Bomb threats for sale for $5?
Robert de Haan
Information Security Consultant @ Cypro | Cyber Security Risk and Compliance
French police have arrested an 18-year-old schoolboy for failing to cooperate with an investigation into bogus bomb threats.
The young man, identified as Vincent L., was taken into custody on Monday.
His arrest was connected to an investigation into hoax calls that forced thousands of schoolchildren to be evacuated from eight Paris high schools at the end of January.
Yet more calls placed last Monday, 8 February, forced more than 1,700 students, 200 teachers and 100 staff out of a school and a college, and more yet were placed in Lyon.
Calls have also been placed in France, Italy, Australia, the UK, Sweden, Japan and the US.
A police source told the French newspaper The Local that the calls all sound “virtually identical,” with the voice being “metallic sounding as if played via a tape recorder.”
In Australia, a school receptionist likewise said that he or she had received a “computerized” message through a phone call that claimed there was a “bomb in a backpack but no more specifics”.
French investigators say that a group calling itself Evacuation Squad has used services to send anonymous calls.
They’ve purchased such services on a Dark Web site called Darkness.su, which provides anonymousXMPP communication services.
According to Le Monde, French police say that Vincent L. is the administrator of Darkness.su.
Police took him to headquarters after he refused to provide the encryption key needed to unlock data on his laptop, which police are seeking as they search for clues as to the identity of Evacuation Squad members.
Evacuation Squad has claimed responsibility on Twitter for most of the malicious calls.
Softpedia reports that the group has been using two Twitter accounts, @Ev4cuati0nSquad and @SwatTheW0rld, both of which have been suspended.
According to Le Monde, Evacuation Squad recently published a proposed list of fees, along with means of communicating for interested buyers.
The PasteBin note (since deleted) said that Evacuation Squad was taking free requests until 1 March 2016, for locations where it would make bomb threats.
After that date, the group announced, it would be taking Bitcoin payments for bomb threats carried out against custom targets.
The fees: $5 worth of Bitcoin for schools and company headquarters, $10 worth of Bitcoin for courthouses and entire school districts, $20 worth of Bitcoin for sports events and major conventions, and $50 worth of Bitcoin for “major” sports events, Softpedia reports.
Another $5 worth of Bitcoin would enable purchasers to frame somebody for the swatting calls.
Police are keen on getting at the data on Vincent L.’s laptop because they believe that calls were placed with the anonymous Darkness.su XMPP service.
The group listed two email addresses where people could contact them: one was on the main darkness.su domain.
A French court has said that nothing points to Vincent L. having been aware of the activities passing through his server. He’s only been indicted on a charge of refusing to hand over his encryption key.
Meanwhile, IBTimes UK found an advert for “Swatting and bomb threat services” on a dark web marketplace for around the same cost as those above.
As the publication reports, bomb threats against British schools were being offered for less than £5 ($7 USD).
The publication found that with two days’ notice, anonymous hoax calls could be purchased and placed to schools, universities and even nurseries in the UK, Ireland, US and Canada, at a rate of 20 calls per hour.
One vendor told an undercover reporter that calls about bombs and gunmen prowling busy buildings could be had for just £4.80 if the buyer bought in bulk and ordered more than 10 at once.
The publication quoted the vendor:
If you want me to call in bomb threats to many schools in the London region or in the UK at one time I can make a discount.
The seller promised IBTimes UK that a “very high-quality digital voice” is used to make the calls: one that’s “barely noticeable as a digital voice… most of the people that answer the call think it’s a real person talking.”
IBTimes UK says that according to transaction records, the seller’s doing brisk business: 50 were recorded in a single day in February 2016.
Mentor. 3600+ Connections
9 年We just can't avoid technology being used for evil, especially when there's money involved. This goes to show just hope little money is required. You can imagine this "system" running in a cloud somewhere and being totally automated, while the mastermind sits on a beach somewhere cooking up his next scheme.