Arizona State University researchers created a way that makes gathering data from dark net markets and forums easy, and it helps identify new emerging cyber threats as they come out. The system uses search engines and dark net sites through the Tor network, and the researchers say they have found almost 30 marketplaces, and over 20 forums that black hat hackers are calling home.
They’re system automatically collects data from the sites and utilizes multiple information mining and machine learning techniques to organize the data they collect.
“Currently this system collects- on average – 305 high quality cyber threat warnings each week. These threat warnings include information on newly developed malware and exploits that have not yet been deployed in a cyber-attack,” a research paper put out by the developers stated.
When the study concluded after a four-week period, some 16- zero day exploits were added to these black hat havens. Among them, they discovered one that set its sights on an android WebView vulnerability, which is capable of affecting devices running Android 4.3 Jelly Bean and earlier.
Back in 2015 this comprised some 60% of Android system users, making the price tag of this exploit 40 Bitcoins, or about $24,000.
“Detection of these zero-day exploits at an earlier stage can help organizations avoid an attack on their system or minimize the damage,” the paper also stated.
The researchers said that an organization may choose to patch, update, or even replace the systems using Android. They also said that they are going to be providing the results to professionals in the security field so that it will support their defense planning and aiding to identify the zero-day exploits that are developed by hackers. It will also help them find out what exploits are targeting what vulnerabilities. Lastly, the developers said that they are currently transitioning they’re system to a commercial partner.