Dark Web Drug Sales Go on Despite One Marketplace Down

June 16, 2016

Another Dark Web drug marketplace has gone offline, at least for now. Vice’s Motherboard published an article that reports on this incident and offers insight into its larger implications in their piece, Dark Web Market Disappears, Users Migrate in Panic, Circle of Life Continues. Nucleus market mostly sold illegal drugs such as cocaine and cannabis. Now, the site is unresponsive and has made no announcements regarding downtime or a return. The article hypothesizes about why Nucleus is down,

“At the moment, it’s not totally clear why Nucleus’s website is unresponsive. It could be an exit scam—a scam where site administrators stop allowing users to withdraw their funds and then disappear with the stockpile of bitcoins. This is what happened with Evolution, one of the most successful marketplaces, in March 2015. Other examples include Sheep Marketplace, from 2013, and more recently BlackBank Market. Perhaps the site was hacked by a third party. Indeed, Nucleus claimed to be the targetof a financially motivated attack last year. Or maybe the administrators were arrested, or the site is just suffering some downtime.”

The Dark Web poses an interesting case study around the concept of a business lifecycle. As the article suggests, this graph reveals the brief, and staggered, lifetimes of dark web marketplaces. Users know they will be able to find their favorite vendors selling through other channels. It appears the show, and the sales, must go on.

Megan Feil, June 16, 2016

Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

Written by Stephen E. Arnold · Filed Under Dark Web, ECommerce, Marketing, News, Security | Comments Off on Dark Web Drug Sales Go on Despite One Marketplace Down

Newly Launched Terbium Software to Monitor Dark Web for Enterprise

April 11, 2016

Impacting groups like Target to JP Morgan Chase, data breaches are increasingly common and security firms are popping up to address the issue. The article Dark Web data hunter Terbium Labs secures $6.4m in fresh funding from ZDNet reports Terbium Labs received $6.4 million in Series A funding. Terbium Labs released software called Matchlight which provides real-time surveillance of the Dark Web and alerts enterprises when their organization’s data surfaces. Consumer data, sensitive company records, and trade secrets are among the types of data for which enterprises are seeking protection. We learned,

“Earlier this month, cloud security firm Bitglass revealed the results of an experiment focused on how quickly stolen data spreads through the Dark Web. The company found that within days, financial credentials leaked to the underground spread to 30 countries across six continents with thousands of users accessing the information.”

While Terbium appears to offer value for stopping a breach once it’s started, what about preventing such breaches in the first place? Perhaps there are opportunities for partnerships with Terbium and players in the prevention arena. Or, then again, maybe companies will buy piecemeal services from individual vendors.

Megan Feil, April 11, 2016

Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

Written by Stephen E. Arnold · Filed Under Dark Web, Enterprise, Financial, Investment, News, Search, Security, Technology | Comments Off on Newly Launched Terbium Software to Monitor Dark Web for Enterprise

Dark Web Drug Trade Unfazed by Law Enforcement Crackdowns

September 3, 2015

When Silk Road was taken down in 2013, the Dark Web took a big hit, but it was only a few months before black marketers found alternate means to sell their wares, including illegal drugs. The Dark Web provides an anonymous and often secure means to purchase everything from heroin to prescription narcotics with, apparently, few worries about the threat of prosecution. Wired explains that “Crackdowns Haven’t Stopped The Dark Web’s $100M Yearly Drug Sale,” proving that if there is a demand, the Internet will provide a means for illegal sales.

In an effort to determine if the Dark Web have grown to declined, Carnegie Mellon researchers Nicolas Cristin and Kyle Soska studied thirty-five Dark Web markets from 2013 to January 2015. They discovered that the Dark Web markets are no longer explosively growing, but the market has remained stable fluctuating from $100 million to $180 million a year.

The researchers concluded that the Dark Web market is able to survive any “economic” shifts, including law enforcement crackdowns:

“More surprising, perhaps, is that the Dark Web economy roughly maintains that sales volume even after major disasters like thefts, scams, takedowns, and arrests. According to the Carnegie Mellon data, the market quickly recovered after the Silk Road 2 market lost millions of dollars of users’ bitcoins in an apparent hack or theft. Even law enforcement operations that remove entire marketplaces, as in last year’s purge of half a dozen sites in the Europol/FBI investigation known as Operation Onymous, haven’t dropped the market under $100 million in sales per year.”

Cristin and Soska’s study is the most comprehensive to measure the size and trajectory of the Dark Web’s drug market. Their study ended prematurely, because two Web sites grew so big that the researchers’ software wasn’t able to track the content. Their study showed that most Dark Web vendors are using more encryption tools, they make profits less $1000, and they are mostly selling MDMA and marijuana.

Soska and Cristin also argue that the Dark Web drug trade decreases violence in the retail drug trade, i.e. it keeps the transactions digital than having there be more violence on the streets. They urge law enforcement officials to rethink shutting down the Dark Web markets, because it does not seem to have any effect.

Whitney Grace, September 3, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

Written by Stephen E. Arnold · Filed Under Dark Web, Data, Marketing, News, Search, Security | Comments Off on Dark Web Drug Trade Unfazed by Law Enforcement Crackdowns

Insight Into the Zero-Day Vulnerability Business

August 14, 2015

An ironic security breach grants a rare glimpse into the workings of an outfit that sells information on security vulnerabilities, we learn from “Hacking Team: a Zero-Day Market Case Study” at Vlad Tsyrklevich’s blog. Software weak spots have become big business. From accessing sensitive data to installing secret surveillance software, hackers hunt for chinks in the armor and sell that information to the highest (acceptable) bidder. It seems to be governments, mostly, that purchase this information, but corporations and other organizations can be in the market, as well. The practice is, so far, perfectly legal, and vendors swear they only sell to the good guys. One of these vulnerability vendors is Italian firm Hacking Team, known for its spying tools. Hacking Team itself was recently hacked, its email archives exposed.

Blogger Vlad Tsyrklevich combs the revealed emails for information on the market for zero-day (or 0day) vulnerabilities. These security gaps are so named because once the secret is out, the exposed party has “zero days” to fix the vulnerability before damage is done. Some may find it odd just how prosaic the procedure for selling zero-days appears. The article reveals:

“Buyers follow standard technology purchasing practices around testing, delivery, and acceptance. Warranty and requirements negotiations become necessary in purchasing a product intrinsically predicated on the existence of information asymmetry between the buyer and the seller. Requirements—like targeted software configurations—are important to negotiate ahead of time because adding support for new targets might be impossible or not worth the effort. Likewise warranty provisions for buyers are common so they can minimize risk by parceling out payments over a set timeframe and terminating payments early if the vulnerability is patched before that timeframe is complete. Payments are typically made after a 0day exploit has been delivered and tested against requirements, necessitating sellers to trust buyers to act in good faith. Similarly, buyers purchasing exploits must trust the sellers not to expose the vulnerability or share it with others if it’s sold on an exclusive basis.”

The post goes on to discuss pricing, product reliability, and the sources of Hacking Team’s offerings. Tsyrklevich compiles specifics on dealings between Hacking Team and several of its suppliers, including the companies Netragard, Qavar, VUPEN, Vulnerabilities Brokerage International, and COSEINC, as well as a couple of freelancing individuals. See the article for more on each of these (and a few more under “miscellaneous”). Tsyrklevich notes that, though the exposure of Hacking Team’s emails has prompted changes to the international export-control agreement known as the Wassenaar Arrangement, the company itself seems to be weathering the exposure just fine. In fact, their sales are reportedly climbing.

Cynthia Murrell, August 14, 2015

Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

Written by Stephen E. Arnold · Filed Under Dark Web, Data, ECommerce, News, Security | Comments Off on Insight Into the Zero-Day Vulnerability Business

Search the site
Subscribe to Beyond Search
Feature archive
News archive

Stephen E. Arnold monitors search, content processing, text mining and related topics from his high-tech nerve center in rural Kentucky. He tries to winnow the goose feathers from the giblets. He works with colleagues worldwide to make this Web log useful to those who want to go "beyond search". Contact him at sa [at] arnoldit.com. His Web site with additional information about search is arnoldit.com.