05/19/12

Will the Real th3j35t3r Please Stand Up

Will the Real th3j35t3r Please Stand Up.

gAtO hAs -been keeping tabs of the th3j35t3r escapades since I impersonated him last week when his twitter account went down and his post on his website went missing. First when I created the @_th3j35t3r account I saw the I could not use the th3j35t3r name because it was not deleted, just the tweets were deleted the account was still active. Now we see that the Aspergers kiddies are still going after analysis of Tom Ryan DoX and this was a play to make some bitCOins, that he was distracting people from the DoX and everything an obsess people do to figure out his next move.

Do gAtO think he has been DoX? No – Si maybe I found some interesting posting on pastern.com that showed that they are still trying to figure out his game of thrones. @cubespherical: now is a real interesting character if he is or not th3j35t3r we will see soon, the game cannot be kept up.

He wrote on May 16:

Smedley Manning @cubespherical

I have him – just waiting for confirmation from my superiors to drop it.

6:30 PM Wed May 16 2012 · web

Who are his superiors? Who is in the food chain gAtO wonders? Remember the th3j35t3r and Smedley Manning are great at PSYOP’s and this is were they both have an advantage, but I find it kind hard to believe that th3j35t3r would send “PLS DM ME”, the th3j35t3r is a little more forceful even when he is cornered. I have seen him in IRC’s and he is a wee bit more aggressive. But the count-down has begun Sunday May 21 on blogtalkradio.com @cubespherical will Dox th3j35t3r. we all wait on the edge of our seats:

Oh by the way the th3j35t3r posted this on his site: MAy 16: you do the math- gAtO oUt

http://th3j35t3r.wordpress.com/2012/05/16/not-totally-sure-what-just-happened-but-damn-its-getting-out-of-hand-now/

Not totally sure what just happened, but damn it’s getting out of hand now.

Posted: May 16, 2012

Below is this last weeks th3j35t3r in Pasterbin- Post May 12 – May 19

Why th3j35t3r has not been doxed

_ST0RM ON MAR 12TH, 2012 | SYNTAX: NONE | SIZE: 1.51 KB | HITS: 5,147 | EXPIRES: NEVER

http://pastebin.com/vykQ70Ba

loljester

BY: A GUEST ON MAY 14TH, 2012 | SYNTAX: NONE | SIZE: 3.69 KB | HITS: 3,161 | EXPIRES: NEVER

http://pastebin.com/jwYt7Hyf

th3j35t3r “The Patriot Hacker” To Be Unmasked

BY: A GUEST ON MAY 14TH, 2012 | SYNTAX: NONE | SIZE: 7.00 KB | HITS: 353 | EXPIRES: NEVER

http://pastebin.com/CJHZ2bHA

@th3j35t3r – log file #saladin tool

BY: ANONYMOUSDOWN ON MAY 15TH, 2012 | SYNTAX: NONE | SIZE: 16.54 KB | HITS: 217 | EXPIRES:

http://pastebin.com/mJx5hc6W –xxx

Jesterlol2

BY: A GUEST ON MAY 15TH, 2012 | SYNTAX: NONE | SIZE: 4.55 KB | HITS: 1,800 | EXPIRES: NEVER

http://pastebin.com/fKFP0qJt

You end tonight, th3j35t3r.

BY: PIRAX-XOXO ON MAY 16TH, 2012 | SYNTAX: NONE | SIZE: 6.40 KB | HITS: 299 | EXPIRES: NEVER

http://pastebin.com/FAn6rcMb

12 Reasons Why Th3J35t3r is Smedley Manning

BY: JELLYBRO ON MAY 17TH, 2012 | SYNTAX: NONE | SIZE: 17.71 KB | HITS: 248 | EXPIRES: NEVER

http://pastebin.com/bYnNQ1um

The Jester’s True Identity

BY: RECK ON MAY 17TH, 2012 | SYNTAX: NONE | SIZE: 3.73 KB | HITS: 3,048 | EXPIRES: NEVER

http://pastebin.com/xMnK2G6a

05/10/12

MarkMonitor Internet Kill Switch or Wiretapping?

The Internet Kill Switch; With Global Wiretapping Capability?

One company to rule them all
One company to find them;
One company to bring them all
And in the darkness bind them

Recently run any whois queries on Google? No? How about Facebook? MSN, or
Hotmail? Yahoo? You might be surprised, comparing the results.

Nice, innit? See the “Last Updated” part also.

Domain Name: google.com
Updated: 4 hours ago - Refresh

Registrar: MARKMONITOR INC.
Whois Server: whois.markmonitor.com
Referral URL: http://www.markmonitor.com
Status: clientDeleteProhibited, clientTransferProhibited, clientUpdateProhibited, serverDeleteProhibited, serverTransferProhibited, serverUpdateProhibited

Expiration Date: 2020-09-14
Creation Date: 1997-09-15
Last Update Date: 2011-07-20

The brand-protecting, anti-piracy company MarkMonitor Inc. has had all these
DNS names under its control for several months now.

They also control the Wikimedia name services, even though that doesn’t show
up on the Wikimedia.org whois record. There are many others. Apple.com falls
under their jurisdiction, as does ubuntu.com. Nokia.com? Yep, under
MarkMonitor. See a pattern here?

MarkMonitor also is a trusted Certificate Authority; they have, in essence,
the means to fabricate safe-looking SSL connections for you, to whichever host
they want. Your browser will not sound any warnings of possible
man-in-the-middle attacks.

MarkMonitor is a company that can own most people’s “Internet” in minutes. It
now controls all three top free e-mail providers directly, and I suppose it’s
safe to say, most currently active social media sites too.

See for yourself. Whois yahoo.com, whois google.com, whois gmail.com, whois
facebook.com, whois fbcdn.com, whois hotmail.com, whois msn.com… the list
seems endless.

How’d all this happen?

This company has acquired complete access to monitor, eavesdrop, censor and
fake any user of these popular Internet services in about one year (2011). In
almost complete silence. For several of the sites, it also provides “firewall
proxy” services, which means it is actually paid to intercept all
communications. In and out.

The situation reminds me of Joseph Lieberman’s 2010 initiative to create an
“Internet kill switch” for the U.S.

The government only needs to control this one company, and most social media,
most free e-mail, most search engines will be under its control. Not to mention
most operating systems, for both computers and mobile devices.

Not only inside U.S., but globally. One company to rule them all.

I, for one, would like to ask; WTF is going on? How did these guys, this
relatively small domain-hogging and pirate-chasing company, get the resources
to simply acquire the DNS records of all the most popular Internet services?
How can this be so totally ignored by the media, and even privacy advocates?
Even conspiracy theorists seem to be completely ignoring the situation.

Secure communication is an illusion

Only one company to rule them all? As if all this doesn’t sound bad enough,
the problem is far more widespread. MarkMonitor could easily act as a global
“kill switch” for the sites under its rule. But as it turns out, most anyone
with some resources could just as easily impersonate MarkMonitor itself.

Because, as one might have noticed in the past few months, the whole SSL
certificate scheme is broken. Not in a technical sense – there’s no known
inherent weakness in the algorithms. But the whole SSL protection is based on
trust, and that trust has failed us.

According to several sources, SSL CA certs are routinely given out to anyone
willing to pay for them. As The Register points out in its analysis on
TrustWave spying scandal:

“Those defending Trustwave suggested that other vendors probably used the same
approach for so-called “data loss prevention” environments – systems that
inspect information flowing through a network to prevent leaks of commercially
sensitive data.”
…
“In fact Geotrust was openly advertising a ‘Georoot’ product on their website
until fairly recently.”

http://www.theregister.co.uk/2012/02/14/trustwave_analysis/

Oh, so the ability to impersonate anyone is normal day-to-day practise for big
business? Just imagine what government agencies must be doing – for example in
Sweden, where the military intelligence organisation FRA has the mandate to
monitor all traffic across borders.

Who can seriously claim they trust all the hundreds of different CA companies,
several of which have been caught red-handed with selling out their customers’
security, or covering up very serious breeches (up to and including their root
certificates being stolen).

http://nakedsecurity.sophos.com/2011/04/06/eff-uncovers-further-evidence-of-ssl-ca-bad-behavior/

MarkMonitor is a “brand-protecting” company. Traditionally its business has
been reserving domains to protect brands. You buy its service, it makes sure
that nobody else can have “mybrandsucks.com”.

Also, they’re an anti-piracy outfit. Their entire business is based on
protecting IP.

http://www.marketwatch.com/story/markmonitor-to-exhibit-at-internet-tech-policy-exhibition-and-reception-to-be-held-on-capitol-hill-2012-01-24

Just saying, someone should probably question them and their customers. Why
does Google, who always “do things themselves”, externalise these vital parts
of its network? How come all the competing phone and OS vendors, who sue each
other all the time, suddenly trust this one company?

And then there’s all those competing social media companies, who practically
thrive on what others call “IP theft”, including their users sharing text,
images, music, videos and links?

Big questions. Defy common sense. Need answers.

05/10/12

FBI -Bitcoin Virtual Currency Report – UNCLASSIFIED

Intelligence Assessment

(U) Bitcoin Virtual Currency:Unique Features Present

Distinct Challenges for Deterring Illicit Activity

24 April 2012

UNCLASSIFIED

Prriminal Intelligence

Section

(U) A Bitcoin logo from https://en.bitcoin.it.

Assessment

(B) Executive Summary

(U//FOUO) Bitcoin – A decentralized,1 peer-to-peer (P2P) network-based virtual currency –

provides a venue for individuals to generate, transfer, launder, and steal illicit funds with some

anonymity. Bitcoin offers many of the same challenges associated with other virtual currencies,

such as WebMoney, and adds unique complexities for investigators because of its decentralized

nature.

(U//FOUO) The FBI assesses with medium confidence2 that, in the near term, cyber criminals

will treat Bitcoin as another payment option alongside more traditional and established virtual

currencies which they have little reason to abandon. This assessment is based on fluctuations in

the Bitcoin exchange rate in 2011 and limited reporting indicating bitcoins are being accepted as

payment by some cyber criminals.

(U//FOUO) The FBI assesses with low confidence, based on current user and vendor acceptance,

that malicious actors will exploit Bitcoin to launder money. This assessment is based on

observed criminal activities, investigations, and prosecutions of individuals exploiting other

virtual currencies, such as e-Gold and WebMoney. A lack of current reporting specific to

Bitcoin restricts the confidence level.

(U//FOUO) Even though there is no central Bitcoin server to compromise, the FBI assesses with

high confidence, based on reliable industry and FBI reporting, that criminals intending to steal

bitcoins can target and exploit third-party bitcoin services and an individual’s Bitcoin wallet.

Malicious actors can compromise personal computers and accounts using malware and hacking

techniques to steal users’ bitcoins and use botnets to generate bitcoins.

(U//FOUO) Bitcoin will likely continue to attract cyber criminals who view it as a means to

move or steal funds as well as a means of making donations to illicit groups. If Bitcoin stabilizes

and grows in popularity, it will become an increasingly useful tool for various illegal activities

beyond the cyber realm. Since Bitcoin does not have a centralized authority, law enforcement

faces difficulties detecting suspicious activity, identifying users, and obtaining transaction

records – problems that might attract malicious actors to Bitcoin. Bitcoin might also logically

attract money launderers and other criminals who avoid traditional financial systems by using the

Internet to conduct global monetary transfers.

(U//FOUO) Although Bitcoin does not have a centralized authority, the FBI assesses with

medium confidence that law enforcement can identify, or discover more information about

malicious actors if the actors convert their bitcoins into a fiat currency. Third-party bitcoin

services may require customers to submit valid identification or bank information to complete

transactions. Furthermore, any third-party service that qualifies as a money transmitter must

and implement an anti-money laundering program.

1 (U) See Appendix A for a glossary of terms. All terms included in the glossary are italicized on their first use.

2 (U) See Appendix B for a description of confidence levels.

UNCLASSIFIED//FOR OFFICIAL USE ONLY

(U) Scope Note

(U//FOUO) The Cyber and Criminal Intelligence Sections, with contributions from the FBI

Detroit Division, initiated this intelligence assessment to explore the unique aspects of the P2P

virtual currency Bitcoin. This assessment does not attempt to judge the likelihood of Bitcoin’s

long-term success as an alternate payment method, but explores how bitcoins (or any future

virtual currency similar to Bitcoin) are traded and how criminals can use them to conduct illicit

activity. This assessment draws primarily on intelligence from January 2011 through April 2012,

unless otherwise referenced for historical perspective.

(U//FOUO) This is the FBI’s first Criminal and Cyber intelligence assessment related to Bitcoin.

In January 2012 the Counterterrorism Division disseminated an intelligence bulletin that

explored the potential to conduct illicit financial transactions using Bitcoin. Disseminated FBI

intelligence products on other virtual currencies include: (U) Cyber Criminal Exploitation of

Electronic Payment Systems and Virtual Currencies, dated 23 February 2011and (U) Cyber

Criminal Exploitation of Real-Money Trading, dated 8 June 2011, both of which discuss cyber

criminal misuse of virtual currencies for money laundering. While Bitcoin is a distinct virtual

currency, the overarching analytic judgments in this intelligence assessment about the use of

virtual currencies by criminal entities are consistent with these previous intelligence products.

(U//FOUO) This assessment will not address malicious actors outside of the cyber underground,

such as traditional organized crime groups, extremist groups, or child predators. Throughout the

paper, the term “Bitcoin,” when capitalized, refers to both the open source software used to

create the virtual currency and the P2P network formed as a result; “bitcoin” using lower case

refers to the virtual currency that is digitally traded between users.

UNCLASSIFIED//FOR OFFICIAL USE ONLY

(U) Source Summary Statement

(U//FOUO) The FBI used open source reporting extensively in this intelligence assessment, both in support of

FBI reporting and to provide background information on Bitcoin. FBI sources vary from uncorroborated to highly

reliable. FBI case information citing criminal activity is considered highly reliable because it is from FBI

employees or FBI sources with direct access to the information.

(U//FOUO) Open source information comes from different online resources describing products or services

offered to conduct monetary transactions and are, therefore, considered reliable.

(U//FOUO) The FBI acknowledges that participants in the bitcoin economy have an incentive to emphasize the

popularity of Bitcoin. However, Bitcoin users also need reliable information about Bitcoin and the bitcoin

exchange rate. For the purposes of this assessment, the FBI assumes that the body of open source information

describing Bitcoin is generally indicative of the true state of the Bitcoin economy.

(U//FOUO) No contradictory information was found between FBI and open source reporting. Overall, the FBI

considers the body of reporting to be consistent and plausible in the context of the bitcoin environment.

UNCLASSIFIED//FOR OFFICIAL USE ONLY

UNCLASSIFIED

(U) The Bitcoin Economy

· (U) As of 18 April 2012, the third-party

bitcoin trading platform Mt. Gox recorded

more than $8 million in transactions

conducted over the past 30 days through Mt.

Gox trading, an average of more than

$276,000 per day.1

· (U) According to Bitcoin as of April 2012,

there were more than 8.8 million bitcoins in

circulation.2 With the average market price in

April 2012 between $4 and $5 per bitcoin, the

FBI estimates the Bitcoin economy was worth

$35 million to $44 million.3,4

· (U) From May 2011 Bitcoin values fluctuated

with exchange rates on Mt. Gox ranging as

high as $30 in June 2011 to a low as $4 in

December 2011.5

(U) Introduction

(U) Bitcoin3 is a decentralized, P2P network-based virtual currency that is traded online and

exchanged into US dollars or other currencies. Bitcoin, when paired with third-party services,

allows users to mine, buy, sell, or accept

bitcoins from anywhere in the world. Bitcoin’s

decentralized feature is unique among virtual

currencies. While Bitcoin developers4,6

maintain Web sites providing guidance to the

Bitcoin community, they do not have a

centralized database or authority. The P2P

network issues bitcoins through the mining

process and validates all transactions. Since

Bitcoin does not have a centralized authority,

detecting suspicious activity, identifying users,

and obtaining transaction records is

problematic for law enforcement.

(U) Despite the virtual nature of Bitcoin, users

value the currency for many of the same

reasons people trust Federal Reserve notes:

they believe they can exchange the currency for

goods, services, or a national currency at a later

date. As such, Bitcoin is currently accepted as a

form of payment at hundreds of legitimate retailers including vendors selling clothing, games,

music, and some hotels and restaurants.7 In addition, the unregulated nature of Bitcoin,

combined with its other unique features, attracts criminals to this form of payment and transfer

method.

(U) Unique Features Present Distinct Challenges for Detecting and Stopping Illicit Activity

(U//FOUO) FBI reporting and analysis reveals that cyber criminals use electronic payment

systems and virtual currencies5 as a way to launder money and to purchase or sell cyber goods

and services in furtherance of their criminal objectives.8 Bitcoin, like these other virtual

currencies, provides opportunities for criminals to transfer, launder, or steal funds. Bitcoin is

unique because it is the only decentralized, P2P network-based virtual currency. The way it

creates, operates, and distributes bitcoins makes it distinctively susceptible to illicit money

transfers, and manipulation through the use of malware and botnets.

3 (U) See Appendix C for a description of how Bitcoin works.

4 (U) The Bitcoin source code is hosted on Github (https://github.com/bitcoin/bitcoin), a code sharing Web site

where developers can work and submit changes. According to bitcoin.org there is a group of six core developers.

These developers presumably control which changes are accepted on Github.

5 (U) For example, WebMoney, Liberty Reserve and Pecunix.

UNCLASSIFIED//FOR OFFICIAL USE ONLY

(U//FOUO) All Bitcoin transactions are published online,9 but the only information that

identifies a Bitcoin user is a pseudorandomly6 generated Bitcoin address, making the

transactions somewhat anonymous (see text box). This potential anonymity is distinct from the

anonymity provided by other electronic payment systems. For example, WebMoney and Liberty

Reserve – which may allow users to register with false information, let suspicious activity go

unnoticed, or are located in a country that is not friendly to US law enforcement – still operate as

companies with centralized organization capable of instituting programs to ensure compliance

with the Bank Secrecy Act (BSA).

(U//FOUO) As a decentralized digital currency system, Bitcoin lacks a centralized entity10 and is

incapable of conducting due diligence (e.g., regulatory guidelines), monitoring and reporting

suspicious activity, running an anti-money laundering compliance program, or accepting and

processing legal requests like subpoenas.

(U) Bitcoins Used to Purchase Illicit Goods

(U//FOUO) The FBI assesses with medium confidence that, in the near term, cyber criminals

will treat Bitcoin as another payment option alongside more traditional and established virtual

currencies such as WebMoney, which they have little reason to abandon. This assessment is

6 (U) Bitcoin addresses are pseudorandom – defined by freedictionary.com as “of, relating to, or being random

numbers generated by a definite, nonrandom computational process”.

UNCLASSIFIED

(U) How Anonymous is Bitcoin?

(U) Bitcoin’s anonymity depends on the actions of the user. While some news articles have lauded Bitcoin as

“untraceable digital currency,”11 the “About Bitcoin” page on bitcoin.org does not list anonymity as a feature of the

currency.12 All Bitcoin transactions are published online and Internet Protocol (IP) addresses are linked to the public

Bitcoin transactions. If a user does not anonymize his or her IP address, an interested party can identify the

individual’s physical location.13,14 Additionally, in July 2011 researchers from the University College Dublin,

Ireland, demonstrated “the inherent limits of anonymity when using Bitcoin” by conducting passive analysis of

various types of public Bitcoin information, such as transaction records and user postings of public-private keys.

The researchers suggest that law enforcement agencies or other centralized services (such as exchangers or retailers)

who have access to less public information (bank account information or shipping addresses) can connect even more

real world identifiers to Bitcoin wallets and transaction histories.15

(U) What Users Can Do To Increase Anonymity16,17,18,19

· (U)Create and use a new Bitcoin address for each incoming payment.

· (U) Route all Bitcoin traffic through an anonymizer.

· (U) Combine the balance of old Bitcoin addresses into a new address to make new payments.

· (U) Use a specialized money laundering service.

· (U) Use a third-party eWallet service to consolidate addresses. Some third-party services offer the option of

creating an eWallet that allows users to consolidate many bitcoin address and store and easily access their

bitcoins from any device.

· (U) Individuals can create Bitcoin clients to seamlessly increase anonymity (such as allowing user to

choose which Bitcoin addresses to make payments from), making it easier for non-technically savvy users

to anonymize their Bitcoin transactions.

UNCLASSIFIED//FOR OFFICIAL USE ONLY

UNCLASSIFIED

(U) Decentralized Authority Vulnerabilities

· (U) No anti-money laundering software or

monitoring capabilities to identify suspicious

monetary patterns.

· (U) No identification of account owners or

their actual location.

· (U) No historical records of transactions

associated with real world identity.

· (U) More difficult to identify the original

source of funds compared to other online

currencies.

· (U) Law enforcement cannot target one

central location or company for investigative

purposes or to shut down the system.

based on fluctuations in the bitcoin exchange rate in 2011 and limited reporting indicating

bitcoins are being accepted as payment by some cyber criminals. If the exchange rate for bitcoins

stabilizes7 and Bitcoin becomes more widely accepted by vendors and illicit sellers on the

Internet, cyber criminals may increasingly use bitcoins to purchase illegal goods and services and

to fund illegal activities.

· (U//FOUO) As of October 2011, a cyber criminal selling a ZeuS botnet Trojan advised

that he only accepted payments through Bitcoin, Liberty Reserve, or WebMoney,

according to a collaborative source with good access, whose information has not been

corroborated.20

· (U) According to open source reporting as of June 2011, an online marketplace called

Silk Road was selling illegal drugs and only accepted payment through Bitcoin. Silk

Road allowed parties to communicate anonymously for the purchase and sale of illegal

goods, to include the purchase of illegal narcotics, in addition to using Bitcoin.

Customers could also leave feedback about their purchase experience in a system similar

to other online sellers.21

· (U//FOUO) As of June 2011, a member of the online hacktivist group LulzSec was using

Bitcoin to purchase a botnet, according to an FBI source, some of whose reporting had

been corroborated but that had been reported for less than one year.22

· (U//FOUO) According to open source reporting, as of June 2011 a member of LulzSec

claimed the group had received over $18,000 in Bitcoins from fans and supporters.23

Bitcoin allowed LulzSec to receive

donations without revealing the

identities of the owners or the

recipients. LulzSec provided updates

about the donations they received by

thanking donors publicly via status

updates on the social networking site

Twitter.

(U) Money Laundering

(U//FOUO) The FBI assesses with low

confidence that malicious actors will exploit

Bitcoin to launder money. The confidence

level is based on observed criminal activities,

investigations, and prosecutions of individuals

laundering money through other virtual

currencies, such as e-Gold and WebMoney. A

lack of reporting specific to Bitcoin restricts

7 (U) In 2011 the exchange rate for bitcoins fluctuated from about $1/bitcoin in February to $30/bitcoin on 8 June to

about $5/bitcoin in October. (www.bitcoincharts.com)

UNCLASSIFIED//FOR OFFICIAL USE ONLY

the confidence level. Since Bitcoin does not have a centralized authority (see text box on page

six), law enforcement faces difficulties in detecting suspicious activity, identifying users, and

obtaining transaction records – problems that might attract malicious actors to Bitcoin. If Bitcoin

becomes more widely accepted among vendors and users, the FBI anticipates seeing increased

Bitcoin money laundering activities.

· (U//FOUO) As of June 2011, organized criminal groups were using an online roleplaying

game to facilitate money laundering by purchasing virtual game currency with

the proceeds of criminal activity, according to an FBI sub-source of unknown reliability

whose reporting has not been corroborated. The virtual game currency was used to

purchase in-game virtual items that were then sold to other players for “clean money.”24

· (U//FOUO) In August 2010 an FBI source with direct access but of undetermined

reliability stated that he used fake names to register for WebMoney, a virtual currency

eletronic payment system, accounts which he used as part of a money laundering service.

The source catered to cyber criminals who earned money from carding activities but who

were not able to transfer money out of the United States by themselves.25

(U//FOUO) The FBI further assesses with medium confidence, based on previously witnessed

misuse of other virtual currencies, that malicious actors could increase their anonymity by

laundering their bitcoins through third-party Bitcoin services registered outside the US. Some of

these services act as exchangers or transmitters (see text box on page eight) that convert virtual

currencies to fiat currencies (or other virtual currencies) or transfer bitcoins between members.

Offshore services may provide additional anonymity by allowing currency exchange or money

transfer without verifying user identification or enforcing any monetary exchange limits.

· (U//FOUO) As of June 2010 unknown subjects created 3,000 online membership

accounts using 16,000 bank accounts at a US banking institution, according to a source

with direct access and whose information has been corroborated. Using the online

accounts, the perpetrators obtained fraudulent funds from victims by receiving payments

for nonexistent auction items; these funds were then used to purchase gold from gold

farmers. The subjects then sold this gold for real money – to others not linked to the

malicious actors – using a dedicated third-party service.26

· (U//FOUO) As of February 2009, an identified individual operated a Web site offering

money laundering services where cyber criminals could view the progress of their

transactions, according to a reliable, collaborative source with excellent access. The

individual laundered money using WebMoney.27

UNCLASSIFIED//FOR OFFICIAL USE ONLY

(U) Theft of Bitcoins

(U//FOUO) The FBI assesses with high confidence, based on reliable industry and FBI reporting,

that criminals intending to steal bitcoins can target and exploit third-party Bitcoin services and an

individual’s Bitcoin wallet, principally because there is no central Bitcoin server to compromise.

Malicious actors can compromise personal computers and accounts using malware and hacking

techniques to steal users’ bitcoins. Additional techniques involve the creation of botnets to

compromise victim computers and servers instructing them to mine bitcoins.

· (U) In mid-June 2011 researchers from a major computer security firm, whose reporting

has been reliable in the past, discovered the malware “Infostealer.Coinbit” – the first

malware designed to steal bitcoins from compromised users’ Bitcoin wallet. The malware

is capable of infecting users’computers and transferring their digital Bitcoin wallet to a

server in Poland.36

· (U) In June 2011 a Bitcoin user posted a message on a Bitcoin forum stating that 25,000

of their bitcoins has been stolen from an unencrypted Bitcoin wallet on their

computer.37, 38, 39 At the June exchange rate of about $20 per bitcoin, the estimated value

of the loss was $500,000.

UNCLASSIFIED//FOR OFFICIAL USE ONLY

(U) Third-Party Bitcoin Services

(U) Bitcoin, like most virtual currencies, requires individuals to use a third-party service to trade bitcoins for fiat

currency. Buying, selling, or trading in bitcoins – or converting bitcoins into another currency – must be done

using third-party businesses outside the Bitcoin P2P system. The number and diversity of these third-party

businesses provide users with options for moving and potentially laundering their money. 28,29,30

(U) Various third-party bitcoin services can, or are used to, facilitate trade between individuals and businesses,

buy and sell bitcoins, or convert bitcoins into other currencies.31 Users who do not want to use an intermediary

third-party can also post “buy” and “sell” orders on #bitcoin-otc, a Bitcoin marketplace located on the freenode

Internet relay chat (IRC) network. 32, 33

(U) In July 2011 FinCEN revised the definition of “money transmission service” to mean “the acceptance of

currency, funds, or other value that substitutes for currency from one person and the transmission of currency,

funds or other value to another location or person by any means.” It is likely that the business models of many

third-party bitcoin services qualify them as money transmitters, and therefore money services businesses (MSB),

under 31 CR Part 1010.100(ff)(5). Third-party bitcoin services that qualify as money transmitters and who wish

to operate legitimately must register with FinCEN, implement anti-money laundering programs, retain certain

records, and file suspicious activity reports and currency transactions reports as required. Additionally, since any

third-party Bitcoin service that falls under the MSB rule would do so as a money transmitter, there is not a

transaction threshold (such as 1,000 per day) that must be met for the regulations to apply, unlike dealers in

foreign exchange or issuers or sellers of checks or monetary instruments.34 (Note: In certain states, third-party

bitcoin services would also be required to obtain a state license).

(U//FOUO) Law enforcement might have opportunities to discover real user identifying information from some

third-party Bitcoin services because users must provide the services with real payment account information to

buy, sell, trade, and convert their bitcoins. For example, the Terms of Service for the third-party bitcoin trading

platform Mt. Gox states “members agree to provide Mt. Gox with accurate, current and complete information

about themselves as promoted by the registration process, and keep such information updated.”35

UNCLASSIFIED//FOR OFFICIAL USE ONLY

· (U) On 19 June 2011, a compromise involving the third-party bitcoin trading platform

Mt. Gox led to an attempt to sell $7 million in bitcoins, driving the trading price to near

zero before trading was suspended. 40, 41, 42

· (U//FOUO) According to a complaint received by the FBI’s Internet Crime Complaint

Center in April 2011, an individual had 680 bitcoins stolen from his online game site. At

the time of this incident the market price was $8 per bitcoin, creating a loss of $5,440.43

(U) Theft of Services for the Purpose of Mining Bitcoins

(U//FOUO) FBI and open source reporting indicates that malicious actors can exploit the way

bitcoins are generated by compromising victim computers and instructing them to mine bitcoins.

Criminals first install malware on a victim’s computer, then use these compromised computers to

generate bitcoins.

· (U/FOUO) An identified Internet security researcher who has reported reliability in the

past identified ZeuS malware that installed software that mined bitcoins. This ZeuS

software was spread by links placed on an identified social networking site.44

· (U) According to unconfirmed open source reporting from a major periodical whose

reporting has proven reliable in the past, a botnet made up of 100,000 infected computers

could be used to generate $7,500 worth of bitcoins per day, at late June 2011 exchange

rates, by using the computing resources of victim machines.45

(U) Since large-scale bitcoin mining requires a large amount of costly processing power and

electrical energy, some miners have resorted to “borrowing” processing power from large

computing clusters through computer intrusion. In addition to unauthorized access to networks,

there have been incidents where unauthorized use of a network had been linked to Bitcoin

mining.

· (U//FOUO) FBI reporting from a reliable source indicated that in late May 2011, an

unknown actor used several machines on a computing cluster at an identified Midwestern

university to manufacture bitcoins.46 As of 26 May 2011, two IP addresses were used to

compromise 22 machines and six computer clusters. On 29 May 2011, two different IP

addresses compromised an additional five workstations and two computer clusters. The

unknown actor then used the compromised computers to access networks at three other

identified universities and tried to gain access to two government facilities.47

· (U//FOUO) According to unconfirmed open source reporting, a system administrator for

a college near New York City admitted in a May 2011 interview to using the school’s

computers for Bitcoin mining unbeknownst to the school.48

UNCLASSIFIED//FOR OFFICIAL USE ONLY

(U) Outlook and Implications

(U//FOUO) Bitcoin will likely continue to attract cyber criminals who view it as a means to

transfer, launder, or steal funds as well as a means of making donations to groups participating in

illegal activities, such as hactivists. As long as there is a means of converting bitcoins into real

money, criminal actors will have an incentive to steal them. Since maintaining anonymity while

using Bitcoin requires that users not exchange or transfer their bitcoins using third-party bitcoins

services that require real world account information, the use of bitcoins to make donations to

disreputable groups (which can be done within the Bitcoin P2P system) will likely remain one of

the most popular uses for the virtual currency.

(U//FOUO) If Bitcoin stabilizes and grows in popularity, it will become an increasingly useful

tool for various illegal activities beyond the cyber realm. For instance, child pornography and

Internet gambling are illegal activities already taking place on the Internet which require simple

payment transfers. Bitcoin might logically attract money launderers, human traffickers, terrorists,

and other criminals who avoid traditional financial systems by using the Internet to conduct

global monetary transfers.

(U//FOUO) Although Bitcoin does not have a centralized authority, the FBI assesses with

medium confidence that law enforcement can discover more information about, and in some

cases identify, malicious actors, if the actors convert their bitcoins into a fiat currency. Thirdparty

bitcoin services may require customers to submit valid identification or bank information

to complete transactions. Furthermore, any third-party service that qualifies as a money

transmitter, and therefore a MSB, must register with the FinCEN and implement an anti-money

laundering program.49

(U) Intelligence Gaps

· (U//FOUO) Who is using Bitcoin to circumvent BSA regulations (e.g., money

launderers)?

· (U//FOUO) Which third-party Bitcoin services support illegal activity?

· (U//FOUO) Which criminal, nation state, and terrorist organizations are using Bitcoin to

finance their operations?

(U) Intelligence Collection Requirements Addressed in Paper

(U//FOUO) This intelligence assessment will address requirements contained in the following

FBI National Standing Collection Requirements topics: Botnets contained in WW-BOT-CYDSR-

0027-11, Money Laundering contained in USA-MLA-CID-0032-10, Cyber Intrusions

with a Criminal Nexus contained in WW-CYBR-CYD-SR-0061-10, and Virtual Worlds/Online

Games contained in WW-CYBER-CYD-SR-0028-11.

(U) This assessment was prepared by the Domestic Threats Cyber Intelligence Unit, Technology Cyber Intelligence

Unit, and the Financial Crimes Intelligence Unit of the FBI. Comments and queries may be addressed to the unit

chiefs at 202-651-3051, 202-651-3139 or 202-324-8629, respectively.

UNCLASSIFIED//FOR OFFICIAL USE ONLY

(U) Appendix A: Key Terms

(U) Bitcoin wallet: A data file that stores bitcoin currency (see appendix C). A user downloads

software to a personal computer or may use an online, third-party provider to create a wallet

(often called an eWallet) to store bitcoins.

(U) Botnets: Any group of two or more computers and/or mobile devices that are controlled

and/or updated remotely for an illegal purpose. Botnets can be used to perform denial of service

attacks, send spam e-mail, host illegal content, and may aid in most other types of online

criminal behavior.

(U) Carding: the act of trafficking and/or fraudulent use of stolen credit card account

information.

(U) Decentralized: No central administration, issuing authority, or database.

(U/FOUO) Cyber underground: The extensive network of members engaged in cyber crime

activities that have a unique language, an underground economy, a set of expectations about its

members’ conduct, and a system of social stratification based on knowledge, skill, and activities.

(U) Electronic payment systems: Provide a secure means of transferring money among parties

to facilitate e-commerce and operate using real money or virtual currency. Electronic payment

systems either allow payment to be made between users, vendors, and other merchants, or they

only allow payments to be made between users or accounts. There is both a regulated sector and

a sector operating outside regulatory systems.

(U) Exchangers: Online entities that, for a fee, convert cash, virtual currency, or digital gold

currency into the type of currency requested. In general, individuals must use an exchanger to

deposit money into an electronic payment system account, unless the electronic payment system

has a physical location. Due to this fact, exchangers are a vital part of the money flow for

electronic payment systems and virtual currencies.

(U) Fiat Currency: Money that has value solely due to government regulation or law. Most

modern currencies, such as the US dollar and the Euro are fiat currencies.

(U) Freenode: An open source software-focused Internet relay chat network.

(U) Hacktivists: Individuals or groups who attack computer systems to draw attention to a

particular issue, influence public opinion, or punish perceived entities who oppose their

ideological positions.

(U) Internet Relay Chat (IRC): A form of real-time Internet synchronous conference, mainly

designed for group communication in discussion forums called channels, but also allowing oneto-

one communication via private messages.

UNCLASSIFIED//FOR OFFICIAL USE ONLY

(U) Malware or malicious software: Computer software that facilitates illicit activities, to

include data exfiltration, denial of service attacks, fraud, and spam dissemination.

(U) Mining, Bitcoin (also known as Bitcoin Creation, Bitcoin Generation, and Bitcoin

Manufacturing): The process of allowing the Bitcoin network to use a computer’s resources in

exchange for the possibility of earning bitcoins. The more computing power a user offers, the

more likely they are to receive bitcoins.

(U) Money services business (MSB): Any person doing business in one or more of the

following capacities, wholly or in substantial part within the United Sates: 1.) dealer in a foreign

exchange; 2.) check casher; 3.) issuer or seller of traveler’s checks or money orders; 4.) issuer,

seller, or redeemer of stored value; 5.) money transmitter; 6.) U.S. Postal Service (31 C.F.R

103.11).50

(U) Money transmitter: A person that provides money transmission services. The term “money

transmission services” means the acceptance of currency, funds, or other value that substitutes

for currency from one person and the transmission of currency, fund, or other value that

substitutes for currency to another location or person by any means.51

(U) Peer-to-Peer (P2P): A type of network in which each workstation has equivalent

capabilities and responsibilities. P2P is typically used for the transfer of data from one peer to

another and are free programs that can be easily downloaded from the Internet. P2P file-sharing

is the primary source for pirated software. Some popular examples include Limewire, Kazaa, and

Gnutella.

(U) Public Key Cryptography (PKI): A framework for creating a secure method for

exchanging information based on public key cryptography. PKI uses a certificate authority (CA),

which issues digital certificates that authenticate the identity of organizations and individuals

over a public system such as the Internet.

(U) Real money: Coins or paper notes issues and backed by a government and used as a

medium of exchange and measure of value.

(U) Virtual currency: Something used on the Internet that is in circulation as a medium of

exchange but is not backed by a government.

(U) ZeuS Trojan: malicious software used by cyber criminals to steal online account

credentials.

UNCLASSIFIED//FOR OFFICIAL USE ONLY

Appendix B: Confidence Levels

(U) High confidence generally indicates that FBI judgments are based on high-quality

information from multiple sources or a single highly reliable source, or that the nature of the

issue makes it possible to render a solid judgment.

(U) Medium confidence generally means that the information is interpreted in various ways,

that the FBI has alternating views, or that the information, while credible, is of insufficient

reliability to warrant a higher level of confidence.

(U) Low confidence generally means that the information is scant, questionable, or very

fragmented; that it is difficult to make solid analytic inferences; or that the FBI has significant

concerns or problems with the source.

UNCLASSIFIED//FOR OFFICIAL USE ONLY

(U) Appendix C: How Does Bitcoin Work?

(U) To use Bitcoin, an individual first downloads and installs the free Bitcoin software (client).

The application uses Public Key Cryptography (PKI) to automatically generate a Bitcoin address

where the user can receive payments. The address is a unique 36 character-long string of

numbers and letters and is stored in a user’s virtual “wallet” on his or her local file system. Users

can create as many Bitcoin addresses as they like to receive payments and can use a new address

for every transaction they receive.

(U) To send bitcoins, users input the address they would like to send their bitcoins to and the

amount of bitcoins they would like to transfer. The user’s computer then digitally signs the

transaction and sends the information to the distributed, P2P Bitcoin network. The P2P network

verifies that the person sending the bitcoins is the current owner of the bitcoins they are sending,

prohibiting a malicious user from spending the same bitcoins twice. Once the transaction has

been validated by the Bitcoin network, receivers can spend the bitcoins they have received. This

process usually takes a few minutes and is not reversible.

(U) The Bitcoin software program controls the rate of bitcoin creation, but it does not control the

market value of a bitcoin; the market value is determined by the supply of bitcoins in circulation

and people’s desire to hold or trade bitcoins.52, 53 Unlike most fiat currencies, in which central

banks can arbitrarily increase the supply of currency, Bitcoin is designed to eventually contain

21 million bitcoins; no additional coins will be created after that point, preventing inflation.

(U) Bitcoin was created in such a way that the clients “mine” bitcoins at a predetermined rate.

This chart illustrates the growth rate from 2009 to 2033, the year the last new bitcoin will be

created.

Source: (U) Internet site; Bitcoin Wiki; “Controlled Currency Supply”;

https://en.bitcoin.it/wiki/Controlled_Inflation; accessed in 5 March 2012; The source is a community wiki aimed at

allowing anyone to freely document information about Bitcoin. Users must create a free account with a valid e-mail

address to edit the Bitcoin Wiki.

UNCLASSIFIED//FOR OFFICIAL USE ONLY

Distribution

DI/OCA

LEO

SIPRNet

JWICS

NCTC S and TS

LNI

Australian Federal Police (AFP)

Metropolitian Police – Police Central e-Crime Unit (PCeU)

New Zealand Police

Royal Canadian Mounted Police (RCMP)

Serious Organised Crime Agency (SOCA)

UNCLASSIFIED//FOR OFFICIAL USE ONLY

(U) Endnotes

1 (U) Internet site; Bitcoincharts.com; “Mt. Gox (USD/dwolla/SEPA)”;

http://bitcoincharts.com/markets/mtgoxUSD.html; accessed on 18 April 2012; the source provides financial and

technical data related to the Bitcoin network and uses daily intervals to display information. While this information

may contain biases, the FBI assumes the information is generally indicative of the true state of the Bitcoin economy.

2 (U) Internet site; Bitcoin Block Explorer; “total bc”; http://blockexplorer.com/q/totalbc; accessed on 18 April

2012; The source is a Web site that posts information about Bitcoin transaction based on code developed by a

volunteer. While this may contain inaccuracies, the FBI assumes the information is generally indicative of the true

state of the Bitcoin economy.

3 (U) Internet site; Bitcoincharts.com; “Markets”; http://bitcoincharts.com/markets; accessed on 18 April 2012; the

source provides financial and technical data related to the Bitcoin network and uses daily intervals to display

information. While this information may contain biases, the FBI assumes the information is generally indicative of

the true state of the Bitcoin economy.

4 (U) Internet site; Bitcoincharts.com; “Mt. Gox (USD/dwolla/SEPA)”;

http://bitcoincharts.com/charts/mtgoxUSD_trades.html; accessed on 18 April 2012; the source provides financial

and technical data related to the Bitcoin network and uses daily intervals to display information. While this

information may contain biases, the FBI assumes the information is generally indicative of the true state of the

Bitcoin economy.

5 (U) op. cit. endnote 1.

6 (U) Internet site; Github; “Bitcoin/bitcoin”; https://github.com/bitcoin/bitcoin; accessed on 19 April 2012; the

source is a code sharing Web site where developers can work and submit changes.

7 (U) Internet site; Bitcoin Wiki; “Trade”; https://en.bitcoin.it/wiki/Trade; accessed 18 April 2012; The source is a

community wiki aimed at allowing anyone to freely document information about Bitcoin. Users must create a free

account with a valid e-mail address to edit the Bitcoin Wiki. While this wiki is edited by the community and may

contain biases, the FBI assumes the information accurately reflect businesses which accept bitcoins as payment.

8 (U) FBI; Intelligence Assessment; (U) Cyber Criminal Exploitation of Electronic Payment Systems and Virtual

Currencies; 23 February 2011.

9 (U) Internet site; Bitcoin Block Explorer; http://blockexplorer.com; accessed 18 April 2012; The source is a Web

site that posts information about Bitcoin transactions based on code developed by a volunteer. While this may

contain inaccuracies, the FBI assumes the information is generally indicative of the true state of the Bitcoin

economy.

10 (U) Internet site; Bitcoin.org; “About Bitcoin”; http://bitcoin.org/about.html; accessed on 9 February 2012;

Bitcoin.org is the official Web site of Bitcoin. While this information may contain biases, the FBI assumes the

information is generally indicative of the true state of the Bitcoin economy.

11 (U) Internet site; Adrian Chen; Gawker; “The Underground Website Where You Can Buy Any Drug Imaginable”;

1 June 2011; http://gawker.com/5805928/the-underground-website-where-you-can-buy-any-drug-imaginable;

accessed on 2 June 2011; The source is an online blog-oriented media site owned by Gawker Media.

12 (U) op. cit. endnote 10.

13 (U) Internet site; Bitcoin Wiki; “Network”; https://en.bitcoin.it/wiki/Network; accessed on 9 February 2012; the

source is a community wiki aimed at allowing anyone to freely document information about Bitcoin. Users must

create a free account with a valid e-mail address to edit the Bitcoin Wiki. While this wiki is edited by the community

and may contain biases, the FBI assumes the information is generally indicative of the trust state of the Bitcoin

economy.

14 (U) Internet Article; Jason Mick; Daily Tech; “Cracking the Bitcoin: Digging Into a $131M USD Virtual

Currency”; 12 June 2011;

http://www.dailytech.com/Cracking+the+Bitcoin+Digging+Into+a+131M+USD+Virtual+Currency/article21878.ht

m; accessed on 9 December 2011; The source is an online magazine publishing news, research and discussion on

current and upcoming science and information technology issues.

15 (U) Online Article; Fergal Reid and Martin Harrigan; University College Dublin; “An Analysis of Anonymity in

the Bitcoin System”; 22 July 2011 ; http://arxiv.org/PS_cache/arxiv/pdf/1107/1107.4524v1.pdf ; accessed on 20

December 2011; The authors are researchers with the Clique Research Cluster at University College Dublin, Ireland.

16 (U) Internet site; Bitcoin Wiki; “Anonymity”; https://en.bitcoin.it/wiki/Anonymity; accessed on 9 February 2012;

the source is a community wiki aimed at allowing anyone to freely document information about Bitcoin. Users must

create a free account with a valid e-mail address to edit the Bitcoin Wiki. While this wiki is edited by the community

UNCLASSIFIED//FOR OFFICIAL USE ONLY

and may contain biases, the FBI assumes the information is generally indicative of the true state of the Bitcoin

economy.

17 (U) Internet site; Bitcointalk Forum; “Patching the Bitcoin Client to Make it More Anonymous”; 30 June 2011;

https://bitcointalk.org/index.php?topic=24784.msg307661#msg307661; accessed on 9 February 2012; the source is

a forum dedicated to Bitcoin discussions. While this information may contain biases, the FBI assumes the

information is generally indicative of the true state of the Bitcoin development community.

18 (U) Internet site; Timothy Lee; Forbes; “How Private are Bitcoin Transactions?”; 14 July 2011;

http://www.forbes.com/sites/timothylee/2011/07/14/how-private-are-bitcoin-transactions; accessed on 9 February

2012; the source is an adjunct scholar at the Cato institute with a master’s degree in computer science. He is a

contributed to Forbes, an Internet media company providing commentary, analysis tools and real-time reporting to

businesses and investment leaders.

19 (U) Internet site; Thomas Lowenthal; Active Rhetoric Blog; “Bitcoin: More Covert than it Looks”; 14 July 2011;

http://activerhetoric.wordpress.com/2011/07/14/bitcoin-more-covert-than-it-looks; accessed on 9 February 2012; the

source is a blog.

20 (U//FOUO) FBI; IIR; 4 213 0829 12; 12 December 2011; 18 October 2011; “(U//FOUO) Identification of

Individual Using Online Moniker ‘Cipher’ Selling a Zeus Trojan Botnet on an Identified US Web site as of October

2011”; UNCLASSIFIED//FOR OFFICIAL USE ONLY; UNCLASSIFIED//FOR OFFICIAL USE ONLY; A

collaborative source with good access, none of whose reporting has been corroborated for less than one year.

21 (U) op. cit. endnote 11.

22 (U//FOUO) FBI; 17 June 2011; June 2011; FBI Case Information; UNCLASSIFIED//FOR OFFICIAL USE

ONLY; UNCLASSIFIED//FOR OFFICIAL USE ONLY; an FBI source, some of whose reporting has been

corroborated but that has reported for less than one year.

23 (U) Internet site; The Next Web; “Lulzsec Claims to Have Received Over $18,000 in Donations”; 24 June 2011;

http://thenextweb.com/insider/2011/06/24/lulzsec-claims-to-have-received-over-18000-worth-of-donations/;

accessed on 12 October 2011; the source is a technology blog publishing news and views from an international

perspective.

24 (U//FOUO) FBI; 3 June 2011; 27 May 2011; FBI Case Information; UNCLASSIFIED; an FBI sub-source of

unknown reliability whose reporting has not been corroborated.

25 (U//FOUO) FBI; 10 August 2010; 6 August 2009; FBI Case Information; UNCLASSIFIED//FOR OFFICIAL

USE ONLY; UNCLASSIFIED//FOR OFFICIAL USE ONLY; An FBI source with first-hand access to the

information and whose reliability cannot be determined.

26 (U//FOUO) FBI; IIR; 4 213 4056 11; 15 August 2011; 9 June 2010; “(U//FOUO) Creation of Bank Accounts by

an Internet Bot For Use in a Massively Multiplayer Online Role Playing Game and E-Commerce Payment Site

Scheme, June 2010”; UNCLASSIFIED//FOR OFFICIAL USE ONLY; UNCLASSIFIED//FOR OFFICIAL USE

ONLY; the source is an FBI agent.

27 (U//FOUO) FBI; IIR; 4 213 4947 09; 11 August 2009; 18 February 2009; “(U//FOUO) Identification of Money

Laundering Web Site Operated by Individual Linked to Internet Fraud Schemes, as of February 2009”;

UNCLASSIFIED//FOR OFFICIAL USE ONLY; UNCLASSIFIED//FOR OFFICIAL USE ONLY; A collaborative

source with excellent access, much of whose reporting has been corroborated over the past two years. Source spoke

in confidence.

28 (U) Internet site: Bitcoin Wiki; “Selling Bitcoins”; https://en.bitcoin.it/wiki/Selling_bitcoins; accessed on 9

February 2012; the source is a community wiki aimed at allowing anyone to freely document information about

Bitcoin. Users must create a free account with a valid e-mail address to edit the Bitcoin Wiki. While this wiki is

edited by the community and may contain biases, the FBI assumes the information is generally indicative of the true

state of the Bitcoin economy.

29 (U) Internet site: Bitcoin Wiki; “Buying Bitcoins”; https://en.bitcoin.it/wiki/Buying_bitcoins; accessed on 9

February 2012; the source is a community wiki aimed at allowing anyone to freely document information about

Bitcoin. Users must create a free account with a valid e-mail address to edit the Bitcoin Wiki. While this wiki is

edited by the community and may contain biases, the FBI assumes the information is generally indicative of the true

state of the Bitcoin economy.

30 (U) Internet site: Bitcoin Wiki; “Secure Trading”; https://en.bitcoin.it/wiki/Secure_Trading; accessed on 9

February 2012; the source is a community wiki aimed at allowing anyone to freely document information about

Bitcoin. Users must create a free account with a valid e-mail address to edit the Bitcoin Wiki. While this wiki is

edited by the community and may contain biases, the FBI assumes the information is generally indicative of the true

state of the Bitcoin economy.

UNCLASSIFIED//FOR OFFICIAL USE ONLY

31 (U) Internet side; Jason Mick; Daily Tech; “Internet Digital Black Friday: First Bitcoin “Depression” Hits”; 10

June 2011; https://www.dailytech.com/Digital+Black+Friday+First+Bitcoin+Depression+Hits/article21877.htm;

accessed on 16 June 2011; The source is an online magazine publishing news, research, and discussion on current

and upcoming science and information technology issues.

32 (U) Internet site; Bitcoin-otc; “#bitcoin-otc marketplace”; http://bitcoin-otc.com; accessed on 14 October 2011;

The source is an online marketplace for the exchange and sales of bitcoins.

33 (U) Internet site; Bitcoin Wiki; “Using bitcoin-otc”; http://wiki.bitcoin-otc.com/wiki/Using_bitcoin-otc; accessed

on 21 June 2011; the source is a community wiki aimed at allowing anyone to freely document information about

Bitcoin. Users must create a free account with a valid e-mail address to edit the Bitcoin Wiki. While this wiki is

edited by the community and may contain inaccuracies, the FBI assumes the information is generally indicative of

the true state of the Bitcoin community.

34 (U) Online publication; Federal Register Col. 17, No. 140; “Bank Secrecy Act Regulations; Definitions and Other

Regulations Relating to Money Services Businesses”; 21 July 2011; http://www.gpo.gov/fdsys/pkg/FR-2011-07-

21/pdf/2011-18309.pdf; accessed on 9 March 2012; pages 43585-43597.

35 (U) Internet site; Mt. Gox; “Terms of Use”; 20 January 2012; https://mtgox.com/terms_of_service”; accessed on 7

March 2012; Mt. Gox is a third-party bitcoin trading platform

36 (U) Internet site; Kevin Poulsen; Wired; “New Malware Steals Your Bitcoin”; 16 June 2011;

http://www.wired.com/threatlevel/2011/06/bitcoin-malware/; accessed 23 June 2011; The source is an online

publication that provides news reporting, commentary and reviews on innovation in technology, science, business

and culture. Wired.com is part of the Conte Nast Digital Network.

37 (U) Internet site; Timothy B. Lee; Ars Technica; “A Risky Currency? Alleged $500,000 Bitcoin Heist Raises

Questions”; 15 June 2011; http://arstechnica.com/tech-policy/news/2011/06/bitcoin-the-decentralized-virtualcurrencyrisky-

currency-500000-bitcoin-heist-raises-questions.ars; accessed 2 August 2011; The source is a

technology Web site that offers a mix of news, in-depth trend analysis and how-to instruction. Arstechnica.com is

part of the Conte Nast Digital Network.

38 (U//FOUO) FBI; Internet Crime Complaint Center; Complaint Referral Form; 18 June 2011; source is a

victim/consumer complaint. The reliability cannot be determined.

39 (U) Internet Site; Bitcoin Forum, “I just got hacked – any help is welcome! (25,000 BTC stolen)”; 13 June 2011 ;

https://bitcointalk.org/index.php?topic=16457.0; accessed 1 January 2012; The source is a forum where users post

messages discussing bitcoins.

40 (U) Internet site; James Ball; The Guardian; “LulzSec Rogue Suspected of Bitcoin Hack”; 22 Jun 2011;

http://www.guardian.co.uk/technology/2011/jun/22/lulzsec-rogue-suspected-of-bitcoin-hack; accessed on 6 July

2011; The source is the online publication of the United Kingdom’s Guardian newspaper.

41 (U) Internet site; Jason Mick; Daily Tech; 19 June 211;

http://www.dailytech.com/Inside+the+MegaHack+of+Bitcoin+the+Full+Story/article21942.htm; accessed on 21

June 2011; the source is an online magazine publishing news, research and discussion on current and upcoming

science and information technology issues.

42 (U) Internet site; Sean Ludwig; VentureBeat; “Popular Bitcoin Exchange Mt. Gox Hacked, Prices Drop to

Pennies”; 19 June 2011; http://venturebeat.com/2011/06/19/popular-bitcoin-exchange-mt-gox-hacked-prices-dropto-

pennies/; accessed on 21 June 2011; the source is a blog and online news site whose stated mission is to provide

news about innovation for forward-thinking executives.

43 (U//FOUO) FBI; Internet Crime Complaint Center; Complaint Referral Form; 14 May 2011; 23 April 2011; the

source is a victim/consumer complaint and the reliability cannot be determined.

44 (U//FOUO) FBI; 2 Jun 2011; FBI Information; Source is an Internet security researcher who has reported reliably

in the past.

45 (U) op. cit. endnote 40.

46 (U//FOUO) FBI; IIR; 4 213 3647 11; 18 July 2011; 31 May 2011; “(U//FOUO) Compromise of Computer

Clusters at Identified US Universities for the Purpose of Manufacturing Virtual Currency, as of May 2011”;

UNCLASSIFIED//FOR OFFICIAL USE ONLY; SECRET//NOFORN; a collaborative source with excellent access,

much of whose reporting has been corroborated over the past two years.

47 (U//FOUO) FBI; IIR; 4 213 3754 11; 25 July 2011; May 2011; “(U//FOUO) Update to Compromise of Computer

Clusters at Identified US Universities for the Purpose of Manufacturing Virtual Currency, as of May 2011”;

UNCLASSIFIED//FOR OFFICIAL USE ONLY; UNCLASSIFIED//FOR OFFICIAL USE ONLY; a collaborative

source with excellent access, much of whose reporting has been corroborated over the past two years.

UNCLASSIFIED//FOR OFFICIAL USE ONLY

48 (U) Internet Site: motherboard.tv; “How to Get Rich on Bitcoin, by a System Administrator Who’s Secretly

Growing Them on His School’s Computers”; 27 May 2011; http://www.motherboard.tv/2011/5/27/how-to-get-richon-

bitcoin-by-a-system-administrator-who-s-secretly-growing-them-on-his-scool-s-computers; accessed on 14

October 2011; the source is a Web site dedicated to the meeting point of science, technology, and culture. It is

49 (U) Online publication; Federal Register Col. 76, No. 140; “Bank Secrecy Act Regulations; Definitions and Other

Regulations Relating to Money Services Businesses” 21 July 2011; http://www.gpo.gov/fdsys5/pkg/FR-2011-07-

21/pdf/2011-18309.pdf; accessed on 9 March 2012; page 43596.

50 (U) Online publication; Federal Register Vol. 76, No. 140; “Bank Secrecy Act Regulations; Definitions and Other

Regulations Relating to Money Services Businesses”; 21 July 2011; http://www.gpo/gov/fdsys/pkg/FR-2011-07-

21/pdf/2011-18309.pdf; accessed on 9 March 2012; pages 43585-43597.

51 (U) Online publication; Federal Register Vol. 76, No. 140; “Bank Secrecy Act Regulations; Definitions and Other

Regulations Relating to Money Services Businesses”; 21 July 2011; http://www.gpo/gov/fdsys/pkg/FR-2011-07-

21/pdf/2011-18309.pdf; accessed on 9 March 2012; pages 43596.

52 (U) Internet site; Bitcoin Wiki; “FAQ Page”; http://en.bitcoin.it/wiki/FAQ/; accessed on 20 January 2012; the

source is a community wiki aimed at allowing anyone to freely document information about Bitcoin. Users must

create a free account with a valid e-mail address to edit the Bitcoin Wiki. While this wiki is edited by the community

and may contain biases, the FBI assumes the information is generally indicative of the true state of the Bitcoin

economy.

53 (U) Internet site; Stephen Chapman; ZDNet; “Bitcoin: A Guide to the Future of Currency”; 15 June 2011;

http://www.zdnet.com/blog/btl/bitcoin-a-guide-to-the-future-of-currency/50601; accessed on 21 June 2011; the

source, available in seven regional editions, is an online resource of technology-related issues featuring blogs,

product reviews, software downloads, white papers and research.

05/8/12

Digital Entry Through Your Back Door

A proposed expansion of surveillance authority is being pushed by the DoJ to counter what it calls its ‘Going Dark’ problem.

CYBERSPACE—A few Colombian sex workers now know what it’s like to be fucked by the Secret Service, and in more ways than one, but it may not be too long before we all know what it’s like to have federal law enforcement living inside our asses, collectively and individually. It could get messy.

As CNET’s Declan McCullagh reported Friday, “The FBI is asking Internet companies not to oppose a controversial proposal that would require firms, including Microsoft, Facebook, Yahoo, and Google, to build in backdoors for government surveillance.”

The problem, says the Bureau, is that “the dramatic shift in communication from the telephone system to the Internet has made it far more difficult for agents to wiretap Americans suspected of illegal activities.”

Can’t have that! So the office of the FBI general counsel’s “has drafted a proposed law that the bureau claims is the best solution: requiring that social-networking Web sites and providers of VoIP, instant messaging, and Web e-mail alter their code to ensure their products are wiretap-friendly.”

From the following reaction by an industry rep who saw the draft legislation, it sounds as if the individual is not necessarily looking forward to bending over and spreading them for the feds: “If you create a service, product, or app that allows a user to communicate, you get the privilege of adding that extra coding,” s/he said. A second industry rep told CNET that the requirements only apply to sites or networks that exceed a certain number of users.

According to McCullagh, the proposal expands upon an existing law called the Communications Assistance for Law Enforcement Act (CALEA) that covers telecommunications but not the internet, and is being pushed hard by the Justice Department and other federal agencies in a bid to address a problematic trend identified by the FBI as “Going Dark,” which refers to the alleged inability of law enforcement to keep track of people as technology advances.

In fact, the FBI reinforced its concerns about going dark Friday, stating in a comment to CNET, “[There are] significant challenges posed to the FBI in the accomplishment of our diverse mission. These include those that result from the advent of rapidly changing technology. A growing gap exists between the statutory authority of law enforcement to intercept electronic communications pursuant to court order and our practical ability to intercept those communications. The FBI believes that if this gap continues to grow, there is a very real risk of the government ‘going dark,’ resulting in an increased risk to national security and public safety.”

But CNET reports that in addition to the DoJ, the federal Communications Department also is interested in tweaking CALEA to include “products that allow video or voice chat over the Internet—from Skype to Google Hangouts to Xbox Live.”

Neither is the effort to expand CALEA new. The FBI has been concerned about this issue since 2006 and began its efforts to get litigation passed seven years ago, reported McCullagh, who added that the only thing keeping the already-written legislation from being considered by Congress is the unwillingness of the Obama Administration to send the bill to the Hill.

“A representative for Sen. Patrick Leahy, head of the Judiciary committee and original author of CALEA, said today that ‘we have not seen any proposals from the administration,’” wrote McCullagh.

From the FBI’s perspective, nothing in the proposed law expands current wiretapping law, which will continue to require a court order. The idea, they say, is to improve their technological ability to “provide results,” meaning making access easier. Toward that end, Subsentio, a Colorado-based company that sells CALEA compliance products, told CNET that the proposed measure “provides a ‘safe harbor’ for internet companies as long as the interception techniques are ‘good enough’ solutions approved by the attorney general,” or “if companies ‘supply the government with proprietary information to decode information’ obtained through a wiretap or other type of lawful interception, rather than ‘provide a complex system for converting the information into an industry standard format.’”

Either way, the FBI is angling to have the presumably anonymous ability to keep tabs on virtually every form of person-to-person communications available, which is something that makes a lot of people uncomfortable. In addition to several critics of the law mentioned in the CNET article, including EFF, the Computer and Communications Industry Association and TechAmerica, a trade association that includes representatives of HP, eBay, IBM, Qualcomm, and other tech companies on its board of directors, Salon.com contributor Glenn Greenwald published a blistering denunciation of the effort Sunday in a piece called, “Surveillance State democracy.”

“The procedure being used here by the FBI to obtain these powers is just as significant to me as the substance of the policy it wants,” warns Greenwald. ”Notice how the FBI—in order to obtain these new powers—does not believe it needs to persuade the American citizenry to accept it. Instead, they’re meeting with the people who actually hold power over our laws—industry executives—in order to plead with them not to oppose this. FBI officials even planned a pilgrimage to Silicon Valley ‘to meet with Internet companies’ CEOs and top lawyers’ in the hope of obtaining their permission to proceed with this new scheme.”

From secret surveillance by government of P2P communications to secret surveillance by ISPs of the content you are downloading, it would appear that the brave new world imagined by the internet could yet become a maze for rats.

The good news, according to Greenwald, is that it is still “possible for citizens to meaningfully oppose this relentless expansion of the Surveillance State.” In light of his claim that “those who continue to expand the National Security and Surveillance State appear to have little fear of any meaningful citizen backlash,” however, Greenwald is also saying that the time to “mobilize meaningful citizen opposition to growing government surveillance powers” is now.

04/30/12

Cyber Weapons and Cyber Attacks

gAtO wAs -reading my friend Pierluigi Paganini’s Security Affairs blog – http://securityaffairs.co - about “Google Used as Cyber Weapons and it got me thinking. To put it in todays terms, cyber Iran is in the news lately and they do control oil coming from the middle east. Their oil fields are controlled by the Internet (SCADA) and thus vulnerable to a cyber attack. So talking about cyber weapons is not far fetched.. so.. What are Cyber weapons and how do we use them in today’s digital infrastructure. Cyber weapons today are not just about security but also as a geo-political tool and it’s power to control the price of oil as well as an a attack vector.

We have targeted and un-targeted cyber weapons. If we look at Stuxnet and DuQu style of targeted attacks we have a cyber weapon that is guided to make sure it has the right target then uses unpublished certificates to give the software a trusted attack vector, then it goes about doing it’s dirty work. DuQu is different and these two codes do different things one is a computer to kinetic cause and effect like messing with their centrifuges in their enrichment plant and telling the monitoring stations that everything was cool and dandy and then deletes itself from the face of the earth after a self-kill date.

One lone person can with today’s tools develop, control and execute a massive cyber attack to any physical device that is connected to the Internet.

What is a Cyber Weapon? – http://hackmageddon.com/2012/04/22/what-is-a-cyber-weapon/

On the other hand DuQu goes and does recon and gathering of information to make an attack transmit it back to Command & Control, then sits back and waits quietly and undetected. What a dynamic dual these two are, why mention these two because, Stuxnet was the first and DuQu was the son of…stuxnet. We now have an evolving Code-Based warrior class of cyber weapons that using this framework other cyber weapons can be created.

The Internet was design as a weapons-class communication medium.

Spammers and phising criminals have got a new tool social engineering: it is used in:Advanced Persistent Threat (APT) style attacks just a simple email attachment and your their next victim. Then the Chinese did a clever legal plain overt in your face thing— they created an FACEBOOK account for “James Stavridis” who happens to be an American Admiral in the Minister of Defence in NATO and then other officials from NATO accepted his Friend request and gathered tons of personal information about high ranking NATO officials.

This is the plain in sight social engineering planning that goes into today’s complex cyber operations. It’s a numbers game. The question needs to be asked. How many dead unknown family relatives have died and left me billion of dollars from Nigeria? Like I said someone will click on the link, greed, stupidity or just drunk, they just created another zombie computer. This zombie can now be given a dictionary attack code to hack your site and the hack begins a new. The life-cycle of hacking botNet.

The bad guy’s are everywhere - The social engineer aspect in today’s social networks is so new that nobody has the rules.

Let’s go into a hackers mind. I’m a game player and we figure out the games and then find the weak spot and slide right in and killing that monster to that level 22 knight elf warrior. To make it more fun Google and Facebook are changing their security policy to allow more and more information about ourselves is available online. Make sure you know that anything you say online is stored, collected and examined until you go down the rabbit hole like ToR “Smile your on candid camera” – all the time.

In today’s digital matrix just about anything can be used to hack you.

We today have attacks like the LuckyCat attack from China that has a Chinese professor with a masters and PHD in computer science leading the team. The LuckyKat hack was very well though out and planned with “state-sponsored individuals in China”. Lucky Cat:

To avoid detection, the hackers used a diverse set of infrastructure and anonymity tools. Each attack used a unique campaign code to track which victims were compromised by which malware, illustrating that the attackers were both very aggressive and continually targeted intended victims with several waves of malware, according to Trend Micro’s report.

The security company was able to connect an email address used to register one of the group’s command-and-control servers to a hacker in the Chinese underground community.

The hacker has been using aliases “dang0102″ or “scuhkr” and has been linked to the Information Security Institute of the Sichuan University in Chengdu, China, where he was involved in a research project on network attack and defense.

The person behind the aliases and the email address is Gu Kaiyuan, who is now apparently an employee at Tencent, China’s leading Internet portal company, The New York Times reported on Thursday.

While we spend time on low hanging fruits like the Anonymous attack from the LulzSec crewz and Sabu. Come on this was an embarrassment and the FBI took it personal while the RSA (March 27, 2012 NSA Chief:China behind RSA Attacks: ( http://www.informationweek.com/news/government/security/232700341 ) and Locckheed Martin (May 31, 2011- Lockheed Martin Suffers Massive Cyber attack – http://www.informationweek.com/news/government/security/229700151 ) hacks from foreign nationalist hacking into our defense contractors was a much bigger deal but we ate up the LuLz and three months later we gave Loockheed Martin a National contract to protect our National electrical grid(July 27, 2011 – Lockheed Promised Electric Grid Security Contract – http://uscyberlabs.com/blog/2011/07/27/lockheed-promises-electric-grid-security/ ).

Now why is “gAtO going LoCo” over all this is because while all this madness is going on these professional hacks are being given to smaller countries and even smaller terrorist cells that can use these same tools professionaled managed and all in a box. How to Hack a Box going to your local nut case living in mama’s basement, another unemployed person with time on their hands and reading all about it. This is the bottom of the connect the dot contest. One lone person can with today’s tools develop, control and execute a massive cyber attack to any physical device that is connected to the Internet now that’s a cyber weapon

How many devices connected to the Internet that you know about??? -?— gAtO oUt. .

04/19/12

cracking encrypted admin password hashparty

gAtO fOuNd - this site in the .onion network. It a site were people get together and help others crack MD5 passwords hash. Since we know that MD5 is broken I don’t know why anyone would use this technology. There are many sites that allow you to crack MD5 hash (in the clearWeb) so for it to be inside ToR what’s the difference. It’s a community things and you get credits and “Cyber Fame” other can pat your back - gAtO oUt

Home of hashparty, the blackhat hash cracking feast!

Hello anonymous cyberpunk,

This site is here to help you cracking that one-way-encrypted admin password you want so badly.

How it works

When you register (which you only need a username and a hopefully strong password for), you get a starting contingent of 10 credits, meaning 10 hashes that you may add to the list where other hackers will try to crack them for you. If you want to add more hashes to the list, you need to close the circle by helping others cracking their hashes. For each cracked hash you get a number of credits which depends on the complexity and the “age” of the password. (For example, if you crack a loweralpha password with 8 characters that freshly arived on the list, you will get around 3 credits. If you crack a mixalphanumeric password with a length of 9 that has been around for some time, you will get between 8 and 24 credits.)

Because this service is dedicated to the sneaky, passionate attackers who want to stay undetected (and because I want to stay undetected, too), it is by now only reachable via the i2p darknet and as a TOR hidden service (addresses see below). However, since it lives from its user base and since you will also get better results the more people participate in the hashparty, I would like to encourage you to tell your fellow hackers about it.

By now, supported algorithms are: LM, LM (double), MD2, MD4, MD5, NTLM, SHA1, RIPEMD, MYSQL-SHA1, SHA224, SHA256, SHA384, SHA512, MSCASH

More might be added in the future, use Contact if you’re missing one.

What to do

To start the party, hit Register. Let the rooting begin! :-)

=-=-=-=-=-=-=-=-=-=-=-=-=-

http://3terbsb5mmmdyhse.onion/

04/15/12

How To Spy on Mobile Devices

gAtO fOuNd - this guide it looks interesting – Have Fun boy and gilrs

How to spy on a mobile

Following the broadcast of the show Forbidden zone April 10, 2011 on M6 treating the subject of monitoring in general (domestic, employees, children …), I received many questions on my blog software presented on video or more broadly the tools to monitor anyone with a phone that is like iPhone, Blackberry, Android or other …

You must install the Flash Player Plugin

Indeed, in the first part of the show, there are two men who installed monitoring software on the phones of their respective spouses. Before I give you an overview of the software used, it is important to note that these monitoring tools for mobile (or PC as SniperSpy ) are not only used for monitoring a spouse, they can be used to monitor their children for whom it is of concern, an employee to ensure loyalty to the company or the use he makes of his professional portable … This software can also be a way to be sure of finding his personal data, secure or locate his mobile in case of loss or theft.

To return the software presented, it is software Global GSM Control (French version of the software well known Flexispy ) and Mobile Spy (also known as Flexispy).

Be aware that these programs are very powerful and work in the background and are completely invisible on the monitored cell. They are compatible with many cell phone.

Each of these two software offers a range of diverse and varied features and prices obviously depend on the number of these features but also the duration of the subscription selected. Indeed, you can choose from subscriptions of 3 months, 6 or year for Mobile Spy , Global GSM Control meanwhile offers three versions and a license valid for 12 months (no subscription. Prices for these 2 software is reasonable in the proposed monitoring capability but also the price adjustment at the user’s need in terms of usage time he wants.

To return to the features, you must know that Global GSM Control is a monitoring tool for mobile phones more complete than SPY Mobile. Depending on version, it offers as an example a very powerful feature that is listening environment or listening live telephone conversations. Mobile Spy and Global GSM Control , as mentioned earlier, offer several modules adapted to the needs of each and budget. Among the features are cited: access to Email and SMS sent and received even those that were deleted, consultation with videos and photos stored on the phones, access to call history, GPS … For more details on features, I suggest you go to articles about each program ( GSM Global Control , Mobile Spy )

Note that to use for an iPhone, you need to jailbreak (Only the iPhone).

The blog presents only the software I tested and for which I have had positive feedback from users …

Feel free to visit the other blog posts for information and more information on these two latest software, or more generally on all the tools on the market and ESPECIALLY to know the users’ comments and avoid getting scammed .

Many people often ask me what my blog is the best spyware for a mobile phone?

I must say there is a wide selection online. A Google search will show at least a half dozen companies claiming to sell the best spyware!

For those of you who really want to know and get the spyware that stands as the best spyware

market, covering a range of features, the answer is simply the Global GSM Control software, the French equivalent (with online support and well detailed manuals in French) English Flexispy Software, best known on the market.

Global GSM Control you will, with his power, to do a lot of impressive things with the multitude of features it offers. Depending on your needs, Global GSM Control offers versions with the bare minimum of features espionage until the most complete version offering an arsenal of powerful tools. For you to assess your needs and make your choice!

In general, the features offered by the versions are:
(For more details on the contents of each version of Global GSM Control, visit the official website ):

* Interception of calls in progress * Listen environmental
* Spy SMS and Email
* The GPS Location

* Location Triangulation (without GPS you can know the position of the target phone with an accuracy of 5 to 10m)
* Read the Call Logs
Relay * Email (sending reports to your email address)

* Notification of change of SIM card (In case of change of the target phone SIM card, software GGC send you the new number via SMS so you can continue your spying)
* Control and configuration remotely with SMS commands (all software functions GGC are activated / deactivated remotely via SMS commands coded invisible, the frequency of sending the captured data and also configurable via SMS)

* Export reports
* Uninstall remotely via an SMS command
* Change unlimited phone target
* Quick and easy installation (5 to 10 minutes)
* Free updates
* 100% undetectable
* Copy cats BlackBerry Messenger
* Interception and copy cats WhatsApp Messenger (New! for iPhones and Android phones)
* Support in French competent and highly reactive
* Secured Personal Web Account

In view of all these features, its performance, manuals and quality of its support in French, the software is up to investment. Moreover, like any software for which I wrote an article on the blog, my test results on my iPhone were more than satisfactory, I will not hesitate to recommend it to anyone.

Mobile Spy: the first spy iphone, Blackberry, Windows Mobile, Android, LG, Nokia, Samsung, and iPad

Monitor the location of the target using the iPhone GPS thereof.
Read:Text messages (incoming and outgoing)The call history (incoming and outgoing) Em ails
The list of visited websites
List of Contacts

All this information … will be visible via a secure website with SSL technology.

How does it work?

Mobile Spy how it works

Dashboard: Web site whose identifiers are assigned at the purchase of Mobile Spy on which you can view all the data collected.

Once installed on an iPhone, Mobile Spy runs in invisible mode and no indication is given on the iPhone target. This SPYPhone runs in the background behind all other iPhone applications. Then all the activities of the iPhone are registered and silently sent to the user’s account. This information is viewable in real time as they are recorded including the full content of text messages, call records and GPS positions.

HOW MUCH does it cost? And where to buy?

1) annual license (12 months) for $ 99.97
2) semi-annual license (6 months) for $ 69.97 3) Quarterly License (3 months) for $ 49.97

NB: Mobile Spy is also available (with the same functionality) to:

Blackberry
All Windows Mobile phones
All Symbian phones (LG, Nokia, Samsung …) All Android phones
And now the brand new Apple iPad

PS: -> When you buy an annual license of Mobile Spy ($ 99.97), the PC Spy Sniper is offered. Sniper Spy is a spy software for PC that secretly records every keystroke, chat, moved to distance (you do not need access to the computer you want to spy), and control the target PC time real. (This allows you to spy on a PC in real time. Download files, view the browsing history, etc.).

iPhone Spy 4

UPDATE> November 8, 2010: The new software Global GSM Control is now compatible with iPhone 4 and with the functionality of listening environment and interception of live calls!

Mobile Spy ( www.espionnertelephone.com ) today announced the immediate availability of their iPhone spy software 4.

If you want to spy on an iPhone 4, Mobile Spy is the first software on the market today that supports the new iPhone 4. This was actually a lot of time considering the fact that the iPhone 4 was marketed about five months ago.

I know many readers have long sought an application that supports the iPhone 4. At least their wait is finally over.

So what are the features of Mobile Spy for iPhone 4?

The main features that I’ve tested:

GPS tracking – This feature allows you to secretly locate the iPhone 4 in real time. The results are then displayed on a map.

Secretly Read the SM S – With this feature you will be able to read all incoming and outgoing SMS. This works even if messages are deleted after they are read.

Secretly read emails – Mobile Spy software also allows you to read the incoming and outgoing emails. This also works even if the emails are deleted.

Secretly see the pictures – This feature allows you to view all photos taken by the iPhone 4.

View call logs – This lets you view all your call logs on the iPhone 4. Incoming, outgoing, caller name associated with the number in the address book, time and date.

See the history of web browser – see the URLs of websites visited by the user of the iPhone.

See the Contact List – This feature of Mobile Spy, you will be able to view all contacts stored on the iPhone 4.

Other points to note are:

The software operates in 100% undetectable. This means that the user of the iPhone 4 has no idea that Mobile Spy is installed.
The iPhone 4 MUST be jailbroken. To use Mobile Spy. This is now very easy to do and only takes a few minutes (see HERE how).

The iPhone 4 requires an Internet subscription. To download the information recorded.

WHERE TO BUY?

HERE (avoid buying Mobile Spy on other sites because there are many scam right now on e t n)

HOW MUCH does it cost?
1) Annual license (12 months) => $ 99.97 (annual version includes a free copy of their most

popular monitoring software for PC – Sniper Spy )
2) License semester (6 months) => $ 69.97
3) Quarterly License (3 months) => $ 49.97
NB: Mobile Spy is also available (with the same functionality) to:

The Blackberry
All Android phone
All Windows Mobile phones

All Symbian phones (LG, Nokia, Samsung …

And the new iPad

See if Mobile Spy is compatible with your phone HERE
Mobile Spy’s competitors are: software Global GSM Control (the most powerful spy software market) and Flexispy

SniperSpy 7

How are you able to record and track all activities on a PC remotely
make screen captures, record all conversations (MSN, YAHOO, GMAIL …) or exchange with the opportunity to achieve all this in real time, so live? Now you can with SniperSpy.

Personally, what I have enjoyed in this product is being able to watch live
what happens on the pc. with this feature, I can spy on the pc of my choice in remote connecting with the secure control panel and clicking on Live Control Panel.

I can then view and display all the recent documents, scan them, see what happens on the remote pc and better than that, I can download it from this pc.

One last thing and the most brilliant, SniperSpy offers the possibility of remote installation, which means that you will be able to install SniperSpy on any PC in the world.

* Product: SniperSpy
* Compatible with: Windows (98/98SE/ME/XP/NT/2000/Vista/windows 7) + MAC * Price: from $ 39.97 (~ € 32)
* Website Official

Categories: PC Monitor Comments (3)
January
01

Spy on a laptop with SpyBubble

SpyBubble

Here is a tested software that I wanted for some time for you to look back on its use. This is just my own assessment of the software. If you want more information or download the software, click the following link which will direct you to the official website

Through this article you will have access to the details of what can SpyBubble and answer the most important question: is it really works in comparison with the best known software market: GSM Control Globlal , Mobile Spy, or Flexispy Mobistealth. Then you will know before making your purchase if Spybubble matches your need or not.

What does Spybubble?

Spybubble is monitoring software that allows you to watch over the safety of your children, make sure you trust that you show your spouse, compliance with the commitments of your employees … or simply backing up data on your existing phone before you can retrieve them in case of loss, theft … This software monitors the activities of your phones and works automatically in a completely secure once installed. Below is a list of features offered by the software:

Call Monitoring: Whether incoming or outgoing, you’ll be able to find phone numbers, to get an idea of the frequency of these calls and to know the duration of each conversation Monitoring messages: You will be able to read all incoming and outgoing messages, even if they were deleted by the person in possession of the target phone. You can then see if your employee uses his mobile professional for personal or simply ensure the safety of your children or their surroundings

Monitor the location: SpyBubble also allows you to know and track the location of your mobile using Google Map. You will then know the exact location of the phone and then the person using it. Ideal for no longer any doubt about where your teens go …
Accessing the phone book: With this feature, you can easily inform you on the contact list stored in the phone

Undetectable software: You will benefit from these features by being certain that the software is 100% undetectable. Once installed, the software does not display an icon at the mobile.
Monitor multiple mobile: you’ll be able to monitor both unlimited mobile if you wish Spybubble is compatible with Blackberry, Android, Symbian S60, Nokia, Windows Mobile and on iPhones. It works on most smartphones on the market.

How SpyBubble?

SpyBubble uses advanced technology to record all activities of the mobile phone either text messages or phone calls. Then, the monitoring software sends this information using the internet connection of the target phone to a remote server where they are stored. You can then access them from any computer or your own mobile.

All you need to do is create your user account.

Once connected, you should install SpyBubble on the target phone by following these instructions:

Step 1: Complete your registration on the website SpyBubble. For this step, you will need to provide your IMEI number of the target phone (It occurs usually printed on a label on the phone battery. You can also post it on the screen by typing the following sequence on the keyboard : * # 06 #

Step 2: Open the Internet browser the target phone and download the software on the phone. IPhones for downloading the application is via Cydia (jailbroken iPhones need to be)
Step 3: Install the software SpyBubble by following the instructions in the Software Installation

Step 4: Restart the phone
Step 5: And connect to your personal space (the link to your personal space will be indicated in the email to purchase) to begin tracking activities.

You can also use the installation guide that will detail each step with illustrations and screen shots. This will also allow you to know exactly how to use your software.
Thus, once you have successfully installed SpyBubble on the target phone, you will be able to

monitor it.

Feature Summary SpyBubble …
• Registration of SMS sent and received
• Recording of incoming and outgoing phone calls
• Monitoring of activities on the Internet browser of the phone • GPS location to detect the location of the phone
• Access to the directory of phone contacts target
• Works anywhere in the world and 100% undetectable

Conclusion:
To summarize the results of this test, we can say that without being as complete as Global GSM Control in terms of features offered, SpyBubble monitoring software is reliable, that works perfectly and offers the basic monitoring functionality with a good value for money.

Spyware: 5 tips before buying a GSM Spy

Posted by spy gsm · Comments (26)

If you are considering buying a spyware for mobile phones to spy on your spouse (infidelity, lies …), or keep an eye on phone use by your children or perhaps in order to monitor your employees if you have any doubts, you should make sure to follow the advice below before making your purchase.

By following the tips below, you will be able to spy on your target and achieve your goals but if you neglect any of the advice, you will end up spending much money or being noticed by the person you were hoping spy.

Tip / Council No. 1: Make sure you have access to the target phone. There is no way you can install spyware without having physical access to the target phone. This is precisely the question asked by a number most people wishing to purchase a spyware: they always want to know if it is possible to install spyware without physical access to the target phone. Unfortunately, no matter what you hear, the answer is always NO, it’s impossible. If you come across a company selling this type of software which tells you that this is possible, I strongly advise you to close your browser and do not revisit their website because you will rip.

Tip / Council No. 2: Always make sure your target phone is a compatible phone. For a complete list of phones with spyware (mobile SPY here , Flexispy here , Global GSM Control here ) . Take the time necessary to verify that the phone of your target is on the list of phones that can support spyware. If your target has a phone that just came out, you will not just be able to find it in the list of phones accepting spyware. What you can do then is to perform a quick search on Google All you have to do is perform a quick Google search on the phone in question and see its features. If you see Symbian, Windows Mobile listed as operating system, then you will be sure you do not fool yourself by buying the spyware. If you are still unsure, contact me and I will do my best to answer your questions.

Tip / Council No. 3: Always make sure your target phone has an Internet connection to the information that the spyware records can be transferred and loaded onto your online account you set when you purchase the software. However, you will not need to ask all these questions because, to install the spyware, you will need to download it to your target phone and hence to have an internet connection for this purpose. Without an internet connection, this will not be possible. The good news is that nowadays, most phones have a connection and it is likely that your phone is also the target. You can verify this by simply asking the owner of the target phone to log Internet by going to the browser or google search a site like Ebay, Amazon, etc. … and if possible, then you have nothing to fear.

Tip / Council No. 4: You should also ask: are you able or comfortable with installing a phone application?. Install spy software for mobile is not an inherently difficult task but it requires a certain familiarity in terms of installing software or applications. You must ensure that you will not hurt to download software, install it, configure it to meet your needs. This process or these tasks will ask only 10 to 15 minutes total, maybe a little more for someone who uses it for the first time. In addition, make sure you take the time to read the installation instructions before you start handling the spyware to install on your target phone. Following this advice, you can identify the elements that you do not understand or that you are not comfortable and you can seek clarification by asking for advice or information to the software vendor.

Tip / Council No. 5: Make sure you know exactly what you need to achieve your goals. One thing that comes up quite often, is that most people are generally satisfied with the information they access with their spyware. However, they demand ever more desperate to find and market a spyware offering more features espionage. Therefore it is essential to know what you really need to achieve your goals. By purchasing a spyware, you want to monitor your spouse or partner because you doubt his sincerity? If yes, what do you exactly need to prove or disprove your suspicions? Do you need to hear live conversations? Or you will be content to simply read the incoming and outgoing messages in the target phone? Only you can provide answers to these questions. So before you spend a penny, make sure you know your needs. In pursuing this thought, you do not you break head to want to install a new software version and save your money.

If you follow the tips above, you will be safe in buying the spyware to make the right choice, a choice for your needs. When you decide to buy spyware, make sure you choose software sold by market leader in the sale of spyware. The companies listed below, are the sole suppliers of spy phone software in leading position in this market. Their software works perfectly well and are satisfactory for all who have ever used. These leaders are also known for their quality of service towards clients and their availability to answer all your questions and ensure the operation of their software.

Features offered:

Interception of calls in progress, Interception of calls in progress, Environmental Listen, Reading SMS, The Email, The GPS Location, Location by Triangulation (without GPS you can know the position of the target phone with an accuracy of 5 to 10m), Read The Call Logs, Email Relay (reports are sent to your email address), Notification of SIM change, Remote control with SMS commands, Export reports, Remote Uninstall, Change unlimited target phone, Updates day free, 100% undetectable, copy cats BlackBerry Messenger, Personal Web Account Secure

Great customer service, a money back guarantee within 7 days if dissatisfied.

Functions offered: Monitoring with GPS tracking, SMS interception, and view history of calls, emails, photos 100% undetectable. …

The ability to monitor multiple phones.

A money back guarantee within 30 days (if the support of the company can not run the software on your phone)

The spyware SniperSpy PC for free (including the ability to install remote control of PC Live, and more …) if you buy an annual license of Mobile Spy software.

Price: $ 49.97 – $ 99.97 USD

Link: click here

Categories: Scams , Spy Android , Blackberry Spy , Spy HTC , iPad Spy , iPhone Spy , Spy LG , Nokia Spy , Spy samsung , SMS Spy , FAQ , Flexispy , Global GSM Control , Mobile Spy , MobiStealth
Comments (26)

Blackberry Messenger Spy

I have good news for all those who have long sought a way to monitor BlackBerry Messenger chats. The spyware Global GSM Version Control Black (www.global-gsm-black.com) now allows you to spy and secretly read chat history of BlackBerry Messenger. Before this release, it was very difficult to read secretly cats BlackBerry Messenger, but with the new Global GSM Control software, the Log Reader cats BlackBerry Messenger is now a reality.

Below is the full list of all the features available on the Global GSM Software Version Control Black:

Reading Cats BlackBerry Messenger: this feature of Global Black GSM Control allows you to secretly read all of BlackBerry Messenger conversations.

The interception of calls live: it allows you to listen quietly and live calls made and received.

Remote monitoring: with this feature you can turn your phone into a listening environment of the Blackberry phone remotely.
Reading emails: to read all incoming and outgoing emails from BlackBerry target.

GPS tracking: to track the location of the BlackBerry in real time.

Read secret SMS messages: to read all incoming and outgoing SMS from the target phone.

Viewing Call Logs: you will see the history of all call logs.

Notification of SIM change: If the BlackBerry target different SIM card, you will receive an SMS notification indicating the new number.

Spyware 100% undetectable: Global GSM Control works quietly without icons or folders on the BlackBerry visible target.

Warranty: Global GSM Control Black comes with a warranty 7 day money back guarantee HOW MUCH does it cost? € 320
URL: www.global-gsm-control.com the gsm spy Flexispy is now available for iPhone 2G 3G 4G and the new 3Gs 4Gs!

Flexispy supports the full range of iPhones. This means you can now spy on the new iPhone 4Gs but also the old iphone 2G.

Here is a list of characteristics Flexispy iPhone:

* Intercept SMS. (Secretly records all SMS sent and received from the iPhone)
* The GPS location. (Hunt for the target location by GPS. This works on the 3G models 3Gs 4 and 4s)
* Interception of Emails. (Read secretly all incoming and outgoing emails from the iPhone)
* Remote control. (You can use SMS commands to control the phone remotely)
* Quick and easy installation. (Flexispy installation is very simple. Just download the software directly spy on the iPhone. No computer or cable required)

* Notification of SIM change
* The listening environment (When GSM is connected but is not being used, you can call the iphone, one will win automatically and will let you hear around the phone without this being visible to stakeholders present around the phone.)
* Interception of live calls (When the GSM communication, will send an SMS to notify you. Then you just have to call the GSM communication to secretly listen and direct).

Cost is from $ 149 (Flexispy LIGHT)
For more information or to buy ter Flexispy click here

Competitors are Flexispy: SPY Mobile , MobiStealth , and the new software Global GSM Control (the most powerful spy software market)

NB: Flexispy is also available (with the same functionality) to:

Blackberry
All Windows Mobile phones
All Symbian phones (LG, Nokia, Samsung …) All Android phones

I just downloaded my own copy, so I will test this spy gsm iPhone in the coming days to follow …

Have you heard of software called by many names, including:

E-stealth Blue Stealth PhoneStealth

BlueW are Cell Spy ClubMZ Arsenal

BigDaddySpy Bluetooth Spy
The e-stealth.com and other sites selling this product scam.

Check out some of the claims of E-Stealth.

1. It is compatible with any phone.
2. They say they do not explicitly support
3. They have a zero refund policy!
4. If you request a refund of your money, they say they can sue you for $ 10,000 you 5. The screenshots of their product is actually that of another product.

1 and 5 are in fact lies, and even their own manual says that all phones are not supported. The other points are illegal because they require you to waive your rights as a consumer.

What they do not tell you: They sell all just a set of free utilities from 2003. Even if your phone run the software, the phone you want to spy * must * accept a Bluetooth connection whenever you want to spy. That will never happen.

Categories: Scams Comments (1) Next Page »

Cyber threats the joker and the thief

gAtO FoUnD- the continued threat of vulnerabilities within Web applications, mobile applications, and outlines specific vulnerabilities with cloud-based implications. Also an alarming trend for security professionals, in the form of continued prevalence of critical application layer vulnerabilities, such as Cross Site Scripting (XSS) and SQL Injection. Though there are existing fixes for these well-known vulnerabilities, these flaws continued to dominate with XSS climbing to a staggering 38 percent of total Web vulnerabilities, increasing slightly from the second half of 2010. SQL Injection accounted for 15 percent of the total number of Web vulnerabilities.

Web vulnerabilities – In the first two months of 2012, 59 percent of all reported security

vulnerabilities were Web vulnerabilities

– In 2011, Cross Site Scripting (XSS) accounted for 38 percent of total

Web vulnerabilities

“As businesses worry about the next big security threat, they fail to realize the threats that are right in front of them,” said John Weinschenk, CEO of Cenzic. “From an industry-wide perspective, the fact that the amount well-known vulnerabilities continue to persist is a signal that education, diligence, and proper coding during the development phase are a necessity in today’s cyber world. Real change can only happen by adhering to these principles.”

Mobile vulnerabilities – A total of 89 mobile vulnerabilities were made public in 2011 and so

far in 2012 (Jan-Feb) 11 mobile vulnerabilities have been made public.

– Sensitive Information Disclosure (28 percent) and Session

Authentication and Authorization (28 percent) make up the bulk of the

vulnerabilities.

In recent report it is also details the vulnerabilities related to cloud and mobile device usage, noting a total of 89 mobile vulnerabilities were made public in 2011, while out of a set of 1201 publically reported vulnerabilities 855 had cloud-based security implications. As mobile devices continue to be used to access online cloud computing platforms, emerging hybrid vulnerabilities haved developed as well.

Cloud vulnerabilities – In 2011, out of a set of 1201 publically reported vulnerabilities 855

had cloud based security implications

– Specific security vulnerabilities were found in cloud-based

applications including EyeOS, OrangeHRM, The Parallels Plesk Panel,

Oracle Fusion Middleware, Batavi E Commerce, deV!ls ClanPortal, and

more.

The growing demand for cloud applications and mobile devices that access them is creating a unique problem. Each has its own set of security issues, but when used in tandem, they can produce hybrid vulnerabilities that compound threats and increase the complexity of secure coding. By exploiting vulnerabilities in a mobile application a hacker can open up an attack vector to a preexisting vulnerability on the cloud based application -gAtO oUt

04/8/12

Twitter API 4 Security Research

gAtO bEeN pLaYiNg -What Every Security researcher should know about the Twitter API is, it’s a gold mine and simple to use, just like google dorks this is twitter dorks. By using simple URL tweaking and Twitter search feature is all you need to do some cool twitter API magic.

The first thing is you need a little bit of URL_encoding – http://en.wikipedia.org/wiki/URL_encoding – In Twittter we can search for “@“ “#” @ is for username and mentioned in, and # hashtag is for any search term. People use hashtags all the time in tweet-ville it’s a culture thingy. Anyway a %40 = @ | %20 = “1 blank space” so we add

https://twitter.com/#!/search/%40gatomalo2

This does a basic search in Twitter for a User. Let’s add a little more vOdOo.

https://twitter.com/#!/search/realtime/%40gatomalo2%20%40securityaffairs

@gatomalo & @securityaffairs

https://twitter.com/#!/search/realtime/%40gatomalo2%20OR%20%40securityaffairs

@gatomalo2 OR @securityaffairs

Getting better eh… source: in Twitter API is the source that the user used to tweet. Let’s say they use the web, iPhone, TweetDeck and so on. .. yeah I added the location NYC for kicks.

https://twitter.com/#!/search/realtime/source%3Atweetdeck%20location%3Anyc

Let’s get down to it I want to look for associations with —#Anonymous and @Net_Anon or #Anonymous and @Anonymiss

https://twitter.com/#!/search/realtime/%23anonymous%20Net_Anon

https://twitter.com/#!/search/realtime/%23anonymous%20Anonymiss

#anonymous Anonymiss

Content tagged with Place & Geo

https://dev.twitter.com/tags/places-geo

The Geo-place worries me as much as other things that twitter collects but this is a valuable tool for any security person. I want to us the API for a “Threat Intelligence Reports” I hope to start publishing in a few months. I hope this gave you a little taste of what the Twitter API can do for you today —there is more power in that there API -gAtO oUt.

https://twitter.com/#!/search/realtime/to%3Agatomalo2%20

Cool trick,s tips and examples:

Good Tool 4 API

http://twitapi.com/explore/users-show/#result

1st base

https://dev.twitter.com/docs/using-search

examples

https://twitter.com/#!/search/%40gatomalo2

@ = %40

https://twitter.com/#!/search/realtime/%23gatomalo2

# = %23

http://en.wikipedia.org/wiki/URL_encoding

https://twitter.com/#!/search/%22tango%20down%22

https://twitter.com/#!/search/realtime/%40gatomalo2%20%40securityaffairs

https://twitter.com/#!/search/@gatomalo2

Example Searches

Query	Search URL to use
Tweets which contain @twitterapi and @anywhere	http://search.twitter.com/search.json?q=%40twitterapi%20%40anywhere
Tweets which contain @twitterapi not via	http://search.twitter.com/search.json?q=%40twitterapi%20-via
Tweets about Twitter HQ (place ID 247f43d441defc03)	http://search.twitter.com/search?q=place%3A247f43d441defc03
Tweets to @twitter created before the 7th May 2011 and within 25 miles of Twitter HQ in San Francisco	http://search.twitter.com/search?q=to%3Atwitter%20until%3A2011-05-07&geocode=37.781157,-122.398720,25mi

gatomalo2 until:2012-04-06

gatomalo2 source:tweet_button

gatomalo2 until:2012-04-06

Search Operators

In addition to the parameters listed in the Search API documentation, there are a number of operators you can use to modify the behavior of query.

Example

Finds tweets…

twitter search	containing both “twitter” and “search”. This is the default operator
“happy hour”	containing the exact phrase “happy hour”
love OR hate	containing either “love” or “hate” (or both)
beer -root	containing “beer” but not “root”
#haiku	containing the hashtag “haiku”
from:twitterapi	sent from the user @twitterapi
to:twitterapi	sent to the user @twitterapi
place:opentable:2	about the place with OpenTable ID 2
place:247f43d441defc03	about the place with Twitter ID 247f43d441defc03
@twitterapi	mentioning @twitterapi
superhero since:2011-05-09	containing “superhero” and sent since date “2011-05-09″ (year-month-day).
twitterapi until:2011-05-09	containing “twitterapi” and sent before the date “2011-05-09″.
movie -scary :)	containing “movie”, but not “scary”, and with a positive attitude.
flight :(	containing “flight” and with a negative attitude.
traffic ?	containing “traffic” and asking a question.
hilarious filter:links	containing “hilarious” and with a URL.
news source:tweet_button	containing “news” and entered via the Tweet Button

Twitter Places :

https://dev.twitter.com/docs/places/finding-tweets-about-places

04/6/12

Supply Chain Cyber Attack

gATO rEaDiNg - 2012 Maindiant “An Evolving Threat” and Trend-Micro LuckyCat ReDux reports. Great reading for any security geek but most important it’s about the business side of the hack. Take the old smash and grab of financial information and split town, process the financial windfall and party like it’s 2999. Now it’s more beneficial for the criminals to stay inside the victims servers and collect intelligence and espionage. Ok let the gAtO break it down for you, not as a criminal that’s easy, as a state actor I would go after AeroSpace, Energy, Shipping, Military Research, Engineering, India and Tibetan Activist… Wait a minute a India, a Tibetan Activist group, oh yeah you know it’s China but this is to be expected from China. Now the new spin is why would they go into a banks and use advanced persistent threats (APTs) hacks, well as gAtO understands it the Chinese have a shit load of MONEY— follow the money is not only an american thing it’s for every player in the world.

We have to look at the data through 3 different set of eye’s (magnifying glass with gAtO’s old EyE’s) but it’s still the same – Your data (ALL- your little company secrets) needs protection.

Here is the Score-Card your Business — versus – Competition, Government, Criminals, Hacktavist, Economic Espionage, Nuisance Hackers. On top of all this 94% of victims were notified by an external entity that they were hacked. If that doesn’t send chills down every board member in every company in the world, nothing does.

Here you are doing your business and let’s be frank some business well they walk a thin line sometimes like dumping medical and radioactive waste on a beach in New Jersey ( I know Snooki lives there) . IS your company maybe polluting the ground water for a 100 mile radius of the plant. This is not the information that they want hackers, or the press to get a hold of. “Remmember Rudolf Murdock News Hacking Empire- hey hack anyone for a buck”

Protect Customer Data yeah companies and governments want to protect it, but their little illegal/legal stuff companies do like hiding the report of the of shore oil well that just blew up and spilled all kinds of stuff all over the Gulf coast. These are the real thing that keep business people up at night worrying about hackers, it’s plain and simple cover your ass and let’s get that no bid government contract after we pay off the senator and we better encrypt that information…..

Hackers come in all flavors but if you look at the LuckyCat crewz these are very unique. Not only real computer scientist but marketing campaign and project management. They dual tier C&C (Command and Control), they use the victims supply chain to move laterally across trusted networks in order to be more invisible. Invisible takes a new trend here these hacker hide their code in plain site, they used older malware as insertion points sometimes and of course social engineering to gain access.

Bottom line these new hackers- they are business-men, -they are governments, -they are commercial criminals, -they are hacktivist or -they are a lone wolf hacker. Companies are finally getting the message. Protect your data, not just your customer’s data, but all your little secrets because if your online– someone is watching you and these can be a 15 year old kid or a Dual Master degree in computer technology that is unemployed or works for a government. Trust but verify takes on a new meaning now -gAtO oUt

lab notes - The report, which is based on hundreds of advanced threat investigations conducted over the past year, includes analysis, statistics and case studies that highlight how advanced and motivated attackers are stealing sensitive intellectual property and financial assets.

Malware Only Tells Half of the Story Organizations’ investments in malware detection and antivirus capabilities, while effective in detecting characteristics associated with common worms, botnets, and drive-by downloads, do little to help defend against targeted intrusions.

The use of these publicly available tools has added some complexity to identifying threat actors because when organizations identify a piece of publicly available malware they often cleanse the file and — in the process — obscure what could be a larger incident.

It’s unclear why banks wouldn’t already be looking for unusual settlement activity and conducting daily monitoring, but there it is. At any rate, “high-risk” merchants generally handle the dicey and vicey types of online commerce, such as Internet gaming, adult Web sites, rogue anti-virus software sales and online pharmacies. Might be a good idea to keep an extra close eye out for these types of unauthorized charges over the next few days

Recent Post

gAtO’s Twitter Weekly 2012-05-19

Social Engineering XBox Live Accounts

Will the Real th3j35t3r Please Stand Up

bitCoin Mining Scam

gAtOmAlO2 is @_th3j35t3r

Is AnonymousIRC TangoDown?

LulzSec Court Date Postponed

Written by Topiary -Lulz Lizards

gAtO’s Twitter Weekly 2012-05-12

MarkMonitor Internet Kill Switch or Wiretapping?

@gAtOmAlO2 tweets
Loading tweets ...
Follow @gatomalo2 on twitter.

-0-1-0-1-0-1-0-1-0-1-0-1-
Anonymous Anonymous Hackers AntiSec Black Hats China Attacks china cyber china espionage China Hack China security China Weakness Chinese Goverment cyber-spies cyber-thieves Cyber Blue Team Cyber Criminals Cyber Dissident Cyber Espionage Cyber Intelligence Cyber Monitoring Cyber Notebook Cyber Policies Cyber Policy Cyber Politics Cyber Reputation Cyber Revenue Cyber Strategy Cyber Study Cyber Threats Cyber Tools Cyber USA Cyber War Cyber Warfare Cyber Weapon Goverment Hackers Hacks Hacktivist human rights Information Warefare Infrastructure Internet -Player Notes to Myself Social Media US- D.Homeland Security White Hat

US Cyber Labs – Blog

Cyber Security Notebook

Category Archives: Cyber Intelligence

Will the Real th3j35t3r Please Stand Up

MarkMonitor Internet Kill Switch or Wiretapping?

FBI -Bitcoin Virtual Currency Report – UNCLASSIFIED

Digital Entry Through Your Back Door

A proposed expansion of surveillance authority is being pushed by the DoJ to counter what it calls its ‘Going Dark’ problem.

Cyber Weapons and Cyber Attacks

cracking encrypted admin password hashparty

How To Spy on Mobile Devices

Cyber threats the joker and the thief

Twitter API 4 Security Research

Cool trick,s tips and examples:

May 2012
M	T	W	T	F	S	S
« Apr
	1	2	3	4	5	6
7	8	9	10	11	12	13
14	15	16	17	18	19	20
21	22	23	24	25	26	27
28	29	30	31