Dark Web Digest – September 2023 Edition

The term ‘dark web’ is often associated with all things illegal. In reality, this may only be half-true. While there is a lot of illicit activity on the dark web, it is also a place where people can communicate anonymously and securely, free from government surveillance. 

The dark web is also used for activities such as activism or whistleblowing. There are tons of news coming out from the dark web each month. The number of illegal activities is not only for the government but also affecting society. August is not so far behind if we compare it with past months on the dark web. 

Therefore, this month’s edition covers the latest dark web news from August, and headlines are leaks, dark web access sales, and vast databases of user information.

Dark Web - Hidden Wiki - Digest September 2023

NSW Man Charged Over Failed Dark Web Drug Imports

The Downing Centre Local Court will hear an alleged attempt to import synthetic opioids, among other illicit drugs, by a Western Sydney man today (August 29 2023).

Several items allegedly contained drugs, including cookware, toy cars, and a blackjack set.

ABF officers intercepted three British air cargo shipments in May 2023. There were 133 MDMA tablets, 100 oxycodone tablets, and 97 analogues of Nitazene, a potent opioid more potent than fentanyl. The third and fourth consignments contained 60g MDMA, 25g ketamine, 15g meth and 14g heroin.

The ABF alerted the AFP, who executed a warrant on May 19 2023, at the Greenfield Park address. The AFP seized fake ID cards, kitchen scales, spoons with white residue, and zip-lock bags.

The intended recipient is a 23-year-old Greenfield Park resident.

According to AFP, his regular encrypted communications with two other people in the UK helped import and traffic border-controlled

On May 20 2023, the man was charged with one count of attempted importation of border-controlled drugs in contravention of section 307.6 of the Criminal Code (Cth).

According to AFP Detective Superintendent Craig Bellis, while each package contained relatively small amounts of illicit drugs, they constituted dozens of individual street deals that harmed society.

Malicious AI Arrives on the Dark Web

Recently, artificial intelligence has advanced at an unprecedented pace, and nefarious non-state actors have been using it to expand their harmful activities. Dark web forums have been buzzing about using OpenAI’s ChatGPT. A tool called WormGPT, based on the open-source GPT-J large-language model developed in 2021, appeared on the dark web on July 13. It generates sophisticated phishing and business email attacks and writes malicious code.

FraudGPT, based on GPT-3 technology, appeared for sale on the dark web on July 22. It is marketed as an advanced bot for offensive purposes, costing US$200 a month to US$1,700 for an annual license. It’s too soon to know how effective WormGPT and FraudGPT are; the specific datasets and algorithms they are trained on are unknown. Furthermore, the malicious AI bots for sale could be scams in themselves.

AI offers enormous opportunities for nefarious actors to enhance their malicious activity and expand their operations. It can create convincing phishing emails and scrape the internet for personal details about a target. AI technology is getting smarter – fast. FraudGPT’s creator is developing DarkBART and DarkBERT, two new malicious AI tools with internet access and integrated with Google Lens.

AI-powered cybercrime will demand an even more proactive approach to cybersecurity, but good cyber hygiene and awareness training remain relevant as the first line of defence against cybercriminals.

Mother of Girl Nearly Sold on the Dark Web Gives Warning to Parents

A Jasper County man is accused of trying to sell a 16-year-old girl’s personal information on the dark web. The girl’s mother spoke exclusively to Atlanta News First. The FBI knocked on her door on June 29 of this year to deliver news they never expected. They told her a tipster, who lived in England, called the anonymous FBI tip line to say this woman’s daughter was in danger.

The mother said Ivey stole photos from their family’s Facebook page and sent them to a private account. Kelly Ivey tried to sell information about a 16-year-old female on the dark web, but her mother believed a higher power protected her daughter from being identified. She said people should not let their guard down, even in safe places.

ChatGPT’s Badboy Brothers for Sale on Dark Web

KrakenLabs, Outpost24’s threat intelligence team, has spotted several illicit adaptations of the AI large language learning model ChatGPT on the dark web. The foremost perversion appears to have been the lugubriously named WormGPT, a no-holds-barred deviation from the original that will obligingly perform tasks that its ‘ proper’ sibling would normally refuse to function.

CanadianKingpin12 advertised a chatbot last month that wrote malicious code, created hacking tools, and found system leaks and vulnerabilities. Prices for WormGPT, FraudGPT, DarkBERT, and DarkGPT vary widely. Last charges $100 for a month’s subscription, CanadianKingpin12 charges $90 for a month’s subscription, and DarkBERT offers $1,000 for a lifetime membership.

 

Artificial intelligence (AI) is one of the new ways threat actors achieve their goals, and it could drastically change the underground ecosystem. 

Last announced the end of WormGPT on August 9, citing too much publicity as a reason for hanging up the black hat. KrakenLabs put a slightly different slant on it, noting that the Telegram channels controlled by Last and DarkStux closed down the day the announcement was made.

A tool quickly gaining popularity is not always helpful, as it increases the chance of something going wrong. KrakenLabs noted a scam involving bogus adverts offering AI-enabled illegal digital tools, taking payment, and never delivering the promised articles. Even Last admitted that “anyone could reproduce what WormGPT did” by using jailbroken ChatGPT versions.

Thousands of Charity Donors Have Data Leaked on Dark Web After Telemarketer Hack

A cyberattack on telemarketer Pareto Phone has resulted in thousands of charity donors’ data being leaked onto the dark web. Three charities have said their donors’ data has been published on the dark web.

The attack was claimed by cyber criminal group LockBit, which said it had stolen 150 gigabytes of personal data.

The Fred Hollows Foundation is “deeply disappointed” that its data was still held by Pareto Phone, considering it hadn’t used its services for almost a decade. The charity has requested Pareto Phone delete any remaining donor data.

Another charity, Médecins Sans Frontières, has raised concerns about Pareto Phone and data retention. They have not worked with Pareto Phone for almost five years.

Professor Nigel Phair said, “organizations need to be careful when using third-party providers and should ensure that data is not kept beyond what is needed.”

He also said the “Privacy Commissioner now has increased penalties at their disposal.”

Cyble’s Dark Web Monitoring Helps Companies Comply with SEBI’s Cybersecurity Mandates

SEBI has rolled out comprehensive cybersecurity guidelines for Market Infrastructure Institutions in the wake of escalating cyber threats. These guidelines are a wake-up call for MIIs to beef up their cyber defences.

SEBI’s latest guidelines require MIIs to proactively monitor the dark web for stolen data, hacking tools, and other malicious artefacts. This allows them to gather crucial intelligence on emerging threats and vulnerabilities, better positioning themselves to mount a robust and timely defence.

Mandar Patil, SVP – Global Sales and Customer Success at Cyble, points out that cybersecurity can’t be a mere afterthought or a box to tick off a checklist. Cyble offers comprehensive dark web monitoring capabilities that meet SEBI’s requirements.

Brand abuse is a challenge for MIIs today. Dark web monitoring can help organizations safeguard their reputation and brand integrity.

The updated SEBI directives coincide with the Digital Personal Data Protection Bill 2023, which imposes substantial penalties for data breaches. Together, these initiatives signal an emerging consensus about the importance of a robust cybersecurity infrastructure for financial entities.

The Digital Personal Data Protection Bill 2023, which seeks to safeguard Indian citizens’ privacy, recently received approval in the Rajya Sabha.

Georgia Man Tried to Sell Teen Girl’s Location on Dark Web, Cops Say. Now He’s in Jail

Kelly Garret Ivey, 41, is accused of selling the location of a teenage girl on a dark website. The website showed pictures of the girl next to the advertisement.

Captain Billy Bryant, the lead investigator of the Jasper County Sheriff’s Office case, said information about the ad came through the FBI’s anonymous tip line. Investigators visited the family’s house and eventually linked the ad to Ivey via his accounts.

Bryant says. “The dark web is just like the regular internet. Anytime you do something, there are ways to backtrack that,” he said. The dark web is a network of online pages requiring certain software or authorization. The pages have less security than regular websites and have become hubs for illegal activity since the dark web’s conception in the early Internet era.

Ivey was arrested at his Forsyth home on June 30. He is in jail in Jasper County and was formally charged with cruelty to children in the first and second degree. He was also charged with human trafficking and attempting to commit a felony. The Telegraph will update this story if more information becomes available.

Police Send Warning Letters to ‘Dark Web’ Drug Buyers

A police officer has sent hundreds of warning letters to addresses that have received online requests for recreational and counterfeit drugs.

ERSOU is a joint effort between seven east-of-England police forces, including Norfolk and Suffolk, to combat organized crime. Investigations have revealed the sale of prescription, recreational, and stupefying drugs – known as ‘date rape’ drugs.

The dark web is a hidden part of the internet, often used as a criminal marketplace. The Eastern Region Special Operations Unit has seized more than £500,000 worth of illicit substances from dark web vendors over the last 18 months.

Detective Inspector Graham Paul said that many items for sale on the dark web are illegal and dangerous and that those who use it for illicit activity could be part of one of our investigations.

Charity Donor Details Leaked to Dark Web After Pareto Phone Breach

Some of Australia’s most high-profile charities have become inadvertently involved in a massive data breach with cybercriminals hacking thousands of donor details through a third party. The charity stressed that its systems had not been impacted.

The Fred Hollows Foundation said they had not worked with Pareto Phone since 2014 and had not known the data was still held by the company. The data does not contain financial, credit card or bank account information.

Professor Tanya Buchanan, CEO of Cancer Council Australia, told news.com.au it was still waiting for Pareto Phone to clarify how many donors’ data had been breached.

Pareto Phone did not respond to requests for comment but said it worked with forensic specialists to analyze affected files.

The hacking company, Pareto Phone, collected donations from charity supporters. The data breach occurred in April this year, affecting a “subset” of Canteen supporters.

Google One To Roll Out Dark Web Report For Subscribers

Google is reportedly in talks to roll out a new feature called Dark Web Report in India. This will alert users if their personal information is detected on the dark web, allowing them to safeguard themselves against fraudulent activities.

Users can activate the dark web report option to check if their details are on the dark web. They can also start real-time dark web monitoring to receive ongoing updates on new findings, recommended actions, and assistance.

Leave a Reply

Your email address will not be published. Required fields are marked *

Back To Top