now browsing by tag


#deepweb | The “Apollon” Dark Web Marketplace Might Be Exit-Scamming

Source: National Cyber Security – Produced By Gregory Evans

  • The “Apollon” marketplace is most likely exit-scamming and has been in the process for many weeks now.
  • Users and platforms who reported this news and warned others were DDoSed, possibly by Apollon.
  • Someone claimed that Apollon’s admin had their identity leaked, and is now trying to muddy the waters.

Seeing darknet marketplaces exit-scamming isn’t something unusual. There is no customer-brand trust relationship to protect, there is no credibility stemming from anything tangible, and these platforms simply don’t respect their members. Everyone joins marketplaces to sell or buy illegal goods and services, so they’re in a dangerous, risky, and untrustworthy place. Thus, we often see marketplaces suddenly grabbing all the deposits of their members’ wallets, sending everything to their personal crypto coin stash, and then shutting down the website. Recent dark web rumors say that “Apollon” might be the latest marketplace in the process of doing precisely that.

According to a report by “digital shadows,” Apollon has initiated the process of exit-scamming on January 26, 2020. Around that time, its operators started launching DDoS (Distributed Denial of Service) attacks against other English-language forums and marketplaces on the dark web. The vendors who were locked out of their accounts naturally went elsewhere to post about the problem and about the fact that Apollon was exit-scamming. Hence, the marketplace operators thought it would be a good idea to try and silence them by DDoS-bombing their websites.

apollon DDoS dark web
Source: Digital Shadows

The Torum administrators added a permanent banner on the forum to warn everyone about Apollon’s ongoing exit-scam. At the same time, the Kilos search engine announced they would delist all Apollon offerings from their index. Apollon responded by DDoSing Torum, Empire, Dread, DarkBay, DarkMarket, Avaris Market, Envoy, The Hub, Avengers, and possibly many more. The fact that Apollon stayed online during the DDoS attacks was a telltale sign for many that the marketplace was behind the attacks. At the same time, the Apollon admins chose not to respond to the allegations, while some moderators openly claimed that they suddenly lost their privileges on the platform.

Source: Digital Shadows

Amidst this situation, a Torum user reported something interesting that introduces an alternative explanation for Apollon’s actions. He claimed that Apollon’s server had a flaw that resulted in a leak of the site’s IP address, and so the admin’s identity was on the line. The admin was allegedly extorted by the person who held this info but denied paying a ransom. Thus, the DDoS attacks are an effort to hinder the dissemination of this sensitive information. Right now, Apollon remains online and still doing business, so it’s unclear if they are really exit-scamming or not. Possibly, they are now trying to make the most out of Apollon by grabbing the deposits of the last remaining unsuspecting victims before they shut down the platform for good.

Source link

The post #deepweb | <p> The “Apollon” Dark Web Marketplace Might Be Exit-Scamming <p> appeared first on National Cyber Security.

View full post on National Cyber Security

#infosec | Magento Marketplace Breach Exposes User Details

Source: National Cyber Security – Produced By Gregory Evans

Users of one of the world’s most popular e-commerce marketplaces have been informed that their account information may have been stolen after a data breach at the firm.

The Adobe-owned Magento Marketplace offers thousands of free and premium extensions and themes for users to customize online stores built on the open source platform for e-tailers.

However, the Magento team “became aware of” a vulnerability in the marketplace on November 21, according to a brief statement from Jason Woosley, vice-president of commerce product & platform in Adobe’s experience business.

“We temporarily took down the Magento Marketplace in order to address the issue. The Marketplace is back online. This issue did not affect the operation of any Magento core products or services,” he continued. “We have notified impacted Magento Marketplace account holders directly.”

In an email to affected customers, Magento Marketplace support described the vulnerability as allowing an unauthorized third party to access information including: name, email, MageID, billing and shipping address and phone number, and “limited commercial information.”

Although no passwords or financial information were disclosed, the haul would still allow scammers to attempt follow-on phishing or identity fraud.

It’s unclear how many users were affected, but Woosley claimed the Magento Marketplace is “the largest open source community in e-commerce.”

Magento is no stranger to security incidents: many of the infamous Magecart digital skimming attacks are designed to harvest card data from companies running implementations. In fact, Magento was forced to patch over 30 bugs in an urgent security update earlier this year.

One security company warned earlier this month that slated end-of-support for Magento 1, which powers around 12% of the world’s e-commerce sites, could provide hackers with even more opportunities to target exposed sites.


#infosec #itsecurity #hacking #hacker #computerhacker #blackhat #ceh #ransomeware #maleware #ncs #nationalcybersecurityuniversity #defcon #ceh #cissp #computers #cybercrime #cybercrimes #technology #jobs #itjobs #gregorydevans #ncs #ncsv #certifiedcybercrimeconsultant #privateinvestigators #hackerspace #nationalcybersecurityawarenessmonth #hak5 #nsa #computersecurity #deepweb #nsa #cia #internationalcybersecurity #internationalcybersecurityconference #iossecurity #androidsecurity #macsecurity #windowssecurity

Source link

The post #infosec | Magento Marketplace Breach Exposes User Details appeared first on National Cyber Security.

View full post on National Cyber Security

#deepweb | The world’s new marketplace for illegal drugs

Source: National Cyber Security – Produced By Gregory Evans

Police believe he began his operations in Australia via the import of liquid MDMA, due to the perceived large amount of money to be made.

Using the postal system, Chris mailed MDMA – in liquid, tablet and powdered form – cocaine and ketamine in huge quantities to buyers all over Australia and the world.

Ice seized by Australian Border Force officials earlier this year.Credit:Australian Border Force

But it all came crashing down last year on a trip to Sydney, when police saw the man acting strangely on the street. Officers’ suspicions were confirmed when they found $770 and 66 grams of cocaine and a small amount of ketamine for sale in his pockets – and kilograms of it inside his apartment.

Chris is far from alone – research done by the Australian Criminal Intelligence Commission last year shows that Australia has the second-highest number of dark web dealers per capita, after the Netherlands.

Cody Ward, 25, is before the courts.

Cody Ward, 25, is before the courts.Credit:Facebook

Product ratings, promotional deals such as buy-one-get-one-free and even points of different such as “fair trade” cocaine – allegedly bought directly from farmers, not the murderous drug cartels that dominate the trade – are as commonplace on the dark web as they are in the legitimate retail world, Associate Professor James Martin, a criminologist and dark web expert from the Swinburne University of Technology, said.

“There’s the opportunity to provide feedback, in exactly the same way you would rank Uber drivers,” he said, adding dark web dealers were “extremely protective” of their reputations and rankings.

“It’s one of the real strengths of the system, because it enables trust in the purchase of illegal products.”

Free samples of cocaine, MDMA and prescription medication were part of alleged dark web dealer Cody Ward’s business plan until he was arrested in February this year.

Accused of running what was the state’s largest drug dealing business, Mr Ward and his two co-accused, Shanese and Patricia Koullias, are now before the courts.

The allegations relating to Mr Ward and the Koullias sisters are unrelated to Chris’ case.

The buyers

Police have discovered Chris’ buyers included a Sydney dealer with exclusive rights to the city, several men in Newcastle, an ethnic gang in Melbourne and a man in South Australia.

Buying dozens of kilograms at a time, some of Chris’ buyers onsold drugs to local consumers both on the dark web and via street deals.

A number of Australian purchasers also bought drugs via the dark web for personal use, which makes up about 90 per cent of the global drug purchases on the dark web.

“We consider sales of less than $200 for personal use,” Associate Professor Martin said.

Bitcoin is the most popular means by which drugs are bought and sold on the dark web.

Bitcoin is the most popular means by which drugs are bought and sold on the dark web.Credit:Shutterstock

Buying drugs has never been easier, he said.

Would-be purchasers access the dark web via an encrypted subset of the internet, where thousands of drug-supply shops vie for business.

Purchases are made in crypto currencies, Bitcoin being the most popular.

While a number of Bitcoin ATMs have popped up in Sydney in the past two years, Associate Professor Martin said that Bitcoin was easy to acquire online, in the same way that foreign currency can be bought.

Drugs are then sent to consumers via the postal system, either to their home addresses, an address nearby from which the consumer can retrieve their mail or a rented post box.

With no regulation of the booming industry, Associate Professor Martin said that children were using the system to buy drugs.

“There’s no age restriction on illegal drugs, there have been cases and in fact fatal overdoses, from kids buying drugs online. Those dangers won’t recede.”

The war on drugs

Multiple law enforcement sources have told The Sun-Herald that about one in 10 deliveries is intercepted.

“We’re not sure how much gets through, but I can put it this way – international dealers are not deterred by Border Force. They are happy to take the risk of it not arriving,” Associate Professor Martin said.

The drip-feeding of small amounts of drugs across the country via the post poses a problem for police and Border Force, he said.

“Traditional approaches don’t work online – investigators are looking for big amounts of drugs, because that’s how they used to be shipped. Now, they are coming in in very small amounts which are harder to find.”

In a statement, Australian Border Force said it and other agencies use “data analytics and intelligence in an endeavour to detect, track and intercept the attempted import of illicit goods via the dark net”.

It declined to comment on the number of deliveries getting through.

Most Viewed in National


Source link

The post #deepweb | <p> The world’s new marketplace for illegal drugs <p> appeared first on National Cyber Security.

View full post on National Cyber Security