ddos - Pwim.Net

Darknet Empire Offline for Days Has Users Fearing DDoS Attack and Looming Scam

A popular darknet marketplace, Empire Market, has been reported to be offline for over 48 hours, making website users fretful as to the cause behind it.

Empire Market Goes Down

Empire Market, a darknet behemoth, is often leveraged by users to buy and sell illicit goods, ranging from counterfeit goods to malware and illegal drugs. Payment methods accepted for illicit goods and services sold on the platform include Bitcoin (BTC), Litecoin (LTC), and Monero (XMR).

The dark web giant has been offline for so long that the unusual activity sparked concern and speculations from its darknet customers. Clients of Empire Market have been wondering whether the dark web service has fallen prey to a distributed denial-of-service (DDoS) attack once again.

In a DDoS attack, what typically happens is that the targeted server or network’s regular traffic is disrupted by malicious entities through an overflooding of Internet traffic. As a result, multiple systems are compromised due to the flooding of the targeted network’s bandwidth and resources. Consequently, a DDoS attack leads to a shutdown of the machine network.

In the past, Empire Market had already been subject to DDoS attacks that kept the dark web offline for an extended amount of time. Darknet users’ hypothesis that Empire Market might be the victim of yet another distributed denial-of-service attack may therefore be valid. While some suspect a DDoS attack, others are scared that they may potentially be in the middle of an exit scam, which is a trick where a given business halts its shipment orders to customers while still receiving payment for new orders.

Dark Web Answers

In response to all this, Dark.fail journalist, an anonymous writer specialized in Tor, commented on the incident and said that this time around, the Empire Market’s inactivity felt even more stressful than when it underwent downtime in 2019 due to DDoS attacks.

Dark.fail said, “We are ~36 hours into Empire Market being completely offline. Last year extended periods of downtime were common before the Endgame DDoS filter was released. After months of nearly perfect uptime, this downtime feels more stressful than the frequent Empire downtimes of 2019.”

Online figure “Se7en,” who claims to be one of Empire Market dark web’s head moderators, addressed the issue. In a statement released on Twitter, Se7en said:

“If the market is still down in a couple of days, I’ll make a post about the whole situation then, it’s early days and maybe the admins will bring it back.”

The dark web community on Reddit also jumped in at this point, sharing a post from Empire Market’s team that dark web users of “the many false narratives and fear, uncertainty and doubt (FUD) circulating.” In the post, Empire Market attempted to reassure its users by saying that they were hard at work and “doing anything safely takes time.”

Blockchain for Better Security

With the surge of cybercrime in this increasingly digital age, numerous Asian countries have been reported to have increased the adoption of blockchain for security purposes.

Blockchain has been leveraged recently in various domains, ranging from school institutions using it to ensure server and network security to an Asian country adopting it for digital driving license purposes. South Korea has leveraged the decentralized ledger technology to offer a blockchain-powered driving license alternative. This option has resulted in one million South Korean drivers making the switch from a physical driver’s license to a digital blockchain-fueled one.

Russian Man Charged For Offering $1 Million in Bitcoin to United States Employee to Install Malware in Company’s Network

The Federal Bureau of Investigation (FBI) has arrested a Russian man for trying to recruit an employee of a Nevada-based firm to install malicious software inside the company.

According to the Department of Justice, a 27-year-old Russian citizen, Egor Igorevich Kriuchkov, was arrested on Saturday 22 August.

The criminal was charged on Monday 24 August with the offense of conspiracy to intentionally cause harm to a protected computer. As per FBI complaint, Kriuchkov specifically traveled to the US and stayed in a hotel located in Sparks, northern Nevada, to meet with the employee (identified as CHSI in the complaint) back in late July.

The High-tech Ransomware Trade Secret

The Russian man promised to pay as much as $1 million to the employee with the intention of stealing data from the company and then demand a hefty ransom to be paid in order to unlock the systems. The scheme was expected to fetch $4 million from the victim company.

Kriuchkov entered the US on 28 July, two weeks after initially contacting the employee via WhatsApp through an introduction from a mutual acquaintance. He then met with the employee several times, paying for entertainment and dinner expenses. On 2 and 3 August, Kriuchkov and the employee traveled to Lake Tahoe and Zion National Park, where Kriuchkov paid all expenses while trying to avoid any CCTV and photographs.

Kriuchkov revealed his true reason later on 3 August. He said that he worked for a group that specializes in extorting companies. He explained that the group pays employees to install malware on their employer’s servers.

Kriuchkov initially offered to pay the employee $500,000 through cash or Bitcoin. But he then agreed to pay $1 million after the employee demanded more.

But the Justice Department’s complaint mentioned that the employee did a remarkable job by secretly working with the FBI to gather evidence against Kriuchkov. The FBI gathered evidence against Kriuchkov by monitoring his meetings with the employee.

Kriuchkov agreed to make an upfront payment of about 1 BTC and even assisted the employee in setting up a Bitcoin wallet through Tor anonymous browser so that wallet would be untraceable.

According to the FBI’s complaint, Kriuchkov explained that the group has carried out such special projects successfully on several occasions. He went ahead and identified some of the targeted companies.

Kriuchkov informed the employee that the malware was designed to first create a ruse through a DDOS (distributed-denial-of-service) to disrupt the victim’s corporate network. But the malicious attack would steal the company’s databases and send it to the group that Kriuchkov was working for.

According to FBI complaint, Kriuchkov eased the employee’s concern from getting caught up by saying that the oldest project that the group had worked on happened three and a half years ago, and the group’s insider still worked for the company.

Kriuchkov met with the employee for the final time on 21 August. He informed the employee that the plan has been delayed as his group was finalizing on another project that was regarded to provide a huge payout. He then told the employee that he was heading out of the US. However, the FBI caught up with him and arrested him the following day on 22 August before he left the country.

On Monday 24 August, he made his first appearance before a federal court where he was charged with the grave offense. Kriuchkov now faces a fine of $250,000 and a maximum sentence of 5 years in federal prison.

Tech Support Scams Continue Increasing in Complexity

The rise of tech support scams is a growing concern as scammers continue adopting new techniques to hide their malicious activities. The FBI complaint above is the latest incidence showing how scammers are working to encrypt user data and take over computers as a means of digital extortion. In 2019, The FBI’s Internet Crime Complaint Center obtained 2,047 ransomware complaints from victims in the US, resulting in losses of about $8.9 million. The figure is a sharp increase from the $3.6 million in reported losses in 2018.

How can Blockchain Disrupt Web Hosting Ecosystem for Good?

While Blockchain is generally tied with cryptocurrency, this decentralised technology has a vast area of impact that extends beyond bitcoins or its peers. Right from healthcare to finance and banking, many industries, sectors, and businesses can immensely benefit by integrating Blockchain technology into their daily processes.

This article discusses Blockchain’s potential to transform the web hosting industry for the better- both for providers and end clients.

A website can be considered as a digital equivalent of your brick and mortar shop or workplace. Through your website, you earn revenue, make business connections, attract global clients- individuals and institutional buyers, and make sales.

To build and run a website, you need to buy a domain name and hosting services. While you have control over your site’s front-end, its backend is deeply influenced and shaped by your hosting ecosystem. You trust your providers with the security of your website, but an increasing amount of data breaches and cyberattacks tell a different story. We cannot blame it entirely on the hosting providers. It is the present “model” of web hosting that needs serious revamping.

Among other solutions, Blockchain can be a highly effective option that should be considered. Being decentralised and secured by cryptographic hashes, the Blockchain promises to add a new dimension to the website’s security and performance. Here are a few ways Blockchain can be used in the hosting industry:

Preventing DDoS Attacks

Due to their more profound and quick impact, DDoS or Distributed Denial of Services attacks has emerged as a preferred weapon for threat actors. It is an almost sure-shot way to bring websites to a complete standstill and disrupt the digital environment. It is all a play of volume- Gather volume and direct it against the servers of the targeted site. Bots make things even more accessible. To continue staying online, the victim has to exponentially increase the computing resources that cost millions of dollars for the hosting companies across the globe.

One thing to mention here is that it is the present system of centralised servers that makes DDoS attacks possible. With the help of Blockchain-based decentralised hosting with thousands of distributed nodes, every node can host a specific portion of the site. It effectively prevents the attacks as there isn’t any single central target to hit.

Prevention of DNS-manipulation

The DNS server translates the plain English name in users’ browser address bar into a computer language- technically called IP address to connect the visitors with the corresponding website they want to browse.

The attackers can upset the digital environment by disrupting this critical process of converting URLs into IP addresses. Such attacks can be massive in terms of both geographical and business terms.

A reliable solution to prevent DNS attacks is to use the Blockchain platform for storage, resolving, and updating DNS records. This distributed model of DNS management will prevent the threat actors from directing their threat efforts towards a single DNS server. Moreover, it will also provide superior protection against various other attacks associated with DNS manipulation- like man-in-the-middle attacks and URL redirection to the malicious resources.

Complete data ownership

In the present centralised digital ecosystem, we need to trust the sites with our sensitive data. This model has many flaws- that users have started discovering more recently. Lack of good security provisions at the providers’ end can result in heavy data breaches, and the stolen data can be misused by cyber-attackers in myriad ways- right from manipulating your sensitive digital areas to unlocking your passwords, misusing your communication IDs, and even wiping off your bank accounts with the help of payment card numbers.

Moreover, even the providers use your data by selling them to other companies, which results in annoying market communications and requests for downloading specific apps. They can even mine your data to achieve their business goals. All these things happen without your permission.

With the help of a cryptographic system of Blockchain, you can now retain complete data ownership while using different digital applications. The blockchain model replaces centralised storage with distributed storage across a vast network. It empowers the users to enjoy exclusive data access while using digital applications.

Defending cyber-attacks with Blockchain-Cloud combination

Using point-to-point encryption can play a vital role in protecting the mission-critical data from in-transit attacks and also protecting its integrity at the resting location. Point to point distribution facilitates the even spread of Blockchain copies across the broader breadth of cloud networks that provides substantially higher security against data breaches- especially when compared to existing single-point data storage.

It will also give a new dimension to encryption-based security as the mission-critical data can be shredded into minute portions before encrypting them. Furthermore, leveraging the decentralised characteristics of Blockchain technology, these tiny data portions can be stored on different nodes that are strategically distributed across several geographies. In short, it adds several other shields over the top of encryption-based technology to ensure superior security.

Conclusion

Blockchain runs as a decentralised platform that replaces the central authority with cryptographic hashes and smart contracts. It offers airtight security to the data and transaction while ensuring unrestricted access to the permitted data. By strategically employing Blockchain in the web hosting industry, the hosting providers can guarantee superior security and performance. At the same time, the end clients can enjoy quick and smooth functionality while retaining maximum control over their data.