Amazon’s services/products as pieces in a mosaic.
The picture is fascinating and it has significant financial implications as well.
Enjoy today’s program at this link.
Kenny Toth, May 29, 2018
DarkCyber for May 22, 2018, Now Available
May 22, 2018
The May 22, 2018 DarkCyber is now available at www.arnoldit.com/wordpress and on Vimeo at https://vimeo.com/270993972
This week’s story line up includes … Russia increases the pressure on encrypted services… The end of Webstresser’s denial of service system… Tangem’s “just like paper money” Bitcoin bank notes… and scammers cultivate Orchid Labs with a fake initial coin offering.
Stephen E Arnold’s DarkCyber is a weekly video news and analysis program about the Dark Web and lesser known Internet services.
Russia wants access to messages and online sessions conducted within its borders. The government has now taken steps to outlaw virtual private networks unless special conditions are met. The move to block VPNs follows the country’s blocking of encrypted messaging services. Although VPNs lead data, time and technical resources are required to make sense of the data flowing through a VPN. A ban or tight restrictions will allow authorities to access content and monitor activity more easily. As censorship and clamp downs increase, innovators will try to find ways to circumvent government barriers.
Crime as a service (CaaS) has become a popular way to generate revenue among some bad actors. A vendor doing business as Webstresser has been shut down by government authorities in the UK. The service was allegedly used to prevent certain online sites from serving their users. Among those organization affected by Webstresser’s ability to flood a targeted Web site with bogus traffic were several banks in England. Nevertheless, CaaS vendors continue to make their technology available via the Dark Web and other obfuscated services.
The third story highlights what amount to Bitcoin bank notes. Tangem has created a physical bank note which can be used a currency without having to go online and use a digital wallet. The breakthrough appears to be a low-cost, highly functional chip which is embedded in the physical bank note. Merchants can verify that the account has a positive balance using a mobile phone. The first trial of the Bitcoin bank note will be in Singapore with other locations to be announced in the near future. Stephen E Arnold said, “A physical form of Bitcoin may facilitate easier use of digital currency. Despite the technical innovations incorporated in the Tangem bank note, convenience will come at a price. Bad actors will find physical Bitcoin notes useful in illegal transactions because the anonymity of the transaction and the lack of regulation opens the door to unlawful commerce, money laundering, and purchases of contraband.”
The final story reveals that Orchid Labs, a developer of high-security technology, has been the target of a scam. Bad actors have created a bogus initial coin offering (ICO). However, the digital currency does not benefit Orchid Labs. The funds flow to the bad actors. In May 2018, Orchid Labs wrote individuals on the company’s mailing list in order to explain the same.
A special report about one of the DarkCyber’s most interesting research findings will be released on June 5, 2018.
Kenny Toth, May 22, 2018
DarkCyber for May 15, 2018, Now Available
May 15, 2018
DarkCyber for May 15, 2018, is now available at www.arnoldit.com/wordpress and on Vimeo at https://vimeo.com/268758291
Stephen E Arnold’s DarkCyber is a weekly video news and analysis program about the Dark Web and lesser known Internet services.
The stories in the May 15, 2018, program are another Dark Web murder-for-hire scam goes wrong, the “Terror in the Dark” report provides information about how bad actors use the hidden Internet, a run-down of manufacturers of cell site simulators, a new map of the Dark Web, and the New Zealand teen ran a drug dealing business from his parents’ home.
Please, note that Stephen will be lecturing the week of June 4, 2018, at the Telestrategies ISS conference. He will produce and release a special report about on of our team’s research findings on June 5, 2018. Due to time zones, the go live date for the program may be different. We will announce schedule shifts in Beyond Search.
Kenny Toth, May 15, 2018
DarkCyber for May 8, 2018, Now Available
May 8, 2018
DarkCyber for May 8, 2018, is now available at www.arnoldit.com/wordpress and on Vimeo at https://vimeo.com/268247100
Stephen E Arnold’s DarkCyber is a weekly video news and analysis program about the Dark Web and lesser known Internet services.
Terrogence, a business unit of Verint, has developed a specialized image collection and search system. The focus is on identifying bad actors. Images are harvested from a wide range of sources, and the images are indexed. Verint also offers a robust FaceDetect system, which when combined with Verint’s other technologies and engineering capabilities provides a number of high-value functions for investigators. However, China has made significant advances in facial recognition as well. The key point is that real-time facial recognition technology has diffused around the world. No single country or region dominates this technical field. Although consumer applications of facial recognition technology are reducing flight boarding times, facial recognition is an amplifier for law enforcement. What once took days or weeks can now be accomplished in minutes or hours.
Chemistry majors know that fabricating a synthetic opioid, if not particularly complicated, requires time, expertise, and attention to detail. Bulk 4-ANPP can be acquired via transactions on the hidden Internet, shipped to a country (for example, Mexico), and then smuggled into the US. With this intermediate, street grade fentanyl can be manufactured quickly. Due to the small size of some fentanyl doses, drug orders can be sent via traditional package and letter delivery systems. Fentanyl is, ounce for ounce, significantly more profitable for drug dealers to handle.opioid More aggressive and stringent parcel per-screening may be needed to deal with this type of contraband.
Since the ground breaking FBI PlayPen operation, a number of “seize and operate” stings have neutralized some bad actors. A recent operation in Ohio resulted in the arrest of bad actors who had in their possession more than 250,000 child pornography (CP) images and videos. Operation Pacifier was a success, resulting in the identification of 300 individuals, 55 of whom were hands-on child abusers. Despite the success of CP operations in the US and the UK, child sex abuse remains a serious, world-wide problem.
The final story describes an allegedly fool proof way to allow law enforcement to access encrypted messages. DarkCyber reports that the idea of solving two complicated problems is interesting. However, what a human has crafted can be solved by a human. The academic researchers’ proposed method is likely to be less useful than techniques developed by policeware vendors. DarkCyber believes than one large online vendor will be introducing capabilities which may be more useful to law enforcement. The patented method will be profiled in Stephen E Arnold’s “Deanonymizing Digital Currency Transactions at the Telestrategies ISS conference in Prague in June 2018.
Kenny Toth, May 8, 2018
DarkCyber for May 1, 2018, Now Available
May 1, 2018
DarkCyber is a weekly video news program which covers important Dark Web stories and information about less well known Internet services. Produced by Stephen E Arnold, publisher of the Beyond Search blog, DarkCyber is available at www.arnoldit.com/wordpress and streaming on Vimeo at https://vimeo.com/267103171 .
Russia has blocked Telegram, the popular messaging app which had an estimated nine million users in Russia. DarkCyber explains that Russian government officials must now use decades old technology for their text messages. One consequence of the Russian blocking of Telegram is that service to Amazon and Google was interrupted. DarkCyber provides a workaround that Russian users may want to consider adopting to respond to the stepped up censorship in Russia.
A new report from a unit of the GHCQ (Britain’s equivalent of the US National Security Agency) provides a thorough run down of cyber crime activity in England. DarkCyber highlights how a person can download a free copy of this important report. Plus, DarkCyber describes a case example of Crime as a Service highlighted in the study. The particular CaaS involves an individual providing malware programmers a way to verify that their code could elude some detection systems. Plus, DarkCyber reveals how the bad actor provided his paying customers with free customer support.
DarkCyber provides basic information explaining how a person can set up a Dark Web server. The procedure is straightforward but may be too complex or cumbersome for some users who want to take advantage of Tor’s anonymity features. DarkCyber provides an easy solution which can get a Dark Web site online in a matter of minutes and costs pennies a day.
The final story reiterates a theme based on a person’s assumption that the Dark Web is anonymous. For an individual who believed that Ecstasy purchases with payment via Bitcoin were invisible to law enforcement, the Dark Web is not as Dark as she assumed. Australian and UK authorities arrested the person who assumed incorrectly that Tor was 100 percent anonymous.
We have also updated Stephen’s brief biography. We have reproduced it below:
Stephen E Arnold is the author of “Dark Web Notebook” and “CyberOSINT: Next Generation Information Access.” This book describes some of the technologies used by GSR and Cambridge Analytica to acquire and analyze Facebook user data. He has been named as a technology adviser to the UK based Judicial Commission of Inquiry into Human Trafficking and Child Sex Abuse.” Mr. Arnold also lectures to law enforcement and intelligence professionals attending the Telestrategies ISS conferences in Prague, At that conference, he will describe a major vendor’s virtually-unknown digital currency deanonymizing service. In addition, Mr. Arnold will appear at the Washington, DC, and Panama City, Panama, Telestrategies ISS events. In recent months, he has shared his research with law enforcement and intelligence professionals in the US and Europe. His most recent lectures focus on deanonymizing chat and digital currency transactions. One hour and full day programs are available via webinars and on-site presentations. He publishes the free Web log “Beyond Search,” which is available at www.arnoldit.com/wordpress .
DarkCyber is available at this link. (The splash page for the video contains a nod to May Day celebrations in a certain country.) We are working on a special DarkCyber about Amazon’s “intel play” which will be released coincident with his lectures at the Telestrategies ISS conference in Prague during the first week of June.
Kenny Toth, May 1, 2018
-
- Subscribe to Beyond Search
Feature archive
News archive
-
