Krebs on Security: Feds Charge NY Man as BreachForums Boss “Pompompurin”. “The U.S. Federal Bureau of Investigation (FBI) this week arrested a New York man on suspicion of running BreachForums, a popular English-language cybercrime forum where some of the world biggest hacked databases routinely show up for sale.”
The Verge: Google’s One plans are getting expanded VPN access and dark web monitoring. “If you pay for a Google One plan to get extra storage or other benefits, you might be about to get some extra features. The company has announced that all One subscribers will be getting access to the VPN that used to be limited to its Premium tier and that it’s adding dark web monitoring to alert you if your sensitive information starts circulating on sites that search engines normally don’t index.”
The Verge: Twitter just let its privacy- and security-protecting Tor service expire. “Twitter has allowed the certificate for its Tor onion site to expire, effectively killing off a privacy- and speech-protecting service that it introduced last year.”
Europol: 17 countries join forces to prevent chemical terrorism on European soil. “On 21 February, a large-scale Referral Action Day targeting the misuse of dangerous chemicals by terrorist groups took place at Europol’s headquarters in The Hague…. Investigators scoured the clear and dark web to identify and refer for removal propaganda and instructions on the use of high-risk chemicals, and the toxic gases they generate, in terrorist material and online fora. As a result, over 120 individual pieces of content were referred to 21 online service providers to secure their swift removal.”
TorrentFreak: Z-Library Returns on the Clearnet in Full Hydra-Mode. “The U.S. Government’s crackdown against Z-Library late last year aimed to wipe out the pirate library for good. The criminal prosecution caused disruption but didn’t bring the site completely to its knees. Z-Library continued to operate on the dark web and this weekend, reappeared on the clearnet, offering a ‘unique’ domain name to all users.”
Bank Info Security: Hacker Claims to Have Scraped 400M Twitter User Records. “A member of a criminal data breach forum claims to have obtained the emails and phone numbers of 400 million Twitter users in a posting that urges social media CEO Elon Musk to buy the data set for an unspecified price.”
How-To Geek: How to Access .onion Sites (Also Known as Tor Hidden Services). “Website addresses that end in ‘.onion’ aren’t like normal domain names, and you can’t access them with a normal web browser. Addresses that end with “.onion” point to Tor hidden services on the ‘deep web’.” The article notes that despite the name, onion sites can be less than savory and therefore shouldn’t be browsed, just accessed with a specific destination in mind.
Bleeping Computer: Thousands of hackers flock to ‘Dark Utilities’ C2-as-a-Service. “Security researchers found a new service called Dark Utilities that provides an easy and inexpensive way for cybercriminals to set up a command and control (C2) center for their malicious operations.”
Krebs on Security: RaidForums Gets Raided, Alleged Admin Arrested. “The U.S. Department of Justice (DOJ) said today it seized the website and user database for RaidForums, an extremely popular English-language cybercrime forum that sold access to more than 10 billion consumer records stolen in some of the world’s largest data breaches since 2015. The DOJ also charged the alleged administrator of RaidForums — 21-year-old Diogo Santos Coelho, of Portugal — with six criminal counts, including conspiracy, access device fraud and aggravated identity theft.”
Motherboard: The Alleged Scammers Behind the Most Notorious Murder-for-Hire Site Have Been Arrested . “Police in Romania have arrested the alleged operators of a scam dark web murder-for-hire site where an unsettling number of people on the ‘kill list’ have wound up dead.”
Bleeping Computer: Germany takes down Hydra, world’s largest darknet market. “The servers of Hydra Market, the most prominent Russian darknet platform for selling drugs and money laundering, have been seized by the German police. The police were also able to seize 543 bitcoins from the profits of Hydra, which are currently worth a little over $25 million.”
Politico: Justice Department announces 150 arrests from dark web drug crackdown. “The roughly 10-month initiative — dubbed Operation Dark HunTOR, after the encrypted internet tool — was conducted in partnership with international counterparts and also yielded 234 kilograms of seized drugs. Of those arrested, 65 were in the United States and the rest were in a handful of European countries including Germany, France and the United Kingdom.”
TechRepublic: Dark Web: Many cybercrime services sell for less than $500. “Cybercrime can be a lucrative business for those who specialize in ransomware, phishing campaigns, and other types of attacks. The profit margins are especially healthy because cybercrime products and services often sell at bargain prices on the Dark Web. A new report from VPN provider Atlas VPN looks at the going rates for everything from spearphishing attacks to ransomware kits to stolen account credentials.”
VentureBeat: IBM finds cloud credentials sell for mere dollars in ‘booming’ dark web market. “Cyberattacks have been increasing in both frequency and severity, but it’s not just because malicious actors are upping their game (though they very much are). Many cybersecurity veterans feel that the effective solutions the industry has put out over the years aren’t fully being taken advantage of, and now a new report from IBM sheds light on the ways enterprises are leaving the door wide open. It also details a ‘booming’ dark web marketplace for compromised cloud accounts, where some credentials are selling for just a few dollars.”
Make Tech Easier: The Differences Between Deep Web and Dark Web: What You Need to Know. “If Aquaman has taught us anything, it’s that there is more going on under the surface than we realize. To continue this nautical theme, there are many similarities between the Internet and the oceans. They both have surface, deep, and dark web layers. These layers are unexplored for the most part. We will take a look at the deep web and dark web in this guide and show you the differences between the deep web and dark web.”
The ResearchBuzz Firehose is regular RB content presented as individual posts.
For digest-type posts a couple of times a day, please visit ResearchBuzz.
Want to know how to best use the Firehose for content discovery?
Check out this handy article.