The dark web continues to be a hidden and curious place. It is a mysterious part of the internet where anonymity reigns supreme, letting users browse hidden websites and engage in activities beyond the reach of traditional search engines.
This month’s Dark Web Digest explores the latest thoughts and incidents from January 2025. Our dark web analysis uncovers growing trends, incidents, and threats.
Dark Web Forum Tempted Our Son – 50 Days Later, He Was Gone
A 15-year-old boy named Cristoforo Nicolaou, who died just 50 days after being blackmailed and psychologically tortured by an anonymous predator on a dark web forum, has been warned about the hidden dangers of online gaming. The family discovered the blackmail after reading through his son’s online chat, which led to the creation of the Christoforos Charity Foundation (CCF) in his memory. The foundation raises awareness about the dangers of the internet and cyberbullying, stating that children can stumble into these dangers unknowingly and become drawn deeper into the dark dimensions of the web.
The challenges began with small tasks like eating cereal within a specific timeframe or running backward up the stairs, but they soon grew more sinister and degrading. Christoforos was prohibited from sleeping and forced to watch horror films all night. He also found pictures of knives sent to him on the forum. The family has never been able to trace the perpetrator who threatened their son, but they now work to educate others about online dangers for children through their charity, CCF.
The organization aims to raise awareness about protecting kids from online predators through presentations and activities days away from social media. They recommend parents be constantly aware of who their children are speaking to or playing games with online and ensure they are “tangible people” their children know personally. They also urge parents and children to avoid clicking on unfamiliar content and restrict social media use to encourage real-life connections.
Canadian Sentenced for Importing Fake Xanax via Dark Web
Arden McCann is a Canadian gentleman and a 37-year-old native of Quebec who was given a 30-year imprisonment term in federal prison for heading an international narcotics network that used the dark web. The book containing the story was imported from China and had been bound with Ed Tsunami Neblett in collaboration with multiple others. Even though McCann was never mentioned in the document and personally endorsed by a prosecutor because of his work dismantling the gang, Nason is mentioned 32 times.
The DEA Atlanta Division’s Jae Chung pointed out the fact that research into counterfeit pill production and distribution, along with drug trafficking via the dark web, is an issue that must be addressed. At the same time, buyers are produced with counterfeit LSD. The FBI Atlanta Division’s Sean Burke expressed his happiness by saying that McCann’s conviction is a good result of the excellent law enforcement cooperation between agencies in Georgia and internationally.
Investigating the case, the Laval Police (Quebec, Canada) arrested McCann in October 2015 due to the drug sale on the dark web under the pseudonym “DRXanax.” As a result of the investigation done on the left pro radical of fentanyl analogs, 15 weapons, bulletproof vests, and narcotics ledgers were found by Canadian officials. McCann, undeterred by his imprisonment, was involved in the drug trade, even distributing fentanyl analogs on the dark web. He was handed over to the United States on June 9, 2022, and given a 30-year imprisonment sentence followed by 10 years of supervised release.
Ross Ulbricht was released from prison after 11 years by Trump.
Ross Ulbricht, the founder of the first dark web drug market, was captured over 11 years ago in San Francisco and condemned to a lifetime in prison. However, with the help of Donald Trump and his strong influence in the American cryptocurrency world, he will be a free man. Trump signed a full and unconditional pardon of Ulbricht’s mother, expressing his pleasure in supporting her and the Libertarian Movement. The Silk Road, created by Ulbricht under the pseudonym Dread Pirate Roberts, facilitated the sale of vast amounts of narcotics, counterfeit documents, money laundering services, and guns for hundreds of millions of dollars i
n Bitcoin payments.
After the FBI located the Silk Road’s server in Iceland in 2013 and arrested Ulbricht in San Francisco, he was convicted on seven charges relating to the distribution of narcotics, money laundering, and computer hacking. In 2015, he was sentenced to life in prison, a punishment beyond the 20-plus years that prosecutors in the case requested.
A Free Ross movement has steadily pressed for Ulbricht’s release, first in a failed appeal and then in petitions for clemency. Many of Ulbricht’s supporters contend that the Silk Road was a free-trade experiment based on libertarian principles that only permitted “victimless crime.” Perhaps due to its support for the libertarian cryptocurrency community, the Trump administration has changed its position on Ulbricht’s case.
2 Arrested in Lucknow for Stealing Shoppers’ Data via Dark Web
Lucknow police have arrested two individuals involved in a fraud operation targeting Amazon Pay and Amazon Pay Later customers. Dhairya Verma and Maruf Asif Kasmani accessed customer data through the dark web and the Telegram app, committing fraud worth crores by exploiting their accounts for online shopping. They used a Telegram bot to bypass account security measures and made unauthorized purchases on various e-commerce platforms.
Recovered items include protein powders, mobile phones, debit and credit cards, and cash. The fraudulent schemes, executed undetected for months, used Amazon Pay and Pay Later services. Investigations are being conducted to find other gang members and their methods of operation, and a case has been filed against the accused.
Hacker Spared Jail for Selling Unreleased Coldplay, Mendes Songs on Dark Web
Skylar Dalziel, a 22-year-old hacker from Luton, has been sentenced to 21 months in prison, suspended for two years, for 14 counts related to trading copyrighted music without the consent of the recording artists or label. In a raid of her home in January, police discovered hard drives containing up to 291,941 music tracks, including unreleased songs by Coldplay, Shawn Mendes, Melanie Martinez, Taylor Upsahl, and Bebe Rexha. Dalziel obtained the music illegally, accessing several cloud storage accounts linked to the artists. A spreadsheet also showed she had sold the tracks to several customers. An investigation was launched the previous year after the Recording Industry Association of America supplied evidence showing that Dalziel had purchased six unreleased music tracks on the dark web using Bitcoin.
At Luton Crown Court, she was handed the suspended sentence after pleading guilty to nine copyright offenses and four computer misuse offenses. She was ordered to complete 180 hours of unpaid work and 10 rehabilitative activity days. The court also ordered the forfeiture and destruction of hard drives and other equipment associated with the offense.
Detective Constable Daryl Fryatt from the Police Intellectual Property Crime Unit (PIPCU) at City of London Police said that theft of copyrighted material is illegal and jeopardizes the work of artists and the livelihoods of those who work with them to create and release their music.
15,000 Fortinet Firewall Configs Exposed on Dark Web
Fortinet has released data and VPN credentials for 15,474 devices, including configuration data, to the Dark Web due to a vulnerability, CVE-2024-55591, discovered on January 14. This vulnerability allowed an unauthenticated attacker to perform administrative operations via specially crafted HTTP requests on vulnerable devices. Security researchers developed a proof-of-concept exploit to scan for vulnerable devices and observed escalating exploitation attempts.
The same day CVE-2024-55591 was disclosed, the “Belsen Group” released data belonging to over 15,000 Fortinet devices. CloudSEK researchers assessed that the data had been stolen due to CVE-2022-40684, likely when the bug was still a zero-day. They concluded that the threat actor(s) decided to leak the data in 2025 after exhausting its use for themselves. The Belsen Group has released a 1.6GB file detailing a cybercrime attack on Fortinet devices, which appears to have spread across every continent.
The highest concentration of affected devices is in Belgium, Poland, the US, and the UK, with over 20 victims. The leaked listings contain two folders: “config.conf,” which contains device configurations, IP addresses, usernames and passwords, device management certificates, and firewall rules stolen via CVE-2022-40684, and “vpn-password.txt,” which contains SSL-VPN credentials sourced from devices via CVE-2018-13379.
7-fold increase in drug seizure… drones, dark web challenge
Indian Union Home Minister Amit Shah has called on states and agencies to take legal action against illegal labs. He stated that narcotics worth Rs 16,914 crore were seized in 2024, the highest recorded since Independence. He emphasized the need for strict measures against the dark web, cryptocurrency, online marketplaces, and drones. Shah also highlighted the seven-fold increase in drug seizures in the last decade and the government’s success in eliminating drug networks and terrorism linked to them.
He launched a drug disposal fortnight from January 11 to 25, with a target of destroying 1 lakh kg of narcotics worth Rs 8,600 crore. The Home Ministry is implementing a three-pronged strategy to achieve a drug-free India by 2047. Shah noted that drugs worth `8,150 crore were destroyed in 2004-14 and `54,851 crore in 2014-24.
Nepal’s Ministerial Data Hacked on Dark Web for $50
South Asian hacking collective FunkSec has released data from Nepal’s Ministry of Federal Affairs and General Administration for sale on the dark web, priced at $50. FunkSec, a self-proclaimed cybercrime group, has claimed 11 victims and promotes a free Distributed Denial-of-Service (DDoS) tool. The group has targeted victims across various sectors, including media, IT, retail, education, automotive, professional services, and NGOs, across countries like the United States, Tunisia, India, France, Thailand, Peru, Jordan, and the United Arab Emirates. FunkSec’s dark web platform features a “RANSOM” page, suggesting a double extortion strategy, encrypting and exfiltrating files from victims’ devices.
The group also advertised access to the super admin panels of four government websites, including Nepal’s ministry’s portal, which oversees sensitive information. Nepal’s media confirmed that Ministry spokesperson Kali Prasad Parajuli was unaware of the breach. Still, cybersecurity platforms like Ransomware Live and Onju.com confirmed that the ministry’s website had been compromised last August, with Bangladeshi hacker group Anonymous Bangladesh taking responsibility.
