FBI unlocks iPhone without Apple's help

The US Department of Justice has cracked the iPhone of one of the San Bernardino shooters without Apple's help  and has abandoned its attempt through the courts to force the company to assist.

Prosecutors withdrawing (PDF) the court motion for Apple to help crack shooter Syed Farook's iPhone 5C said: "The government has now successfully accessed the data stored on Farook’s iPhone and therefore no longer requires the assistance from Apple Inc".

The unlocking by the department, which has been acting on behalf of the FBI, comes after more than six weeks of growing tensions between technology companies and the law enforcement agencies. Led by Apple, tech companies and civil liberties groups have argued that the case represented a "dangerous precedent".

As a result of the FBI's claim that it had unlocked the iPhone, Apple said the "case should never have been brought". A statement issued by the company said it would continue to help law enforcement agencies with investigations where it could but it would also "continue to increase the security of our products as the threats and attacks on our data become more frequent and more sophisticated."

The security agency had asked Apple to create a new operating system -- dubbed GovtOS by the Californian company -- to allow electronic, rather than manual password submission, remove time delays between password entry attempts and bypass the erase data function on the phone. The US government had argued the court motion was essential and it needed Apple's help to access the iPhone.

Withdraw of the order to compel Apple to create a new operating system for the US government follows reports that the FBI was helped by a private security company; the day before the two sides were due to face off in court the DoJ filed a motion to postpone the hearing, as it had purportedly been made aware of a potential way to access the data on the phone of the killer.

 

 Read : http://www.wired.co.uk/news/archive/2016-03/29/apple-fbi-unlock-iphone-5c-court-order-dropped

Hackers are using “USB Thief” named Trojan to steal data

A new Trojan has been found by the security researchers of security company ESET. The Trojan found by them is a USB based Trojan. This is a widely used Trojan by hackers to steal the sensitive data of users these days. It is an insidious data stealer. It relies in USB devices to spread itself.

How it works?

It is not easily detectable Trojan. A special multi staged encryption process has been used by developers of this Trojan, which can protect this Trojan from Antivirus Tools. “USB-thief” is also capable to infect air gapped (that systems which are protected by Network Firewall or other security equipment) systems. From here you can guess, how much dangerous this Trojan is. This is a special designed Trojan, which could save itself inside the USB with file name “Win32/PSW Stealer.NAI”. When user attached the infected USB with his system, this Trojan will automatically run and start tracing all the activities done by user on his computer system.

Thomas Gardon is a malware analyst at ESET. According to him this is a new type of malware which he has noticed recently. This is a hard coded Trojan, which is using different methods to steal information as compared to all other Trojans. This Trojan has been intelligently coded by its developers because it does not leave any type of evidence behind it the hacked system. This Trojan is using only USB devices to do its works and it do not copy any type of file in victim’s computer system.

How “USB-thief” is storing itself?

It can store itself as a .DLL file. Dynamically Library Linked (DLL) files has been used by application as their plugins. These files works as a driver for the applications. In case of Mobile devices, this Trojan can modify itself and could store itself as program files of commonly used mobile applications such as Notepad++, TrueCrypt and Firefox. When user will launch these applications, this Trojan will automatically turn it on in background.

How to trace this Trojan?

According to Malware Analysts of ESET, it is very difficult to trace this Trojan. Even best tools are unable to detect it. The only reason behind this is, this Trojan resides on the USB device only and it will not do work by going outside the USB. This is a smart Trojan and does not leave any evidence behind. People should avoid to use that USB devices which were attached with untrustworthy third party computer systems and sources. This is the only way to protect your system from this dangerous Trojan.

Security Tips for Users to Avoid this Trojan

• Organise cyber security programs to aware your employees. More knowledge they will have, more secure their systems will.
• If the USB ports which are not in use, disable them. Hackers can use these ports to spread malware in to your systems.
• Do not attached that USB devices, which were attached with public systems. For example computer systems of a Cyber Café.
• Make some special rule sets in their systems to avoid malicious entries.

7 Iranian Hackers will spend their future in Prison

On Thursday, a Department of Justice indictment of US said seven IRANIAN hackers are responsible for near about 190 DDoS (Denial of Service) attacks, which happened between years 2011-2013. These hackers had targeted a number of US Banks and Dams. According to US Government, these hackers were working for Revolutionary Guard Corps of IRAN.

 

Why US is accusing these IRANIAN hackers?

These hackers were the IT professionals at two IRANIAN companies, Mersad and ITSecTeam. IRANIAN Government was paying to these hackers for conducting attacks on United States. All the seven hackers were professional hackers as they had targeted top banks of United States. Bowman Avenue Dam is a small dam in New York City. This dam was also hacked by one of these seven hackers. The control flow of water at that dam was in the hands of hackers.

Attorney General Loretta Lynch said at a news conference,” US Government will not allow any country, group and individual to destroy his financial systems. All countries could compete with US in free market with a fair competition.” Department of Justice said, these IRANIAN hackers had directed up to 140 GB data per second during DDoS attacks on banks of United States. Most of the attacks happened in September 2012 but after that US was facing a new DDoS attack every week. As these hackers were crashing servers of banks of US, but they were failed to steal personal information of bank customers.

 

How attackers were performing attacks?

As usual, hackers were performing these DDoS attacks with the help of a large network. All the computer systems of this network were first infected with Malware. Hackers were spreading malware through third party websites. Federal Bureau of Investigation (FBI) was doing work with internet service providers to investigate these attacks. At the end FBI said, hackers were using large bandwidth to upload more than 100 GB data per second on the bank servers of US. Now more than 90 percent computers are free from that network, which is called the botnet.

According to a report of DOJ (Department of Justice), the hackers are the members of two more Iranian hacking teams Ashiyane Digital Security Team and Sun Army. Sadegh Ahmadzadegan and Omid Ghaffarinia are leaders of these seven hackers. They are famous on Internet with the short names used by them “Nitr0jen 26” and “PLuS’ respectively. These are the guys who hacked into NASA also in 2012. DDoS attacks on banks were a normal thing and these were defend by Security teams but the attack on Bowman Dam was a thing of worry. According to an official, a person named Hamid Firoozi was obtaining unauthorized access into the systems of Bowman Dam between August, 2013 and September 2013.

US government have charged all the seven hackers for computer hacking offenses. All the seven hackers will face 10 years prison. The one hacker, who is responsible for Dam hack, will spend 15 years in prison.

17 million login credentials of Yahoo Japan are stolen

According to a report of Japanese newspaper “The Yomiuri Shimbun”, Metropolitan Police Department of Tokyo has found 18 million login credentials. More than 90 percent of this 18 million credentials, is related to users of “Yahoo Japan”.

How they found these login credentials?

Tokyo police found these stolen login credentials on a server of Tokyo based company. The name of the company is “Nicchu Shinsei Corp”. Therefore police had arrested the president of this company. A number of employees of this company are also in the custody of Tokyo Police. More than 17 million login credentials belongs to users of Yahoo Japan. Beside it login credentials of Facebook, Twitter and many local e-commerce websites are also included in it.

Most of these credentials are belongs to Yahoo Japan

According to Yahoo, all the affected accounts have been recovered by the company. Yahoo launched an emergency password reset program for its users. Security experts also found the logs of a “Brute Force Tool” on the servers of Yahoo. According to investigators, the server of Yahoo had also been used by hackers for illegal money transactions. Yahoo was in a big trouble.

Who is “Nicchu Shinsei Corp?

Japanese hackers were using services offered by this company. This company was selling these login credentials and many proxy services to hackers illegally. Hackers were using these accounts to invite internet users to visit third party fraud websites designed by them. Hackers were also stealing reward points of victims by accessing their accounts. This is not the first time that police have found stolen login credentials on the servers of local companies. Before this, 8 million stolen login credentials were found by Security Agencies of Japan last year.

An online cyber criminal community of Japan “Japanese Criminal Underground” is responsible for many cyber crimes which are happening in Japan. Japan's National Police Agency of Cybercriminals activities said in a report that , until March 2015 Cybercrime in Japan is increased 40 percent as compared to last year. Japan also suffered a major data breach in June 2015, which was related to Pension Service of Japan. Login access of more than one million pensioners, were in the hands of hackers.

“Japanese Criminal Undergroud” is very active and clever community of hackers, which are expert in selling and buying illegal products on dark web. Drugs, stolen login credentials, Credit Card info, phone numbers, child pornography,weapons and Duplicate passports are included in the list of these illegal products. The hackers of this hacking community were also targetting users of many Japanese banks, by spreading different types of Malware. Shifu, Neverquest, Brolux and Rovnix are some famous Malwares used by these hackers.

Hackers manipulated PLC settings at water treatment plant

Hackers manipulated the programmable logic controllers that managed the amount of chemicals used to treat the water to make it safe to drink.

Hackers breached a water company’s industrial control system and made changes to valve and flow control settings, Verizon revealed in its latest Data Breach Digest.

The unnamed water district had asked Verizon to assess its networks for indications of a security breach. It said there was no evidence of unauthorized access, and the assessment was a proactive measure as part of ongoing efforts to keep its systems and networks healthy.

Verizon examined the company’s IT systems, which supported end users and corporate functions, as well as Operational Technology (OT) systems, which were behind the distribution, control and metering of the regional water supply.

The assessment found several high-risk vulnerabilities on the Internet-facing perimeter and said that the OT end relied heavily on antiquated computer systems running operating systems from 10 or more years ago.

Many critical IT and OT functions ran on a single IBM AS/400 system which the company described as its SCADA (Supervisory Control and Data Acquisition) platform. This system ran the water district’s valve and flow control application that was responsible for manipulating hundreds of programmable logic controllers (PLCs), and housed customer and billing information, as well as the company’s financials.

Interviews with the IT network team uncovered concerns surrounding recent suspicious cyber activity and it emerged that an unexplained pattern of valve and duct movements had occurred over the previous 60 days. These movements consisted of manipulating the PLCs that managed the amount of chemicals used to treat the water to make it safe to drink, as well as affecting the water flow rate, causing disruptions with water distribution, Verizon reported.

An analysis of the company’s internet traffic showed that some IP addresses previously linked to hacktivist attacks had connected to its online payment application.

Verizon said that it “found a high probability that any unauthorized access on the payment application would also expose sensitive information housed on the AS/400 system.” The investigation later showed that the hackers had exploited an easily identified vulnerability in the payment application, leading to the compromise of customer data. No evidence of fraudulent activity on the stolen accounts could be confirmed.

However, customer information was not the full extent of the breach. The investigation revealed that, using the same credentials found on the payment app webserver, the hackers were able to interface with the water district’s valve and flow control application, also running on the AS/400 system.

During these connections, they managed to manipulate the system to alter the amount of chemicals that went into the water supply and thus interfere with water treatment and production so that the recovery time to replenish water supplies increased. Thanks to alerts, the company was able to quickly identify and reverse the chemical and flow changes, largely minimizing the impact on customers. No clear motive for the attack was found, Verizon noted.

The company has since taken remediation measures to protect its systems.

In its concluding remarks on the incident, Verizon said: “Many issues like outdated systems and missing patches contributed to the data breach — the lack of isolation of critical assets, weak authentication mechanisms and unsafe practices of protecting passwords also enabled the threat actors to gain far more access than should have been possible.”

Acknowledging that the company’s alert functionality played a key role in detecting the chemical and flow changes, Verizon said that implementation of a “layered defense-in-depth strategy” could have detected the attack earlier, limiting its success or preventing it altogether.

 

 

 

Cyber criminals steal $25 million from Russian banks

A cyber criminal gang stole $25.7 million (£17.8 million) from Russian banks in 13 attacks conducted between August 2015 and February 2016.

Buhtrap as the gang has been called by Group-IB used spear phishing emails to send infected Word documents to financial institutions. When opened, these documents downloaded malware that ultimately enabled the attackers to create fraudulent transfer orders so that the bank would unknowingly send money to accounts that the criminals controlled.

The threat of phishing

Banks aren’t the only institutions that are susceptible to phishing attacks. Whatever your line of business, phishing is a threat you need to take seriously: if one of your employees mistakenly opens a phishing email, your entire corporate network could be put at risk. This is why it is so important to ensure that your staff understand the threat that phishing poses and can recognise phishing emails.

Hackers compromising official email accounts using Olympic Vision malware

Hackers are running a Business Email Compromise Campaign in ASIA, MIDDLE EAST and US to steal money!

This is a malware based campaign and hackers are targeting head employees of companies.



According to a well-known security software company Trend Micro, Hackers are running a BEC (Business Email Compromise) Campaign with the help of Olympic Vision keylogger. Hackers are targeting companies of Asia Pacific and Middle East. Security Experts of Trend Micro have also seen some cases in United States too.

Hackers are using malware in a BEC (Business Email Compromise) attack, to hijack the email accounts of victims. If hackers successfully got the access of official’s email accounts, they are able to send emails for financial transactions. Hackers can also steal sensitive data of companies, but in this campaign they are focusing on financial transactions. These attacks have been traced back to Kuala Lumpur and Lagos, security researchers said.

In this attack, hackers mostly target that companies which are working with foreign suppliers and doing their transactions through emails. These payments are called, wire transfer payments.

How emails are compromised?
Hackers are targeting head employees of companies by sending them a malicious email. Hackers are sending a keylogger within the email. Once they got access of victim’s account, they tricks other employees, business partners and Suppliers to perform wire transfer payments. Hackers are spreading an “Olympic Vision” named keylogger through the emails. Hackers have targeted key employees of 18 different countries till the day.

Hackers are sending emails to business partners and suppliers from the compromised email accounts. In emails, they are writing that they there is a problem with your recent bank transfer. By tricking them, hackers are collecting important information related to financial accounts and then they are doing illegal transactions.
Actually hackers are running a BEC (Business Email Compromise) campaign in Middle East, Asia and United States. Hackers have high social engineering skills, therefore they are targeting employees with the help of spear phishing. Hackers are spreading info stealing malware to access the wire transfer payements”.

About “Olympic Vision” Malware
“Olympic Vision” Malware is available on Black Market, just for 25 Dollars. It is also not very advanced threat but it have many features due to which it is capable to steal a variety of important information from its target. It has two main functions. First, it records the keystrokes and second it is capable to take screenshots after few seconds in order to steal information, researchers also said that this is the fourth malware, which we have seen on BEC attacks.

Security Researchers of Trend Micro said that we are tracing the users of “Olympic Vision” keylogger and we have successfully traced the identities of two Nigerian bad actors. One from them was operating this malware from Lagos and the other one was operating from Kuala Lumpur.
BEC (Business Email Compromise) attacks are big threat for the companies. According to a study of FBI, companies had lost over a billion dollars in past two years just because of these attacks. 55 Millon US Dollars theft at FACC is biggest example of BEC attacks.

Read: http://www.cyberintelligence.in/Hackers-steal-55million-dollars-from-FACC/

 

Cyber Criminals Hijack BBC, MSN and NYT Websites

Mainstream Websites including AOL, BBC and The New York Times Become Targets of Malvertising
A number of popular, high-profile websites have become targets of an extensive malvertising campaign. The websites attacked include many big names such as MSN, AOL, BBC, and The New York Times. Remember, this is not the first time for MSN to serve malicious adverts. In January 2015, the portal was dropping malware user PCs as part of a sophisticated malvertising campaign.



Malwarebytes reported that the malicious ads appeared out of nowhere and suddenly all the big publishing house websites got hit by it. The list of websites is pretty long as it included newsweek.com, my.xfinity.com, realtor.com, theweathernetwork.com, and thehill.com, etc., apart from the ones mentioned above.

This new wave of malvertising campaign involves installation of crypto-ransomware along with other malware through adverts on these websites. When users visit these sites, the malware easily gets transferred onto the users’ computer system.

Through such tainted ads, computers of hundreds and thousands of internet users have become affected. The malvertising campaign was identified by security firm Trend Micro and the details were revealed in its official blog post.

How it all started?

This campaign started off previous week with laced banner ads being pushed via an infected ad network and spread through Angler toolkit, Microsoft Silverlight and similar commonly used software.

Trustwave’s SpiderLabs group also published a blog post in which it was revealed that a JSON-based file is being distributed through these tainted ads. The file contains around 12,000 lines of code. When deciphered by security researchers, it was discovered that this obfuscated code enumerated a wide range of security tools and protocols, which it can avoid to remain unidentified.

According to Dabiel Chechik, Rami Kogan and Simon Kenin from SpiderLabs: “If the code doesn’t find any of these programs, it continues with the flow and appends an iframe to the body of the HTML that leads to Angler EK [exploit kit] landing page. Upon successful exploitation, Angler infects the poor victim with both the Bedep trojan and the TeslaCrypt ransomware–double the trouble.”

The infected ads aren’t only appearing on publishers or news websites but also on sites like answers.com and infolinks.com.

The domains from which these ads are being launched are associated with infected ad networks such as the most commonly appearing domain name is brentsmedia[.]com. trackmytraffic[c], biz and talk915[.]com, evangmedia[.]com and shangjiamedia[.]com.

It is being speculated by researchers that the attackers are making use of domain names that contain the term Media to make their infected domains appear as legitimate.

How to stay protected?

This campaign, however, highlights the important role that smart browsing plays in preserving our privacy and security while surfing the web. To avoid being exploited by malicious actors, security experts urge users to decrease their “attack surface,” which refers to uninstalling software like Oracle Java, Adobe Flash, Microsoft Silverlight, etc. In fact, users must delete all kinds of third party browser extensions that are unnecessary. Moreover, to ensure safe browsing, users must immediately install updates using the 64-bit Chrome version.

Android users be careful about Android Marcher Trojan Malware

Scammers are sending Porn Links for Spreading “Android Marcher Trojan”!

According to Security Researchers of Zscaler, scammers are sending porn themed links to Android users for spreading “Marcher Trojan”. Scammers are sending these type of links through emails and SMS to users. When users click on it, a window occur with an update of Adobe Flash Player. This update is Marcher Trojan in actual.

Scammers are very smart. They know that there is need of Adobe Flash Player plug-ins in Android devices to play a video clip. Users takes that Adobe Flash Update as legitimate one, but he didn’t know that he is downloading a Trojan. Security researchers of Zscaler said that scammers are running this campaign by sending 50 different types of links to the users.

How Marcher Trojan works?

This Trojan has been designed by the scammers to steal the financial information of the users through a phishing page. Scammers have designed a payment page, which look likes the legitimate payment page of “Google Play Store”. When user is interested to buy any application or products, this phishing page occurs and user fills the details of his credit card. This Trojan is also capable to steal the financial information with the help of already installed official bank apps. In that case, when user opens the official application of any bank, this Trojan superimpose a fake login page. This fake login page looks like original login page. When victim will insert his financial information, scammers will monitor that information with the help of Command and Control servers (C&C Servers).This Trojan is smart enough to hide itself behind the program files of Android Devices.

Deepen Desai is Head of Security Research at Zscaler and he told that, this fake phishing page looks like original payment webpage. This page occurs with a warning,” You will not be charged unless you make a purchase”. It is enough to Trick a normal user for stealing his financial information.

Researchers also said, “In many cases we have seen that this Trojan is asking the users to download “X-Video” application. This video application is rated as a safe application from Android team of Google. Scammers are using this trick to convince the users that they are filling their credit card information at right place.

How to avoid this Trojan?

According to researchers and security experts, always installed the applications from trusted application stores such as “Google Play Store”. All the third party application stores are full of malwares. Users can also avoid this Trojan by making a little change in their android device follow the steps.

Settings> Security> Install apps from Unknown Sources> Disable

Users Security Tips on Fighting Ransomware

What is ransomware?
Ransomware is a malicious software that cyber criminals used to lock the computing device or the files stored thereon. When your device is infected with ransomware, it displays a message through a pop-up window, webpage, or email telling you that your device or files have been locked and you have to pay before you can access them again.

As there is no promising way to decrypt the affected files, it is important to avoid your device from being infected.

How to protect your device?
Beware of suspicious email. Do not open suspicious web links and attachments, especially compressed files (.zip,.7zip) or executable files (.exe).
Install security software and update to the latest signature.
Backup the important documents instantly and regularly. Keep the backups in a safe location to avoid being affected by malicious software.

If unfortunately your device is infected by malware, you are suggested to:
Isolate and disconnect the infected machine immediately to avoid further damage.
Download Microsoft Safety Scanner and perform a complete scanning to remove the malware.
Restore the files and data from backup.
If no backup has been done previously, do not restore the system to avoid losing information required for decryptions.
NEVER pay the ransom as there is no guarantee that the attackers will unlock your files!

 Source: OoPpSs Group & Malware Securities

Cyber Security Tips for those who travel too much

Business traveler is a person who visit many countries and states for his business. Security is a must for this type of business men because they often carry both business and personal sensitive data with them when they went out. This data could be present on smartphones, laptops and many other devices. A single mistake can lead the all business to a great risk. So here are some security tips for Business Travelers:


1. Use Public Wi-Fi carefully

There are different rules and regulations for cyber security in different countries. Public Wi-Fi is used by every type of persons. Public Wi-Fi provided by them is a good facility for all but it could be vulnerable also. There is a need to understand about the security risks before using a Public Wi-Fi. Always ask the hotel and other place's management where you want to use Wi-Fi, about the protocols used by them and avoid unencryted Wi-Fi networks. If you want to use them then do not access sensitive data through these Wi-Fi networks.

2. Avoid Location Sharing on Social Websites

We often see that business travelers often share updates on social websites that they are going here or there etc, as well as they share their locations also. It can cause a big problem. Cyber Criminals will notice that your locations and they will get a chance to play with your personal belongings. They can perform many spy activities when you are not at your place. Which could lead you at the theft of your personal things. Avoid this type of activities to keep your belongings safe.

3. Always use passwords for your devices

Set a strong password for your devices like smartphones, tablets and laptops. These password techniques gave a strong security to your devices and protect your sensitive data from the criminals. By chance if you misplace your device then it will be difficult for anyone to byepass the password.Always set a complex password using special characters and numbers. Change the passwords at regular times.

4. Use an Antivirus

Always use an Antivirus tool in pro version to protect your data. Here the meaning of pro version is that every paid antivirus tool is a good security technique against data theft. Also update the antivirus tool on proper times. Avoid to use free antivirus tools.


5. Disable Auto-Connect feature on your device

Many phones have a functionality of auto connect, when it found a Wi-Fi network. It is a good feature but it have many drawbacks as well. Cyber criminals can trace your sensitive information if your device is connected to an unencryted Wi-Fi network unfortunately. Your little mistakes harm your business at large scale. Keep the settings of your devices in such a way that every time they ask you before connecting itself to Wi-Fi network.

6. Update Operating Systems of your devices at proper times

If Updates are available for any software or operating system, it means there are some changes make by the company to make the software more efficent. So whenever you notifications about Operating Systems updation, update it immediately. According to the security experts, every outdated software is a malware.

7. Disable Bluetooth auto connect feature

Like Wi-Fi auto connect feature, Bluetooth auto connect feature can also cause problems. Signals of Bluetooth can come from anywhere, so it is your head-ache to keep your devices away from it. Cyber criminals can use these type of tricks to hack your device. Always keep off the bluetooth feature of your device. Only turn it on when you need to share data from a trusted Bluetooth network.

8. Do not hand over your devices to anyone

In today's world, you can't trust anyone whom you don't know. During traveling if you need to go somewhere, do not hand over your belongings and devices to anyone.

German hospitals being held ransom by cyber attackers

Core healthcare services and internal systems at two German hospitals have now also been disrupted by ransomware attacks.

One of the hospitals, Lukas, has reportedly reverted to phone calls, faxing and physical record-keeping for the past few weeks, while the IT systems have been offline.

The hospital has also postponed high-risk surgeries until systems are up and running.

Fortunately, the IT team at Lukas performs regular backups, but there is a possibility that some data and patient records have been lost.

Another hospital, Klinikum Arnsberg, confirmed that it was targeted in a ransomware attack via an email containing malware. Instant action taken by their cyber security teams resulted in the hospital containing the damage: the virus was detected in one server and the other 199 servers were immediately switched off to prevent any further contamination by the malware.

So far, both hospitals are refusing to pay the ransom. Deutsche Welle, a German publication, reports that it will “take weeks” for the hospitals’ systems to be back to normal.

Why are ransomware attacks growing in popularity?

Ransomware attacks are particularly ruthless because criminals do it purely for financial gain, and the outcome is usually that the victims pay up to avoid even longer delays and higher expenses, despite trying to fix the problem themselves.

Ransomware is also easy to deploy, through malicious links in phishing emails or on social media sites. Once a victim’s computer is infected, the malicious code locks down systems and encrypts files. The victim’s computer will then display a new holding screen, demanding a ransom in Bitcoins in exchange for a key to decrypt the files.

No single cyber security solution

No single cyber security solution is sufficient to protect an organisation from a cyber attack. The evolving nature of cyber crime requires the implementation of a holistic and comprehensive management system that constantly adapts to the evolving cyber crime landscape.

“Darknet Operators” have been arrested by Security Agencies

Law enforcement agencies of Germany, France, Netherlands, Russia, Bosnia, Lithuania and Switzerland run a combined operation to find out the operators of Darknet, who deals in illegal products and services like Weapons, counterfeit money, Drugs and Fake IDs etc. Under this operation security agencies arrested 9 criminals which were dealing in above illegal products. When agencies were searching for the operators, they raided in more than 60 homes and business areas.

During this raid, security agencies of 7 European Countries seized near about 2,00,000 Euros in cash, illegals drugs, pirated DvD’s and many other illegal products. A number of servers and Computer systems have also been seized by security agencies on which these illegal services were going on.

Following Suspects have been arrested by Security Agencies:

1. 36 kilogram Amphetamine, 2kg of hashish, 1.5 kg of cocaine and 2 kg ecstasy pills have been found by security agencies from 2 Syrian brothers.
2. A guy of 27 year old has been arrested by Bosnian Police, who was working as an administrator for three Darknets.
3. Two brothers of German have also been arrested by security agencies, who was dealing in pirated movies and other sport shows.
4. German police also arrested a 22 year old boy, who was dealing in illegal drugs.

According to German Police, arrested suspects were exploiting the Darknet to provide illegal services. Most of them were dealing in Drugs and Weapons. Some on them were providing illegal documents from Italy, Netherlands and Germany. It was second shared operation of European Law Enforcement agencies, in which they also arrest those criminals who were selling stolen credit card data and financial data. Some of them were providing illegal hacking services.