Tor And The FBI

This is a post series on cybercrime. For more posts click here or the cybercrime tag below.

I’m going to point out that the big mistake was made by the people who assumed that use of TOR would allow them to remain anonymous.  What they need to understand is that TOR is a utility that is funded by the State Dept. of the US government and created by the US Navy.  Which might give you pause if yo think that you can avoid the interest of US law enforcement forever.  While in this case it was child porn, I imagine that all illegal interactions on TOR are becoming roundtuits for the various US and international law enforcement agencies as the use of TOR for things like ransomware, dark markets and things like playpen, have gotten out of hand in recent years.

The FBI has withdrawn from this case to avoid revealing the methods used to hack TOR, for the moment, though you have to wonder what that gets the defendant, who for a long time is going have to realize that he will be under investigation and all it’s going to take is one little slipup.  This isn’t like a ransomware ring where the perpetrators will just disappear and who expect to get servers seized and shutdown as a part of the business.  Pedophiles tend to return to their bad habits and the Cops can afford to wait on this one.

https://arstechnica.com/tech-policy/2017/03/doj-drops-case-against-child-porn-suspect-rather-than-disclose-fbi-hack/

https://threatpost.com/doj-dismisses-playpen-case-to-keep-tor-hack-private/124102/

People shouldn’t believe that TOR protects them from illegal activities. The fact is that TOR actually has rules it has to live by and can liable for illegal activities if it’s found that TOR aided in those activities.  That’s both due to the funding legislation for TOR and the common carrier laws under which TOR operates.  So expecting illegal activity to continue to be secured by using the TOR network is probably a fools choice as the sudden destruction of dark markets and other illegal activities that used TOR has proven.

The week in ransomware:
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-march-10th-2017-spora-cerber-and-technical-writeups/

The Week In Ransomware

This is a post series on cybercrime. For more posts click here or the cybercrime tag below.

And a slow one. No real big stories popped up and frankly unless I actually try to pursue building an app, there isn’t much I can talk about. So here’s the week in ransomware.

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-february-17th-2017-live-hermes-reversing-and-scada-poc-ransomware/

I suspect that like many thing, cybercime has it’s fads that blowup and then die down.  Frankly if I were a cybercriminal I wouldn’t want something with the potential to blow up in my face like ransomware does.

Cybercrime: Fun And Games On Linked In

This is a post series on cybercrime. For more posts click here or the cybercrime tag below.

Ran into this on 40pluscareerguru. This is the electronic update to the old badger game.

Inadequate cyber security has enabled an explosion of online fraud. Yesterday the BBC reported that online fraud and computer misuse is now the largest category of crime happening in the UK today. There were over 5 million cases reported in the last year and probably many more which went undetected.

Social media is the new hunting ground for criminals and fraudsters. And they are exploiting it with virtual impunity because the platforms are simply not doing enough to counter this threat to users.

Worse, police resources are just not large or capable enough to combat a problem which is often conducted from outside their jurisdictions. So we have to take care of ourselves and do our bit to protect our online friends as well.

Criminals are lurking even in places we’d not expect to find them. Like Linkedin. Here, fake or misleading profiles are used to create aliases that are then used to commit fraud on unsuspecting victims.

Security specialists Symantec recently investigated LinkedIn. Its investigation uncovered dozens of fake accounts on the social network, across a variety of industries.

I was shocked. Not that they found some. But that they found so few. I’d expect them to do better than this because even my cursory review suggests there are not dozens of these but thousands.

Depending on the nature of the fraud intended, the fake profile will vary. Some aim to acquire sensitive intelligence information from government employees. Others have more humble crimes in mind such as phishing or email scams. But one which has had fatal consequences is sexploitation. This has already resulted in at least one suicide by the victim.

I don’t know how extensive Symantec’s project was, but it took me about 5 minutes to uncover a whole heap of fake profiles without any of Symantec’s technology or resources. And I was shocked to see that the first fake profile I found had over 500 connections and a whole host of endorsements.

Meet Amber Grace Fowler and her friends:

‘Amber’ has absolutely nothing about herself on her profile. She’s not on the staff list at the estate agents she claims to work at. She has a Twitter account which is locked. All this says to me the account is fake, nonetheless the account has over 500 connections, and numerous endorsements for all sorts of things and ALL of course from (dumb) men.

This is what I call a Linkedin honeytrap. This particular fraud involves tricking unwary men into making a connection with the fake account. They are then seduced into committing sexual acts in front of a webcam, not realising they are dealing with an organised criminal gang. The footage is recorded by the criminals and then they have all they need to proceed to blackmail the victim.You might think that anyone stupid enough to get caught like this deserves all they get. That you’d never be lured into such a trap. But it’s happening all the time. So much so that the government have invested in this film which warns of the dangers:

I’m actually not very surprised that this sort of thing goes on in Linked In.  The site is primarily a site for job hunters and career people, both of whom tend to be vulnerable to social reinforcement. This is just the old badger game without the risks to the perpetrators.
The honey trap is as old as humanity, but heretofore the participants actually had to interact with victim, with all the risks that that involves if the victim refuses to be blackmailed and sets you up.  With cybercrime, all that goes away.  So be careful with social media interactions.

Well, It’s happened.

This is a post series on cyber crime. For more posts click here or the cybercrime tag below.

A hotel was locked out of its key system by ransomware. From the sounds of it, the ransomware encrypted the file used maintain the key system, rendering it useless and unable to issue new keys.

Read More