Deep Dot Web Surfacing The News From The DeepWeb Sun, 29 Jul 2018 21:10:50 -0300 en-US hourly 1 Bavarian Man Admits 34 Alphabay Orders in Court Sun, 29 Jul 2018 21:10:50 +0000 http://­deepdot­35w­vmeyd5­ At a court in Regensburg, Bavaria, a 20-year-old fraudster confused the court with continued confessions of crimes previously unknown to the prosecution. The young man had ordered both drugs and counterfeit currency from Alphabay vendors—information the defendant had revealed to investigators after an arrest for incitement to counterfeit money. No new charges can come from his confusing admissions of guilt. The sporadic outbursts did, however, result in a sentence of only probation and a mental health evaluation.

The case began in March 2017. At that time, though, the police had no idea they had walked into a darknet case. The defendant’s friend had been shopping at a hardware store in Regensburg and had forgotten his money. The defendant gave his friend a counterfeit euro. The shop owner recognized the fake euro note and called the police. The shop owner detained both the defendant and his friend until the police arrived.

The police discovered another fake euro note in the primary defendant’s pocket, the prosecution revealed. The police then searched the defendant’s apartment after securing a search warrant with the Public Prosecutor’s Office. At his apartment, the police found less than 20 grams of hashish; 22 grams of marijuana; almost one pound of cocaine; one gram of MDMA; three ecstasy pills; several items related to drug use or production; a gas pistol; and a laptop. They seized the drugs and allowed the then 19-year-old to bring the laptop to the police station where he could show them how to access its contents. According to one officer who served as a witness, the defendant sat down with his laptop, unlocked it, pulled up his Alphabay buyer profile, got up, and walked out of the police station without even acknowledging the presence of police. They were stunned.

They said he later returned and offered to help the police “clean up the darknet.” They said he was responsive and communicative. A completely different person than that had seen only days prior. He showed them that he had placed 34 orders on Alphabay for various drugs and several orders for counterfeit euros. He would then become completely withdrawn and unresponsive to the police. They later learned that he had a former history of mental health treatment.

In the courtroom, the 20-year-old, according to one local news outlet, spoke as if he considered his crimes “accomplishments.” He told the court that he thought very little of police and that the evidence he had hidden during the investigation had only helped reinforce his low expectations for police competency. He said that he had not only ordered the handful of counterfeit euros the police had discovered in his pocket at the hardware store; he had also ordered roughly 1,500 euros worth of fake euros. He said that he had spent them at 34 different businesses in the region. He also said that he had hidden an entire wallet filled with counterfeit euros in the hardware store before the police had arrived.

A mental health expert for the prosecution said the defendant suffered from paranoid schizophrenia. In response, the judge handed down a sentence of one year and six months probation and mandatory completion of a state sponsored therapy program.

]]> 0
Trial Date Set for Alleged Elysium Admin Sun, 29 Jul 2018 13:10:46 +0000 http://­deepdot­35w­vmeyd5­ In the District Court of Limburg in early August, the alleged administrator of the darknet child abuse forum “Elysium” will stand trial before Judge Marco Schneider for 12 days in one of the biggest child abuse cases in Germany. Three co-conspirators will be joining the alleged administrator on August 2. All three, according to the German authorities behind the Elysium takedown, had some role in the moderation or administration of the forum.

Elysium surfaced as one of the most popular child abuse forums on the darknet—in Germany, primarily—back in December 2016. By July 2017, the forum had attracted more than 87,000 members. By the forum’s takedown, users had registered more than 110,000 accounts. The number of members was not particularly surprising to German authorities; darknet child abuse forums have had hundreds of thousands of members (or member accounts). While the child abuse forum landscape is constantly changing, some forums have touched one million user accounts before vanishing or rebranding.

Spokespeople for the Central Office of the Suppression of Cybercrime (ZIT) of the Attorney General’s Office in Frankfurt, after the Elysium takedown, highlighted the rapid growth of the Elysium platform. In the few months the forum existed, law enforcement watched as thousands of new users signed up every day. (Obviously the number of accounts is not a precise measure of the number of members or even active members. Users create duplicate accounts, etc.) Some members have already pleaded guilty to committing crimes in connection with Elysium.

Prosecutors have accused the alleged owner of Elysium—a 40-year-old father from Bad Camberg—of setting up the forum from servers in his garage. Although the 40-year-old was the alleged forum owner and administrator, prosecutors claimed that a 58-year-old from the district of Tübingen had helped the administrator create the site and helped advertise the site on the darknet.

Alongside the primary defendant and his alleged partner are two men accused of aiding in the moderation of the site. All four men, according to the Prosecutor’s Office, had been sharing and distributing child abuse material in furtherance of forum popularity and for their own collections. Due to the nature of the trial and the content involved, the public will not be permitted in the courtroom for the majority of the sessions. The Federal Criminal Police Office has examined millions of files and many of the pictures and videos will be used as evidence in the hearings. A spokesperson for the district court said that viewing the content would not be a public activity for obvious reasons.

The August 2 trial will likely run for 12 days. Earlier reports suggested 11 court dates in November have already been scheduled in anticipation of the results of the August trial.

]]> 0
ORANGE AND EUROPOL SIGN MOU TO COMBAT CYBERCRIME IN EUROPE Sun, 29 Jul 2018 05:10:43 +0000 http://­deepdot­35w­vmeyd5­ As part of their strategy to combat cybercrime in Europe, Steven Wilson, Head of Europol’s European Cybercrime Centre (EC3), has signed a Memorandum of Understanding MoU with Jean-Luc Moliner, Orange Head of Group Security. The agreement is meant to ensure a smooth running of cyber security and to enhance a safe cyber environment through information sharing. According to Europol, there will be collaboration and information sharing between the two agencies on cyber threat and major attacks. Europol has engaged in similar collaborations in the past with other agencies including chainalysis in crime fighting. There have been a number of private and public agencies that have cooperated with them to fight cybercrime.

The information sharing and the cyber threat were in relation to the Orange’s area of expertise – “spam, DDoS attacks, fraud, and cyber-attacks on mobiles or banking services.” Orange is a provider of global IT and Telecommunication service mainly for multinational companies with about 202 million mobile customers worldwide. Being much aware of the need for the international cooperation on cyber threat and other crime issues, Jean-Luc Moliner expressed his satisfaction with the deal. He believes that Orange is a top player in Europe considering the availability of around 1,000 cyber security experts at their disposal.

Europol has been able to use its techniques to combat terrorism, cybercrime and other organized crimes in Europe. They have also been able to provide support to about 40,000 investigations in Europe. According to a recent report, Europol conducted a meeting to establish a darknet investigation team. Their role was to help in information sharing, operational support and to find ways of approaching the online marketplace. The persistent effort to ensure the fighting of cybercriminals forced this agreement.

Steven Wilson of Europol stressed the need for a collaboration in cyber-crime fighting as businesses and Individuals are constantly under cyber threat: “As criminals increasingly threaten citizens’ and businesses’ digital lives, it is vital for the law enforcement community to work closely with the global industry players to create a safe environment on the internet.”

He added that the technical expertise of Orange will be a great benefit to them: “I am confident that the high-level of technical expertise that Orange will bring will result in a significant benefit to our work.”

Cybercrime has been on the rise in recent years with a huge monetary loss to the world’s economy as reported by researchers. It has been revealed that cybercrime leads to $600 billion annual losses to the global economy. The fast rising cyber-crime cases have been attributed to the fast adoption of new technologies by the cyber criminals and the fast rising of internet users. According to the report entitled “Economic Impact of Cybercrime-No Slowing Down,” the huge monetary losses due to cybercrime is expanding and is easier to demand ransoms without clear traces. This is why Europol is employing all arsenals to create a cybercrime free world. As part of the strategies to fight against this crisis, the report suggested the encouragement of international law enforcement cooperation. This has been a similar tool used by Europol to fight against criminals.

Europol has been able to retrieve thousands of Euros. Not just that, they have disrupted a number of criminal activities, arrested cybercriminals and successfully become a constant threat to drug and human traffickers. They have been successful in the cyber related investigation due to their highly collaborative, intellectually stimulating, multilingual, multidisciplinary and international ways.

Data breaches in Europe have doubled in recent years from 68 per business in 2012 to 130 per business in 2017. BT also announced that it signed a Memorandum of Understanding with Europol to open ways for information sharing, essentially creating a cybercrime free environment. BT is a cyber-security business which shares cyber threat information with law enforcement agencies in a safe way to protect internet users. BT has been able to identify about 200,000 malicious domains since it was established. Europol is expected to engage in more cyber security agencies in the future to accelerate the achievement of their goal.

]]> 0
New Jersey Man Busted Cloning Credit Cards in a Hotel Room Sat, 28 Jul 2018 21:58:23 +0000 http://­deepdot­35w­vmeyd5­ A Spring Valley, New Jersey, man was arrested on several fraud charges after buying stolen credit card numbers from vendors on the darknet and then writing the numbers to magnetic strips of blank cards. His arrest, like that of another recent fraudster using stolen identities and credit cards, occurred at a hotel where he had been staying under a false ID and using a stolen credit card.

Davidson Gilot, 26, allegedly checked into a hotel in Mahwah, New Jersey, only a night prior to his July 12 arrest. When he checked into the hotel on July 11, police Chief James Batelli explained to the press, the hotel clerk had accepted his ID and credit card without any problems. Or without reporting any to the police.

Chief Batelli explained that Gilot then entered his room and worked on his so-called “complex scam.” The scam itself, really, is far from complex to anyone familiar with the work of fraudsters. But to some police forces, the darknet, bitcoin, and magnetic card encoders (or magstripe writers) are foreign concepts that only make appearances in federal cases or international law enforcement operations.

In the room, according to the police, Gilot set up a card reader, a magstripe writer, and a device that makes physical imprints on plastic cards. He had fake driver licenses that matched the identity of the original owner of the credit card. He brought blank credit cards to the hotel for the obvious purpose of writing credit card information to the magnetic strips on the back of the card. He had additionally brought blank cards he had obtained from real financial institutions such as banks and credit card agencies.

The Chief said that Detective Sgt. Kevin Hebert and Detective Michael Grassi, with the assistance of banks and financial institutions, had launched an investigation into the financial fraud. The crime that had taken place in the hotel room needed little further investigation. Other parts of the case, such as how the credit card numbers of individuals with members at New Jersey and Ohio banks ended up for sale on the dark web.

Inside the room, Gilot allegedly extracted as much information as possible from a card number using his card reader. With his gathered information, he wrote the card number to the magnetic strip of either a blank card or a bank card from an established financial institution. The blank cards from New Jersey and Ohio banks obviously received card numbers from individuals who used the banks in question. The police did not specify which banks Gilot had targeted.

At the time of his arrest, Gilot had allegedly “cloned” only credit cards. He needed more time to clone additional cards. So he attempted to pay for a second night’s stay at the hotel. The second stay required credit card verification and the card verification failed. The hotel manager called the police and an arrest was made.

Police charged Gilot with one count of possessing two or more credit card blanks; one count of forgery; one count of possession of a card press; one count of possession of a credit scanning device; and one count of marijuana possession.

]]> 0
Dealer Allegedly Pressed Xanax in Rented Beach Homes Sat, 28 Jul 2018 13:58:21 +0000 http://­deepdot­35w­vmeyd5­ The court documents for a darknet Xanax and Oxycodone vendor remain sealed, but a recent pre-trial bond hearing testimony shed some light on a drug trafficking organization with roots in South Carolina and Georgia. The bond hearing resulted in a decision unfavorable to the alleged drug dealer: U.S. Magistrate Judge Paige Gossett opted to keep the defendant in custody until his next court appearance.

U.S. Attorney Jim May argued that the man had access to bitcoin wallets of unknown value and fake identities and could easily flee the country or state in an attempt to avoid facing a potential life sentence. The defendant, according to, is currently sitting at Lexington County jail with two co-conspirators. (At the time of this article, I could not find the defendants listed in the inmate directory.)

According to Richland County Sheriff’s deputy William Cobia, Eric Hughes, 36, ran a counterfeit pill pressing operation from vacation homes on the East Coast in Hilton Head, South Carolina; the Fripp islands, South Carolina; Kiawah, South Carolina; and Tybee Island, Georgia. With assistance from his co-conspirators, Hughes allegedly rented homes, set up his pill presses, and pumped out pills. He sold the pills on the darknet while continuing the process at a different beach house.

He also imported powders from China used in the pill presses. The powders included powdered Alprazolam, powdered Oxycodone, various pill fillers, and pill binders. He had allegedly ordered nine pounds of Alprazolam and Oxycodone at a time.

The Sheriff’s deputy, Cobia, told the judge that the trio “set up their pill press in those homes and turned them into drug laboratories,” “When they were done processing, the house would be totally contaminated.” At least six rental homes received letters from the DEA that warned of contamination from the drug laboratories set up by Hughes and his two co-conspirators: Taylor Place, 24, and Willie Rice, 36.

According to Cobia, Hughes “made hundreds of thousands of pills, if not millions.” Hughes, under the TGB monicker, shipped the pills to customers throughout the United States. The DEA arrested Hughes last August after a car crash that led to pills spilling across the road. Federal agents seized the drugs, the pill presses, 150 bitcoins, and other items connected to the drug trade.

The authorities believe that Hughes has been somewhat cooperative with investigators. However, they think that he has been hiding more bitcoin in wallets investigators have not discovered. Cobia admittedly hid some Bitcoin in internet gambling website wallets. He also gave his family hundreds of thousands of dollars in both cash and cryptocurrency. At the end of the hearing, U.S. Magistrate Judge Paige Gossett denied bail for all three suspected drug dealers. They all face charges of drug distribution and endangering lives through drug distribution.

]]> 1
Dream Vendor ‘Mr Drug Commander’ Admits Drug Trafficking Sat, 28 Jul 2018 05:58:17 +0000 http://­deepdot­35w­vmeyd5­ Late last year, the German Federal Criminal Police Office announced the arrest of a so-called “top vendor” who, according to an official press release, had been selling methamphetamine, ecstasy, and other drugs on the now-defunct Hansa darknet market and Dream market. The vendor now faces a week long trial in a court in Coburg for the large scale and commercial trafficking of narcotics.

The 30-year-old man, a citizen of the Netherlands, admitted selling drugs on darknet markets under the usernames “mrdrogenkommandant” and “drogenfahndung”. Mr. Drug Commander, a name the media really took a liking to, admitted selling hundreds of kilograms of drugs to buyers across the globe. However, a significant number of his customers lived in Germany. And, in an effort to evade law enforcement in the Netherlands, the employed a significant number of “young people” who drove packages of drugs from the Netherlands post offices in Germany.

The Federal Criminal Police Office (BKA) had learned of these trips. With assistance from law enforcement in the cities where the co-conspirators had previously dropped off packages, the BKA apprehended the “young people” after they had crossed into Germany but before they had mailed any packages. In total, they had arrested six co-conspirators. All six, investigators revealed, provided information vital to the arrest and prosecution of the primary defendant.

The Public Prosecutor’s Office of Coburg focused on two parts of the crimes the 30-year-old had already confessed he had committed: the drugs the “young people” carried into Germany and the drugs discovered at the man’s apartment. The police only charged him with the drugs seized from his co-conspirators or drugs linked immediately back to them. The co-conspirators, at the time of their arrests, had a total of 42 kilograms of drugs in their possession. Marijuana was the majority of the weight.

At his apartment, the police discovered 80 kilograms of drugs. His apartment contained mostly methamphetamine and amphetamine. Authorities reportedly discovered marijuana, heroin, and MDMA as well. An unknown amount of drugs were also discovered at hotels the 30-year-old had been renting in Germany.

Judge Klaus Halves, presiding, recognized that the defendant had lived a difficult life. Both parents had heavily used drugs. His mother, for an unknown reason, had fled Germany when the defendant was young. She had fled to Netherlands for a temporary stay until she had solved whatever problems she had been facing. However, she learned that if she left the Netherlands, she would have lost custody of her son. At 14-years-old, the defendant had already developed an addiction to hard drugs, the court heard.

The defendant had already asked about receiving treatment only two days into the trial—something the court considered entirely unusual in such a serious case. But, he had already admitted his crimes and had no intention of fighting the charges. Even though the man has made attempts to speed up the trial, no verdict will be heard until July 17.

]]> 0
US Government Will Now Allow Defense Distributed to Distribute 3D Printed Firearms Software Fri, 27 Jul 2018 21:00:32 +0000 http://­deepdot­35w­vmeyd5­ After years of litigation, the United States Department of Justice has finally decided to settle with Defense Distributed, the creators of the first 3D printed firearm, and the Second Amendment Foundation. Under the settlement the Department of Justice will no longer prohibit Defense Distributed from distributing its 3D printed firearms software over the internet. Defense Distributed and its companion site, DEFCAD, were founded by an anarchist from Texas named Cody Wilson. Wilson had developed The Liberator, the first functional 3D printed plastic firearm. Not long after Wilson had made the 3D model files available on Defense Distributed’s web site in May of 2013, the United States Department of State’s Office of Defense Trade Controls Compliance sent Defense Distributed a letter demanding that they cease distributing 3D models of firearms parts. The Department of State claimed that Defense Distributed was violating export regulations of the International Traffic in Arms Regulations (ITAR).

ITAR munitions export regulations were also used in the early 1990s to try and stop the distribution of strong cryptography, such as Phil Zimmerman’s PGP encryption, over the internet. The United States attempts to stop the distribution of PGP encryption were thwarted when the code for PGP was released as a book, and thus distribution was protected under the 1st amendment of the United States Constitution. However, instead of employing a similar strategy, Wilson and Defense Distributed filed a lawsuit with attorneys from the Second Amendment Foundation, in which the government’s actions stopping distribution of 3D printed firearms software were accused of being a violation of the 1st amendment, the 2nd amendment, and the 5th amendment of the constitution of the United States.

Under the Department of Justice settlement with Defense Distributed and the Second Amendment Foundation, the government made the extraordinary decision to agree to pay back $39,000 in attorneys fees and administrative fees. The government will also amend ITAR regulations to remove the authority to control such 3D printed firearms software and will publish the amended arms export regulations on the Director of Defense Trade Controls web site on July 27th. Export jurisdiction of such software will now be handled by the United States Department of Commerce.

The Department of Justice offered this settlement to Defense Distributed and the Second Amendment Foundation in May. Attorneys with the Second Amendment Foundation believe the government offered the settlement because it was unlikely that any of the judges on the 5th Circuit Court of Appeals believed the government would succeed based on the merits of the case. Because Defense Distributed and the Second Amendment Foundation reached a settlement and agreed to drop their lawsuit against the government, it is not a victory in court. However, Second Amendment Foundation’s attorney Alan Gula stated that he believes courts may consider this case in future cases where the government makes other frivolous national security claims.

The settlement also marks another victory for the 2nd amendment in that the government has agreed that semi-automatic firearms that are .50 caliber or lower are not inherently military weapons of war. “Not only is this a First Amendment victory for free speech, it also is a devastating blow to the gun prohibition lobby. For years, anti-gunners have contended that modern semi-automatic sport-utility rifles are so-called ‘weapons of war,’ and with this settlement, the government has acknowledged they are nothing of the sort,” Alan Gottlieb, the founder and Executive Vice President of the Second Amendment Foundation said in a press release.

Even before the settlement with the government was reached, the 3D printed firearms software was not hard to find on the internet, as it could still be obtained on the darknet and through torrents. Other people continued expanding on the work that Wilson and DEFCAD had begun through a new group called FOSSCAD. The Pirate Bay even created a special category for 3D model files on the torrent search engine under the category of Physibles. Cody Wilson is not just the founder of Defense Distributed, he is also the founder of the American Black Cross, a legal defense fund for American political prisoners like Ross Ulbricht, the founder of the original Silk Road darknet market. Wilson announced on the Defense Distributed web site that their DEFCAD site would have a relaunch on August 1st and that, “the age of the downloadable gun formally begins.”

]]> 0
Fraudster Sentenced for Stolen ID Shopping Spree Fri, 27 Jul 2018 13:00:29 +0000 http://­deepdot­35w­vmeyd5­ A suspicious invoice for a limited edition rum worth almost $2,000 started an investigation that led to the arrest and recent sentencing of a man from Lucerne, Switzerland for several charges of identity theft and fraud. The man, investigators discovered as they investigated a trail of identity thefts and fake identities, had been purchasing stolen identities on the darknet as part of a fraud operation that lasted roughly one year. The total dollar value of damage the fraudster caused was not revealed during his sentencing at the Criminal Court in Lucerne.

According to the police in Switzerland who helped identify the fraudster and his conspirators, the fraudulent activity first began in February 2017. Through a series of attempted fraudulent transactions that ultimately failed, the police learned the fraudster’s pattern and his scope of operation. The victims of identity theft connected to the 24-year-old fraudster often found themselves stuck with bills for items they never purchased. Often, investigators revealed, the fraudster opened credit cards under the names and addresses of the identities he had purchased on the darknet.

The 24-year-old also took advantage of bank accounts or credit cards the victim had already created. In some cases the fraudster gained access to the victim’s email and leveraged email access into the access of bank accounts, financial information, or other pieces of information useful to a fraudster. With stolen accounts or newly created credit cards, the 24-year-old spent thousands of dollars on iPhones, Apple laptops, clothes, and even expensive alcohol.

Instead of shipping the packages to his own address or the address of his victims, the fraudster shipped the packages to Swiss Post’s My Post 24 automated terminals. As part of the operation, the fraudster signed his victims up for the service and used their unique My Post 24 IDs to have a package ship

ped to a terminal under the name of the card holder. When a package arrived at a terminal, the fraudster received a text message or email from Swiss Post with a unique QR code that allowed him to access the package at the terminal. As long as he had the QR code, his identity did not matter to the terminal.

As the fraudster expanded his operation, he grew paranoid. He sent co-conspirators to the terminals with the QR code to avoid interception by police or identification via nearby security cameras. The police apprehended many of the co-conspirators. It is not clear whether or not their arrests came after the 24-year-old’s arrest.

The goods the fraudster purchased showed up for sale through local and internet platforms. His biggest mistake, though, was ordering clothes to his own house in a single occasion. He now faces jail time and owes the court a $10,000 fine. His final restitution amount has not been disclosed.

]]> 0
Bitcoin Trader ‘Bitcoin Maven” Sentenced to Federal Prison Fri, 27 Jul 2018 05:00:25 +0000 http://­deepdot­35w­vmeyd5­ United States District Judge Manuel L. Real of the Central District of California sentenced the so-called “Bitcoin Maven” to one year in prison for illegally laundering bitcoin. In order to enforce a prison stay, Judge Real sentenced convicted the money launderer to 12 months and a single day, forcing prison time instead of jail time.

Theresa Lynn Tetley, 50, worked for years as a stockbroker before turning to bitcoin as a source of income. She called herself “Bitcoin Maven” or “bitcoin.maven” on platforms such as (LBC) and exchanged between $6-9 million in bitcoin, according to information revealed in court. On her LBC account, she has more than 100 confirmed trades with 194 confirmed partners. The profile says she had exchanged between 250 and 500 bitcoin. And kept a 100 percent feedback score while exchanging cash for bitcoin.

Exchanging cash for bitcoin or bitcoin for cash (a cash-for-bitcoin business) is not illegal. And the business itself was not what landed Tetley in hot water with the Drug Enforcement Administration. During the course of her cash-for-bitcoin operation on LBC, she routinely ignored guidelines from the Financial Crimes Enforcement Network (FinCEN). She failed to implement anti money-laundering mechanisms and ignored FinCEN’s “Know Your Customers” regulations.

The FinCEN violations, though, came second to the fact that Tetley had not registered her cash-for-bitcoin business with FinCEN. She pleaded guilty to operating an unlicensed money exchanging business and one count of money laundering. Her crimes, though, according to the Prosecutor’s Office, extended beyond simply illegally turning cash into bitcoin. And she did not simply ignore money laundering laws; court documents revealed that she knowingly exchanged money for a suspected drug dealer.

Later, the Drug Enforcement Administration investigated Tetley. An undercover DEA agent posed as a drug dealer in need of clean money. The DEA agent made his fictional profession known to Tetley. He portrayed himself as a darknet drug dealer who needed an easy way to turn bitcoin into cash without going through legitimate services—such as Coinbase or Abra—that complied with US money laundering laws.

Tetley laundered the undercover agent’s money. He sent her bitcoin “from the proceeds of drug distribution” in exchange for United States currency. She took a steep cut of the illicitly earned assets and charged “rates higher than institutions that were registered with FinCEN.” During sentencing, Judge Real pointed to her high rates as an indication that she knew the value of the service she had been providing traders who needed clean money. The attorney for the United States made a similar claim. “Providing cash in envelopes in coffee shops and restaurants, is no way to conduct legitimate business,” the U.S. Attorney said.

The judge ordered the 366 day prison sentence; another 36 months of supervised release; a forfeiture of $292,264 in U.S. currency; a forfeiture of 40 Bitcoin; a forfeiture of gold bars; and a $20,000 fine.

]]> 5
Hacker Attempted to Sell U.S Military Drone Files on the Dark Web Thu, 26 Jul 2018 21:00:57 +0000 http://­deepdot­35w­vmeyd5­ Stolen Data on sale on the dark web is not a new thing. US defense agencies fare quite poorly when it comes to protecting data from exposure on the dark web. A report from late last year indicated that US defense agencies were more prone to being hacked than any other agency.

A recent report by a cybersecurity firm Recorded Future has exposed the details of how a hacker stole and attempted to sell US military files on the dark web. The drone is manufactured by General Atomics Aeronautical Systems, Inc., for the US military. The Reaper is an unmanned aerial vehicle used primarily by the U.S. Air Force to surveille and strike targets.

The discovery was made by Recorded Future’s Insikt group, a group of analysts who monitor criminal activities on the dark web. While carrying out their research, the analysts came across a hacker who unlike others who sold stolen credentials such as social security numbers, was actually selling U.S. military information. The hacker was offering the files for as low as $150.

The analysts maintained contact with the English speaking hacker to established trust. Afterward, the hacker disclosed that he stole the data from a captain stationed at the Creech Air Force Base in Nevada. According to the report, the hacker used a long-known vulnerability in Netgear routers. Netgear routers with default FTP authentication credentials are usually not updated and vulnerable to remote access. The vulnerability was made public in 2016 and mitigation measures were offered. However, most users did not update their routers.

The hacker used the Shodan search engine to search for vulnerable devices belonging to high-value personnel. The hacker was able to gain access to the computer of the captain mentioned above. On gaining access, the hacker stole course books on maintenance of the Reaper and a list of airmen assigned to the Reaper’s aircraft maintenance unit. Though not classified, the stolen data is believed to be very sensitive and could lead to the exposure of the capabilities and weaknesses of the Reaper drone to undesired parties.

The hacker had other data for sale that included tank platoon manuals and training documents on survival and improvised explosive devices. The source of these files was not disclosed. Access to this sort of information is restricted to U.S. government agencies and their contractors only.

The analysts disclosed the details of their research to authorities who in turn opened an investigation on the matter, to determine the damage caused by exposure of the files.

Most hackers carry out cyber-attacks on companies with a huge client base that offer a large number of targets. With access to client details, hackers can use phishing emails to lure their targets into disclosing personal information such as credit card details. Another effective technique used by hackers is social engineering, through which targets are tricked into disclosing information that the hacker needs. After stealing credentials, hackers turn to the darknet where they sell the information at throwaway prices.

]]> 2