A Survey of Prices from the Dark Web
July 21, 2020
The Dark Web may not be the giant repository of badness that some popularizers of sci-fi assert, but it is a challenge for some enforcement professionals.
As important as our personal and financial information is to each of us, it can come as a surprise how cheaply some hacked data can be purchased on the Dark Web. After considerable research, Privacy Affairs illustrates this point in its “Dark Web Price Index 2020.” Reporter Miguel Gomez writes:
“The privacy offered by software such as TOR creates an environment where criminals can sell their wares on the dark web without the worry of law enforcement. What’s more, many will have heard the horror stories of people’s bank accounts being cleaned out, or their identity stolen and turning up in custody in Mexico. Again, not unjustified horror. You might be asking yourself, just how easy is it to obtain someone else’s personal information, documents, account details? We certainly were. Whilst there are many marketplaces on the dark web, there are even more forum posts warning of scammers. This makes verified prices difficult to obtain without ordering the items to find out, which of course we didn’t. Our methodology was to scan dark web marketplaces, forums, and websites, to create an index of the average prices for a range of specific products. We were only interested in products and services relating to personal data, counterfeit documents, and social media.”
The researchers compiled eye-opening lists of products and going rates; interested readers should navigate there to view the entire roster. A few examples: credit card details for an account with a balance of up to $5,000 for just 20 bucks; a hacked Twitter account for $49; a 24-hour-long DDoS attack against an unprotected website, at 10-50k requests per second, for $60. Considerably more expensive, though, are passports from the US, Canada, or Europe at $1,500 or quality malware attacks at 1,000 for $1,400 – $6,000.
The article includes a few interesting details alongside the prices, like the fact that vendors usually guaranteed 8 out of 10 stolen credit cards would pay off as advertised. Also, PayPal account details were very common and cheap, but actual transfers from a hacked account were more pricy. And apparently counterfeit bills are extremely common, with the highest quality ones costing about 30% of their fake value. They even come with a “UV pen test guarantee.” See the write-up for more curious, if concerning, details.
Cynthia Murrell, July 21, 2020
DarkCyber for June 9, 2020, Is Now Available: AI and Music Composition
June 9, 2020
The DarkCyber for June 9, 2020, presents a critical look at music generated by artificial intelligence. The focus is the award-winning song in the Eurovision AI 2020 competition. The interview discusses the characteristics of AI-generated music, its impact on music directors, how professional musicians deal with machine-created music, and the implications of non-numan music. The program is a criticism of the state-of-the-art for smart software. Instead of focusing on often over-hyped start ups and large companies making increasingly exaggerated claims, the Australian song and the two musicians make clear that AI is a work in progress. You can view the video at https://vimeo.com/427227666.
Kenny Toth, June 9, 2020
AI Enables Cyber Attacks
June 4, 2020
Is it not wonderful that technology has advanced so much that we are closer to AI led cyberattacks? It is true that bad actor hackers already rely on AI to augment their nasty actions, but their AI is not on par with human intelligence yet. Verdict warns that AI powered cyberattacks will be on the rise in the future: “Leveling Up: How Offensive AI Will Augment Cyberattacks.”
A 2020 Forrester report stated that 88% of security leaders believe AI will be used in cyberattacks and over half thought an attack could occur sometime in the next twelve months. Cyber security professionals are already arming their systems with AI to combat bad actors using the same technology, but they cannot predict everything.
Bad actor hackers want AI capabilities, because it scales their operations, increases their profitability, provides an understanding of context, and makes attribution and detection harder. Verdict’s article breaks down a bad actor hacker’s attack strategy.
The first step would be reconnaissance, where chatbots interact with employees with AI generated photos. Once the chatbots gained the victims’ trust, CAPTCHA breakers are used for automated reconnaissance on the public Web site. The next step would be intrusion with spear-phishing attacks targeted at key employees.
Part three would follow with an attacker hacking the enterprise framework and blending in with regular business operations. The next phases would collect passwords another privileges as the hacker moved laterally to gather more targeted information while avoiding detection. The final phase would be where the AI shows its chops by pre-selecting information to steal instead of sifting through an entire system. The AI would get it, download the targeted data, and then get out, most likely without a trace.
“Offensive AI will make detecting and responding to cyberattacks far more difficult. Open-source research and projects exist today which can be leveraged to augment every phase of the attack lifecycle. This means that the speed, scale, and contextualization of attacks will exponentially increase. Traditional security controls are already struggling to detect attacks that have never been seen before in the wild – be it malware without known signatures, new command and control domains, or individualized spear-phishing emails. There is no chance that traditional tools will be able to cope with future attacks as this becomes the norm and easier to realize than ever before.”
The human element is still the surprise factor.
Whitney Grace, June 4, 2020
Is Cyber Crime Boring? Maybe The Characterization Masks a Painful Consequence?
June 1, 2020
DarkCyber read “Career Choice Tip: Cybercrime is Mostly Boring.” The article is clear. The experts cited are thorough and thoughtful. Practicing cyber crime is similar to what engineers, developers, and programmers do in the course of their work for firms worldwide. Much of that work is boring, filled with management friction, and repetitive.
The article states:
the academics stress that the romantic notions of those involved in cybercrime ignore the often mundane, rote aspects of the work that needs to be done to support online illicit economies. The researchers concluded that for many people involved, cybercrime amounts to little more than a boring office job sustaining the infrastructure on which these global markets rely, work that is little different in character from the activity of legitimate system administrators.
Exactly.
The paper is quoted in the article as explaining:
We find that as cybercrime has developed into industrialized illicit economies, so too have a range of tedious supportive forms of labor proliferated, much as in mainstream industrialized economies. We argue that cybercrime economies in advanced states of growth have begun to create their own tedious, low-fulfillment jobs, becoming less about charismatic transgression and deviant identity, and more about stability and the management and diffusion of risk. Those who take part in them, the research literature suggests, may well be initially attracted by exciting media portrayals of hackers and technological deviance.”
The DarkCyber study team discussed the Cambridge research summary and formulated some observations:
- Boring means that cyber crime will be automated. Automated processes will be tuned to be more efficient. Greater efficiency translates to the benefit the cyber criminals seek. Thus, the forward momentum of boring cyber crime is an increase in the volume and velocity of attacks.
- Certain criminal elements are hiring out of work or disgruntled technologist from mainstream companies, including high-profile Silicon Valley companies. Our research identified one criminal organization paying 90,000 euros per month and offering benefits to contract workers with specialized skills. The economic pressures translates to a talent pool available to certain criminal orchestrators. More talent feeds the engineering resources available to cyber crime constructs. DarkCyber believes a “Google effect” is beginning, just in the cyber crime market space.
- Law enforcement, government agencies, and some providers of specialized services to law enforcement and intelligence entities will be unable to hire at the rate criminal constructs hire. Asymmetry will increase with bad actors having an opportunity to outpace enforcement and detection activities.
Net net: The task facing law enforcement, security, and intelligence professionals is becoming more difficult. Cyber crime may be boring, but boring tasks fuel innovation. With access to talent and cash, there is a widening chasm. Talking about boring does not make clear the internal forces pushing cyber crime forward.
Stephen E Arnold, June 1, 2020
Dark Patterns: A Partial Explanation
May 21, 2020
Manipulation is a rich, multi-layered concept. DarkCyber noted “Dark Patterns: Past, Present, and Future: The Evolution of Tricky User Interfaces” is a slice of a manipulative pie, but the bakery has not been fully sampled. (Note: You may have to pay to read the article.) That poorly lit patisserie can be explored by future computer, scholar, analyst philosophers.
The pie slice at hand look good and seems tasty.
The article is the work of a number of computer, scholar, analyst philosophers. The main point is:
Dark patterns are user interfaces that benefit an online service by coercing users into making decisions they might not otherwise make.
The authors have ingested the thinking of the economist, scholar, and analysts Richard H. Thaler and Cass R. Sunstein. The idea is that “helpful” suggestions, facts, comments, opinions, or other message payloads can cause a person to react. This is the Newtonian approach to manipulation. Like the pie, there is a quantum world of manipulation waiting to be documented; for example, a shaped experience slightly more subtle that a nun’s whacking an inattentive choir boy on the head with a hymnal.
The write up includes diagrams, an origin story, and a nod to the Google. Like many aspiring experts, the authors offer suggestions or recommendations presented in adulting language; for instance:
Let’s urge the design community to set standards for itself, both to avoid onerous regulation and because it’s the right thing to do.
Yep, that will work. The datasphere may be slightly more intractable for users unable to figure out a log scale.
Stephen E Arnold, May 21, 2020
DarkCyber for May 12, 2020: Web Tracking, Free Malware Appliance, Banjo Trouble, New Drones, and Mobile Location Spoofing
May 12, 2020
DarkCyber for May 12, 2020, is now available. You can view this program on YouTube or Vimeo. This week’s program covers the Banjo founder – KKK connection. SoftBank invested $100 million in the company. There has been a potential feature film project called Banjo Policeware: The Wrath of Khan. Two stories focus on surveillance of persons of interest. The first references allegations that the US Federal Bureau of Investigation uses faked Web pages or seized pages to obtain useful information about actors. Another story describes an open source malware analysis appliance. Unlike commercial solutions which cost thousands of dollars, the Phoenix appliance is available without charge. The appliance, which is a software wrapper around a number of tools, allows analysis and visualization of malware behavior. The program also includes a report about two new drones which can perform surveillance and data collection. The first is an autonomous system developed by AeroVironment. The second is DJI’s drone equipped with a 48 megapixel camera.
We are now producing two DarkCyber videos each month. We plan to release a short “special focus program” between our regular shows. Watch DarkCyber for details about this special report. Topics on the production schedule include the failure of cyber security solutions to protect Work From Home employees and contractors, search engine optimization fraud, and policeware marketing.
DarkCyber is produced by Stephen E Arnold and the DarkCyber research team. Tony S. has rejoined the group after a hiatus due to family responsibilities. Join me in saying, “Yo, Tony, get to work.” He is now our principal researcher for a new project related to the European Community’s investigation of Google search result manipulation. (I know that most people are unaware of this most recent thrust at Google, but it is happening.)
One final but important point: The DarkCyber video programs contain no sponsored content, no advertisements, and no embarrassing “begging for dollars” messages. The approach allows the DarkCyber team to discuss a range of topics, even those which can be uncomfortable for search engine marketers, consultants, and sketchy service providers.
Kenny Toth, May 12, 2020
DarkCyber for April 28, 2020: Free Cyber Warfare Book, Spy Insights, the Info Gap Map, and HaaS
April 28, 2020
The April 28, 2020, DarkCyber tackles four stories this week. This week’s program is available via the DarkCyber blog, Vimeo, or YouTube. This week’s stories include information that is otherwise difficult to locate.
You can download a comprehensive look at cyber warfare published by the Carnegie Endowment for International Peace. The book covers cyber intelligence and methods of cyber warfare. DarkCyber’s Stephen E Arnold and former CIA spy Robert David Steele discussed misinformation in a one hour interview which is available on the Phi Beta Iota Web site. DarkCyber includes an extract from the discussion about obtaining hyper local data about people, events, and places. The information gap map illustrates how little digital information is available in free Web search systems. The map makes clear that anyone relying on Bing, Google, Yandex, and other free Web search systems is likely to be drowned in misinformation. The program explains how to access a no cost honeypot as a service. HaaS makes it possible to explore malware and learn about exploits in a controlled environment. The link to the service is provided in the program.
Kenny Toth, April 28, 2020
Another Specialized Method Revealed
April 20, 2020
This is another example of an article which should not be widely available. Rumors of a method to compromise Android phones have been circulating for months. The major signal that a specialized services firm had developed a way to compromise Android phones was a change in Zerodium’s bounty. Android bounties cratered; iPhone vulnerability values skyrocketed. Why? Android devices could become the house pets of certain entities.
“The Secret Behind Unkillable Android Backdoor Called xHelper Has Been Revealed” explains the procedures followed. If you are interested in what significant research efforts can achieve, read the article.
DarkCyber’s view is that Google’s Android team, like many zip zip development shops, overlook excellence. The pursuit of good enough has paid dividends for Google’s approach to business. However, Googlers make assumptions that their way is THE highway.
That works until it doesn’t.
DarkCyber has little to say about the specialized services which have been able to convert the Android device into a handy dandy information provider.
And what about the cyber security firms selling “security”? Does this minor issue suggest that talk and PR about digital security solutions is hot air?
But Google? Yep, Google. Good enough is not.
Stephen E Arnold, April 20, 2020
DarkCyber for April 14, 2020, Now Available
April 14, 2020
This week’s DarkCyber program contains three news stories and one feature. The program is available via Vimeo and YouTube.
Geospark Analytics is the subject of a DarkCyber profile. The company has a new president, a new partner, and a public podcast. What makes these announcements interesting is that most firms engaged in geolocation analysis maintain a low profile. DarkCyber points out the downside of attracting too much attention. Geospark Analytics, a start up, is likely to become a disruptor in what is a little known sector of the law enforcement and intelligence markets. The technology is directly germane to recent announcements about tracking individuals of interest.
DarkCyber reports that bad actors are going to great lengths to make credit card theft easy. The story explains the principal features of a new point-and-click way to obtain names, credit card data, and the codes printed on each card. Also, this type of “skimming crime” is going to be further automated. After paying a fee, the developer of the skimming system will automate the theft for the customer. How much does the service cost? About $1000 but if a customer does not have the cash a revenue split is available.
A 2014 report produced by the US Department of Justice suggests that predictive analytics may not be as reliable as some experts assert The original document was not available to the public, but it was obtained via a Freedom of Information request by a watch dog group this year. The 2014 report reveals information about the somewhat dismal performance of predictive analytics systems. The outputs of these systems from well-known vendors were not helpful to enforcement and legal officials. The DarkCyber story includes a link to the full report as well as a link to a recent analysis of predictive analytics systems efficacy in identifying life outcomes for young people. The results of both studies appear to call into question the reliability of some predictive software.
DarkCyber’s program concludes with a reminder that virtual private networks may not be private. An online news service identified a number of comparatively high-profile VPNs that are not particularly secure. A link to the source document and the name of three suspect services are provided.
DarkCyber is a production of Stephen E Arnold. Programs are released twice a month and provide news, analysis, interviews, and commentary about the Dark Web, cyber crime, and lesser known Internet services.
Programs are available on Vimeo and YouTube. For the current program, you are welcome to navigate to www.arnoldit.com/wordpress.
Kenny Toth, April 14, 2020
The Roots Behind Criminality: Cyber and Regular
April 8, 2020
Coronavirus scams, global Internet traffic hijacking, and attacks on work-from-homers. Where does crime originate?
In the United States, true crime documentaries and fictional detective shows are popular. People love these shows because it explores the human psyche and tries to answer why people commit crimes. Mental health professionals have explored criminals motivations for centuries, including University of California Santa Cruz professor of psychology Craig Haney. Phys.org shares more on Haney’s work in the article, “New Book Debunks Myths About Who Causes Crime And Why.”
For over forty years, Haney researched the real causes behind crimes and he formulated the hypothesis that criminal behavior could be tied to childhood suffering, such as abuse, trauma, and maltreatment. Haney had interviewed many death row inmates and noticed trauma patterns in them. His colleagues were skeptical about his findings, because there was not much research not the idea and few studies. Haney wrote about his findings in a new book, Criminality in Context: The Psychological Foundations of Criminal Justice Reform. In his new book, Haney discusses forty years of research and what believes to be the root causes of criminal behavior, how it differs from accepted conventions, and what reforms are needed in the criminal justice system. Haney stated:
‘“The nation’s dominant narrative about crime is that it is committed by bad people who freely choose to make bad decisions, persons who are fundamentally different from the rest of us,’ said Haney, who holds psychology and law degrees. “The only thing that is fundamentally different about them is the lives they’ve lived and the structural impediments they’ve faced.’”
Haney found that the people most at risk to commit crimes were those exposed to childhood trauma and often experienced even more maltreatment in places meant to protect them: school, foster care systems, and juvenile justice systems.
He also argues that poverty and racism are key contributors to criminal behaviors. Poverty is a gateway to criminal behavior, because it leads to trauma, unmet needs, and less opportunities. Unfortunately ethnic minorities who experience poverty and trauma are more likely to end up imprisoned. By proxy ethnic minorities receive differential treatment and represent the largest criminal populations.
Haney’s research exposes bigger holes in the already broken criminal justice system. He points that bigger reforms need to be made than simple criminal justice. Crime prevention strategies need to start at the cradle, most importantly combating social inequality and and poverty.
While Haney’s research may sound new, it only augments what other mental health professionals have been spouting for years. Everything is connected when it comes to mental health, but humans usually are not taught how to properly care for their minds.
Whitney Grace, April 8, 2020
-
- Subscribe to Beyond Search
Feature archive
News archive
-
