Dealer

now browsing by tag

 
 

#deepweb | Indian authorities arrest their first crypto dark web drug dealer

Source: National Cyber Security – Produced By Gregory Evans

  • The suspect, Dipu Singh, is accused of selling psychotropic and prescription pills on the dark web.
  • He was taken into custody by the central anti-narcotics agency under the Narcotic Drugs and Psychotropic Substances (NDPS) Act.

In an investigation done by the Narcotics Control Bureau (NCB), India has caught its first darknet crypto drug dealer. The authorities have seized 55,000 tablets in the arrest. The NCB participated in “Operation Trance” – a multinational crackdown on illicit dark web drug sales using couriers, international postal services, and private parcel deliveries.

Global post offices and international courier services were used as logistics for illicit trade. The payments gateways of cryptocurrency were used by the operators to conceal the transactions from law enforcement agencies.

The accused, Dipu Singh, is a 21-year old whose father is a retired army officer. Singh is accused of selling many psychotropic and prescription pills on the dark web and shipping them to the US, Romania, Spain, and other countries.

He started out by selling health supplements and erectile dysfunction medication on major dark web markets. Later, he began selling tramadol, zolpidem, alprazolam and other psychotropic prescription medications. The suspect was taken into custody by the central anti-narcotics agency under the Narcotic Drugs and Psychotropic Substances (NDPS) Act. 

 

Source link
——————————————————————————————————

The post #deepweb | <p> Indian authorities arrest their first crypto dark web drug dealer <p> appeared first on National Cyber Security.

View full post on National Cyber Security

#cybersecurity | hacker | PureLocker ransomware built for targeted attacks, linked to MaaS dealer

Source: National Cyber Security – Produced By Gregory Evans

A newly discovered ransomware called PureLocker is targeting the production servers of enterprises, while exhibiting some behavior that’s very unusual for most malicious encryptors.

Among its quirky features: it’s written in the PureBasic programming language, which helps it avoid conventional anti-malware detection engines; it’s very picky about who it infects, only executing if the victim machine passes a series of checks; and it appears to be used as a later stage of a larger multi-stage attack.

Researchers from Intezer and IBM X-Force IRIS analyzed the ransomware and detailed their findings in a joint blog post this week. “PureLocker is a rather unorthodox ransomware,” said Interzer security researcher Michael Kajiloti. “Instead of trying to infect as many victims as possible, it was designed to conceal its intentions and functionalities unless executed in the intended manner. This approach has worked well for the attackers who have managed to successfully use it for targeted attacks, while remaining undetected for several months.”

Much of PureLocker’s code is unique, but a certain portion, including its dropper program and its built-in evasion and anti-analysis functionalities, is borrowed from a backdoor malware called more_eggs, which is sold on cybercrime forums by a prominent malware-as-a-service provider. “These findings strongly suggest that the MaaS provider of ‘more_eggs’ has added a new malware kit to its offerings, by modifying the ‘more_eggs’ loader’s payload from a JScript backdoor to a ransomware,” the blog post concluded.

The more_eggs backdoor has been used in the past by financially motivated cybercriminal groups including the Cobalt Gang and FIN6. However, it has not been determined if one of these groups or another threat actor is responsible for distributing PureLocker.

The researchers only looked at samples that target Windows, but there are also PureLocker variants that can infect Linux-based machines as well. One Windows sample was disguised as C++ cryptography library called Crypto++, Kajiloti reported. From Oct. 13-30, the sample went almost completely undetected in VirusTotal scan results — a feat the researchers attributed to the use of PureBasic as a programming language.

“AV vendors have trouble generating reliable detection signatures for PureBasic binaries,” the blog post said. “In addition, PureBasic code is portable between Windows, Linux, and OS-X, making targeting different platforms easier.”

Shortly after installation, the malware goes through a thorough series of checks. It makes sure it’s not being analyzed or debugged, that its being executed by the command-line utility “regsrv32.exe,” that its file extension is .dll or .ocx, that the current year on the machine is 2019, and that it has administrator rights. If it does not pass all these checks, the malware exits and does not perform its attack.

If it does pass the checks, PureLocker encrypts primarily data files with AES and RSA algorithms and adds a .CR1 extension to them. It then secure-deletes the original files to thwart recovery efforts. The ransomware note threatens the victim that the private key will be erased in seven days, and leaves an email address to contact regarding payment.

Original Source link

The post #cybersecurity | hacker | PureLocker ransomware built for targeted attacks, linked to MaaS dealer appeared first on National Cyber Security.

View full post on National Cyber Security

#deepweb | US Court Orders Dark Web Drug Dealer to Forfeit $150K in Bitcoin

Source: National Cyber Security – Produced By Gregory Evans

A United States court has ordered Christopher Bania, who recently pleaded guilty to drug distribution, to give up almost 17 Bitcoin (BTC) — worth roughly $150,000 at press time.

The plea, order and sentencing

Per the Oct. 19 order from a court in Wisconsin, Bania will need to forfeit “Approximately 16.91880054 Bitcoin seized from Bania’s ‘Local Bitcoins’ account.” Though worth roughly $153,100 as of publication, it is much less than the 124 BTC that the court is returning to the defendant, alongside various other cryptocurrencies and over $50,000 in cash seized from his residence upon arrest.

Though originally charged with money laundering, importation of controlled substances and maintaining a drug property, Bania’s plea on Sept. 6 was to the single charge of possession of controlled substances with intent to distribute, which carries a maximum sentence of 20 years in jail. 

Bania’s plea admits to selling marijuana, cocaine, MDMA and LSD on the dark web. However, he denies distributing the methamphetamines, heroin and cocaine base that authorities also found at his home. 

U.S. border patrol originally launched the investigation into Bania’s dealings after intercepting two packages from Belgium containing MDMA. Investigators were able to trace Bania’s use of dark web distribution networks thanks to his transaction notebooks, which the court filings describe as “meticulous.”

Sentencing is currently scheduled for Dec. 9. 

Other recent dark web prosecutions in the U.S.

A couple in California pleaded guilty to similar charges in August, as Cointelegraph reported at the time.

Near the end of July, a Florida man admitted to operating a massive opioid distribution network online. The court in that instance fined him over $4 million.

Source link
——————————————————————————————————

The post #deepweb | <p> US Court Orders Dark Web Drug Dealer to Forfeit $150K in Bitcoin <p> appeared first on National Cyber Security.

View full post on National Cyber Security