It has been reported through FireEye iSIGHT Partners intelligence that there is a new subscription based service which is now providing social engineering services. The subscription allows users to be able to load people’s personal information as potential targets for automated social engineering attacks by way of using a phone. The social engineering service robocalls the targeted list and attempts to gain the targets banking PIN. Somehow, this automation has been very successful in obtaining the target’s banking PINs. Once the banking PIN has been provided, the PIN is immediately displayed on a simple users interface device (UI device). A security researcher from the firm Intel 471 has been monitoring the dark web for some time and stated it was the first time he has ever seen such a service provided on the dark web. The robocall automation process was first discovered advertised on the now recently closed dark web site named “AlphaBay”. The dark web site was announced in June, 2016 by the hacker named “Gold Rose”. AlphaBay was recently closed on July 4, 2017, which sent many users of the site scrambling to find other dark web sites to sell their illegal goods. One of the administrators of the “AlphaBay” site named Alexandre Cazes was wanted by the United States for extradition, however, it was reported later in The Wall Street Journal that he was found hanging in a Bangkok jail cell from an apparent suicide. According to Redport Information Assurance’s CEO Steve Reinkemeyer, a cyber security research firm, the risks are tremendous to use these dark web sites via the use of TOR and the Onion router. There are other sites, of course that have popped up to take the place of “AlphaBay” but they are still way to risky and very unstable for even the subscribed users.

By Dr. Randall Sylvertooth

References:
https://motherboard.vice.com/en_us/article/3knz98/dark-web-site-robocalls-to-steal-credit-card-pins
https://www.wired.com/story/alphabay-takedown-dark-web-chaos/
https://www.wsj.com/articles/illegal-goods-website-alphabay-shut-following-law-enforcement-action-1499968444


For more information about Redport’s information assurance and cyber security services, visit www.redport-ia.com, email us at info@redport-ia.com, like us on Facebook, and follow us on Twitter@redport_ia.

Gaithersburg, MD, USA