a visit to the darknet
DESCRIPTION
Presented by Dan Weis, Penetration Tester/Security Specialist, Kiandra IT Everybody thinks of the internet as a happy world where people connect, learn, share ideas and information and have some laughs. What most people don’t see is the layer of the internet nobody wants you to know about - the darknet. This presentation will walk attendees through some of the darknet's most dangerous sites where they trade in weapons, stolen data, accounts and payment cards, passports and botnets…amongst other things. Attendees will gain a real world look at where compromised data ends, and learn how to mitigate attackers gaining access to their Personally Identifiable Information (PII).TRANSCRIPT
![Page 1: A visit to the darknet](https://reader033.vdocument.in/reader033/viewer/2022061200/547708bdb4af9f52728b4847/html5/thumbnails/1.jpg)
The DarknetThe layer of the internet nobody wants you to
see…
Presented by:
Dan Weis
![Page 2: A visit to the darknet](https://reader033.vdocument.in/reader033/viewer/2022061200/547708bdb4af9f52728b4847/html5/thumbnails/2.jpg)
Who’s this guy?
Lead Pentester Certified Ethical Hacker, Licensed Penetration Tester, 23+
other certs Trainer/Mentor upcoming Ethical Hackers Underground Researcher Been in IT since 1995 in various roles both here and
internationally. 5+ years in security providing consulting, 3 years+ as a
pentester. Major Nerd
![Page 3: A visit to the darknet](https://reader033.vdocument.in/reader033/viewer/2022061200/547708bdb4af9f52728b4847/html5/thumbnails/3.jpg)
The Internet
6th August 1991 the internet was born (became publicly available) These days, 2.5 billion people inhabit the internet Most people think the internet is just this:
And occasionally this:
![Page 4: A visit to the darknet](https://reader033.vdocument.in/reader033/viewer/2022061200/547708bdb4af9f52728b4847/html5/thumbnails/4.jpg)
Disclaimer
The sites presented here are underground illegal sites
It is not recommended you visit these
Some are monitored by the feds (all are monitored by the CIA )
Nor do I support any of these sites or activities
They ARE dangerous sites
Seriously…know what you are doing..
Sandboxie, Java disablement, VM’s etc..
![Page 5: A visit to the darknet](https://reader033.vdocument.in/reader033/viewer/2022061200/547708bdb4af9f52728b4847/html5/thumbnails/5.jpg)
What is it?
The ‘Darknet’ is the hidden underground of the internet
It’s where Hackers, criminals, organised crime, political activists and whistleblowers operate
Usually only accessible through the Tor anonymizing software
Normally where blackmarket transactions are conducted
Had no search engine of any sort…. Until earlier this year….
![Page 6: A visit to the darknet](https://reader033.vdocument.in/reader033/viewer/2022061200/547708bdb4af9f52728b4847/html5/thumbnails/6.jpg)
Grams
Meet Grams, the Darknet’s first Search Engine It indexes 8 of the Darknet’s markets Keep’s track of the latest rate for bitcoin
currency, and allows you to filter items to display in bitcoins, USD, EUR, GBP
Sorts by relevance, similar indexing to Google So what can you buy?
![Page 7: A visit to the darknet](https://reader033.vdocument.in/reader033/viewer/2022061200/547708bdb4af9f52728b4847/html5/thumbnails/7.jpg)
Demo
A visit to the underground……
![Page 8: A visit to the darknet](https://reader033.vdocument.in/reader033/viewer/2022061200/547708bdb4af9f52728b4847/html5/thumbnails/8.jpg)
Hacking sites
![Page 9: A visit to the darknet](https://reader033.vdocument.in/reader033/viewer/2022061200/547708bdb4af9f52728b4847/html5/thumbnails/9.jpg)
HACKBB
![Page 10: A visit to the darknet](https://reader033.vdocument.in/reader033/viewer/2022061200/547708bdb4af9f52728b4847/html5/thumbnails/10.jpg)
Hacker hiring
![Page 11: A visit to the darknet](https://reader033.vdocument.in/reader033/viewer/2022061200/547708bdb4af9f52728b4847/html5/thumbnails/11.jpg)
THERE ARE LOTS MORE…
![Page 12: A visit to the darknet](https://reader033.vdocument.in/reader033/viewer/2022061200/547708bdb4af9f52728b4847/html5/thumbnails/12.jpg)
Thehiddenwiki.net
![Page 13: A visit to the darknet](https://reader033.vdocument.in/reader033/viewer/2022061200/547708bdb4af9f52728b4847/html5/thumbnails/13.jpg)
Deepweb link directory
![Page 14: A visit to the darknet](https://reader033.vdocument.in/reader033/viewer/2022061200/547708bdb4af9f52728b4847/html5/thumbnails/14.jpg)
Doxbin
Pastebin for Personally Identifiable information
![Page 15: A visit to the darknet](https://reader033.vdocument.in/reader033/viewer/2022061200/547708bdb4af9f52728b4847/html5/thumbnails/15.jpg)
IT’S NOT ALL BAD….For whistleblowers
![Page 16: A visit to the darknet](https://reader033.vdocument.in/reader033/viewer/2022061200/547708bdb4af9f52728b4847/html5/thumbnails/16.jpg)
Leakdirectory.org
![Page 17: A visit to the darknet](https://reader033.vdocument.in/reader033/viewer/2022061200/547708bdb4af9f52728b4847/html5/thumbnails/17.jpg)
![Page 18: A visit to the darknet](https://reader033.vdocument.in/reader033/viewer/2022061200/547708bdb4af9f52728b4847/html5/thumbnails/18.jpg)
The New Yorker
![Page 19: A visit to the darknet](https://reader033.vdocument.in/reader033/viewer/2022061200/547708bdb4af9f52728b4847/html5/thumbnails/19.jpg)
You don’t need tor to visit all sites
A lot of sites operate on the standard web But are located in countries that have laws that are….
lacking… Yes they are still watched by the Feds They go up and down often and change url’s frequently Require you to have anonymous currencies, such as
bitcoin and paid a fee just to browse Is where a lot of the stolen data ends up….
![Page 20: A visit to the darknet](https://reader033.vdocument.in/reader033/viewer/2022061200/547708bdb4af9f52728b4847/html5/thumbnails/20.jpg)
Indexeus
Indexeus.org 200 million identities+ and
expanding Indexes user account
information acquired from more than 100 recent data breaches
Including Adobe, Yahoo etc Lists things like email addresses,
usernames, passwords, Internet address, physical addresses, birthdays and other information that may be associated with those accounts.
![Page 21: A visit to the darknet](https://reader033.vdocument.in/reader033/viewer/2022061200/547708bdb4af9f52728b4847/html5/thumbnails/21.jpg)
![Page 22: A visit to the darknet](https://reader033.vdocument.in/reader033/viewer/2022061200/547708bdb4af9f52728b4847/html5/thumbnails/22.jpg)
Trade in stolen credit cards & dumps
![Page 23: A visit to the darknet](https://reader033.vdocument.in/reader033/viewer/2022061200/547708bdb4af9f52728b4847/html5/thumbnails/23.jpg)
Verifiedaccts.com
You name it…they sell it….
![Page 24: A visit to the darknet](https://reader033.vdocument.in/reader033/viewer/2022061200/547708bdb4af9f52728b4847/html5/thumbnails/24.jpg)
Pastebin...
![Page 25: A visit to the darknet](https://reader033.vdocument.in/reader033/viewer/2022061200/547708bdb4af9f52728b4847/html5/thumbnails/25.jpg)
![Page 26: A visit to the darknet](https://reader033.vdocument.in/reader033/viewer/2022061200/547708bdb4af9f52728b4847/html5/thumbnails/26.jpg)
So why are you showing us this?
To make you aware that there is more than what you realise….
![Page 27: A visit to the darknet](https://reader033.vdocument.in/reader033/viewer/2022061200/547708bdb4af9f52728b4847/html5/thumbnails/27.jpg)
Why...
And to ensure you don’t become a victim!
Change your passwords regularly Use strong passwords Don’t use the same password for everything! Use a current browser Ensure you are using an up-to-date, patched workstation Ensure you are using an adequate endpoint protection Stop clicking on things!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
![Page 28: A visit to the darknet](https://reader033.vdocument.in/reader033/viewer/2022061200/547708bdb4af9f52728b4847/html5/thumbnails/28.jpg)
![Page 29: A visit to the darknet](https://reader033.vdocument.in/reader033/viewer/2022061200/547708bdb4af9f52728b4847/html5/thumbnails/29.jpg)
If you do this…
![Page 30: A visit to the darknet](https://reader033.vdocument.in/reader033/viewer/2022061200/547708bdb4af9f52728b4847/html5/thumbnails/30.jpg)
Thanks!