What Does Dark-Net Improving Mean? We Get Hacked Soon!

Wired has a story about “New Dark-Web Market Is Selling Zero-Day Exploits to Hackers”

This is the new welcome greeting in the “Dark-Web or Dark-Net” essentially a webserver that is not searchable on Google, only using anonymous Browsers one can find this type of a “market” entrance.

Silk Road is another venue that uses the anonymity of he Tor browser to hide who is accessing the website.

The Wired article http://www.wired.com/2015/04/therealdeal-zero-day-exploits/ 

The claims in the new premium market include hacking WordPress multisite configurations.

 

Instead of going into details (as the article does) of which exploit could work and which one does not, as this is not so important, as we know some do work, and even if they don’t currently we do know that the hackers and criminals are improving ways to communicate with each other, to increase their marketability by selling their work to the highest bidder.

 

What does this “new” market really mean?  It means that the hackers are improving the attacks that will be coming into our networks and computers. If you are  not improving your security posture there will be problems it is only a matter of time.

 

The Internet connects us all, our routers and firewalls  protect the perimeter, and anti-virus software is supposed to protect from any potential malware coming into your computer when  a phishing email was clicked or when a website is hacked and it gets downloaded into your computer without your knowledge.

As in my previous post http://oversitesentry.com/russian-criminal-website-taken-down-by-fbi/

The FBI agent Supervisory Special Agent Keith Mularski took down “Dark Market” by posing as a spammer and later became the admin for the Dark market board.

On this board there was many items for sale:

Bank account, credit card account compromises

stock manipulation

Identity theft information

Reshipping fraud

Money laundering

Blackmail or extortion

Deceptive advertising avenues

Carding (creating credit cards so as to populate with stolen numbers)

 

This information is from the slides of a presentation that Both Keith Mularski and Dmitri Alperovitch, VP Threat Research, McAfee   put together:

http://www.blackhat.com/presentations/bh-usa-09/ALPEROVITCH/BHUSA09-Alperovitch-RussCybercrime-SLIDES.pdf

 

The Tattoos of the criminals are of a special nature:

russiancriminalbasedtattos

 

Although this presentation is from 2006 (DarkMarket was taken down in 2006) it shows that today’s reporting just barely scratches the surface of these criminal attackers.

Do you want to know why they are doing this?

carderportal.orgimages

Besides the fact they can make more money as a criminal with their skills than for any other reason. Patriotic reasons are another reason: how about this translation: ” We will bring the USA down to the level of 1928-1933″

maximyastremsky  Here is one of the criminals on DarkMarket.

Also the AlQueda connection

alquedaconnection

And the typical carder Planet Hierarchy   (notice that the hierachy is similar to  Italian mob structure)

carderplanethierarchy

 

 

So that was the status of the DarkNet in 2006, it is now 9 years later, and criminals are doing improvements buying and selling illegal items in locations where it is difficult to get into and find out who is buying and selling, it takes many months of painstaking investigations with the FBI and other law enforcement agencies. In the meantime we are being attacked by known attacks as the internet Storm center  mentioned last week:

 

 http://oversitesentry.com/must-patch-microsoft-ms015-034-asap/

The new attacks are being sold right now on the ‘new’ improved DarkNet, to me that means the attacks are getting warmed up, it will get much worse this year.

 

We have to improve our defenses, improve firewalls, upgrade machines, get rid of the obsolete systems. The attackers are coming whether you are ready or not.

Some are saying we will get hacked anyway, so we should just be looking for where and how we are getting hacked.

Contact Us to help you

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.