Dark Web Digest – February 2024 Edition

Dark Web Digest - February 2024

Welcome to the Dark Web Digest, a monthly blog that brings you the latest news and trends from the dark web. The dark web is a hidden part of the internet that most people never see. It is where you can find illegal, dangerous, or controversial things. Some people use the dark web for good reasons, such as protecting their privacy or escaping restrictions. Others use it for bad reasons, such as buying drugs, weapons, or stolen data. But that is now just used to define the dark web, and there is much more to know!

In this February edition will explore some of the most exciting and essential stories from the dark web in January 2024. Remember, the dark web is not a place for the timid, so browse carefully and stay safe.

Fake X Gold Accounts For Sale On The Dark Web

The very first piece of news is the theft of X Gold accounts. A surge of fake or stolen X (Twitter) Gold accounts has been flooding marketplaces and forums on both the surface web and the dark web over the past year, according to a report by CloudSEK. Threat actors have used multiple techniques to forge or steal X Gold accounts since Elon Musk’s firm introduced its new verified accounts program in December 2022. The report identified the first advertisement for a Gold account on dark web marketplaces in March 2023. Cybercriminals selling these accounts use several methods to acquire them, including manually creating fake accounts, brute-forcing existing accounts, and using malware to harvest credentials and steal accounts. Prices for counterfeit or stolen accounts range from around $0.30 for a new X account without a checkmark to about $500 for a Gold account. CloudSEK recommends organizations close dormant accounts and has an alerting system to warn of stolen corporate social media account credentials and password protection practices. Employees should be trained on workplace cybersecurity practices, updated password policies, and educated against using cracked software and its dangers.

3,000 Dark Web Posts Found Misuse of ChatGPT and LLMs

Kaspersky’s Digital Footprint Intelligence service discovered nearly 3,000 dark web posts 2023 discussing illegal activities involving ChatGPT and other large language models (LLMs). These discussions included creating malicious alternatives, jailbreaking techniques, lists of malicious prompts, and discussions on stolen accounts with access to the paid version of ChatGPT. Threat actors on the dark web actively share knowledge on exploiting ChatGPT, discussing topics like creating malware, using artificial intelligence for processing user data dumps, and sharing jailbreaks to bypass content moderation policies. The research also found a high volume of conversations around tools like WormGPT, XXXGPT, and FraudGPT, which were marketed as alternatives to ChatGPT with fewer restrictions. The research comes just after OpenAI suspended a developer for creating a chatbot that mimicked U.S. Congressman Dean Philips. This act, the organization says, violated its rules on political campaigning or impersonating individuals without consent. The research highlights that ChatGPT can be used for misuse and that cyber criminals actively share knowledge on exploiting it.

Indian Pleads is guilty of running a Dark Web Enterprise and Losing $150 Million

Indian national Banmeet Singh has pleaded guilty to operating a global dark web enterprise to sell dangerous drugs to communities across America. He created vendor marketing sites on dark web marketplaces to sell controlled substances, including fentanyl, LSD, ecstasy, Xanax, Ketamine, and Tramadol. Singh personally shipped or arranged the shipment of drugs from Europe to America through U.S. mail or other shipping services. From mid-2012 through July 2017, Singh controlled at least eight distribution cells within the U.S., moving hundreds of kilograms of controlled substances throughout the U.S. The multimillion-dollar drug enterprise laundered millions of dollars of drug proceeds into cryptocurrency accounts, which ultimately became worth approximately USD 150 million. Singh faces an agreed-upon sentence of eight years in prison.

750 Million Indian Info For Sale On The Dark Web

Indian infosec firm CloudSEK has discovered records of 750 million Indian mobile network subscribers on the dark web, with two crime gangs offering the data for just $3,000. The 1.8TB trove contains mobile subscribers’ names, phone numbers, addresses, and Aadhaar details. CloudSEK claims threat actors obtained the data through undisclosed asset work within law enforcement channels rather than a leak from Indian telcos. The leak poses a considerable risk to individuals and organizations, potentially leading to financial losses, identity theft, reputational damage, and increased susceptibility to cyber-attacks.

Singapore-based crypto outfit Terraform Labs (TFL) filed for Chapter 11 bankruptcy in the United States, calling the move “a strategic, protective step” to continue executing its business plan while resolving outstanding legal proceedings. The company has assets and liabilities from $100 to $500 million.

India’s I.T. minister, Rajeev Chandrasekhar, has proposed a $1.2 million supercomputing and quantum computing hub, offering high-performance computing access to startups and micro, small, and medium enterprises. The public-private scheme will include graphic processing units in PPP mode with data centers in private space and public data centers under C-DAC (Centre for Development of Advanced Computing). Telstra International and Trans-Pacific Networks (TPN) have announced a partnership on the Echo undersea cable, connecting the U.S. directly to Singapore, Indonesia, and Guam.

African Bank Data Breach Claims of Customer Data on Sale

A dark web user, cnHunter, has claimed to have sold 1843 customer records of the African Bank, which are now up for $250. The data breach includes sensitive details such as customer names, account numbers, phone numbers, serial numbers, and bank account types. The threat actor claims to have complete access to the bank’s database, allowing potential buyers to view, add, edit, and delete information related to guarantor lists, customer lists, and new and old forms. The Cyber Express has sought more information from the affected organization, but no official statement or response has been received, leaving the claims unverified. 

The African Bank website appears to be operational, adding to the uncertainty surrounding the authenticity of the reported breach. The European Central Bank (ECB) is set to conduct a cyber resilience stress test on 109 directly supervised banks in 2024, focusing on recovery measures rather than just preventive capabilities. The test will involve 28 banks undergoing an enhanced assessment, providing additional information on how they dealt with the simulated cyberattack.

Child Sex Offender Admits Being A Moderator Of Dark Web Abuse Site

A man from Swindon, Brent Saunders, has pleaded guilty to being a ‘Global Moderator’ on a dark website dedicated to sharing child sexual abuse content. The National Crime Agency (NCA) discovered that the site had over 2,000 members and was only accessible using Tor. The moderator, Wetty’, was heavily involved in running the site, providing advice on personal security, and evading law enforcement detection. Saunders was identified as the man behind the account and had previous convictions relating to the sexual exploitation of children.

In August 2022, NCA officers arrested Saunders at his home in Freshbrook. He confirmed that he held the rank of Global Moderator and had uploaded indecent images of children to the site. He also admitted his sexual interest in children, particularly girls aged 8-12. Investigators recovered data relating to his account, including over 3,000 posts and private messages he sent to other users.

Wiltshire Police charged Saunders with breaching the sexual harm prevention order and sentenced them to two years and eight months in prison for the breach. Last year, he was charged with a further nine counts, including arranging/facilitating the sexual exploitation of a child under 13, participating in the criminal activities of an organized crime group, distributing and making indecent images of children in categories A-C, and possessing a prohibited image of a child.

Wirex And Zerofox New Strategies Against Dark Web Activities

UK-based digital payment platform Wirex has integrated ZeroFox’s Dark Web Monitoring tool into its system to combat Dark Web activities and money mule threats. The integration allows for real-time dark web scanning for potential dangers like leaked data and compromised credentials. Wirex aims to benefit from ZeroFox’s advanced monitoring capabilities, which issue detailed alerts about potential threats, ensuring a quick response to incidents. The integrated system identifies and responds to suspicious account activities, reducing the risk of financial fraud and reinforcing user transactions. Wirex is also committed to compliance with Know-Your-Customer (KYC) regulations and has partnered with banks and financial institutions to provide online security tools and expand its suite of services. The company also offers educational content and partnerships to empower users about security and responsible financial practices.

Father and Son Duo Sentenced in Dark Web Bitcoin Case

The last news we got in this digest is about father Joseph Farace and his son, Ryan Farace, who have been sentenced to federal prison for operating an illegal dark web drug business and a Bitcoin laundering scheme. Ryan earned over 9,138 Bitcoins through drug sales from 2013 to 2017. In 2020, he arranged to transfer 2,874 BTC to an overseas account, leading to the seizure of 2,957.9 BTC. The cases highlight concerns over cryptocurrency use in money laundering.

Conclusion

That concludes our January edition of the dark web digest. We hope you found it informative and insightful. The dark web is constantly evolving and dynamic, with new daily developments and challenges. We will return next month with more stories and tips from the dark web. Until then, stay safe and keep in touch.

I'm Chester Li, a cybersecurity and cryptography specialist based in Beijing, China with over a decade of experience. I focus on securing digital infrastructures and protecting sensitive information worldwide.

Leave a Reply

Your email address will not be published. Required fields are marked *

Back To Top