4.6.17 Dark Web and Cybercrime Roundup

“Silk Road Creator Ross Ulbricht Loses Life Sentence Appeal”

A Second Circuit appellate court struck down Ulbricht’s appeal on literally every challenge raised by the defense. The appeal centered on violation of Ulbricht’s Fourth Amendment rights and the evidence tampering caused by the corrupt federal agents investigating Ulbricht and the Silk Road. “Although we might not have imposed the same sentence ourselves in the first instance, on the facts of this case a life sentence was ‘within the range of permissible decisions’ that the district court could have reached,” the judges wrote. Wired

“How to lose $8k worth of bitcoin in 15 minutes with Verizon and Coinbase.com”

One unfortunate individual found himself at the receiving end of a targeted social engineering scheme. The story demonstrated the necessity for 2FA without SMS. If he had enabled 2FA through a service like Google Authenticator, the crisis could have been diverted and the bitcoins might still be safely stored away. He learned the importance of 2FA after an attacker social engineered their way into his Verizon account and took control of his phone number. They accessed his Gmail account (recovery via phone number presumably) and used that to reset his Coinbase password. The rest is history. @CodyBrown on Medium

“Three More Reasons to Keep JavaScript off in Tor”

This week, we saw a trend in Tor-linked news. Darknet market crimes have usually involved Tor, but possibly the fact that DeepDotWeb reported some Tor-related news in non-criminal roles made them stand out. Here, a security researcher by the name of Dr. Neal Krawetz explained three easily-overlooked methods by which a Tor user could be fingerprinted. 1. Tor reports the same value for the window size and screen size. 2. The dock on MacOS computers caused Tor to report a window size unique to MacOS. 3. The scrollbar allowed the viewport size to be subtracted from the window size. Nearly every operating system uses their own scrollbar size in to Tor Browser. Operating systems could be fairly easily identified. DeepDotWeb

“Alphabay Hacker “Cipher0007” Takes Down Sanctuary Market”

The once-famed Cipher0007 hacked yet another market this week. Readers may remember him from the Alphabay drama wherein he successfully compromised vendor accounts and read messages between the vendor and his customer. He also hacked Hansa but no fiasco ensued. This time he hacked a new marketplace known as Sanctuary market. The damage done indicated that the market was not worth saving and ought to be removed. The owner, Darkmarket, did just that. The market was removed within hours. DeepDotWeb

“Romania: Haven for hackers turned cyber sleuths”

Razvan Cernaianu once hacked computer systems at the Pentagon and NASA where he reportedly completed the job with ease. He is now the co-founder of Cyber Smart Defense, a cybersecurity firm with offices in Belgium, Romania, the United Arab Emirates and California. “There’s no mention of @GhostShellNews,” Dissent wrote. @GhostShellNews, another Romanian hacker, doxed himself “in the hope that he’d get arrested, then be able to get a job in cybersecurity.” DataBreaches.net, USA Today

“Stop Paying Attention When Someone Uses The Iceberg Metaphor For The Dark Web”

This came potentially years too late. Many of us have waited what seemed like an eternity for this silly iceberg to go away. However, Roger Dingledine did not only discredit the iceberg image, he explained that the phrase “dark web” (and similar) were basically just marketing techniques for cyber security firms. “Onion services basically don’t exist,” said Dingledine. “It’s nonsense that there are 99 other internets you can’t access.” DeepDotWeb