So Nutzen Journalisten Das Darknet

Total Page:16

File Type:pdf, Size:1020Kb

So Nutzen Journalisten Das Darknet 30. Januar 2018 MAZ-Recherchetag www.maz.ch/recherchetag18 Otto Hostettler Redaktor/Reporter Beobachter +41 (0) 76 436 77 59 [email protected] @ottobeobachtet keybase.io/hostettlerotto So nutzen Journalisten das Darknet Das Darknet bietet nicht nur Drogendealern und Waffenhändlern eine diskrete Plattform. Journalisten fin- den hier spannende Geschichten, Protagonisten, Augenzeugen. Tipps und Tricks für nützliche Tools für Re- cherchen im Darknet. Achtung: Je heikler eine Recherche, desto höher sollte der Schutz der Privatsphäre sein. I. Einstiegsportal, Übersicht, allgemeine Informationen DeepDotWeb DeepDotWeb ist ein internationales Informationsportal über Ereignisse im Darknet und der kriminellen Un- terwelt (Drogenhandel, Hacking, Kryptowährungen, organisierte Kriminalität etc). Aufgelistet sind auch die wichtigsten anonymen Marktplätze im Darknet (und deren aktueller Verfügbarkeit) mit zahlreichen aktuel- len Erfahrungsberichten. Gute Einsteigerseite für Darknet-Neulinge. www.deepdotweb.com II. Navigation im Darknet Google indexiert keine «.onion-Seiten». Die Navigation im Darknet verläuft meist über Linklisten und Emp- fehlungen. Hidden-Wiki Das wohl wichtigste Verzeichnis mit kategorisierten Links nennst sich Hidden Wiki. Achtung, es kursieren zahlreichen Verzeichnisse, die vorgeben, das „originale“ Hidden Wiki zu sein. http://kpvz7ki2lzvnwve7.onion/wiki/index.php/Main_Page Grams Bekannteste Darknet-Suchmaschine, seit Mitte Dezember 2017 «down». «gramsadmin» kündigte die Schliessung selber an. Torch Gibt an, eine Million Seiten zu durchsuchen. Suchmaschine für Drogenmärkte. xmh57jrzrnw6insl.onion Not Evil Findet Resultate auf verschiedensten Hidden-Sites. http://hss3uro2hsxfogfq.onion/ Ahmia Dieser Suchdienst ist auch über das offene Internet verfügbar (um die «.onion-Seiten» aber aufzurufen, muss man in den TOR-Browser wechseln). Dieser Dienst gibt an, 5000 Hidden Services zu durchsuchen. https://ahmia.fi/ msydqstlz2kzerdg.onion DuckDuckGo Ein Hidden Service für die (anonyme) Suche im offenen Internet. b6siqj6jyj5qwb5a.onion III. Anonymes Betriebssystem Tails Tails ist ein Betriebssystem, das darauf abzielt, Anonymität und Privatsphäre zu wahren. Tails steht für the amnesic incognito live system, und ist ein Projekt von TOR. Vorzugsweise direkt ab USB-Stick starten, so hinterlässt man auf dem PC keine Spuren. https://tails.boum.org/index.de.html IV. Daten verschlüsselt abspeichern und teilen Onionshare Ein TOR-Projekt. Es ermöglicht, Dateien mit jemandem sicher und anonym zu teilen. (Tor-Browser nötig, um die freigegebene Datei herunterzuladen). https://onionshare.org/ http://elx57ue5uyfplgva.onion/ MEGA Verschlüsselte Cloud, via Browser-App. Opensource. Gratisversion bis 50 GB. moz-extension://457669dd-89a1-ca48-bd84-78cc045850ab/mega/secure.html#start V. Verschlüsselt kommunizieren (Chat), Daten speichern Keybase Verschlüsseltes Chat-Programm. Durch eine Vielzahl von Identifikationen (Smartphone, Desktop, FB, Twit- ter etc), kann die persönliche Identität dokumentiert werden. Je mehr Identifikationen, desto glaubwürdiger. Enthält auch ein Tool zur gemeinschaftlichen Arbeit an Projekten (wie z.B. Slack) sowie eine verschlüsselte Cloud (Daten speichern, Ordner teilen). https://keybase.io Threema Verschlüsseltes Chat-Programm; Personen sind zwar via Mobilnummer auffindbar, aber für eine vollstän- dige Authentifizierung benötigt man den direkten Kontakt. Man scannt sich gegenseitig den QR-Code. Erst dann ist man sich sicher, dass es sich bei der gegenüberliegenden Person um jene des Vertrauens handelt. Neu auch mit Telefon-Funktion. www.threema.ch Bitmessage TOR-basierter Messenger-Dienst. Sender/Empfänger benötigen Bitmessage und bleiben vollständig ano- nym. Vorzugsweise ab USB-Stick benutzt, damit auf der HD keine Spuren entstehen. https://bitmessage.de.uptodown.com/windows Protonmail.com Kostenloser verschlüsselter Mailanbieter. Schweizer Projekt (CERN). Tipp: Konto eröffnen im normalen Browser (mit TOR nicht möglich). E-Mails-Checken via TOR. https://protonmail.com/ Signal Opensource, ermöglicht verschlüsseltes Chatten; Telefonieren (ähnlich wie Threema) https://signal.org/ 2/3 Ricochet Anonymer Instantmessenger; Chatprogramm, das die Kommunikation über automatisch erzeugte Darknet- adressen abwickelt. Eliminiert Metadaten. https://ricochet.im/ 3/3 .
Recommended publications
  • The Current Economics of Cyber Attacks
    The Current Economics of Cyber Attacks Ron Winward Security Evangelist October 17, 2016 What Are We Talking About Historical Context Does Hacking Pay? Cyber Aack Marketplace Economics of Defenses: Reality Check 2 Once Upon a Time… 3 Story of the Automobile Ideal economic condions help fuel and grow this industry Be&er Roads Assembly Line Ideal Economic Condi9ons Growth 4 Cyber Attacks Reaching a Tipping Point More Resources More Targets More Mature Availability of low More high value, A level of maturity cost resources increasingly vulnerable that drives efficiency targets leads to more and ensures valuable informaon anonymity The economics of hacking have turned a corner! 5 Modern Economics of Cyber Attacks and Hacking 6 Do You Romanticize Hackers? 7 Reality of Today’s Hackers May look more like this . than like this 8 Today’s Adversary: Not always the Lone Wolf Structured organizaon with roles, focus Premeditated plan for targe9ng, exfiltraon, mone9zaon of data/assets Mul9-layered trading networks for distribu9on, Source: HPE: the business of hacking obfuscaon Why? Because increasingly, CRIME PAYS! 9 Or Does It? The average aacker earns approximately ¼ of the salary of an average IT employee The cost and 9me to plan aacks has decreased Be&er access to be&er tools makes aacks easier Remember: Nobody is trying to be “average” 10 Sophisticated Understanding of Value Mone9zable criminal enterprise Credit Cards Medical Records Intellectual Property Creden9als Vulnerabili9es Exploits 11 The Economics of Web Attacks Hacker steals US healthcare
    [Show full text]
  • The Internet and Drug Markets
    INSIGHTS EN ISSN THE INTERNET AND DRUG MARKETS 2314-9264 The internet and drug markets 21 The internet and drug markets EMCDDA project group Jane Mounteney, Alessandra Bo and Alberto Oteo 21 Legal notice This publication of the European Monitoring Centre for Drugs and Drug Addiction (EMCDDA) is protected by copyright. The EMCDDA accepts no responsibility or liability for any consequences arising from the use of the data contained in this document. The contents of this publication do not necessarily reflect the official opinions of the EMCDDA’s partners, any EU Member State or any agency or institution of the European Union. Europe Direct is a service to help you find answers to your questions about the European Union Freephone number (*): 00 800 6 7 8 9 10 11 (*) The information given is free, as are most calls (though some operators, phone boxes or hotels may charge you). More information on the European Union is available on the internet (http://europa.eu). Luxembourg: Publications Office of the European Union, 2016 ISBN: 978-92-9168-841-8 doi:10.2810/324608 © European Monitoring Centre for Drugs and Drug Addiction, 2016 Reproduction is authorised provided the source is acknowledged. This publication should be referenced as: European Monitoring Centre for Drugs and Drug Addiction (2016), The internet and drug markets, EMCDDA Insights 21, Publications Office of the European Union, Luxembourg. References to chapters in this publication should include, where relevant, references to the authors of each chapter, together with a reference to the wider publication. For example: Mounteney, J., Oteo, A. and Griffiths, P.
    [Show full text]
  • Virtual Currencies and Terrorist Financing : Assessing the Risks And
    DIRECTORATE GENERAL FOR INTERNAL POLICIES POLICY DEPARTMENT FOR CITIZENS' RIGHTS AND CONSTITUTIONAL AFFAIRS COUNTER-TERRORISM Virtual currencies and terrorist financing: assessing the risks and evaluating responses STUDY Abstract This study, commissioned by the European Parliament’s Policy Department for Citizens’ Rights and Constitutional Affairs at the request of the TERR Committee, explores the terrorist financing (TF) risks of virtual currencies (VCs), including cryptocurrencies such as Bitcoin. It describes the features of VCs that present TF risks, and reviews the open source literature on terrorist use of virtual currencies to understand the current state and likely future manifestation of the risk. It then reviews the regulatory and law enforcement response in the EU and beyond, assessing the effectiveness of measures taken to date. Finally, it provides recommendations for EU policymakers and other relevant stakeholders for ensuring the TF risks of VCs are adequately mitigated. PE 604.970 EN ABOUT THE PUBLICATION This research paper was requested by the European Parliament's Special Committee on Terrorism and was commissioned, overseen and published by the Policy Department for Citizens’ Rights and Constitutional Affairs. Policy Departments provide independent expertise, both in-house and externally, to support European Parliament committees and other parliamentary bodies in shaping legislation and exercising democratic scrutiny over EU external and internal policies. To contact the Policy Department for Citizens’ Rights and Constitutional Affairs or to subscribe to its newsletter please write to: [email protected] RESPONSIBLE RESEARCH ADMINISTRATOR Kristiina MILT Policy Department for Citizens' Rights and Constitutional Affairs European Parliament B-1047 Brussels E-mail: [email protected] AUTHORS Tom KEATINGE, Director of the Centre for Financial Crime and Security Studies, Royal United Services Institute (coordinator) David CARLISLE, Centre for Financial Crime and Security Studies, Royal United Services Institute, etc.
    [Show full text]
  • Databreaches in Healthcare the Attractiveness of Leaked Healthcare Data for Cybercriminals 2 Whitepaper: Databreaches in Healthcare
    Databreaches in Healthcare The attractiveness of leaked healthcare data for cybercriminals 2 Whitepaper: Databreaches in healthcare Table of Contents Introduction.................................................................................................. 5 An international problem ............................................................................................................................ 6 The risk of digitization ................................................................................................................................ 6 The medical IoT ............................................................................................................................................ 7 Overview of the attack vector: What has Healthcare suffered in the past? ............................................ 8 What are the most common causes of health data compromise? ................................................................... 10 Hacking/IT incidents ................................................................................................................................. 10 Social Engineering......................................................................................................................................11 Examples ......................................................................................................................................................11 Why is the healthcare vertical such an attractive target?.......................................................................
    [Show full text]
  • DARK WEB INVESTIGATION GUIDE Contents 1
    DARK WEB INVESTIGATION GUIDE Contents 1. Introduction 3 2. Setting up Chrome for Dark Web Access 5 3. Setting up Virtual Machines for Dark Web Access 9 4. Starting Points for Tor Investigations 20 5. Technical Clues for De-Anonymizing Hidden Services 22 5.1 Censys.io SSL Certificates 23 5.2 Searching Shodan for Hidden Services 24 5.3 Checking an IP Address for Tor Usage 24 5.4 Additional Resources 25 6. Conclusion 26 2 Dark Web Investigation Guide 1 1. Introduction 3 Introduction 1 There is a lot of confusion about what the dark web is vs. the deep web. The dark web is part of the Internet that is not accessible through traditional means. It requires that you use a technology like Tor (The Onion Router) or I2P (Invisible Internet Project) in order to access websites, email or other services. The deep web is slightly different. The deep web is made of all the webpages or entire websites that have not been crawled by a search engine. This could be because they are hidden behind paywalls or require a username and password to access. We are going to be setting up access to the dark web with a focus on the Tor network. We are going to accomplish this in two different ways. The first way is to use the Tor Browser to get Google Chrome connected to the the Tor network. This is the less private and secure option, but it is the easiest to set up and use and is sufficient for accessing material on the dark web.
    [Show full text]
  • Social Media Investigations Within the Dark Web About the Presenters
    Social Media Investigations Within the Dark Web About the presenters Joe Church Founder & Owner Digital Shield, Incorporated Ashley Luna Product Manager X1 John Patzakis Executive Chairman X1 Agenda • X1 Overview • Digital Shield Overview • Introduction to the Dark Web • Accessing the Dark Web • Dark Web Collection Demo • Interactive Q&A X1 Social Discovery • Designed for investigative professionals to collect social posts, website content, webmail, and YouTube videos and other social media types all from within a single user interface. • Supports the simultaneous collection of content and metadata • Legally defensible collections that preserve chain of custody. • Build on X1’s patented & proven fast-as-you-type search technology Presenter Background • Joe Church – Digital Shield, Inc. • Prior LE/Federal LE • Private Business • Litigation Support • State/Federal/International Testimony • Case Work • Leading Technology • Course Development • Major Vendors Internet Layers Surface Web • Also called: ▫ World Wide Web ▫ Clearnet ▫ Visible Web • Topmost level of the web, searchable by surface crawlers ▫ Examples: Bing, Google, Yahoo Deep Web • Also called: ▫ Deepnet ▫ Invisible Web ▫ Hidden Web • Second level of the web • Cannot be reached by traditional search engines Dark Web • Also called: ▫ Darknet • Small portion of the Internet that is intentionally hidden ▫ Restricted, encrypted, and not fully indexed ▫ Often associated with criminal activity ▫ Originally developed by US military researches Dark Web • Creates an Overlay Network, a new
    [Show full text]
  • Mass Surveillance
    Mass Surveillance Mass Surveillance What are the risks for the citizens and the opportunities for the European Information Society? What are the possible mitigation strategies? Part 1 - Risks and opportunities raised by the current generation of network services and applications Study IP/G/STOA/FWC-2013-1/LOT 9/C5/SC1 January 2015 PE 527.409 STOA - Science and Technology Options Assessment The STOA project “Mass Surveillance Part 1 – Risks, Opportunities and Mitigation Strategies” was carried out by TECNALIA Research and Investigation in Spain. AUTHORS Arkaitz Gamino Garcia Concepción Cortes Velasco Eider Iturbe Zamalloa Erkuden Rios Velasco Iñaki Eguía Elejabarrieta Javier Herrera Lotero Jason Mansell (Linguistic Review) José Javier Larrañeta Ibañez Stefan Schuster (Editor) The authors acknowledge and would like to thank the following experts for their contributions to this report: Prof. Nigel Smart, University of Bristol; Matteo E. Bonfanti PhD, Research Fellow in International Law and Security, Scuola Superiore Sant’Anna Pisa; Prof. Fred Piper, University of London; Caspar Bowden, independent privacy researcher; Maria Pilar Torres Bruna, Head of Cybersecurity, Everis Aerospace, Defense and Security; Prof. Kenny Paterson, University of London; Agustín Martin and Luis Hernández Encinas, Tenured Scientists, Department of Information Processing and Cryptography (Cryptology and Information Security Group), CSIC; Alessandro Zanasi, Zanasi & Partners; Fernando Acero, Expert on Open Source Software; Luigi Coppolino,Università degli Studi di Napoli; Marcello Antonucci, EZNESS srl; Rachel Oldroyd, Managing Editor of The Bureau of Investigative Journalism; Peter Kruse, Founder of CSIS Security Group A/S; Ryan Gallagher, investigative Reporter of The Intercept; Capitán Alberto Redondo, Guardia Civil; Prof. Bart Preneel, KU Leuven; Raoul Chiesa, Security Brokers SCpA, CyberDefcon Ltd.; Prof.
    [Show full text]
  • Drugs and the Internet
    DRUGS AND THE INTERNET DRUGS AND THE INTERNET Issue 8, May 2017 Funded by the Australian Government under the Substance Misuse Prevention and Service Improvement Grants Fund Product of: Drugs and New Technologies Recommended Roxburgh, A., Van Buskirk, J., Burns, L., and Bruno, R. (2017). Drugs and the Internet, Citation: Issue 8, May 2017. Sydney: National Drug and Alcohol Research Centre. To date the availability of illicit drugs has largely been examined through; household surveys and interviews with people who use drugs, indicators such as drug seizures and arrests, and analyses of hospital admissions and drug-related deaths. Over the past decade there has been an increasing awareness and interest in online marketplaces as a source for discussion about and purchase of drugs (Walsh, 2011). The advent of the Silk Road in 2011, an online marketplace operating on the ‘darknet’ (marketplaces operating on the ‘darknet’ are known as ‘cryptomarkets’), broadened the availability of new psychoactive substances (NPS) and other more conventional illicit substances (such as cannabis and MDMA). After the closure of the Silk Road in October 2013, multiple new marketplaces emerged to take its place (Van Buskirk et al, 2014). The closure of Silk Road 2.0 and a large international law enforcement operation in November 2014 (dubbed Operation Onymous) have seen major changes in remaining darknet marketplaces. In addition to this, threats such as hacking attacks and exit scams (whereby markets close down taking any bitcoins held in escrow) continue to cause disarray in cryptomarkets. This bulletin is the eighth in a series and provides analysis of trends over time in the availability and type of substances sold via the internet on the darknet.
    [Show full text]
  • From Dealer to Doorstep – How Drugs Are Sold on the Dark Net Alois Afilipoaie and Patrick Shortis
    GDPO Situation Analysis June 2015 From Dealer to Doorstep – How Drugs Are Sold On the Dark Net Alois Afilipoaie and Patrick Shortis Subject The growing trade in narcotics being sold over the Tor Dark Net is causing academics, law enforcement and policy makers to reassess the impact of ICT technology on real-world crime. Despite growing media attention there are many misconceptions about the difficulty involved and technical knowledge required to participate in these markets and successfully make a sale or purchase. This Situation Analysis aims to explain some of the common practices that vendors and customers alike undertake in order to conduct a secure purchase or sale. The Common Starting Point: Computer Security Regardless of buying or selling, both parties must first ensure their computer system is properly secure before engaging in illicit activity. An average internet user leaves data trails that law enforcement can follow and therefore understanding how to obfuscate or remove these trails altogether is a constant concern of Dark Net market participants. Tor1, Bitcoin2 and PGP (Pretty Good Encryption) 3 encryption are three key technologies that allow successful participation in Dark Net markets. • Tor - Makes tracking a user via their IP address very difficult by bouncing encrypted data through relays prior to their intended destination. • Bitcoin - Allows members to use a currency that is difficult to trace to a real-world identity and easy to launder online. • PGP - Allows messages that might be intercepted by third parties to remain unreadable by anyone who is not the intended recipient of the message, rendering attempts to intercept and read messages between users extremely difficult.
    [Show full text]
  • A Framework for More Effective Dark Web Marketplace Investigations
    information Article A Framework for More Effective Dark Web Marketplace Investigations Darren R. Hayes 1,2, Francesco Cappa 3,* ID and James Cardon 1 1 Seidenberg School of Computer Science & Information Systems, Pace University, One Pace Plaza, New York, NY 10038, USA; [email protected] (D.R.H.); [email protected] (J.C.) 2 Dipartimento di Ingegneria Meccanica e Aerospaziale, Sapienza Università di Roma, Via Eudossiana 18, 00184 Roma, Italy 3 Department of Business and Management, LUISS Guido Carli University, Viale Pola 12, 00198 Roma, Italy * Correspondence: [email protected] Received: 30 May 2018; Accepted: 23 July 2018; Published: 26 July 2018 Abstract: The success of the Silk Road has prompted the growth of many Dark Web marketplaces. This exponential growth has provided criminal enterprises with new outlets to sell illicit items. Thus, the Dark Web has generated great interest from academics and governments who have sought to unveil the identities of participants in these highly lucrative, yet illegal, marketplaces. Traditional Web scraping methodologies and investigative techniques have proven to be inept at unmasking these marketplace participants. This research provides an analytical framework for automating Dark Web scraping and analysis with free tools found on the World Wide Web. Using a case study marketplace, we successfully tested a Web crawler, developed using AppleScript, to retrieve the account information for thousands of vendors and their respective marketplace listings. This paper clearly details why AppleScript was the most viable and efficient method for scraping Dark Web marketplaces. The results from our case study validate the efficacy of our proposed analytical framework, which has relevance for academics studying this growing phenomenon and for investigators examining criminal activity on the Dark Web.
    [Show full text]
  • The Nature of Censorship and Regulation of the Darknet in the Digital Age
    PME Nr 3/2020 The nature of censorship and regulation of the darknet in the Digital Age Petya Peteva1 Latest data from Freedom House shows that, up to date, over 3.8 billion people have access to the Internet2. With the advance of the Information Age and with the ever-growing number of Internet users worldwide, multiple heated debates continue taking place on whether cyberspace should be regulated and/or censored, and to what extent, so that it strikes the right balance between respecting fundamental human rights, such as freedom of expression on the one hand, and ensuring public security and safety on the other. While cyberspace censorship has turned to be a political hot potato, there are still corners of cyberspace that, in the meantime, are practically unregulatable due to their anonymity and intractability of their users. This so-called „darknet”, while not without its benefits, has also infamously posed a considerable obstacle for law enforcement authorities in combating crime and has provided a safe haven for nefarious individuals and illegal activities to take place with impunity. Introduction various censorship techniques exist that have been utilized in multiple contexts in order to support this view. „Cyber-space”, understood as a concept, is a borderless and timeless, fully-digitalized dimension, which has even Censorship techniques been considered as a „consensual hallucination”3, where people can express thoughts and opinions and be connected The so-called man-in-the-middle (MITM) attacks that 4 through a global „network of networks” . It is a revolutionary disrupt the connection between web browsers and servers communication platform that has given rise to a ”network have been stated to be in the heart of all censorship methods society”5.
    [Show full text]
  • Bibliography
    Bibliography Abbot, R. (2010). “An Onion a Day Keeps the NSA Away.” Journal of Internet Law 13(11): 22–28. Ablon, L., et al. (2014). Markets for Cybercrime Tools and Stolen Data: Hackers’ Bazaar, Rand Corporation. ACBPS (2013). Australian Customs and Border Protection Service Annual Report 2012–2013, A. C. a. B. P. Service. AFP (2012). Drug Importers Targeted in Nationwide Parcel Post Blitz. Canberra, Australia. Aldridge, J. and D. Décary-Hétu (2014). “Not an ‘Ebay for Drugs’: The Cryptomarket ‘Silk Road’ as a Paradigm Shifting Criminal Innovation.” Available at SSRN. Alexander, M. (2012). The New Jim Crow: Mass Incarceration in the Age of Colorblindness, New York, The New Press. ANAO (2011). Risk Management in the Processing of Sea and Air Cargo Imports. Anderson, E. (2014). Edmond Postal Worker Accused of Trafficking Drugs. News9.com. Anthony, R. and A. Fries (2004). “Empirical Modelling of Narcotics Trafficking from Farm Gate to Street.” Bull Narc: 1–48. Ball, J., et al. (2013). “NSA and GCHQ Target Tor Network That Protects Anonymity of Web Users.”The Guardian, Guardian News and Media Limited. Barratt, M. J. (2012). “Silk Road: eBay for Drugs.” Addiction 107(3): 683–683. Barratt, M. J., et al. (2013). “Use of Silk Road, The Online Drug Marketplace, in the UK, Australia and the USA.” Addiction. DOI: 10.1057/9781137399052.0009 Bibliography Barratt, M. J., et al. (2013). “Internet Content Regulation, Public Drug Websites and the Growth in Hidden Internet Services.” Drugs: Education, Prevention, and Policy 20(3): 195–202. Baum, D. (1996). Smoke and Mirrors: The War on Drugs and the Politics of Failure.
    [Show full text]