Automated Tools for Dark Web Data Tracking
September 15, 2016
Naturally, tracking stolen data through the dark web is a challenge. Investigators have traditionally infiltrated chatrooms and forums in the effort—a tedious procedure with no guarantee of success. Now, automated tools may give organizations a leg up, we learn from the article, “Tools to Track Stolen Data Through the Dark Web” at GCN. Reporter Mark Pomerleau informs us:
“The Department of Veterans Affairs last month said it was seeking software that can search the dark web for exploited VA data improperly outside its control, distinguish between VA data and other data and create a ‘one-way encrypted hash’ of VA data to ensure that other parties cannot ascertain or use it. The software would also use VA’s encrypted data hash to search the dark web for VA content. We learned:
Some companies, such as Terbium Labs, have developed similar hashing technologies. ‘It’s not code that’s embedded in the data so much as a computation done on the data itself,’ Danny Rogers, a Terbium Labs co-founder, told Defense One regarding its cryptographic hashing. This capability essentially enables a company or agency to recognize its stolen data if discovered. Bitglass, a cloud access security broker, uses watermarking technology to track stolen data. A digital watermark or encryption algorithm is applied to files such as spreadsheets, Word documents or PDFs that requires users to go through an authentication process in order to access it.
We’re told such watermarks can even thwart hackers trying to copy-and-paste into a new document, and that Bitglass tests its tech by leaking and following false data onto the dark web. Pomerleau notes that regulations can make it difficult to implement commercial solutions within a government agency. However, government personnel are very motivated to find solutions that will allow them to work securely outside the office.
The article wraps up with a mention of DARPA’s Memex search engine, designed to plumb the even-more-extensive deep web. Law enforcement is currently using Memex, but the software is expected to eventually make it to the commercial market.
Cynthia Murrell, September 15, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
There is a Louisville, Kentucky Hidden Web/Dark Web meet up on September 27, 2016.
Information is at this link: https://www.meetup.com/Louisville-Hidden-Dark-Web-Meetup/events/233599645/
Law Enforcement Utilizes New and Traditional Methods for Dark Web Matters
September 15, 2016
While the Dark Web may be thought of as a home to drug dealers, several individuals have been apprehended by law enforcement. Edinburgh News published a report: FBI Helps Catch Edinburgh Man Selling Drugs on ‘Dark Web’. David Trail was convicted for creating a similar website to eBay, but on the Dark Web, called Topix2. Stolen credit card information from his former employer, Scotweb were found in the search of his home. The article states,
Detective Inspector Brian Stuart, of the Cybercrime Unit, said: ‘Following information from colleagues in FBI, Germany’s West Hessen Police and the UK’s National Crime Agency, Police Scotland identified David Trail and his operation and ownership of a hidden website designed to enable its users to buy and sell illegal drugs anonymously and beyond the reach of law enforcement. His targeting of a previous employer, overcoming their security, almost had a devastating effect on the company’s ability to remain in business.
As this piece notes, law enforcement used a combination of new and traditional policing techniques to apprehend Trail. Another common practice we have been seeing is the cooperation of intelligence authorities across borders — and across levels of law enforcement. In the Internet age this is a necessity, and even more so when the nature of the Dark Web is taken into account.
Megan Feil, September 15, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
There is a Louisville, Kentucky Hidden Web/Dark Web meet up on September 27, 2016.
Information is at this link: https://www.meetup.com/Louisville-Hidden-Dark-Web-Meetup/events/233599645/
Intuitive Interfaces Matter on Dark Web Sites Too
September 1, 2016
Did you know some sites on the Dark Web have a sleek look and intuitive user experience? VeriClouds published this information, including screenshots and more in a piece called Dark Web: Sophisticated eCommerce platform trading in your personal information. Channels for cybercriminals allow users to search for Dark Web commodities such as personal or sensitive information by: category, product type, price, sale type, location and shipping options. Mirroring the processes and policies of traditional retail, some sellers also have refund options. The article states:
Platforms like these are so much more than just rudimentary command line setups or chat rooms. They offer many of the same features as online stores like Amazon or Ebay with vendor ratings, buyer feedback, detailed search options and facilitated transaction and delivery services. Collections of data are presented with detailed descriptions (similar to an ecommerce product pages), and some even provide tutorials on how to best utilize that data to scam victims.
On one level, this report shows us how much an intuitive user experience has become the expectation, not an added bonus — anywhere on the web. Related to this heightened expectation for even intangible “things” to have an effective look and feel, we are reminded this is the information age. As information is a commodity, it is no surprise to see the rise in cyber theft of such invisible goods on the Dark Web or otherwise. For example, as the article mentioned, last year’s estimate by the Federal Trade Commission showed 9.9 million victims of identity theft.
Megan Feil, September 1, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Another Day Another Possible Data Breach
August 19, 2016
Has the next Ashley Madison incident happened? International Business Times reports on breached information that has surfaced on the Dark Web. The article, Fling.com breach: Passwords and sexual preferences of 40 million users up for sale on dark web, sheds some light on what happened in the alleged 40 million records posted on the The Real Deal marketplace. One source claims the leaked data was old information. Another source reports a victim who says they never had an account with Fling.com. The article states,
“The leak is the latest in a long line of dating websites being targeted by hackers and follows similar incidents at Ashley Madison, Mate1, BeautifulPeople and Adult Friend Finder. In each of these cases, hundreds of thousands – if not millions – of sensitive records were compromised. While in the case of Ashley Madison alone, the release of information had severe consequences – including blackmail attempts, high-profile resignations, and even suicide. Despite claims the data is five years old, any users of Fling.com are now advised to change their passwords in order to stay safe from future account exploitation.”
Many are asking about the facts related to this data breach on the Dark Web — when it happened and if the records are accurate. We’re not sure if it’s true, but it is sensational. The interesting aspect of this story is in the terms of service for Fling.com. The article reveals Fling.com is released from any liability related to users’ information.
Megan Feil, August 19, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
There is a Louisville, Kentucky Hidden /Dark Web meet up on August 23, 2016.
Information is at this link: https://www.meetup.com/Louisville-Hidden-Dark-Web-Meetup/events/233019199/
No Dark Web Necessary
August 11, 2016
Do increased Facebook restrictions on hate speech and illegal activity send those users straight to the Dark Web? From The Atlantic comes and article entitled, American Neo-Nazis Are on Russia’s Facebook, which hints that is not always the case. This piece explains that location of an online group called “United Aryan Front” moved from Facebook to a Russia’s version of Facebook: VKontakte. The article describes a shift to cyber racism,
The move to VK is part of the growing tendency of white supremacists to interact in online forums, rather than through real-life groups like the KKK, according to Heidi Beirich, director of the Southern Poverty Law Center’s anti-terror Intelligence Project. Through the early 2000s, skinheads and other groups would host dozens of events per year with hundreds of attendees, she says, but now there are only a handful of those rallies each year. “People online are talking about the same kinds of things that used to happen at the rallies, but now they’re doing it completely through the web,” she said.
It is interesting to consider the spaces people choose, or are forced into, for conducting ill-intentioned activities. Even when Facebook cracks down on it, hate speech amongst other activities is not relegated solely to the Dark Web. While organized online hate speech analogous to rallies may be experiencing a surge in the online world, rallies are not the only avenue for real-world racism. At the core of this article, like many we cover on the Dark Web, is a question about the relationship between place and malicious activity.
Megan Feil, August 11, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
There is a Louisville, Kentucky Hidden/Dark Web meet up on August 23, 2016.
Information is at this link: https://www.meetup.com/Louisville-Hidden-Dark-Web-Meetup/events/233019199/
The Reach of Cyber Threat Intelligence Companies
August 10, 2016
The social media monitoring complex appears to be gaining a follower. LittleSis News shared an article highlighting their investigative findings, You are being followed: The business of social media surveillance. This post not only reveals the technology companies engaged in surveillance and developing tools for surveillance, those at LittleSis News also filed freedom of information requests to twenty police departments about their social media monitoring. The article concludes with,
“Because social media incites within us a compulsion to share our thoughts, even potentially illegal ones, law enforcement sees it as a tool to preempt behavior that appears threatening to the status quo. We caught a glimpse of where this road could take us in Michigan, where the local news recently reported that a man calling for civil unrest on Facebook because of the Flint water crisis was nearly the target of a criminal investigation. At its worst, social media monitoring could create classes of “pre-criminals” apprehended before they commit crimes if police and prosecutors are able to argue that social media postings forecast intent. This is the predictive business model to which Geofeedia CEO Phil Harris aspires.”
In addition to Geofeedia, the other cyber threat intelligence companies listed are: BrightPlanet, ZeroFOX, Intrado, LifeRaft, Magnet Forensics, Media Sonar Technologies, Signal Corporation Limited. These companies specialize in everything from analyzing deep web content to digital forensics software. Ultimately data is their specialty, not people. These technologies and their applications will undoubtedly stir up questions about the relationship between people, the data they produce on social media, and state actors.
Megan Feil, August 10, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
There is a Louisville, Kentucky Hidden/Dark Web meet up on August 23, 2016.
Information is at this link: https://www.meetup.com/Louisville-Hidden-Dark-Web-Meetup/events/233019199/
Dark Web Purchases Potentially More Challenging Than Media Portrays
August 8, 2016
German TV journalists recently discovered acquiring weapons on the Dark Web may be more challenging than media coverage suggests. Vice’s Motherboard published an article on this called TV Journalists Try Buying AK-47 on Dark Web, Fail. Producers for German channel ARD, working for a show “Fear of terror—how vulnerable is Germany” lost about $800 in bitcoin during the attempted transaction through a middleman. We learned,
“It’s not totally clear if this was because the seller wasn’t legitimate, or whether the package had been intercepted. Regardless, this shouldn’t be much of a surprise: The dark web gun trade is rife with scammers. One con-artist previously told Motherboard he would ask legal sellers to send him photos of weapons next to a piece of paper with his username. From here, he would “just send a bag of sugar,” when an order came in. And undercover law enforcement agents also sell weapons in order to identify potential customers.”
Motherboard is careful to reference cases of successful Dark Web gun sales. Not that readers would be so quick to assume guns cannot be easily purchased on the Dark Web after seeing numerous media coverage that is the case. For the average reader, is the knowledge of the Dark Web from media or personal experience? We see a lot of articles reporting number of web sites that exist, perhaps because of the inability to accurately report a number of users on the Dark Web. While that may not be retrievable, perhaps the number of Tor downloads may be.
Megan Feil, August 8, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
There is a Louisville, Kentucky Hidden /Dark Web meet up on August 23, 2016.
Information is at this link: https://www.meetup.com/Louisville-Hidden-Dark-Web-Meetup/events/233019199/
Legal Drugs Turned Illegal Primed for Dark Web Marketplaces
August 3, 2016
A few drugs that were once able to be legally sold will be outlawed in Britain. Express released an article, Legal high dealers to be forced onto DARK WEB by blanket ban, top police officer warns, that shares the story. Several deaths were linked to substances called “spice” and “hippy crack” which led to a ban on the sales of these items. The article’s source, a police chief Commander Simon Bray, says because of the future unavailability in brick-and-mortar stores, he suspects users will turn to the Dark Web to purchase these drugs. The article tells us,
“Commander Bray of the National Police Chiefs Council added: “Clearly, there will be some movement onto the dark net. “People find it lucrative to sell substances and where people are going to buy them. But of course, it is not going to be so easy for the average person to get hold of them.” Other experts have warned the ban will just drive use and sale of the drugs into the hands of criminal gangs. Tejinder Reehal, who manages Scorpion, a shop that has sold legal highs, said: “We have seen it before with mushrooms and mcat.”
At a bigger-picture level, this story is interesting in that it is one more artifact that lends toward the perspective that illegal activity will take place on the Dark Web when it cannot take place elsewhere. This may in fact happen, but what about the illegal activity that takes place in real life outside of brick-and-mortar stores?
Megan Feil, August 9, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
There is a Louisville, Kentucky Hidden /Dark Web meet up on August 23, 2016.
Information is at this link: https://www.meetup.com/Louisville-Hidden-Dark-Web-Meetup/events/233019199/
The Web, the Deep Web, and the Dark Web
July 18, 2016
If it was not a challenge enough trying to understand how the Internet works and avoiding identity theft, try carving through the various layers of the Internet such as the Deep Web and the Dark Web. It gets confusing, but “Big Data And The Deep, Dark Web” from Data Informed clears up some of the clouds that darken Internet browsing.
The differences between the three are not that difficult to understand once they are spelled out. The Web is the part of the Internet that we use daily to check our email, read the news, check social media sites, etc. The Deep Web is an Internet sector not readily picked up by search engines. These include password protected sites, very specific information like booking a flight with particular airline on a certain date, and the TOR servers that allow users to browse anonymously. The Dark Web are Web pages that are not indexed by search engines and sell illegal goods and services.
“We do not know everything about the Dark Web, much less the extent of its reach.
“What we do know is that the deep web has between 400 and 550 times more public information than the surface web. More than 200,000 deep web sites currently exist. Together, the 60 largest deep web sites contain around 750 terabytes of data, surpassing the size of the entire surface web by 40 times. Compared with the few billion individual documents on the surface web, 550 billion individual documents can be found on the deep web. A total of 95 percent of the deep web is publically accessible, meaning no fees or subscriptions.”
The biggest seller on the Dark Web is child pornography. Most of the transactions take place using BitCoin with an estimated $56,000 in daily sales. Criminals are not the only ones who use the Dark Web, whistle-blowers, journalists, and security organizations use it as well. Big data has not even scratched the surface related to mining, but those interested can find information and do their own mining with a little digging
Whitney Grace, July 18 , 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
There is a Louisville, Kentucky Hidden Web/Dark
Web meet up on July 26, 2016.
Information is at this link: http://bit.ly/29tVKpx.
Dark Web Drug Merchant Shiny Flakes Fesses Up
July 14, 2016
Authorities know a bit more about how criminals buy and sell drugs on the dark web, thanks to the cooperation of a captured dealer. DarknetPages’ article, “Dark Web and Clearnet Drug Vendor ‘Shiny Flakes’ Confessed his Crimes,” reveals that the 20-year-old Shiny Flakes, aka Maximilian S., was found with a bevy of illegal drugs, cash, and packaging equipment in his German home. Somehow, the police eventually convinced him to divulge his methods. We learn:
“[Maximilian] actually tried to make money on the internet legally in 2013 by copying fee-based pornographic websites. The thing is that the competition was pretty strong and because of that, he abandoned his idea soon after. So instead of spending the 2 thousand EUR he had at the time on porn, he thought it would be a better idea to spend it on drugs. So he went on to purchase 30 g of cocaine and shrooms from a popular German darknet market dealer and then sold them for a higher price on the dark web….
“Shiny Flakes was really worried about the quality of the drugs he was selling and that is why he always kept an eye on forum posts and read everything that his buyers posted about them. In fact, he took things beyond the opinions on the dark web and actually sent the drugs for testing. The tests conducted were both legally and illegally, with the legal tests taking place at Spain’s Energy Control or at Switzerland’s Safer Party. However, it seems that Maximilian also got in touch with the University of Munich where his products were tested by researchers who were paid in cocaine.”
Sounds efficient. Not only was Mr. Flakes conscientious about product quality, he was also apparently a hard worker, putting in up to 16 hours a day on his business. If only he had stayed on the right side of the law when that porn thing didn’t work out. To give him credit, Flakes had every reason to think he would not be caught; he was careful to follow best practices for staying anonymous on the dark web. Perhaps it was his booming success, and subsequent hiring of associates, that led to Shiny Flakes’ downfall. Whatever the case, authorities are sure to follow up on this information.
Cynthia Murrell, July 14, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
-
- Subscribe to Beyond Search
Feature archive
News archive
-
