Dark Web Digest – May 2024 Edition

Dark Web Digest - May 2024

Welcome back to the shady side of the internet! This month’s Dark Web Digest comes with exciting news from worldwide. In this digest, we will disclose the growing market for fakes on the dark web. Imitations of everything from expensive clothes to dangerous drugs are a significant threat to our safety and our wallets. 

That said, it’s not just about getting a bad deal; counterfeit products, attacks, stealing information, and much more can hurt legitimate companies and put the economy at risk. Let’s get ahead of it!

Leaked Pak Suzuki Data Allegedly Up For Sale On Dark Web

The first trending news was from Pakistan, where the Hackers are said to have put Pak Suzuki Motor Company Limited (PSX: PSMC) company data up for auction on the dark web.

The total amount of data is 447.5 GB (without compression), including papers about finance, accounting, HR/employees, IT, compliance, and administration. “We learned on April 9, 2024, that our company’s data had been stolen in a cyberattack.” “First investigations show that HR, financial, and other data from the server has been sent to a public IP address,” PSMC told the Pakistan Stock Exchange earlier today.

Suzuki Sign

The threat actor’s message says that the stolen data includes source codes for IT programs, executives’ PST email accounts, passports, salary and tax documents, SAP and ERP databases, internal databases, VoIP records (March 2024) and contracts with other companies, as well as information from the computers of influential company executives, CFOs, IT managers, directors, more. It was also said to have about 37 GB of info from Suzuki’s main office in Japan.

This came after the company recently said it was removing itself from PSX.

PSMC began the share purchase offer (SPA) in February 2024 to sell 22.14 million shares at Rs. 609 each and remove the company from the stock market.

As a result of Suzuki Motor Corporation, Japan’s recent decision to buy all the shares of Pak Suzuki Motor Company Limited (the Company) that the Sponsor or Majority Shareholder does not own, this decision was made.

Researchers have found that “rude” ransomware tools are easy to find and cheap on the dark web

Cybersecurity firm Sophos discovered 19 ransomware types sold for one-time use on dark web forums from June 2023 to February 2024. Researchers compared the cybercrime tools to “junk guns,” cheap, imported handguns that flooded the U.S. in the 1960s and 1970s. These tools offer low barriers to entry and little traceability, making them attractive to would-be cybercriminals. When posted, the varieties ranged from $20 to 0.5 bitcoin, or approximately $13,000.

The one-off cybercrime tools differ from ransomware-as-a-service models because no affiliates who expect a cut of the profits are involved. They allow criminals to get in on the action cheaply, quickly, and independently, targeting small companies and individuals unlikely to have the resources to defend themselves or respond effectively to incidents. However, there are risks, such as the tools being defective or backdoored as part of a scam.

The efficacy of these tools in the wild is unclear, as there is little infrastructure for investigators to monitor, and targets are likely small businesses or individuals, resulting in little publicity. Additionally, attackers do not have leaked sites for stolen data. At least one of the tools for sale, EvilExtractor, was observed being used last year in attacks in the U.S. and Europe, and there were claims on forums of three other variants having been successfully used.

Christopher Budd, director of Sophos X-Ops, emphasized the challenges these tools pose for defenders, as most attacks will likely go undetected and unreported. Users on dark web forums show the amateurish nature of operations, with no dumb questions for individuals who aspire to develop their abilities.

AT&T Responds to New Data Set Made Public on the Dark Web

AT&T has found that fields unique to AT&T data were in a data set posted on the dark web about two weeks ago. Although AT&T has decided on this, it is unclear if the data in those fields came from AT&T or one of its sellers. The data source for the rest of the data set, which has personal information like social security numbers, is still being looked into.

AT&T has started a thorough review with the help of both internal and external cybersecurity experts. According to our first look at the data, it seems to be from 2019 or earlier. It affects about 7.6 million current AT&T account holders and about 65.4 million past account holders.

ATT

At this point, AT&T does not have proof that someone broke into its servers without permission and stole the data set. The company is getting in touch with those who will be affected and will offer credit tracking at our cost if it applies.

Seattle man was given a sentence for buying 630,000 fake pills on the Dark Web

IN ST. LOUIS – A man who bought 630,000 fake Xanax and other pills on the dark web was given a five-year prison term and told to pay a $10,000 fine by U.S. District Court Judge Stephen R. Clark on Thursday.

Maximillian Gregory Verbowski will also be overseen by the police for three years after he gets out of jail.

Verbowski bought large amounts of fake generic alprazolam (an anti-anxiety drug) and other prescription pills on the dark web from October 2019 to August 30, 2021, and then sold them. He did this using both cryptocurrency and cash. Verbowski’s source got drug ingredients from China and used a pill press and stamps to make the pill lines look like they were made by an honest company. The pills were then sent by the source to post office boxes that Verbowski opened using fake names.

Verbowski, who is now 29 years old and lives in Seattle, pleaded guilty in June to one count of plot to sell fake drugs, one count of selling counterfeit drugs, and one count of using a phoney name on mail to commit a crime.

There were investigations into the case by the FBI, the Drug Enforcement Administration, the U.S. Postal Inspection Service, and Homeland Security Investigations.

Indian drug dealer imprisoned in US for dark web sales

Banmeet Singh, an Indian citizen 40 years old from Haldwani, has been sentenced to five years in jail in the US for trafficking drugs on the dark web and has been told to pay back about $150 million.

PTI said that Singh was caught in London in April 2019 because the US asked him to be. 

Banmeet SinghIn March 2023, he was sent back to the US. He admitted in January that he was involved in a plot to sell illegal drugs to launder money. Still, he pleaded guilty to conspiracy to commit money laundering and possession of controlled substances.

According to court records and statements, Banmeet set up vendor marketing tools on black market sites like Silk Road, Alpha Bay, Hansa, and others. He sold illegal drugs like fentanyl, LSD, ecstasy, Xanax, ketamine, and tramadol through these methods.

People who bought drugs from Singh through the vendor sites he ran did so using Bitcoin.

Singh, in the meantime, either personally shipped the drugs from Europe to the US or arranged for their shipment through US mail or another shipping service.

Singh was in charge of at least eight delivery cells in the US from 2012 to July 2017. These cells were in Ohio, Florida, North Carolina, Maryland, New York, North Dakota, Washington, and other places.

The Department of Justice said on Friday, “People in these distribution cells received drug shipments and then re-packed and re-shipped the drugs to places in all 50 states, Canada, England, Ireland, Jamaica, Scotland, and the US Virgin Islands.”

“Throughout the conspiracy, the Singh drug organization moved hundreds of kilograms of controlled substances throughout the United States and set up a multimillion-dollar drug business that laundered millions of dollars’ worth of drug proceeds in cryptocurrency currency account statements, which ultimately came to be worth about USD150 million,” an official release stated.

San Jose police arrest 2 and seize heroin, meth, cocaine in dark web bust

Police in San Jose said Thursday that they caught two people who they think were selling drugs on the “dark web.”

Around 7:45 p.m. on November 25, police in San Jose stopped a car near Alum Rock Avenue and South White Road. Officers reportedly found different amounts of illegal drugs in the vehicle during a search. This led police to get a search warrant for the driver’s home in San Jose.

Police said that they found several guns, cocaine, methamphetamine, heroin, opioids, and other drugs for sale in the house. Police are also said to have found proof in the house that drugs were being sent through the U.S. Postal Service.

Joshua Jordan, 36, of San Jose, the main suspect by police, was found with the stolen goods.

Two Suspects

After a four-month investigation that ended on November 27, San Jose police say they found that Jordan was selling illegal drugs on the dark web and only taking cryptocurrency as payment.

A second suspect, 36-year-old Jonathan Correll Jr. of San Jose, was also named. He was said to be working with Jordan to sell drugs on the dark web. The cops caught Jordan in Santa Clara on March 22 and Correll Jr. in San Jose. Several hundred grams of heroin, methamphetamine, cocaine, Xanax, Cialis, morphine, Psilocybin, and MDMA (also known as ecstasy) were reportedly found by detectives when they carried out search warrants at properties linked to the suspects. It was also taken two semiautomatic pistols, ammunition, a semiautomatic handgun with an extended magazine, and about $6,000 in cash.

Jordan and Correll Jr. were taken to the Santa Clara County Main Jail on suspicion of selling drugs and having guns without a license.

ED and FBI Busted Rs 3000 Crore Dark Web Drug Empire

India’s Enforcement Directorate (ED) and the US Federal Bureau of Investigation (FBI) have successfully busted a Rs 3,000 crore scam involving digital currencies in Uttarakhand, leading to the arrest of two individuals suspected of operating an international drug trafficking network. The operation began in August 2023 and involved an investigation by the ED. The ED identified two Indian nationals, Parvinder Singh and Banmeet Singh, who were apprehended from Haldwani, Uttarakhand, on April 27.

The suspects used dark web vendor marketplaces to facilitate drug sales, using anonymity provided by the internet’s hidden sectors. They used cryptocurrency transactions to exchange drugs for digital currencies, which were then laundered through various cryptocurrency wallets, complicating the traceability of the illicit money flow. The US FBI successfully seized digital currency assets worth approximately Rs 1,500 crore linked to the criminal network. The ED also recovered critical documents relevant to the case, which were shared with the FBI for further analysis and evidence gathering.

The operation highlights the growing nexus between digital currencies and criminal enterprises and underscores the need for international collaboration in tackling sophisticated schemes. Further investigations are underway to dismantle the network and mitigate the risk posed by similar operations in the future. The crackdown serves as a warning to those using advanced technologies for criminal activities, showcasing global law enforcement entities’ extensive reach and resolve.

I'm Chester Li, a cybersecurity and cryptography specialist based in Beijing, China with over a decade of experience. I focus on securing digital infrastructures and protecting sensitive information worldwide.

Leave a Reply

Your email address will not be published. Required fields are marked *

Back To Top