Cyber-demic’s Dark Side

October 2021

A monthly digest on dark web activity which is heavily influenced by the impact of COVID-19, remote working, nation state activity, seasonal scams, major data breaches, as well as general ID theft protection, data trends, tips and recommendations.

---------------------------------------------------------------------------------------------------------------

Notorious AlphaBay Admin “Desnake” is Back and Ready to Reboot the Site!

Recently, Andy Greenburg of Wired magazine - who is the best in the business when it comes to getting exclusive interviews with Dark Web King Pins - interviewed “Desnake” of AlphaBay fame...About 4 year ago, the US Department of Justice announced the takedown of AlphaBay, which was the biggest dark web market at the time…Thai police arrested the site's 26-year-old administrator, Alexandre Cazes, in Bangkok, and the FBI seized AlphaBay's central server in Lithuania taking down a marketplace that was selling hundreds of millions of dollars a year worth of hard drugs, hacked data, and other contraband to its 400,000-plus registered users…DeSnake?was AlphaBay's former number two administrator, security specialist, and self-described cofounder and he has eluded capture…DeSnake argues that new safeguards will make AlphaBay that much harder to remove from the dark web this time around...DeSnake credits his ongoing freedom to an operational security regimen that borders on the extreme…He says his work computers run an "amnesiac" operating system, like the security-focused Tails distribution of Linux, designed to store no data.

Top 5 Common Human Traits Cons & Cyber Hackers Exploit

It’s no surprise how people get conned online because we have inherent qualities that cyber criminals exploit…These hackers who are experts in social engineering use psychological manipulation to trick human beings into divulging sensitive information that can then be used to break into systems by preying on certain fundamental qualities most humans possess that threat actors utilize in order to pull off their attacks…I’m no expert in human behavior but according to a Dark Reading article which interviewed several social engineering experts, the Top 5 traits are: 1) People Want to Be Helpful - most humans have a desire to be helpful and to be viewed as friendly…That is why phishing and smishing attacks with the pretext of someone in need are so common and effective…2) People Are Trusting - once trust is established, threat actors manage to pull information out of their target they might not otherwise disclose…Once they have established rapport and a positive first impression with a potential target, it is much easier to successfully request information or access to sensitive personal or organizational assets. 3) People are Optimistic - research shows that optimistic bias can make people believe that they are less vulnerable than others to online risks associated with privacy…Threat actors understand and capitalize on the fact that people are typically not in a defensive mindset…4) People Fear Authority - fear is one of the largest motivators in social engineering scams…Many a bad decision in human history, as well as in current history, are being made in this state…5) People are Honest - humans will naturally correct false statements and this is often how threat actors exploit honesty…One way this manifests is that we tend to correct a complete stranger…This principle can be used by expert human hackers to exploit information from targets…For example:

In a conversation a threat actor may say:

·????????Hacker: I see you are a high-level executive and driven, you must be born a Capricorn and born in January, right?

·????????Victim: Almost but not exactly, I was born on December

·????????Hacker: I hope not December 25th

·????????Victim: No, the 2nd actually

The year can be figured out based on public records on high school or college graduations among other means…Now in a matter of a few seconds they have obtained their DOB since people want to be honest and they want to also have truthful information out there. Be careful.

What is a Zero-Day Exploit or Attack?

A zero-day exploit is an unknown exploit that exposes a vulnerability in software, firmware or hardware and can create complicated problems well before anyone realizes something is wrong…In fact, a zero-day exploit leaves NO opportunity for detections by network intrusion system, antivirus or antimalware software, or any available mitigation tools or techniques…A zero-day attack happens once the bug or software/hardware vulnerability, is exploited and attackers release malware before a developer has an opportunity to create a patch to fix the vulnerability—hence “zero-day”…Once a patch is written and used, the exploit is no longer called a zero-day exploit and is just a good old garden variety piece of malware...Why these attacks become major news stories is that these attacks are rarely discovered right away…In fact, it often takes not just days but months and sometimes years before a technologist and the public at large learn of the vulnerability that led to the attack...Read more about patches and cyber news in my colleague Mike Bruemmer's post.