Blockchain as a CP Delivery System
April 18, 2018
With the rise of Bitcoin’s profile the encryption platform, Blockchain, used to keep things so secret has also seen a rise in its profile. But just like Bitcoin’s scrutiny under the spotlight, Blockchain’s less savory side is being exposed. We learned more from a recent CoinCenter story, defending the encryption, called “Addressing The Concerns of Illicit Images on Public Blockchains.”
According to the well thought out editorial,
“Bitcoin transactions allow one to add to them a short text memo. What some have done is to include encoded text in transaction memo fields and these are recorded in the Blockchain. Some of these encoded surprises on the blockchain include wedding vows, Bible verses, the Bitcoin logo and white paper, and quotes from Nelson Mandela. Unfortunately, some sick individuals have also added encoded images of child abuse.”
This is, however, not a new problem for the dark web. In fact, three years ago Forbes pointed out that Blockchain was a potential safe haven for malware and child abuse. That doesn’t erase the problems, though. The CoinCenter piece points out that a majority of interactions through Blockchain are on the up-and-up and that many legitimate businesses are investigating its uses. So, it’s safe to say this encryption tool is not going anywhere. We just wonder how it can ethically be policed.
Patrick Roland, April 18, 2018
Online Tracking of Weapons Can Be a Challenge
April 17, 2018
Gun sales online are prompting a lot of governmental concern, but not just in America. Australia, a nation with one of the lowest gun violence rates in the world, recently began cracking down on dark web sales of firearms with the help of US authorities. The results were promising, but still a little concerning. We learned more from a recent Daily Mail article, “Gun Trafficking Groups Selling to Australia Have Been Sentenced.”
According to the story, a seller of guns that were sent to Australia recently got three years in prison for the illegal transactions. We learned:
“The Atlanta-based group advertised guns for sale on the underground website BlackMarketReloaded that operated on The Onion Router, which masks the identity of its users, according to prosecutors.”
However, finding them through the murky waters of covert internet sites was nearly as tough as physically locating the guns. The story also pointed out, “In an attempt to avoid detection in the US Post or overseas the group hid the firearms in electronic equipment before placing them in packages.”
The Herculean effort needed to capture this dark web gun lord sounds similar to the recent arrest of one of Europe’s biggest online arms dealers, who was tracked down in Spain. This was the result of multiple countries and multiple agencies working for months to find this single person.
Clearly, the task of wiping the Dark Web clean of guns is difficult, but thankfully not impossible. We hope to hear about more success stories like this in the future. For more information, learn more about CyberOSINT (the Dark Web) here.
Patrick Roland, April 17, 2018
DarkCyber for April 17, 2018, Is Now Available
April 17, 2018
DarkCyber for April 17, 2018, is now available at www.arnoldit.com/wordpress and on Vimeo at https://vimeo.com/264827844
DarkCyber is a weekly video news and analysis program about the Dark Web and lesser known Internet services.
Push back from different organizations suggests that the unregulated, free wheeling days of digital currencies are winding down. France and Japan have taken action to curtail some digital currency practices. Plus Google and Twitter have banned ads for digital currencies.
In March 2018, Stephen E Arnold, producer of DarkCyber, was named to International Judicial Commission of Inquiry into Human Trafficking & Child Sex Abuse. He points out that as censorship increases, bad actors will step up their pace of innovation.
He said, “An uptick in the use of pastesites and encrypted chat make it increasingly difficult for investigators to identify and take action against those engaged in human trafficking and related crimes. Additional funding and faster cycle procurements of next generation are important priorities in the next six to nine months.”
DarkCyber answers a viewer’s question about the Katim secure mobile phone created by DarkMatter, a cyber security firm in the United Arab Emirates. The Katim device may be a market test or a way to determine interest in secure devices.
VPNs promise increased security for users. DarkCyber points out that a number of VPNs leak user data. Protocol flaws and VPN operators who keep logs of user behaviors make it clear that VPNs may be virtual, just not private.
For more information about DarkCyber, write us at darkcyber333 at yandex.com.
Kenny Toth, April 17, 2018
DarkCyber Profiles the Grayshift iPhone Unlocking Appliance
April 5, 2018
DarkCyber has released a special video report about Grayshift’s iPhone unlocking device for law enforcement forensics professionals. The GrayKey device unlocks most iPhones quickly and without the need to ship the suspect’s mobile phone off site.
The video is available on Vimeo at https://vimeo.com/262858305.
The video covers the pricing for the iPhone unlocker and its key features. Plus, the video product overview identifies the challenges that Grayshift will have to overcome if it wants to become the preferred provider of plug-and-unlock iPhone devices.
Stephen E Arnold said, “Grayshift’s GrayKey is important because it offers an easy-to-use iPhone unlocking system. Four digit passcode protected devices can be unlocked in two to three hours. Apple mobiles with six digit passcodes can be unlocked in two to three days. The device can be used in a mobile forensics lab and costs a fraction of some competitive solutions. GrayKey looks like the right product at the right time and at the right price.”
DarkCyber is a weekly video new program for law enforcement, intelligence, and security professionals. The special report series will focus on a single product, service, or technical innovation.
This is a special report in his CyberOSINT Tools series. These special reports will be issued when notable products, services, or technologies become available to law enforcement and intelligence professionals.
Stephen E Arnold is the author of “Dark Web Notebook” and “CyberOSINT: Next Generation Information Access.” He has been named as a technology adviser to the UK based Judicial Commission of Inquiry into Human Trafficking and Child Sex Abuse.” Mr. Arnold also lectures to law enforcement and intelligence professionals attending the Telestrategies ISS conferences in Prague, Washington, DC, and Panama City, Panama. In recent months, he has shared his research with law enforcement and intelligence professionals in the US and Europe. His most recent lectures focus on deanonymizing chat and digital currency transactions. One hour and full day programs are available via webinars and on-site presentations.
Kenny Toth, April 5, 2018
Apple and Its Snowden Moment
February 14, 2018
I don’t pay much attention to the antics of Apple, its employees, or its helpers. I did note this story in Boy Genius Report: “We Now Know Why an Apple Employee Decided to Leak Secret iPhone Code.” My take is that the trigger was a bit of the high school science club mentality and the confusion of what is straight and true with the odd ball ethos of clever, young tech wizards.
The cat is out of the bag. Removing content from Github does not solve the problem of digital information’s easy copy feature.
How will Apple handle its Snowden moment? Will the leaker flee to a friendly computing nation state like Google or Microsoft? Will the Apple iPhone code idealist hole up in a Motel 6 at SFO until the powers that be can debrief him and move him to a safe cubicle?
I think the episode suggests that insider threats are a challenge in today’s online environment. With the report that security service providers are suffering from false positives, the reality of protecting secrets is a bit different from the fog of assumption that some have about their next generation systems. I call it the “illusion of security.”
Reality is what one makes it, right?
Stephen E Arnold, February 14, 2018
OpenText Wants to Be the Big Dog in Cyber Security
February 4, 2018
My wife and I rescued a French bull dog. We also have a boxer, which is three times the size of the rescued canine. The rescued canine thinks he is a bull mastiff. We believe that the French bull dog has a perception problem.
Here’s a quote from “OpenText Enfuse 2018 To Showcase The Future of Cybersecurity and Digital Investigations”:
OpenText’s industry leading digital investigation, forensic security and data risk management solutions are defining the future of cybersecurity, digital investigations and e-Discovery, and serve to extend the security capabilities of OpenText’s leading information management platform.”
I noticed this statement at the bottom of the “real” news story:
Certain statements in this press release may contain words considered forward-looking statements or information under applicable securities laws.
I think our French bull dog might say something like this when he tries to impose his will on Max, our large, strong, aggressive boxer.
In the cyber marketplace, will IBM i2 roll over and play dead? Will Palantir Technologies whimper and scamper back to Philz Coffee? Will the UAE vendor DarkMatter get into the pizza business? Will the Google and In-Q-Tel funded Recorded Future decide that real estate development is where the action is?
Forward looking? Yeah, no kidding.
Stephen E Arnold, February 4, 2018
Dark Web Criminals Seek Alternatives to Bitcoin
January 8, 2018
Law enforcement has been getting better at using Bitcoin to track criminals on the dark web, so bad actors are exploring alternatives, we learn from the article, “Dark Web Finds Bitcoin Increasingly More of a Problem Than a Help, Tires Other Digital Currencies” at CNBC.
Reporter Evelyn Cheng writes:
In the last three years, new digital currencies such as monero have emerged in an effort to increase privacy. Unlike the open transaction record of bitcoin, monero’s technology hides the name of the sender, amount and receiver. A representative from monero did not respond to email and Twitter requests for comment. Monero hit a record high Monday of $154.58, up more than 1,000 percent this year, according to CoinMarketCap.
Digital currency ethereum is an increasing target for cybercrime as well, according to Chainalysis. Ethereum is up about 4,300 percent this year amid a flood of funds into the digital currency for initial coin offerings, which have raised the equivalent of nearly $1.8 billion in the last three years, CoinDesk data showed. Cybercriminals raised $225 million in ethereum so far this year, Chainalysis said in a report posted Aug. 7 on its website. Phishing attacks — disguised emails or other communication used to trick people into disclosing personal information — make up more than half of all ethereum cybercrime revenue this year at $115 million, the study said. The Ethereum Foundation did not return a CNBC request for comment.
Make no mistake, Bitcoin is still in the lead even with criminals—its popularity makes it easy to quickly convert with no third parties involved. As that popularity continues to increase and the currency becomes more mainstream, though, other options await.
Cynthia Murrell, January 8, 2018
Investigating Cybercrime
December 29, 2017
The devastating Equifax breach is being pursued by federal investigators who know what they are doing, we learn from the piece, “Cybercrimes Present Unique Challenges for Investigators” at SFGate. AP Writer Kate Brumback writes:
The federal investigators looking into the breach that exposed personal information maintained by the Equifax credit report company are used to dealing with high-profile hacks and the challenges they present. The U.S. attorney’s office and FBI in Atlanta have prosecuted developers and promoters of the SpyEye and Citadel malware toolkits, used to infect computers and steal banking information. They’ve helped prosecute a hack into Scottrade and ETrade that was part of an identity theft scheme, and aided the international effort that in July shut down AlphaBay, the world’s largest online criminal marketplace.
The U.S. Attorney’s office has confirmed that, along with the FBI, it is investigating the breach at Atlanta-based Equifax, which the company said lasted from mid-May to July and exposed the data of 145 million Americans.
Though investigators would not tell Brumback anything about this specific investigation, they shared some of what it is like to pursue cybercrime in general. For example, one prosecutor notes that for every conviction there are about 10 times as many investigations that dead-end. Aliases and invite-only forums make it difficult to identify perpetrators; often, success is the result of a slip-up on the part of the bad actor. Another complication—as we know, the internet transcends boundaries, and several foreign governments do not extradite to the U.S. (or do, but slowly). Once we do catch the bad guys, they can be punished, but the issue of restitution tends to be prohibitively complicated. With a focus on prevention, investigators are now working with many companies before breaches occur.
Cynthia Murrell, December 29, 2017
Law Enforcement Do Not Like Smartphones
December 26, 2017
Smartphones and privacy concerns are always hot topics after mass shootings and terroristic acts. The killers and terrorists always use their smartphones to communicate with allies, buy supplies, and even publicize their actions. Thanks to these criminals, law enforcement officials want tech companies to build backdoors into phones so they can always can the information. The remainder of the public does not like this. One apple spoils the entire batch. KPTV explains why smartphones are a problem in “Why Smartphones Are Giving Police Fits.”
After the recent mass shooting in Texas, police were unable to hack into the killer’s phone because of all the privacy software in place. Law enforcement do not like this because they are unable to retrieve data from suspects’ phones. Software developers insist that the encryption software is necessary for digital privacy, but police do not like that. It holds up their investigations.
…it could take specialists weeks to unlock the phone and access material that may reveal the killer’s motive and other information.
The FBI’s first option is likely to pressure the device-maker to help access the phone, but if that won’t work they could try breaking into it. Sometimes “brute force” attacks aimed at methodically guessing a user’s passcode can open a device, though that won’t work with all phones.
Arora said the difficulty of breaking into the phone would depend on numerous factors, including the strength of the gunman’s passcode and the make and model of the phone. Police may have more options if it’s an Android phone, since security practices can vary across different manufacturers.
The tech companies, though, are out to protect the average person, especially after the Edward Snowden incident. The worry is that if all smartphones have a backdoor, then it will be used for more harm than good. It establishes a dangerous precedent.
Law enforcement, however, needs to do their jobs. This is similar to how the Internet is viewed. It is a revolutionary tool, but a few bad apples using it for sex trafficking, selling illegal goods, and child porn ruins it for the rest of us.
Whitney Grace, December 26, 2017
SIXGILL: Dark Web Intelligence with Sharp Teeth
December 14, 2017
“Sixgill” refers to the breathing apparatus of a shark. Deep. Silent. Stealthy. SIXGILL offers software and services which function like “your eyes in the Dark Web.”
Based in Netanya, just north of Tel Aviv, SIXGILL offers services for its cyber intelligence platform for the Dark Web. What sets the firm apart is its understanding of social networks and their mechanisms for operation.*
The company’s primary product is called “Dark-i.” The firm’s Web site states that the firm’s system can:
- Track and discover communication nodes across darknets with the capability to trace malicious activity back to their original sources
- Track criminal activity throughout the cyber crime lifecycle
- Operate in a covert manner including the ability to pinpoint and track illegal hideouts
- Support clients with automated and intelligence methods.
The Dark-i system is impressive. In a walk through of the firm’s capabilities, I noted these specific features of the Dark-i system:
- Easy-to-understand reports, including summaries of alleged bad actors behaviors with time stamp data
- Automated “profiles” of Dark Web malicious actors
- The social networks of the alleged bad actors
- The behavior patterns in accessing the Dark Web and the Dark Web sites the individuals visit.
- Access to the information on Dark Web forums.
Details about the innovations the company uses are very difficult to obtain. Based on open source information, a typical interface for SIXGILL looks like this:
Based on my reading of the information in the screenshot, it appears that this SIXGILL display provides the following information:
- The results of a query
- Items in the result set on a time line
- One-click filtering based on categories taken from the the sources and from tags generated by the system, threat actors, and Dark Web sources
- A list of forum posts with the “creator” identified along with the source site and the date of the post.
Compared with reports about Dark Web activity from other vendors providing Dark Web analytic, monitoring, and search services, the Dark Web Notebook team pegs s SIXGILL in the top tier of services.
-
- Subscribe to Beyond Search
Feature archive
News archive
-
