More Hacked US Voter Data Appears on the Dark Web
February 25, 2016
From HackRead comes a piece called More US Voters Data Circulating on the Dark Net, which points to the lack of protection surrounding data on US voters. This data was leaked on the site The Hell on Dark Web. No reports yet suggest how this data was hacked. While no social security numbers or highly sensitive information was released, records include name, date of birth, voter registration dates, voting records, political affiliation and address. Continuing the explanation of implications, the article’s author writes,
“However, it provides any professional hacker substantial information to initiate and plan a phishing attack in the next election which takes place in the US. Recent discoveries, news and speculations have exposed the role of nation-state actors and cyber criminals in planning, instigating and initiating hacking attacks aimed at maligning the upcoming US elections. While social media has emerged as one of the leading platforms adopted by politicians when they wish to spread a certain message or image, cyber criminals and non-state actors are also utilizing the online platform to plan and initiate their hacking attacks on the US election.”
As the article reminds us, this is the not first instance of voter records leaking. Such leaks call into question how this keeps happening and makes us wonder about any preventative measures. The last thing needed surrounding public perception of voting is that it puts one at risk for cyber attacks. Aren’t there already enough barriers in place to keep individuals from voting?
Megan Feil, February 25, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
monograph
Was the Silk Road Trial Fair?
February 17, 2016
The Dark Web burst into the general consciousness with underground Web site called the Silk Road was busted. Ross Ulbricht aka the Dread Pirate Roberts ran the crime ridden Web site Silk Road that was a darknet playground for drug pushers, sex traffickers, money launders, hackers, and just about every other relatable crime that wants an untraceable presence. The Naked Security blog by Sophos proposes the question “Ross Ulbricht Appeals Silk Road Conviction-Did He Get A Fair Trial?”
In 2015, Ulbricht was convicted for money laundering, drug and hacking-related charges, and sentenced to two life terms with an additional forty years for running the entire Silk Road network. Ulbricht’s lawyers appealed the case based on the grounds that the law enforcement officials were guilty themselves of stealing bitcoins and extorting from Ulbricht. The evidence proving this was, of course, withheld in the trial and any favorable pro-Ulbricht evidence was suppressed.
“Ulbricht’s family paints a very different picture of him than federal prosecutors. The family has been waging a campaign to “Free Ross Ulbricht” that accuses the government of framing Ulbricht as part of the “failed War on Drugs,” and depicting his case as a milestone in the government’s crackdown on Internet freedom. Ulbricht’s defense attorneys argued at trial, and in his appeal, that Ulbricht had founded the Silk Road using the pseudonym Dread Pirate Roberts, but that he had sold his stake and was framed by subsequent operators.”
Ulbricht’s family says that the two corrupt agents Shaun Bridges and Carl Force had administrative privileges on Silk Road and would have been able to manipulate information in their favor. They claim the information was withheld when Ulbricht’s case went to court and the government kept it under seal to protect its agents.
Ulbricht and his family have many supporters saying that the two consecutive life terms without parole was too harsh of a punishment. They also claim that Ulbricht’s Fourth Amendment rights were breached.
The US government, however, thinks otherwise. They want to make an example of Ross Ulbricht and send a message to cyber criminals that they cannot hide behind the Dark Web’s invisibility cloak. The Dark Web might be a mask criminals wear, but a light can unmask them.
Whitney Grace, February 17, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Dark Web Crime Has Its Limits
February 12, 2016
The Dark Web is an intriguing and mysterious phenomenon, but rumors about what can be found there are exaggerated. Infomania examines what is and what is not readily available in that murky realm in, “Murder-for-Hire on the Dark Web? It Can’t Be True!”
Anonymity is the key factor in whether certain types of criminals hang out their shingles on the TOR network. Crimes that can be more easily committed without risking identification include drug trafficking, fraud, and information leaks. On the other hand, contract assassins, torture-as-entertainment, and human trafficking are not actually to be found, despite reports to the contrary. See the article for details on each of these, and more. The article cites independent researcher Chris Monteiro as it summarizes:
The dark web is rife with cyber crime. But it’s more rampant with sensationalized myths about assassination and torture schemes — which, as Chris can attest, simply aren’t true. “What’s interesting is so much of the coverage of these scam sites is taken at face value. Like, ‘There is a website. Therefore its contents must be true.’ Even when mainstream media picks it up, very few pick it up skeptically,” he says.
Take the Assassination Market, for example. When news outlets got wind of its alleged existence in 2013, they ran with the idea of “Murder-for-hire!!” on the Internet underground. Although Chris has finally demonstrated that these sites are not real, their legend lives on in Internet folklore. “Talking about the facts — this is how cybercrime works, this is how Tor and Bitcoin work — is a lot less sexy than saying, ‘If you click on the wrong link, you’ll be kidnapped, and you’ll end up in a room where you’ll be livestreamed, murdered, and you’re all over the internet!’” Chris says. “All I can do is point out what’s proven and what isn’t.”
So, next time someone spins a scary tale about killers-for-hire who are easily found online, you can point them to this article. Yes, drug trafficking, stolen data, and other infractions are big problems associated with the Dark Web, but let us not jump at shadows.
Cynthia Murrell, February 12, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
To Search the Dark Web
February 11, 2016
If you have wondered how, exactly, one searches for information on the Dark Web, take a gander at “The Best TOR Search Engines of 2016” at Cyberwarzone. Reporter CWZ writes:
“On the TOR network you can find various websites just like you find on the ‘normal web.’ The websites which are hosted on the TOR network are not indexed by search engines like Google, Bing and Yahoo, but the search engines which are listed below, do index the TOR websites which are hosted via the TOR network. It is important to remember that you do need the TOR client on your device in order to access the TOR network, if you cannot use a TOR client on your device, you can use one of the free TOR gateways which are listed below in the web TOR providers tab.”
The article warns about malicious TOR clients, and strongly suggests readers download the client found at the official TOR website. Four search engines are listed— https://Ahmia.fi, https://Onion.cab, https://onion.link/, and http://thehiddenwiki.org/. CWZ also lists those Web TOR gateways, through which one can connect to TOR services with a standard Web browser instead of using a TOR client. See the end of the article for that information.
Cynthia Murrell, February 11, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Reviews on Dark Web Email Providers Shared by Freedom Hacker
February 10, 2016
The Dark Web has many layers of sites and services, as the metaphor provided in the .onion extension suggests. List of secure Dark Web email providers in 2016 was recently published on Freedom Hacker to detail and review the Dark Web email providers currently available. These services, typically offering both free and pro account versions, facilitate emailing without any type of third-party services. That even means you can forget any hidden Google scripts, fonts or trackers. According to this piece,
“All of these email providers are only accessible via the Tor Browser, an anonymity tool designed to conceal the end users identity and heavily encrypt their communication, making those who use the network anonymous. Tor is used by an array of people including journalists, activists, political-dissidents, government-targets, whistleblowers, the government and just about anyone since it’s an open-source free tool. Tor provides a sense of security in high-risk situations and is often a choice among high-profile targets. However, many use it day-to-day as it provides identity concealment seamlessly.”
We are intrigued by the proliferation of these services and their users. While usage numbers in this article are not reported, the write-up of the author’s top five email applications indicate enough available services to necessitate reviews. Equally interesting will be the response by companies on the clearweb, or the .com and other regular sites. Not to mention how the government and intelligence agencies will interact with this burgeoning ecosystem.
Megan Feil, February 10, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Hackers Revive Dark Web Forum Called Hell
February 8, 2016
After personal details of over four million Adult Friend Finder users was found on the Dark Web site called Hell, this notorious internet hacking forum was shut down by authorities around July 2015. Reported by Instant Tricks, an article Hell is back with Hell Reloaded on the Dark Web explains Hell is currently accessible again on the Dark Web. The article states,
“The exact date of the website’s returning on-line is troublesome to determine, for the posts don’t have a date next to them for security functions. However, judgement by the quantity of posts, it’s honest to mention that the web site came back simply over every week past. Hell is a web portal on the Dark internet that’s employed by hackers everywhere the globe to share their hacking tricks moreover as transfer and post taken knowledge.”
Hell is one of the world’s largest hacking forums on the Dark Web and, as such, is difficult to imagine the site will ever kick the bucket. Interestingly, in its re-emergence, it has been rendered with the same branding as if nothing had changed. “Stephen E Arnold’s Dark Web Notebook” describes this Dark Web resource. We recommend this read for security, law enforcement and information technology officials as these industries’ landscapes evolve due to the enduring presence of sites like Hell on the Dark Web.
Megan Feil, February 08, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Cybercrime as a Service Impacts Hotel Industry and Loyalty Points
February 4, 2016
The marketplaces of the Dark Web provide an interesting case study in innovation. Three types of Dark Web fraud aimed at the hotel industry, for example, was recently published on Cybel Blog. Delving into the types of cybercrime related to the hospitality industry, the article, like many others recently, discusses the preference of cybercriminals in dealing with account login information as opposed to credit cards as detectability is less likely. Travel agencies on the Dark Web are one such way cybercrime as a service exists:
“Dark Web “travel agencies” constitute a third type of fraud affecting hotel chains. These “agencies” offer room reservations at unbeatable prices. The low prices are explained by the fact that the seller is using fraud and hacking. The purchaser contacts the seller, specifying the hotel in which he wants to book a room. The seller deals with making the reservation and charges the service to the purchaser, generally at a price ranging from a quarter to a half of the true price per night of the room. Many sellers boast of making bookings without using stolen payment cards (reputed to be easy for hotels to detect), preferring to use loyalty points from hacked client accounts.”
What will they come up with next? The business to consumer (B2C) sector includes more than hotels and presents a multitude of opportunities for cybertheft. Innovation must occur on the industry side as well in order to circumvent such hacks.
Megan Feil, February 4, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Google Wants ISIS to Stay Off the Regular Web
January 29, 2016
Propaganda from the Islamic State (Isis) exists not only in the Dark Web, but is also infiltrating the familiar internet. A Wired article discusses the best case scenario to stop such information from spreading in their article Google: ISIS must be ‘contained to the Dark Web’. Google describes ISIS only existing in the Dark Web as success. This information helps explain why,
“As Isis has become more prominent in Syria and Iraq, social media, alongside traditional offline methods, have have been used to spread the group’s messages and recruit members. In 2014 analysis of the group’s online activity showed that they routinely hijack hashtags, use bots, and post gruesome videos to Twitter, Facebook, and YouTube. The UK’s internet counter terrorism unit claims to remove 1,000 illegal pieces of terrorism related content from the internet each week — it says that roughly 800 of these are to do with Syria and Iraq. The group claims in the 12 months before June 2012 that 39,000 internet takedowns were completed.”
The director of Google Ideas is quoted as describing ISIS’ tactics ranging from communication to spamming to typical email scams; he explains they are not “tech-savy.” Unfortunately, tech chops is not a requirement for effective marketing, so the question still remains whether containing this group and their messages to the Dark Web is possible — and whether that means success with growing numbers of people using the Dark Web.
Megan Feil, January 29, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Anonymity Not Always Secured for Tor and Dark Web Users
January 28, 2016
From the Washington Post comes an article pertinent to investigative security technologies called This is how the government is catching people who use child porn sites. This piece outlines the process used by the FBI to identify a Tor user’s identity, despite the anonymity Tor provides. The article explains how this occurred in one case unmasking the user Pewter,
“In order to uncover Pewter’s true identity and location, the FBI quietly turned to a technique more typically used by hackers. The agency, with a warrant, surreptitiously placed computer code, or malware, on all computers that logged into the Playpen site. When Pewter connected, the malware exploited a flaw in his browser, forcing his computer to reveal its true Internet protocol address. From there, a subpoena to Comcast yielded his real name and address.”
Some are concerned with privacy of the thousands of users whose computers are also hacked in processes such as the one described above. The user who was caught in this case is arguing the government’s use of such tools violated the Fourth Amendment. One federal prosecutor quoted in the article describes the search processes used in this case as a “gray area in the law”. His point, that technology is eclipsing the law, is definitely one that deserves more attention from all angles: the public, governmental agencies, and private companies.
Megan Feil, January 28, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Trust and Security Lessons Offered by the Dark Web
January 27, 2016
Spreading lessons about trust is not what most people think when they think of the drug dealers, hackers and cyber criminals of the Dark Web, but an article from Medium begs to differ. Let’s hear it for the bad guys: What the Dark Web can teach us about trust focuses on the idea that these “bad guys” are successfully and efficiently making transactions, ultimately based on trust. The article states:
“Crucially, they offer the same kind of reliability of experience rather than ripping people off, thus creating a sustainable business model. Transactions are made using digital currency Bitcoin and are recorded and verified through a distributed public ledger called the block chain. In this way, such sites build trust by offering a straightforward transaction built on transparency, albeit achieved with complete anonymity.”
This trust may be seen as missing from many internet sites where collection of personal data is the price of admission; the Dark Web offers an alternative with the promise of information not being tracked. Ironically, the issue of information being collected, albeit through other means, and sold through channels in the Dark Web means the problem of security is not eradicated.
Megan Feil, January 27, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
-
- Subscribe to Beyond Search
Feature archive
News archive
-
