How the Dark Web Works Sherri Davidoff, GCFA, GPEN LMG Security www.LMGsecurity.com @LMGSecurity September 18, 2018 Copyright LMG Security 2017. All rights reserved. 2 www.LMGsecurity.com Copyright LMG Security 2017. All rights reserved. 3 www.LMGsecurity.com Roadmap . Onion Routing & Tor − How WikiLeaks Began . Accessing the Dark Web . Silk Road 3.1 . The Goods − Payment card numbers − Passwords − Hospital records − Hacking tools − & more w.Mscrt.oCprgtLMG Security 2017. All rights reserved.www.LMGsecurity.comCopyright 4 Thanks to LMG’s Researchers! Matt Durrin David Fite Copyright LMG Security 2017. All rights reserved. 5 www.LMGsecurity.com Normal Web Surfing Destination Source Copyright LMG Security 2017. All rights reserved. 6 www.LMGsecurity.com Dark Web Surfing ? Source Destination Copyright LMG Security 2017. All rights reserved. 7 www.LMGsecurity.com Onion Routing . Anonymous web surfing . Source and destination cannot be seen . Message encrypted in layers . Peeled off at each node . Simplified example Copyright Sherri Davidoff 2018. All rights reserved. www.LMGsecurity.com8 Asymmetric (“Public Key”) Encryption http://www.newtechie.com/2011/09/types-of-encryption-what-is.html 9 Message encrypted in layers A B C Source Destination Copyright LMG Security 2017. All rights reserved. 10 www.LMGsecurity.com Address of B! A B C Source Destination Copyright LMG Security 2017. All rights reserved. 11 www.LMGsecurity.com Address of C! A B C Source Destination Copyright LMG Security 2017. All rights reserved. 12 www.LMGsecurity.com Address of Destination! A B C Source Destination w . M s c r t.o CprgtLMG Security 2017. All rights reserved.www.LMGsecurity.comCopyright 13 Exit A B C Source Destination Copyright LMG Security 2017. All rights reserved. 14 www.LMGsecurity.com Dark Web Surfing ? Source Destination Copyright LMG Security 2017. All rights reserved. 15 www.LMGsecurity.com Breaking Anonymity . Timing attacks . Entering identifying information − Social media − Bank account − Email address w . M s c r t.o CprgtLMG Security 2017. All rights reserved.www.LMGsecurity.comCopyright 16 Uses for Onion Routing . Military and intelligence . Illegal E-Commerce . Bypass censorship . Data Leaks . Learn about sensitive topics . Criminal communications (AIDS, birth control, etc) . Spies . Journalism . Protect children (location) . Anonymous whistleblowing w.Mscrt.oCprgtLMG Security 2017. All rights reserved.www.LMGsecurity.comCopyright 17 Tor Roger Dingledine Paul Syverson Nick Mathewson w . M s c r t.o CprgtLMG Security 2017. All rights reserved.www.LMGsecurity.comCopyright 18 Julian Assange (founder of WikiLeaks) Exit A B C Source Destination w . M s c r t.o CprgtLMG Security 2017. All rights reserved.www.LMGsecurity.comCopyright 19 Copyright LMG Security 2017. All rights reserved. 20 www.LMGsecurity.com WikiLeaks Submissions Copyright Sherri Davidoff 2018. All rights reserved. 21 www.LMGsecurity.com Visiting The Dark Web Tor Browser Onion address Copyright LMG Security 2017. All rights reserved. 23 www.LMGsecurity.com (We Aren’t Really in Germany) Let’s Find Some Links - Reddit Copyright LMG Security 2017. All rights reserved. 25 www.LMGsecurity.com Copyright LMG Security 2017. All rights reserved. 26 www.LMGsecurity.com Copyright LMG Security 2017. All rights reserved. 27 www.LMGsecurity.com Silk Road 3.1 Copyright LMG Security 2017. All rights reserved. 28 www.LMGsecurity.com Silk Road 3.1 Copyright LMG Security 2017. All rights reserved. 30 www.LMGsecurity.com Copyright LMG Security 2017. All rights reserved. 31 www.LMGsecurity.com Search Results - Emails Copyright LMG Security 2017. All rights reserved. 32 www.LMGsecurity.com Chat Forum Copyright LMG Security 2017. All rights reserved. 33 www.LMGsecurity.com Account Security Copyright LMG Security 2017. All rights reserved. 34 www.LMGsecurity.com Phishing Prevention Copyright LMG Security 2017. All rights reserved. 35 www.LMGsecurity.com PayPal/ Credit Card Accounts Copyright LMG Security 2017. All rights reserved. 38 www.LMGsecurity.com Dropbox ACcounts Stolen Passwords LinkedIn Passwords Seller Profile Copyright LMG Security 2017. All rights reserved. 43 www.LMGsecurity.com Copyright LMG Security 2017. All rights reserved. 44 www.LMGsecurity.com Hacked Bank Accounts Seller Profile Copyright LMG Security 2017. All rights reserved. 48 www.LMGsecurity.com Citizenship for Sale 250k Hospital Records Hospital Records Copyright LMG Security 2017. All rights reserved. 52 www.LMGsecurity.com Seller Ratings Remote Access to Your Computers Copyright LMG Security 2017. All rights reserved. 55 www.LMGsecurity.com Phones Hacking Tools (Empire Market) Software to Steal Credentials Copyright LMG Security 2017. All rights reserved. 59 www.LMGsecurity.com Ransomware for Sale Goldeneye Ransomware Cryptojacking for Sale Botnet & Support Phishing Tools Hire a Freelance Hacker Full Service Fraudsters Solutions: Check Out Our Recorded Cybercrime Spotlights! . Business email compromise / 04-11-18 . Reduce Your Cybersecurity Costs and Your Risk / 03-20-18 . Protecting Your Data with Encryption / 11-15-17 . Summer Hacking Update / 08-16-17 . How to Set Up Authentication That Works / 05-16-17 . Ransomware Prevention and Response / 06-14-17 w.Mscrt.oCprgtLMG Security 2017. All rights reserved.www.LMGsecurity.comCopyright 69 Questions? . Sherri Davidoff / LMG Security − Email: [email protected] − Phone: 406-830-3165 . www.LMGsecurity.com . @LMGSecurity 70 Note Disclaimer The descriptions contained in this communication are for preliminary informational purposes only and should not be taken as legal advice. The product is available on an admitted basis in some but not all US jurisdictions through Beazley Insurance Company, Inc., and is available on a surplus lines basis through licensed surplus lines brokers underwritten by Beazley syndicates at Lloyd’s. The exact coverage afforded by the product described herein is subject to and governed by the terms and conditions of each policy issued. The publication and delivery of the information contained herein is not intended as a solicitation for the purchase of insurance on any US risk. Beazley USA Services, Inc. is licensed and regulated by insurance regulatory authorities in the respective states of the US and transacts business in the State of California as Beazley Insurance Services (License#: 0G55497). CBEM664_US_09/18.