Browse >
Home / Archive by category 'Dark Web'
DarkCyber for September 4, 2018, is now available at www.arnoldit.com/wordpress and on Vimeo at https://vimeo.com/287783314.
Stephen E Arnold’s DarkCyber is a weekly video news and analysis program about the Dark Web and lesser known Internet services.
This week’s program covers three Dark Web and security related stories.
The first story addresses Gephi, an open graph visualization platform. Unlike Excel, Gephi is a platform. The software system can be a useful complement to blockchain deanonymization tasks. An analyst can perform link analysis; that is, what hyperlink or item leads to another. The Gephi One feature allows the user to turn a graphical representation and explore it in three dimensions. A user can interact with the data, drilling down into a cluster or popping up one or more levels to see how a particular item relates to a broader grouping of data. The system can manipulate up to one million nodes and edges. Some commercial tools struggle to deal with more than a handful of nodes and edges. The video includes a link at which Gephi can be downloaded.
The second story describes a vehicle tracking and surveillance innovation called Zoomed. Developed by Cameroonia computer whiz Zuo Bruno, the system does not require the Internet. Instead, Zuo Bruno devised a system which operates via SMS. Once the device is placed in a vehicle, the location of the vehicle can be determined by placing a mobile call to the Zoomed device. The device drops the call and messages the location and other data of the vehicle. The Zoomed technology can perform other functions as well; for example, the audio in the vehicle can be recorded and the vehicle can be disabled.
The third story describes a free account takeover alerting service or ATO from Truthfinder. The idea is that after a person registers for the service, Truthfinder will notify that individual when his personal information is discovered by the monitoring service. DarkCyber explains how to sign up for the service and how to disable the notifications if they become a burden.
Kenny Toth, September 4, 2018
Next week, the publisher of Beyond Search and producer of DarkCyber (Stephen E Arnold) will be delivering a lecture in Washington, DC. The subject? The “new” Dark Web. Encrypted chat is becoming the go to system for certain types of information and product / service transactions.
What’s the angle?
The meteoric rise of group text and chatting tool, WhatsApp, has been well documented. In a world of tangled social media webs, this seemed like a smaller, more concentrated way to get updates from friends and family. However, the app has made some recent additions that may take it more toward the Facebooks and Twitters of the world. We learned more in a recent Make Use Of story, “The Best New WhatsApp Features You Might Have Missed.”
Among the new tools:
“Catch-up: A new @ button appears at the bottom right corner of the chat when you’ve been mentioned by someone, or if someone has quoted you, while you were away. It’s easier to catch up on something you might have missed.
“Protection From Re-Adding: WhatsApp groups don’t need your consent to add you to a group. Now, if you leave that group, an admin can’t just add you back immediately.”
In addition, there are search features and tools for deleting messages. It should come as no surprise that the program’s co-founder is a former (technically current) Facebook employee. Is this a step toward becoming a more direct competitor of the social giant? But encrypted chat has larger implications. If you are in DC, write Stephen at darkcyber333 at yandex dot com. You might be able to set up a short meet up at a physical coffee shop. No chat required.
Patrick Roland, August 29, 2018
Written by Stephen E. Arnold · Filed Under cybercrime, Dark Web, News | Comments Off on WhatsApp Veering Closer to Traditional Social Media
DarkCyber for August 28, 2018, is now available at www.arnoldit.com/wordpress and on Vimeo at https://vimeo.com/286743860.
Stephen E Arnold’s DarkCyber is a weekly video news and analysis program about the Dark Web and lesser known Internet services.
This week’s program covers five Dark Web and security related stories.
The first story address Microsoft’s acquisition of Hyas, a Canadian cyber intelligence company. DarkCyber believes that Microsoft is making an effort to close the gap between its cloud capabilities and those of Amazon. Policeware appears to be a key strategic capability of Amazon, and Microsoft has found that more than in-house innovation may be necessary to close the gap. Stephen E Arnold, producer of DarkCyber and author of CyberOSINT (2017) said: Amazon’s policeware has helped the company make progress with its US government cloud services. Microsoft’s acquisition of Hyas adds an important cyber analytic capability to the Azure system.”
DarkCyber reports the newly-released details about two Dark Web operations. The Dutch police methods used to take down the Hansa contraband-focused ecommerce site complements new information about the arrest of eight individuals involved with the Rex Mundi hack-and-extort spin on ransomware. Both operations involved investigators from multiple countries, advanced analytics, and traditional investigative techniques. The success of these two operations makes clear that use of software to create hidden Internet sites and services is not as effective as some individuals believe.
DarkCyber reports that draft legislation in Australia may be a different way to force companies to provide decryption backdoors to messaging applications. The Australian government can request decryption assistance or decryption keys. If the company does not comply, the firm may be fined up to seven million dollars for each failure to cooperate. The proposed legislation is accepting public comments and further action will be taken on this proposal later this year.
The final DarkCyber report shares some findings from a yet-to-be-released report about the Asian Dark Web. The report is a work product of IntSights, a cyber intelligence firm. The key finding in the report is that each country takes a unique approach to the Dark Web. Cultural considerations require the use of the country’s language and the jargon used to prevent outsiders from making sense of the content.
Kenny Toth, August 28, 2018
The DarkCyber video news program for August 21, 2018, is now available. You can view the nine minute show at www.arnoldit.com/wordpress or on Vimeo at this link.
This week’s program reports about Methods for hacking crypto currency … hijacking mobile phones via SIM swapping… TSMC hacked with an Eternal Blue variant… and information about WikiLeaks leaked.
The first story runs down more than nine ways to commit cybercrime in order to steal digital currency. A student assembled these data and published them on a personal page on the Medium information service. Prior to the step by step explanation, ways to exploit blockchain for the purpose of committing a possible crime was difficult to find. The Dark Cyber video includes a link to the online version of this information.
The second story reviews the mobile phone hacking method called SIM swapping. This exploit makes it possible for a bad actor to take control of a mobile phone and then transfer digital currency from the phone owner’s account to the bad actor’s account. More “how to” explanations are finding their way into the Surface Web, a trend which has been gaining momentum in the last six months.
The third story reviews how a variant of the Eternal Blue exploit compromised the Taiwan Semiconductor Manufacturing Company. Three of the company’s production facilities were knocked offline. Eternal Blue is the software which enables a number of ransomware attacks. The code was allegedly developed by a government agency. The DarkCyber video provides links to repositories of some software developed by the US government. Stephen E Arnold, author of Dark Web Notebook, “The easier and easier access to specific methods for committing cybercrime make it easy to attack individuals and organizations. On one hand, greater transparency may help some people take steps to protect their data. On the other hand, the actionable information may encourage individuals to try their hand at crime in order to obtain easy money. Once how to information is available to hackers, the likelihood of more attacks, exploits, and crimes is likely to rise.”
The final story reports that WikiLeaks itself has had some of its messages leaked. These messages provide insight into the topics which capture WikiLeaks interest and reveal information about some of the source of support the organization enjoys. The Dark Cyber video provides a link to this collection of WikiLeaks messages.
Stephen E Arnold will be lecturing in Washington, DC, the week of September 6, 2018. If you want to meet or speak with him, please contact him via this email benkent2020 at yahoo dot com.
Kenny Toth, August 21, 2018
DarkCyber for July 24, 2018, is now available at www.arnoldit.com/wordpress and on Vimeo at https://vimeo.com/284579347 .
Stephen E Arnold’s DarkCyber is a weekly video news and analysis program about the Dark Web and lesser known Internet services.
This week’s program covers four Dark Web and security related stories.
The first story presents data about online drug sellers. The estimated number of vendors is in the 30,000 to 50,000 range. DarkCyber points out that such data are likely to be uncertain. Estimates of online sources for controlled substances are based on difficult-to-verify data. DarkCyber reports that as many as one half of the prescription drugs sold online may be fakes.
The second story reports that the Dark Web is changing. The shift from Tor-centric Web sites to encrypted chat and messaging systems is underway. Encrypted chat complicates the work of law enforcement and intelligence professionals. Plus, encrypted chat sessions can trigger mob actions which can spiral out of control and without warning. A lynching in India may be the direct result of forwarded encrypted chat messages.
The third story provides a snapshot of the NC4 policeware system Street Smart. A popular US magazine referenced the company without providing details about the system and its functions. DarkCyber explains that information about the software system are available on the NC4 Web site and in videos publicly available on YouTube.
The final story explains how 3D printing makes it comparatively easy for an individual to create what is called a “ghost gun.” The 3D printed weapon does not have an identification number, so tracing the gun is difficult. DarkCyber points out that copyright issues and regulations concerning the manufacture of weapons will consume time, money, and human resources.
Kenny Toth, August 14, 2018
This week’s DarkCyber video news program is now available at www.arnoldit.com/wordpress and on Vimeo at https://vimeo.com/user77362226/ .
DarkCyber covers news related to the Dark Web and lesser known Internet services. The program is produced and hosted by Stephen E Arnold, author of CyberOSINT and the Dark Web Notebook.
This week’s program includes four stories.
The first story reviews how hardware devices can be used by an individual to compromise an organization’s computers, servers, and network. The video illustrates how a normally appearing wristwatch can transfer malware to a computer or server. The video also explains how cufflinks which are housing for men’s cufflinks can evade a physical security inspection. The object is to make clear that an insider with physical access to computing devices can compromise those devices in a matter of minutes. Stephen E Arnold said: “Anyone with access to a computer within an organization can easily create havoc on existing systems. Security guards usually overlook watches and jewelry which contain storage devices, programs, and capabilities which can penetrate cyber barriers. These direct access attacks like the Evil Maid method are a threat because interns, temporary workers, and compromised employees have the opportunity and means to perform malicious actions.”
The second report summarizes findings about successful email phishing attacks. These are seemingly innocuous and legitimate emails which are conduits for malware. The most effective phishing scams reference Amazon deliveries and requests for information from what appear to be legitimate sources like Facebook.
The third story provides an overview of the Zotero research assistant software. The software keeps track of information discovered on the Internet and performs a number of functions for a researcher, an analyst, or an investigator. The Zotero tool allows the user to maintain an archive of data and generate reports which can be submitted to a colleague or a legal team. The software is available without charge, and DarkCyber provides a link for downloading the program.
The final story revisits the mythical idea that a person can hire an assassin on the Dark Web. A physician in England tried to arrange the death of his financial adviser. The doctor suffered cold feet, but police arrested him for malicious email. The Chechen mob did not get the doctor’s bitcoin nor the opportunity to terminate a financial wizard.
Kenny Toth, August 7, 2018
This week’s DarkCyber video news program is available at www.arnoldit.com/wordpress and on Vimeo at https://vimeo.com/282131610 .
Produced by Stephen E Arnold and the DarkCyber research team, the weekly program covers the Dark Web and lesser known Internet services.
The July 31, 2018, program includes four stories. These are:
Chinese citizens are using the Dark Web via Tor and i2p to circumvent the Great Firewall of China. The Web surfers use hidden Internet sites and services to obtain information and engage in ecommerce. DarkCyber learned that there is an elite group of “red” hackers working for the Chinese government. These “red hat” professionals engage in cyber activities which may be viewed as “black hat” activities by those outside of China.
The second story updates viewers about the legal challenges several SEA members face in US courts. DarkCyber provides brief descriptions of two reports about the SEA’s hacking activities in the US and elsewhere. These reports contain high value information about systems and methods used by these individuals. Links to these reports are included in the video plus a pointer to an SEA recruiting video available on YouTube. Stephen E Arnold, author of Dark Web Notebook, said: “Technical information compiled by analysts provides a road map for cyber security professionals. On the other hand, the availability of information warfare techniques makes it easier for bad actors to improve their digital attack methods. A cat and mouse game with significant stakes is escalating.”
The third story explains that Russia’s new surveillance and data retention regulations are now in effect. Mobile vendors, ISPs, and similar companies have to retain index data and content for six months. The influence of the Russian Internet crackdown has diffused to Kazakhstan. That Russian neighbor throttles the Internet and blocks access when opposition political voices stream via the Internet.
The final story directs viewers to the free Dark Web scanning service provided by Capitol One. The new service looks for individuals social security numbers, emails, and other personal information. Automatic alerts are sent to registered users when sensitive information is discovered.
You can view the video at this link.
Kenny Toth, July 31, 2018
Some useful factoids:
- 11 percent of Americans do not use the Internet, down from 48 percent in Year 2000. Source: TheHustle
- Google’s capital expenditures for 2017-2018 were $5.5 billion. This is a 2X increase over the previous year. Source: GeekWire
- The health records of 1.5 million Singaporeans, including Prime Minister Lee Hsien Loong, were stolen. Source: Manila Times
- Stolen credit cards with PINS cost as little as US$8. Source: Daily Mail
- Almost two million start-ups were registered in the UK between 2013-2017 with 392,627 (20 percent) classified as technology firms. Source: Cambridge Network
- Companies selling flaws in software to government entities include Vupen in Montpellier, France; Netragard in Acton, Mass.; Exodus Intelligence in Austin, Tex.; and ReVuln (Malta). Source: Dark Government
Stephen E Arnold, July 25, 2018
Many in the media are making the Dark Web out to be a boogie man who will steal your identity and ruin your life. While that is possible, a greater threat lurks out there on the regular everyday Web that we all use. A fascinating recent study discovered that we are extremely vulnerable to anyone looking for our personal data. We learned just how vulnerable in a recent Which? story, “How The Internet Reveals Your Personal Data Secrets.”
According to the story, when 14 hackers were paid to do a test run and look for dirt on everyday citizens:
“None of the personal data sources we found were on the ‘dark web’ – a phrase that describes websites accessible only by a specialist browser geared up for anonymity. We were able to discover passwords and password hints, email and postal addresses, dates of birth, phone numbers, middle names and even signatures. There was also a wealth of ‘softer’ information revealing people’s interests, hobbies, religion and political preferences.”
If that isn’t enough to scare you, consider that the place where we are supposed to feel the most safe, is actually a hotbed of identity theft. According to US News and World Report, your doctor’s medical files on you is an ID thief’s dream come true.
Patrick Roland, July 24, 2018
DarkCyber for July 24, 2018, is now available at www.arnoldit.com/wordpress and on Vimeo at https://vimeo.com/281132690 .
Stephen E Arnold’s DarkCyber is a weekly video news and analysis program about the Dark Web and lesser known Internet services.
This week’s program covers five Dark Web and security related stories.
The first story reports that a hacker stole technical details of the hunter killer MQ9 Reaper drone. These documents were offered for sale on a Dark Web eCommerce site. The documents in the wrong hands could lead to a bad actor’s development of jamming technology.
Second, the consumerization of encrypted blockchain services is accelerating. The Chinese electronics giant Huawei has announced that it will release a blockchain enable mobile phone in the fall of 2018. The idea is to make it easy to use digital currency from a mobile device. Each device can function as a node on the network which would expand the use of digital currency.
Third, Opera has released as a beta product of its flagship browser with a built in digital currency wallet. The implementation eliminates most of the technical complexity associated with using Bitcoin or other digital currencies. Stephen E Arnold, author of Dark Web Notebook, said: “Consumerization of encrypted services can be a plus for some business transactions. However, if the user of the encrypted services engages in illegal activity, the challenge for law enforcement becomes significantly more difficult for some investigations.”
The fourth story reports that German authorities are stepping up certain Tor related activities. Operators of Tor nodes and computers providing Tor relay services were seized in multiple locations in the country. German authorities allegedly wanted information about the use of Tor as well as the names of individuals who have contributed money to the US based Tor Project, a non profit organization sponsoring the development of the Tor software bundle.
The final story discloses that Mozambique has developed a fast growing heroin smuggling industry. The infrastructure used by the bad actors is based on mobile phones and WhatsApp messaging software. The heroin business now rivals Mozambique’s coal exporting business in revenue.
DarkCyber is released weekly on Tuesday at 0130 am US Eastern time.
Kenny Toth, July 24, 2018
Written by Stephen E. Arnold · Filed Under Dark Web, DarkCyber, News, Video | Comments Off on DarkCyber for July 24, 2018, Now Available
« Previous Page — Next Page »
