![]() ![]() ![]() These requirements are often referred to as “Anti Money Laundering & Know Your Customer” or AML/KYC and require customers to provide government-issued IDs to prove their identity. I can’t go to the bank and open an account using the name “anonymous” due to laws designed to prevent money laundering. This opens up the possibility of identifying individuals with the help of blockchain analysis tools. Transactions on the dark web often involve cryptocurrency in exchange for illegal goods and services. There have also been instances when dark website operators have used SSL certs or SSH keys, which can be tied to their true IP address using services like Shodan or Censys. Vulnerabilities such as these are uncommon and rarely utilized. Often these require pen-testing tools and techniques such as using Burp Suite to induce error messages containing the site’s true IP address. These vulnerabilities may exist in the software itself or be due to misconfigurations, but they can sometimes reveal the site’s true IP address. While not considered OSINT, there have been instances when technical vulnerabilities have existed in the technology used to host dark websites. When attempting to identify the individuals behind these sites and personas, various techniques are used. The Dark Web's anonymity attracts a variety of users, from whistleblowers and political activists to cybercriminals and terrorists. ![]() You can read the FBI’s Warrant here for details specific to this case, but it seemed like a good opportunity to write about how OSINT Tools can assist with dark web investigations. The operation, dubbed "Operation Cookie Monster," resulted in the arrest of 119 people and the seizure of over $1 million in cryptocurrency. On April 5, 2023, the FBI and Dutch National Police announced the takedown of Genesis Market, one of the largest dark web marketplaces. Immediately apply the skills and techniques learned in SANS courses, ranges, and summits ![]()
0 Comments
Leave a Reply. |