Connect with us

Cyber

The danger of dark web weapons dealers

Published

on

dark web weapons dealers

The closure of a number of online hidden marketplaces over the course of the past few years has proven that the dark web does not perhaps offer the protection and anonymity that many once thought it did. From the capture of original Silk Road mastermind Ross Ulbricht back in 2015, to the closure of AlphaBay and Hansa earlier this year, some of the administrators of these illicit websites have discovered to their cost that law enforcement agencies across the world can and will deploy considerable resources towards bringing them to justice. For some traders, the perceived risks associated with using the dark web have become so high they have abandoned hidden marketplaces altogether, preferring instead to shift their dodgy online businesses to encrypted messaging apps such as WhatsApp and the lesser-known Discord. However, recent history has showed that as soon as one dark web marketplace is closed down, another pops up to take its place. Failing that, sellers simply move their operations to another illicit marketplace that is still in business, often taking their username and reputation with them. As a result, the demise of the dark web trade in illicit goods and services looks to be a long way off.

While most listings on hidden illicit marketplaces are dedicated to drugs, buyers can use the dark web to get hold of child sexual exploitation material, stolen credit card information, fake IDs and hacking services, among an array of other illegal items. More worryingly, all manner of lethal weapons can be purchased from dark web marketplaces by anybody who has the rudimentary technical knowhow to find them. Only last week, a British teenager was found guilty of attempting to buy powerful explosives on the dark web. Officers from the UK’s National Crime Agency (NCA) intercepted the vehicle-borne improvised explosive device (VBIED) and replaced it with a dummy bomb before allowing it to be delivered to Gurtej Randhawa. The 19 year-old is facing a lengthy jail term when he sentenced in January next year. The NCA said Randhawa had no links to terrorist groups or organised crime, but the ease with which he was able to procure such a destructive weapon, which police said could have killed many people if it had been detonated, was extremely concerning – not least in light of the heightened threat many countries across the world are facing from Islamist extremists and a resurgent far right.

In an example of how dangerous weapons being sold on the dark web can be if they fall into the wrong hands, the 9mm Glock used by Munich gunman Ali Sonboly, who killed nine people and then himself during a marauding firearms attack at a shopping mall in the city last summer, was discovered to have been bought from a hidden marketplace. Police examining Sonboly’s digital devices were able to establish that the pistol was most likely smuggled into Germany from Slovakia, which like many countries in Eastern Europe is awash with firearms left over from the Yugoslav Wars. Although the weapons used in the November 2015 Paris attacks were not proven to have been procured on the dark web, some hidden marketplaces removed their weapons listings in the wake of the atrocity, during which 130 people were killed by jihadi terrorists. In a message to its buyers after the assault, Nucleus said: “Dear users, in the light of recent events in France we have decided to remove our weapons section and we are going to disallow weapons on our market completely.” Unfortunately, not all dark web marketplace administrators are so troubled by their conscience.

It may well be the case that firearms and other weapons account for a small proportion of the illicit goods and services sold on the dark web, but the potential danger they pose is deeply troubling, regardless of whether that risk is associated with terrorism, organised crime or lone buyers. While guns currently account for a tiny percentage of dark web listings, a report published by think tank the RAND Corporation in July revealed that weapons dealers who sell their goods on hidden marketplaces are “increasing the availability of better performing, more recent firearms for the same, or lower, price, than what would be available on the street or the black market”. The study also found that dark web firearms sellers are dismantling the guns they sell and then sending components to customers separately in a bid to avoid detection. Researchers found that the sale of guns and related products generated 136 sales a month on the dark web, bringing dealers a monthly revenue of $80,000.

The recent closure of major dark web marketplaces seems to have done little to slow buyers’ demand for weapons on hidden marketplaces, with two teenagers being arrested in the Netherlands last month for attempting to order a gun online, and Australia’s Daily Telegraph warning that more people in the country are buying firearms from dark web dealers than ever before. If anything, the range of weapons available on the dark web is growing, with the UN warning that terrorists might soon be able to purchase 3D printing technology that would allow them to print their own guns from hidden marketplace dealers. As a consequence, it feels almost inevitable that it will not be long before another mass-casualty terror attack will be carried out with weapons purchased from the dark web.

Continue Reading

Articles

US and European investigators knock xDedic cyber crime marketplace offline

Published

on

xDedic cyber crime marketplace

A coalition of law enforcement authorities from the US and Europe have taken down an illicit online marketplace that is said to have generated tens of millions of dollars through the sale of access to compromised computers and consumer data that could be used for the purposes of identity theft and other types of fraud.

Prosecutors in Florida, the FBI and Europol were among the organisations that last week targeted servers and domain names linked to the xDedic Marketplace, which is thought to have been run by a group of Russian-speaking cyber hackers.

Users of the marketplace, which operated on both the dark and surface web, could run searches for compromised computer credentials sorted by a number of parameters, including price, geographic location and operating system.

Last Thursday, investigators in Belgium and Ukraine effectively knocked the website offline after executing a number of seizure orders.

The investigation that led to last week’s action uncovered evidence that the website may have facilitated fraud worth more than $68 million, and that its administrators ran a number of servers in locations across the globe in a bid to avoid the marketplace being taken down.

The platform’s administrators also used cryptocurrency Bitcoin to conceal the identities of its administrators, buyers, and sellers, and to shield the location of the servers through which it was powered.

In a statement, the US Prosecutor’s Office for the Middle District of Florida said: “The victims span the globe and all industries, including local, state, and federal government infrastructure, hospitals, 911 and emergency services, call centres, major metropolitan transit authorities, accounting and law firms, pension funds, and universities.”

The operation that led to the takedown of xDedic included the participation of the IRS, US Immigration and Customs Enforcement’s Homeland Security Investigations, the Florida Department of Law Enforcement, the Federal Prosecutor’s Office and the Federal Computer Crime Unit of Belgium, the National Police and the Prosecutor General’s Office of Ukraine, and the German Bundeskriminalamt.

Separately, Europol has announced that the takedown of webstresser.org in April of last year has provided a wealth of information that has allowed Dutch and British investigators to track down the perpetrators of Distributed Denial of Service (DDoS) attacks.

Webstresser.org, which was said to have been behind more than four million DDoS attacks on businesses across the globe, was the largest marketplace of its kind on the internet.

Continue Reading

Articles

UK police arrest three during investigation into dark web credit card fraud scam

Published

on

dark web credit card fraud scam

A joint operation conducted by law enforcement agencies in the UK has resulted in the arrest of three men suspected of being behind a £1 million ($1.27 million) dark web fraud conspiracy.

Officers from the South East Regional Organised Crime Unit (SEROCU), Greater Manchester Police, the North West Regional Organised Crime Unit (Titan) and the National Crime Agency (NCA) detained the men in Rochdale on Wednesday.

The suspects were held after more than 30 investigators carried out coordinated raids at four addresses across the town in an operation intended to crack down on cyber crime-enabled fraud offences.

The three men – aged 25, 35 and 36 – are said to have used stolen credit card information they bought on dark web marketplaces to make purchases of high-value goods from small and medium-sized businesses over the phone between 2014 and 2018.

When placing orders, police say the suspects arranged to have the goods delivered to multiple locations across Rochdale by unsuspecting couriers.

In a statement, Detective Inspector Rob Bryant from SEROCU’s Cyber Crime Unit, said: “They would use the details they had obtained illegally to purchase large orders of goods, such as car tyres, copper piping, paint and ride-on mowers and have them delivered to discreet locations by innocent couriers, where they would go and collect them from.

“We often see companies which have their data stolen end up on the dark web and opportunist criminals look to benefit. I would like to take this opportunity to remind all businesses around their obligations to customers in protecting their data from cyber criminals.

“In this case, thanks to the multi-agency approach and help from our partners, we have managed to stop an organised crime, which in 2018 had committed nearly 300 fraud offences at a cost of over a million pounds.”

In a report published in April, the Armor Threat Resistance Unit revealed the cost of stolen credit card information available to buy on dark web marketplaces.

The study explained how credit card details can be obtained for as little as $10 on hidden websites, and noted that criminals routinely steal cardholders’ account information by using skimming devices fitted to point of sale terminals.

These devices are widely available on the dark web for as little as $700, and can read and store card details while payments are being processed.

“At the low end, skimmers just record data into onboard storage, which adds the additional risk for the scammers of having to physically or remotely retrieve the data,” Armor Senior Threat Intel Analyst Corey Milligan wrote.

“The more expensive and sophisticated skimmers may connect to an off-site storage location in real-time that the criminal can access without being caught.”

Continue Reading

Articles

Hotel giant Marriott admits to massive data breach that may have hit 500 million customers

Published

on

Marriott admits to massive data breach

Hospitality group Marriott International has admitted that the records of 500 million if its guests may have been exposed in a massive data breach.

The world’s largest hotel chain today said hackers may have been able to steal the information after gaining access to its Starwood reservation system.

An unauthorised party is said to have first accessed the system back in 2014, but Marriott said it had only just identified the breach after its security tools detected that somebody was attempting to get into the database.

After conducting an investigation, the company said it had been able to establish that an “unauthorised party had copied and encrypted information”.

The hotel giant said it would now move to contact every customer whose details were on the Starwood system.

In a statement, the company said: “Marriott deeply regrets this incident happened. From the start, we moved quickly to contain the incident and conduct a thorough investigation with the assistance of leading security experts.

“Marriott is working hard to ensure our guests have answers to questions about their personal information with a dedicated website and call centre.

“We are supporting the efforts of law enforcement and working with leading security experts to improve. Marriott is also devoting the resources necessary to phase out Starwood systems and accelerate the ongoing security enhancements to our network.”

The company warned that cyber criminals could use the information they stole to send phishing emails to its customers, and cautioned that it would not send out attachments with messages it sends and would never request personal information by email.

Hotel groups have become increasingly popular targets for cyber criminals over the course of the past few years.

At the end of last month, the Radisson Hotel Group admitted that it had suffered a data breach that affected its loyalty and rewards programme customers.

“Upon identifying this issue Radisson Rewards immediately revoked access to the unauthorised person(s),” the company said.

“All impacted member accounts have been secured and flagged to monitor for any potential unauthorised behaviour.

“Radisson Rewards takes this incident very seriously and is conducting an ongoing extensive investigation into the incident to help prevent data privacy incidents from happening again in the future.”

In October last year, Hilton Hotels was forced to pay a $700,000 in the US and ordered to improve its security measures after the company was accused of mishandling two separate credit card data breaches.

Continue Reading

Newsletter

Sign up for our mailing list to receive updates and information on events

Social Widget

Latest articles

Press review

Follow us on Twitter

Trending

Shares