Insight into Russian Black Market

Slides:



Advertisements
Similar presentations
Your Trade Exchange And
Advertisements

WillHelpYouOut.com Hits 1000 Let’s get Started.
Linked Strategies Presents: eGrabber Account-Researcher.
Online Privacy A Module of the CYC Course – Personal Security
How to be SAFE when you use the internet..
Stay Safe Online in Six Steps Presented by: Scott Rhinehart 540 Lake Center Parkway, Suite 102 Cumming, GA Office: ext Fax:
Unit 1: Module 1 Objective 10 identify tools used in the entry, retrieval, processing, storage, presentation, transmission and dissemination of information;
The Outsourcebot Let Us Make Your Online Business More Profitable Vibhu Gauba ( Founder ) Skype :
Helping retailers sell to mobile shoppers since Features for Higher Conversion Rates May 16, 2012 Ken Barber – VP Marketing and Gwin Coleman – Client.
Top 10 Checklist to Protect Your Personal Privacy Online Teens 1.
MakeMySite: Web Design Professional Website Design.
Internet Safety Gleneagles Computer Club February 16, 2015 by Deborah Benson.
Computer Ethics Ms. Scales. Computer Ethics Ethics  the right thing to do Acceptable Use Policy  A set of rules and guidelines that are set up to regulate.
Scams and Schemes. Today’s Objective I can understand what identity theft is and why it is important to guard against it, I can recognize strategies that.
Scams Stevie's Scam School videos
BTT12OI.  Do you know someone who has been scammed? What happened?  Been tricked into sending someone else money (not who they thought they were) 
Newsgroups, Listservs, Newsletters, Chats & Phishing
How to Use Internet Marketing to Grow your Company David Steele, Partner Intrada Technologies.
Notes to Teachers At the time we embedded the links in these lessons, they all worked. If they don’t, you can google the website, find the link, open it.
Security Liaisons Information Presentation. Introduction  What’s the big deal with computer security? Don’t we have an IT security department to take.
By: Aaron Gustafson Owner Computers N’ Stuff.  Facebook is FREE!!!  Youtube is FREE!!!  Twitter is FREE!!!  Google Plus is FREE!!!  Website hosting.
Threats to I.T Internet security By Cameron Mundy.
Angel Fund: E-Biz Workshops: eBay Angel Fund Network Presents:
Copyright ©: SAMSUNG & Samsung Hope for Youth. All rights reserved Tutorials The internet: Social networks and communities Suitable for: Improver.
CHC DI Group. What We Will Cover Securing your devices and computers. Passwords. s. Safe browsing for shopping and online banks. Social media.
What is E-commerce Safety Precautions Password Strengths
PHISHING AND SPAM INTRODUCTION There’s a good chance that in the past week you have received at least one that pretends to be from your bank,
Your Trusted Partner In All Things IT. 20 Years of IT Experience University Automotive Food Service Banking Insurance Legal Medical Dental Software Development.
SAFETY What to be aware of and how to avoid problems. **This is not meant to make you fearful of . The goal of this discussion is to make sure.
* A mechanism in which retailor does not keep goods in stock, but instead transfers customer orders to the manufacturer who then ships.
Staying Safe Online Keep your Information Secure.
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Thomas Jenkins.
Click to edit Master title style Click to edit Master text styles –Second level Third level –Fourth level »Fifth level June 10 th, 2009Event details (title,
BTT12OI.  Do you know someone who has been scammed online? What happened?  Been tricked into sending someone else money (not who they thought they were)
Chapter 7 Phishing, Pharming, and Spam. Phishing Phishing is a criminal activity using computer security techniques. Phishers try to acquire information.
To:Employee From: impersonated official company Message: Give us personal information here.
Social Networking and Protecting Your Identity. Popular Social Networks Myspace Facebook Youtube Twitter.
Copyright ©2005 CNET Networks, Inc. All rights reserved. Practice safety Learn how to protect yourself against common attacks.
Online registration Presented by: Ymer LEKSI. Learning objectives By the end of this session you will be able to: Login to the web post messages to forums.
Inappropriate Content Hackers Phishers Scammers Child Abusers Bullies.
What is Spam? d min.
How Your Customers Will Pay Online & by Phone
tool kit. USER GUIDE Etiquette (Acceptable use policy) – a list of rules that we observe Use a suitable subject in the - this helps.
Rings of Responsibility
INTRODUCTION & QUESTIONS.
SEO (Search Engine Optimization/Marketing) Linked In & The Small Business Presented by Leslie Collymore of Advanced.
Investigating Methods for Reducing Spam By: Steven Siggers Instructor: Marko Puljic.
PTC WORLD TRADE Welcome to our planet Welcome Welcome to to.
Introduction: Introduction: As technology advances, we have cheaper and easier ways to stay connected to the world around us. We are able to order almost.
Room Booking and Allocation Hrishikesh Wankhede. Offline Sales RTNE’s current booking model Steps to be followed: – customer/ agent comes on a website.
Mobile Money 1/37 Fiserv Mobile Money Staff Education © 2010 Beavercreek Marketing, a division of Beavercreek Inc. All rights reserved. All trademarks.
Smart, Safe, and Secure Online Spam commercial messages that you didn’t ask for (a company trying to sell things by sending out thousands of messages at.
Todays’ Agenda Private vs. Personal Information Take out your notebook and copy the following information. Private information – information that can be.
Electronic mail News File transfer protocol Chat Instant messaging Online services Online shopping.
Phishing and Internet Scams. Definitions and recent statistics Why is it dangerous? Phishing techniques and identifiers Examples of phishing and scam.
CNP Fraud. Occurs when a fraudster falsifies an application to acquire a credit card using an individual’s personal information. (Eg: postal intercept)
What it is and how to stop it.  What spam is.  Why it can be dangerous.  How to handle it.
Apex Info-Serve
How to use the internet safely and How to protect my personal data?
How to use the internet safely and How to protect my personal data?
The Advantages of a Trial Balance Software
What to be aware of and how to avoid problems.
Privacy or Security Are they the same?
Website Design.
yahoo mail technical support number
Internet Safety Vocabulary
Internet Safety – Social Media
What is Phishing? Pronounced “Fishing”
Company Name | Phone Number | Website | Address
Founded in 2002, Credit Abuse Resistance Education (CARE) educates high school and college students on the responsible use of credit and other fundamentals.
Presentation transcript:

Insight into Russian Black Market

Alan Kakareka, CISSP, GSNA, GSEC, CEH, MCP, MCDST, Net+, Sec+ sh-3.2# whoami Alan Kakareka, CISSP, GSNA, GSEC, CEH, MCP, MCDST, Net+, Sec+ Masters degree in science from Florida International University CTO and founder of Demyo, Inc. Based in Miami, Florida, USA. Demyo, Inc.

And I enjoy green letters on black background Demyo, Inc.

What are the most dangerous countries? Demyo, Inc.

Where all the goodies are? Unknown – Unknown: Forums, various websites Known – Known: IM, typically ICQ Demyo, Inc.

Lets take a look at 2 underground forums https://exploit.in/forum/ - pretty small https://forum.antichat.ru/- one of the bigger ones Demyo, Inc.

Small vs big Example: rdot.org Demyo, Inc.

https://exploit.in/forum 341k messages, 35k users. Demyo, Inc.

How many of all messages are sale / buy / trade? Roughly 10-15% of all messages are related to sell / buy / trade Another 90% is how to program this, how to hack this, how to solve this kind of issue, etc. Demyo, Inc.

Lets see what can we buy? Demyo, Inc.

How about root access to mysql.com Demyo, Inc.

Anybody wants to guess the price? Demyo, Inc.

Later on in the news…. Demyo, Inc.

Auction system for serving malware - “vDele” Demyo, Inc.

Software to build your own botnet – “andromeda botnet” Demyo, Inc.

Also available Demyo, Inc. Credit card numbers Paypal accounts Online banking accounts Email spamming services Cell phone spamming services (by text messages) and / or calls 0-day exploits (rarely) Custom malware, spyware, tools Plain hacking services DDOS Full identity (CC + SSN + DOB + address + email with password + online banking credentials + mothers maiden name + dogs name + etc.) Demyo, Inc.

0-day exploits (rarely) If a black hat has 0-day it is much more profitable do something with it than selling it If you are white hat hacker, sell it to company’s who are buying bugs like ZDI Demyo, Inc.

https://forum.antichat.ru/ 2 million messages, 104k users Demyo, Inc.

How many messages are related to buy / sell / trade Almost 10% of all messages are related to trading Demyo, Inc.

How do they trust each other? VS Demyo, Inc.

Another way is by endorsing from the forum owner Demyo, Inc.

Means of payment Demyo, Inc. No paypal….. WHY???? Webmoney Liberty Reserve Yandex Money BitCoin – not so much F2F – almost never Most popular is WEBMONEY Demyo, Inc.

Closed sections Typically there are 3 access levels 1st level – make some useful posts 2nd level – get to know somebody and post some sensitive data 3rd level – be well known in community, post some real goodies Demyo, Inc.

Limiting access only to higher profile people Demyo, Inc.

Prices… How much is this, how much is that? Demyo, Inc. Depends what language you speak If you ask in Russian – 100 bucks If you ask in English – 200 bucks Demyo, Inc.

SPAM Emails sent vs Emails in Inboxes 1 million SPAM emails in inbox – 200 USD Demyo, Inc.

Actual pricing Private virustotal.com type service – 40 USD / month, unlimited amount of files Why do you need a private virustotal.com service? When virustotal.com is free??? DDOS – 100 to 400 USD a day, depending on traffic amount. DDOS sales/discussions are getting forbidden in many public Russian forums, why??? CC – 0.1 USD to 5 USD depending on amount and/or quality Demyo, Inc.

Actual pricing Paypal – 1% to 10% of the balance, also depending on account type and other factors Online Banking – 1% to 10% percent of the balance, depending on the bank, account type and other factors Email:pass combo – FREE, unless it is sorted, verified for validity, and is bundled with other accounts Full identity (CC + SSN + DOB + address + email with password + online banking credentials + mothers maiden name + dogs name + etc.) – about 100 USD Many, many, many other types of services and goods – agreed price Demyo, Inc.

OTHER FACTORS Paypal and Online Banking – 1% to 10% of the balance depending on account type and other factors. User logs in into his account once every 6 months Password to users email is available as well This particular bank DOES allow online transfers User logs in into his account daily Password to users email is not available  This particular bank DOES NOT allow online transfers Demyo, Inc.

How many Russian resources are there? A LOT OF THEM http://forum.xakep.ru/default.aspx 1,5 million messages http://hackzona.ru/ https://forum.k0d.cc/index1.php http://www.hack-info.ru/index.php https://forum.xeksec.com/ http://aferizm.ru/ http://grabberz.com/forum.php http://forum.kriminala.net/index.php http://www.xaker.name/forvb/index.php And so on…. Demyo, Inc.

How to find Russian resources Russian search engines http://www.rambler.ru/ http://www.yandex.ru/ Classic Google dork ‘Site:ru hacking’ Or….. Demyo, Inc.

How to find Russian resources http://hacksearch.madnet.name/

LinkedIn: Almantas Kakareka Twitter: @DemyoSec www.demyo.com questions? And Contact info Email: almaz@demyo.com Phone: +1 201 665 6666 LinkedIn: Almantas Kakareka Twitter: @DemyoSec www.demyo.com

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.