NCA arrests South Tyneside men: Drugs gang ‘dismantled’

A gang selling ecstasy around the world on the dark web has been “dismantled”, police have said.

Two men from South Tyneside have been arrested on suspicion of importing and supplying drugs.

The National Crime Agency (NCA) has been investigating after parcels of MDMA destined for Europe, Asia and the USA were intercepted last summer.

Operations manager Martin Clarke said the gang had been “preying on the vulnerable and destroying communities”.

“This investigation shows that those who try to use the dark web and encrypted communication devices to anonymously commit crimes can be identified,” he said.

Drugs with a street value of £4.3m had been recovered, including MDMA, amphetamines and more than 6,000 Diazepam (alprazolam) tablets, the agency said.

Cryptocurrency money laundering

Officers seized mobile phones, computers and drug packaging paraphernalia.

Encrypted messages were analysed to identify those selling drugs and laundering money using cryptocurrency.

The drugs were being imported from Holland and then sold on the dark web under four names: HundredsUK, Hundredsandthousands, Sundaefundae, and 100and1000s.

Two men, aged 24 and 31, have been arrested in South Shields and Hebburn on suspicion of importing and supplying Class A, B and C drugs.

Officers searched other addresses in South Shields and an address in Epsom, Surrey.

The agency was still looking for two people from South Shields who are believed to be overseas, it said.

Source: BBC

Covid-19: Vaccines and vaccine passports being sold on darknet

Covid-19 vaccines, vaccine passports and faked negative test papers are being sold on the darknet.

Prices range between $500 (£360) and $750 for doses of AstraZeneca, Sputnik, Sinopharm or Johnson & Johnson jabs.

Fake vaccination certificates are also being sold by anonymous traders for as little as $150.

Researchers say they have seen a “sharp increase” in vaccine-related darknet adverts, while the BBC has been unable to verify if the vaccines are real.

The darknet, also known as the dark web, is a portion of the internet that is only accessible through specific browser tools.

Advert on dark net
image captionAn advert on one marketplace claiming to sell Covid-19 vaccines

Researchers at cyber-security company Check Point have monitored hacking forums and other marketplaces since January, when vaccine adverts first appeared.

They say the number of adverts they have seen has more than tripled to more then 1,200.

Sellers of vaccines appear to be from the US, Spain, Germany, France and Russia. 

The team found multiple adverts in Russian cyrillic text as well as in English.

The vaccines advertised include the Oxford-AstraZeneca at $500, and Johnson & Johnson and Sputnik each at $600, and Sinopharm at $750.

One seller is offering next-day delivery, saying: “For overnight delivery/emergency leave us a message.”‘

‘Buy two get one free’

Another advert on a hacking forum is offering fake negative tests and reads: “We do negative Covid tests, for travellers abroad, for getting a job etc. Buy two negative tests and get the third for free!”

vaccine passport advert
image captionVaccination passports and papers are being offered to let people travel freely who’ve not been jabbed

Some holiday operators require vaccination certificates for passengers.

A vaccine passport system is also being considered in the UK and could be used to allow visitors entry to venues such as bars, or sports stadiums.

European officials have also announced plans for a “Green Digital Certificate”. This would allow anyone vaccinated against Covid, or who has tested negative, or recently recovered from the virus, to travel within the EU.

It’s no surprise then that faked documents are being offered on the darknet for sale.

Check Point investigators found many sellers offering forged documents, including one supposedly from the UK, with a vaccination card for $150 using the hard-to-trace cryptocurrency Bitcoin as the payment method.

When they got in touch with the seller, the team were told that they just needed to provide their names and some dates for when the fake jabs occurred. The seller messaged: “You don’t have to worry…it’s our job….we have done this to many people and it’s all good.” 

Oded Vanunu, head of product vulnerabilities research at Check Point said: “It’s imperative for people to understand that attempting to obtain a vaccine, a vaccination card or negative Covid-19 test result by unofficial means is extremely risky, as hackers are more interested in your money, information and identity for exploitation.”

Mr Vanunu also told the BBC that his team purchased a dose of the Sinopharm vaccine from a vendor for $750 as part of their research, but are yet to receive it.

His team has told the BBC that they believe this seller was a scammer, but say others may or may not be selling real vaccines. 

Check Point is urging countries to adopt a QR code system across all vaccine documentation to make forgeries more difficult.

By Joe Tidy
Cyber reporter – BBC

Darknet crypto kingpin JokerStash retires after illicit $1 billion run: research

(Reuters) – The kingpin or kingpins of the world’s biggest illicit credit card marketplace have retired after making an estimated fortune of over $1 billion in cryptocurrency, according to research by blockchain analysis firm Elliptic shared with Reuters.

The “Joker’s Stash” marketplace, where stolen credit cards and identity data traded hands for bitcoin and other digital coins, ceased operations this month, Elliptic said on Friday, in what it called a rare example of such a site bowing out on its own terms.

Criminal use of cryptocurrencies has long worried regulators, with U.S. Treasury Secretary Janet Yellen and European Central Bank President Christine Lagarde calling last month for tighter oversight.

While terrorist financing and money laundering are top of law-enforcement concerns, narcotics, fraud, scams and ransomware are among the chief areas of illegal use of digital currencies, according to Elliptic co-founder Tom Robinson.

Joker’s Stash was launched in 2014, with its anonymous founder “JokerStash” – which could be one or more people – posting messages in both Russian and English, Elliptic said. It was available on the regular web and via the darknet, which hosts marketplaces selling contraband.

The darknet, or darkweb, is a part of the internet that isn’t visible to regular search engines, and requires a form of browser that hides a user’s identity to access.

Elliptic, whose clients include law-enforcement agencies and financial firms, estimates that JokerStash raked in more than $1 billion in profits in cryptocurrencies over the years, at current prices. Bitcoin has soared from just over $300 in 2014 to hit a record $49,000 on Friday, pulling up other coins in its wake.

The blockchain firm reached the over $1 billion figure by analysing the marketplace’s revenue and the fees it charged, and said it was at the lower end of its estimates.

In December, Interpol and the FBI seized the domain names used by the site, but it continued operating via the darknet, Elliptic said here. Cyber-security firm Digital Shadows also said in December that the darknet site remained live after the seizure.

Interpol did not respond to a request for comment. The FBI could not be reached outside regular business hours.

Trading illegal credit cards is “a billion-dollar business,” said Robinson. “It’s also providing a means of cashing out other types of cyber-criminality.”

On Jan. 15. Joker’s Stash posted a message announcing it would close permanently on Feb. 15. In fact it went offline on Feb. 3, Elliptic said.

“Joker goes on a well-deserved retirement,” said the message, which Reuters saw a screenshot of. “It’s time for us to leave forever.”

Accompanying it was a picture of the 1862 painting “Stańczyk” by Polish artist Jan Matejko, which depicts a court jester sitting forlornly in a bedroom as a party goes on in the background.

Watford man who tried to buy grenades on dark web sentenced

A fugitive who tried to buy grenades and Semtex explosive from an undercover FBI agent on the dark web has been sentenced to five years in prison.

Mohammed Humza, 29, of Watford, failed to turn up for his trial in October and was found guilty in his absence.

He did not appear for sentencing at the Old Bailey and is suspected of travelling to Kashmir.

Prosecutor Ben Holt said Humza was still at large and was “very much wanted”.

‘Indiscriminate harm’

Humza was convicted of attempting to possess an explosive substance for unlawful purposes between 14 July and 5 September 2016.

Mr Holt said the grenades Humza tried to buy had the potential to cause “indiscriminate harm” and could have been lethal.

The trial heard Humza, going by the username mh.nn243, had approached an FBI agent posing as a seller on dark web trading site AlphaBay.

In a message to the agent in July 2016, mh.nn243 asked: “What’s the best price you can do for 2 grenades with postage to the UK?”

He then offered to pay $115 (£89) per piece for four grenades and discussed payment methods, the court heard. 

In the exchange the pair also talked about the price of delivery to Hertfordshire, but the deal was not completed. 

In early August Humza got in touch with the agent again and the pair agreed a deal for two grenades, the court heard.

On 6 August, mh.nn243 then transferred cryptocurrency funds to be paid once the deal was completed.

Jurors were told Humza arranged for the goods to be sent to his address in Fuller Road but under his neighbour’s name.

After being told by the agent that he was out of stock of grenades the user attempted to buy Semtex and a fuse detonator.

‘Doomed to fail’

Sentencing, Mrs Justice McGowan said although the deal had been “doomed to fail”, Humza “did everything in his power” to get the device.

It was said on Humza’s behalf that he denied being the person in control of the mh.nn243 username.

The court heard that Humza had previous convictions for fraud and theft, but no terror-related offences.

Police had tried to trace Humza and had spoken to his estranged wife, girlfriend, parents and in-laws. the court heard.

Humza is described as being 5ft 8in tall, of medium build and is known to have links to Birmingham, Luton and Rochdale.