Law Enforcement Utilizes New and Traditional Methods for Dark Web Matters
September 15, 2016
While the Dark Web may be thought of as a home to drug dealers, several individuals have been apprehended by law enforcement. Edinburgh News published a report: FBI Helps Catch Edinburgh Man Selling Drugs on ‘Dark Web’. David Trail was convicted for creating a similar website to eBay, but on the Dark Web, called Topix2. Stolen credit card information from his former employer, Scotweb were found in the search of his home. The article states,
Detective Inspector Brian Stuart, of the Cybercrime Unit, said: ‘Following information from colleagues in FBI, Germany’s West Hessen Police and the UK’s National Crime Agency, Police Scotland identified David Trail and his operation and ownership of a hidden website designed to enable its users to buy and sell illegal drugs anonymously and beyond the reach of law enforcement. His targeting of a previous employer, overcoming their security, almost had a devastating effect on the company’s ability to remain in business.
As this piece notes, law enforcement used a combination of new and traditional policing techniques to apprehend Trail. Another common practice we have been seeing is the cooperation of intelligence authorities across borders — and across levels of law enforcement. In the Internet age this is a necessity, and even more so when the nature of the Dark Web is taken into account.
Megan Feil, September 15, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
There is a Louisville, Kentucky Hidden Web/Dark Web meet up on September 27, 2016.
Information is at this link: https://www.meetup.com/Louisville-Hidden-Dark-Web-Meetup/events/233599645/
Cairo Authorities Perform Bitcoin Sting
September 8, 2016
Egyptian authorities refuse to let a 30-year-old dentist get away with trading in digital currency, despite there being no law on the books to prohibit the practice. The Merkle informs us, “Egyptian Dentist Apprehended in Bitcoin Sting Operation in Cairo.” Reporter Traderman reveals:
According to today’s post on the facebook page of The Ministry of the Interior, Mr. Ahmed was captured with $13,900 in cash, as well as a cellular phone and a smart tablet that were used in the trading operation. Authorities setup Ahmed by contacting him about a potential deal on LocalBitcoins, where Ahmed was selling the digital currency for $570 per coin.
The investigation was carried out with the cooperation of the Cairo Department of Public Safety and the Cairo Security Directorate. Mr. Ahmed has apparently confessed to trading bitcoin, but it is unclear what specific law Mr. Ahmed was breaking, as there are no regulations on digital currencies in Egypt.
The write-up tells us manufacturer AMECO, based in Cairo, has been accepting bitcoin apparently unmolested since 2014. Traderman also notes that, as of their writing, about seven Egyptian bitcoin vendors operating on LocalBitcoins, all of whom seem to be running modest operations. It will be interesting to see whether law-enforcement continues to crack down on bitcoin within their borders, and, if so, what justification authorities may offer. Perhaps they will go so far as to pass a law.
Cynthia Murrell, September 8, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
There is a Louisville, Kentucky Hidden Web/Dark Web meet up on September 27, 2016.
Information is at this link: https://www.meetup.com/Louisville-Hidden-Dark-Web-Meetup/events/233599645/
Public Opinion of Dark Web May Match Media Coverage
June 17, 2016
A new survey about the Dark Web was released recently. Wired published an article centered around the research, called Dark Web’s Got a Bad Rep: 7 in 10 People Want It Shut Down, Study Shows. Canada’s Center for International Governance Innovation surveyed 24,000 people in 24 countries about their opinion of the Dark Web. The majority of respondents, 71 percent across all countries and 72 percent of Americans, said they believed the “dark net” should be shut down. The article states,
“CIGI’s Jardine argues that recent media coverage, focusing on law enforcement takedowns of child porn sites and bitcoin drug markets like the Silk Road, haven’t improved public perception of the dark web. But he also points out that an immediate aversion to crimes like child abuse overrides mentions of how the dark web’s anonymity also has human rights applications. ‘There’s a knee-jerk reaction. You hear things about crime and its being used for that purpose, and you say, ‘let’s get rid of it,’’ Jardine says.”
We certainly can attest to the media coverage zoning in on the criminal connections with the Dark Web. We cast a wide net tracking what has been published in regards to the darknet but many stories, especially those in mainstream sources emphasize cybercrime. Don’t journalists have something to gain from also publishing features revealing the aspects the Dark Web that benefit investigation and circumvent censorship?
Megan Feil, June 17, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Considering an Epistemology of the Dark Web
May 31, 2016
The comparisons of Nucleus to Silk Road are rolling in. An article from Naked Security by Sophos recently published Dark Web marketplace “Nucleus” vanishes – and no one knows why. This piece echoes the questions those following this story have wondered. Was it attacked by ransomware? Maybe they were busted? The article also offers the low-down on how Tor works to explain why accurate investigations into the Dark Web are challenging. We learned,
“That’s why Tor also supports so-called hidden services, which have special URLs ending .onion, where your anonymised network requests are not only bounced around inside the Tor network, but also processed and answered from inside Tor. This makes it hard to find the servers behind a hidden service, which in turn makes it hard to block that service, even if it’s clearly breaking the law by selling firearms improperly or trafficking in illegal drugs. This, in turn, means it’s hard to measure what’s really going on in the Dark Web, and how many underground marketplaces exist to bring buyers and sellers together.”
We found it refreshing this piece reiterated how data about the Dark Web is not easy to pinpoint. From several tens of thousands of Dark Web sites to much lower counts, many cybersecurity groups and researchers seem certain they have the right number. But to continue on the endless hypotheses train related to the nucleus disappearance, we’ll weigh in. Maybe law enforcement outside the US operated the site? Just a thought.
Megan Feil, May 31, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Local News Station Produces Dark Web Story
April 22, 2016
The Dark Web continues to emerge as a subject of media interest for growing audiences. An article, Dark Web Makes Illegal Drug, Gun Purchases Hard To Trace from Chicago CBS also appears to have been shared as a news segment recently. Offering some light education on the topic, the story explains the anonymity possible for criminal activity using the Dark Web and Bitcoin. The post describes how these tools are typically used,
“Within seconds of exploring the deep web we found over 15,000 sales for drugs including heroin, cocaine and marijuana. In addition to the drugs we found fake Illinois drivers licenses, credit card and bank information and dangerous weapons. “We have what looks to be an assault rifle, AK 47,” said Petefish. That assault rifle AK 47 was selling for 10 bitcoin which would be about $4,000. You can buy bitcoins at bitcoin ATM machines using cash, leaving very little trace of your identity. Bitcoin currency along with the anonymity and encryption used on the dark web makes it harder for authorities to catch criminals, but not impossible.”
As expected, this piece touches on the infamous Silk Road case along with some nearby cases involving local police. While the Dark Web and cybercrime has been on our radar for quite some time, it appears mainstream media interest around the topic is slowly growing. Perhaps those with risk to be affected, such as businesses, government and law enforcement agencies will also continue catching on to the issues surrounding the Dark Web.
Megan Feil, April 22, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Organized Cybercrime Continues to Evolves
March 10, 2016
In any kind of organized crime, operations take place on multiple levels and cybercrime is no different. A recent article from Security Intelligence, Dark Web Suppliers and Organized Cybercrime Gigs, describes the hierarchy and how the visibility of top-level Cybercrime-as-a-Service (CaaS) has evolved with heightened scrutiny from law enforcement. As recently as a decade ago, expert CaaS vendors were visible on forums and underground boards; however, now they only show up to forums and community sites typically closed to newcomers and their role encompasses more expertise and less information sharing and accomplice-gathering. The article describes their niche,
“Some of the most popular CaaS commodities in the exclusive parts of the Dark Web are the services of expert webinjection writers who supply their skills to banking Trojan operators.
Webinjections are code snippets that financial malware can force into otherwise legitimate Web pages by hooking the Internet browser. Once a browser has been compromised by the malware, attackers can use these injections to modify what infected users see on their bank’s pages or insert additional data input fields into legitimate login pages in order to steal information or mislead unsuspecting users.”
The cybercrime arena shows one set of organized crime professionals, preying on individuals and organizations while simultaneously being sought out by organized cyber security professionals and law enforcement. It will be most interesting to see how collisions and interactions between these two groups will play out — and how that shapes the organization of their rings.
Megan Feil, March 10, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
The UK Government Invests in Secure Startups
February 15, 2016
The UK has been criticized as being one of the most invasive countries when it comes to monitoring individuals and having security cameras everywhere, even on garbage cans. While the question, “how much is too much?” runs around people’s heads, there is also a concern about the lax of security developments. The UK is much like its former colony the United States in that is interested in beefing up security technology InfoSecurity says in the article, “Government Start-up Support Creates A ‘Very Exciting Time.’”
Government support for UK security tech start-ups is one of the main driving forces in the industry. It demonstrates that the UK government is invested in advancing new ideas and help new companies get the leg up they need to develop the best possibly product before it is delivered to a bigger market. It also proves that the government is taking cybersecurity as a very serious risk that needs bolstering to counteract actions taken by terrorists and rogue nations.
“This week, the UK government announced a £250,000 Early Stage Accelerator Programme to help start-ups in the space get advice, support and funding to develop their products and services and bring them to market. It will be run by Cyber London—described as “Europe’s first cybersecurity accelerator and incubator space”—and the Centre for Secure Information Technologies (CSIT) at Queen’s University Belfast.”
While venture corporations are usually the first place start-ups turn to for investments, the government plays a crucial role in regulating the technology and helping companies grow beyond their initial roots. It also allows the new security start-ups to make important connections with the right government officials to build strategic relationships.
It is wonderful that western governments are taking cyber threats more seriously and take preemptive action against dangerous threats. It would be even better if smaller law enforcement agencies at the city and state level in the US were more capable of handling cyber attacks.
Whitney Grace, February 15, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Hackers Revive Dark Web Forum Called Hell
February 8, 2016
After personal details of over four million Adult Friend Finder users was found on the Dark Web site called Hell, this notorious internet hacking forum was shut down by authorities around July 2015. Reported by Instant Tricks, an article Hell is back with Hell Reloaded on the Dark Web explains Hell is currently accessible again on the Dark Web. The article states,
“The exact date of the website’s returning on-line is troublesome to determine, for the posts don’t have a date next to them for security functions. However, judgement by the quantity of posts, it’s honest to mention that the web site came back simply over every week past. Hell is a web portal on the Dark internet that’s employed by hackers everywhere the globe to share their hacking tricks moreover as transfer and post taken knowledge.”
Hell is one of the world’s largest hacking forums on the Dark Web and, as such, is difficult to imagine the site will ever kick the bucket. Interestingly, in its re-emergence, it has been rendered with the same branding as if nothing had changed. “Stephen E Arnold’s Dark Web Notebook” describes this Dark Web resource. We recommend this read for security, law enforcement and information technology officials as these industries’ landscapes evolve due to the enduring presence of sites like Hell on the Dark Web.
Megan Feil, February 08, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Europol and FireEye Are Fighting Digital Crime
September 15, 2015
The Internet is a hotbed for crime and its perpetrators and Europol is one of the main organizations that fights it head on. One the problems that Europol faces is the lack of communication between law enforcement agencies and private industry. In a landmark agreement that will most likely be followed by others, The Inquirer reports “Europol and FireEye Have Aligned To Fight The International Cyber Menace.”
FireEye and Eurpol have signed a Memorandum of Understanding (MoU) where they will exchange information, so law enforcement agencies and private industry will be able to share information in an effort to fight the growing prevalence of cyber crime. Europol is usually the only organization that disseminates information across law enforcement agencies. FireEye is eager to help open the communication channels.
” ‘The threat landscape is changing every day and organizations need to stay one step ahead of the attackers,’ said Richard Turner, president for EMEA at FireEye. ‘Working with Europol means that, as well as granting early access to FireEye’s threat intelligence, FireEye will be able to respond to requests for assistance around threats or technical indicators of compromise in order to assist Europol in combating the ever increasing threat from cyber criminals.’ ”
The MoU will allow for exchange of information about cyber crime to aid each other in prevention and analyze attach methods. The Inquirer, however, suspects that information will only be shared one way. It does not explain which direction, though. The MoU is going to be a standard between Big Data companies and law enforcement agencies. Law enforcement agencies are notorious for being outdated and understaffed; relying on information and software from private industry will increase cyber crime prevention.
Whitney Grace, September 15, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Content Matching Helps Police Bust Dark Web Sex Trafficking Ring
September 4, 2015
The Dark Web is not only used to buy and sell illegal drugs, but it is also used to perpetuate sex trafficking, especially of children. The work of law enforcement agencies working to prevent the abuse of sex trafficking victims is detailed in a report by the Australia Broadcasting Corporation called “Secret ‘Dark Net’ Operation Saves Scores Of Children From Abuse; Ringleader Shannon McCoole Behind Bars After Police Take Over Child Porn Site.” For ten months, Argos, the Queensland, police anti-pedophile taskforce tracked usage on an Internet bulletin board with 45,000 members that viewed and uploaded child pornography.
The Dark Web is notorious for encrypting user information and that is one of the main draws, because users can conduct business or other illegal activities, such as view child pornography, without fear of retribution. Even the Dark Web, however, leaves a digital trail and Argos was able to track down the Web site’s administrator. It turned out the administrator was an Australian childcare worker who had been sentenced to 35 years in jail for sexually abusing seven children in his care and sharing child pornography.
Argos was able to catch the perpetrator by noticing patterns in his language usage in posts he made to the bulletin board (he used the greeting “hiya”). Using advanced search techniques, the police sifted through results and narrowed them down to a Facebook page and a photograph. From the Facebook page, they got the administrator’s name and made an arrest.
After arresting the ringleader, Argos took over the community and started to track down the rest of the users.
” ‘Phase two was to take over the network, assume control of the network, try to identify as many of the key administrators as we could and remove them,’ Detective Inspector Jon Rouse said. ‘Ultimately, you had a child sex offender network that was being administered by police.’ ”
When they took over the network, the police were required to work in real-time to interact with the users and gather information to make arrests.
Even though the Queensland police were able to end one Dark Web child pornography ring and save many children from abuse, there are still many Dark Web sites centered on child sex trafficking.
Whitney Grace, September 4, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
-
- Subscribe to Beyond Search
Feature archive
News archive
-
