Ex-Israeli agents want to shine a flashlight on the dark web

You wake up one morning and rush to the ATM, only to find that your bank account balance has fallen to two digits. Hundreds of dollars have been withdrawn overnight at several ATM machines in Kiev, Ukraine, even though you live in Israel. Most mysteriously, your ATM card has been in your wallet the entire time.

“Welcome to the dark web,” says Avi Kasztan, CEO and co-founder of Israeli cyber-Intelligence firm Sixgill, when he hears this true story, which happened to a Times of Israel staffer. “What you describe is the tip of the iceberg.”

Kasztan, a Uruguay native and Technion graduate, founded Sixgill in 2013, along with former top brass at Israel’s intelligence agencies, to combat the secretive digital underworld known as the dark web, where expert hackers, under cover of anonymity, buy and sell the bank account information and personal data of the unsuspecting public.

According to one estimate, one in two Americans has been the victim of a cyberattack.

“There are cyber gangs, criminal organizations. One person might steal one piece of information, another person another. Then they buy and sell it.”

So for instance, if you’re a cybercriminal in Ukraine and you have access to a target’s bank account information but you need the PIN number, you might be able to find someone selling it on the dark web.

Then all you have to do is counterfeit the ATM card, which says, Sixgill, involves a relatively inexpensive machine. Even Bill Gates has had his ATM card duplicated, allegedly by a hacker from Bulgaria.

But according to Kasztan, stealing from people’s bank accounts is minor league. In addition to the widely reported arms, drug trafficking and pedophilia rings, some of the most common crimes originating in the dark web include identity theft, cyber extortion and reputation damage.

“Someone can take control of your computer and resell that—it’s worth a lot of money. They can steal your identity and take loans out on your name. Then you have to prove that you didn’t take out the loan. They can ruin you—and you won’t be able to get out of it.”

But there’s worse.

“They know where you live, who your spouse is and the names of your kids. They can send a photo of someone you love and ask for money.”

What’s for sale on the dark web?

According to US-based cybersecurity firm Trendmicro, a fake US passport goes for $5,900 on the dark web, while the usernames and passwords of 100 eBay or PayPal accounts cost $100. The murder of an ordinary person is advertised for $45,000 while the murder of a celebrity or politician goes for $180,000 on the website of a criminal group calling itself C’thulhu.

Obviously, cyber criminals do not transact by posting their offerings on Facebook or Craigslist, or messaging each other on WhatsApp.

Instead they use encrypted networks like Tor, the Invisible Internet Project and Freenet. They meet in online forums, many of which are closed and which you gain access to only if you know someone who knows someone.

“In real life, if you want to join the mafia, they will say, okay cut your finger and prove you are serious. On the dark web, they say, ok, go hack this bank and prove that it was you.”

The Hebrew news site Ynet described Darkode this way: “Hackers couldn’t just log onto the site. They had to be vouched for or nominated by at least two current members to be able to buy, sell or solicit illegal wares or services on the site, authorities said. Hackers also had to present an example of their work which includes proof they hacked websites and caused harm, while leaving a personal signature.”

Honor among thieves

According to Kasztan, there are friendships and social networks, all within the dark web, and these networks are international.

“You have Chinese, Americans, South Americans, Israelis, Europeans, it’s everywhere.”

Indeed, last month Israeli police arrested three hackers ages 19-20 for participating in the dark web marketplace Darkode. Two of the hackers allegedly took over e-commerce sites and stole credit card information, which they then sold in exchange for Bitcoin. A third hacker, from the Israeli Arab town of Umm al-Fahm, allegedly also used the website to pass on classified information to terrorist groups.

According to Ynet, the three arrests were part of an international FBI sting which led to the arrests of 70 hackers in 20 countries: the United States, the United Kingdom, Australia, Bosnia-Herzegovina, Brazil, Canada, Colombia, Costa Rica, Croatia, Cyprus, Denmark, Finland, Germany, Israel, Latvia, Macedonia, Nigeria, Romania, Serbia and Sweden.

The Israeli police responded to a query from The Times of Israel about dark web activity with a statement saying: “We do not give out data about [the scope and kinds of dark web crimes in Israel] but all fraud, and in particular credit card fraud, is investigated in a professional and dedicated way by all police units with an emphasis on district fraud units. We also have experienced teams of cyber investigators, including the national Lahav 433 unit, whose activity has led to the exposure, arrest and indictments in a wide array of cases as well as to the thwarting of cyber crimes.”

How Sixgill stops hackers

“Keep in mind that about 95 percent of the Internet is not indexed by regular search engines,” says Kasztan. “When you Google something, that’s about 5 percent of the Internet.”

What Kasztan is referring to is the deep web, the hidden part of the internet, which is not necessarily secret but is not searchable with regular search engines. The dark web, on the other hand, is an application layer and protocol that enables people to communicate in an anonymous and encrypted way.

“We have a technology that enables us to discover and crawl the valuable places of the dark web, and understand the people behind it. We are able to see things before they happen.”

When asked exactly how his technology listens in on hackers’ conversations, he obfuscates: “I can’t really tell you. We have state-of-the-art-technology.”

Sixgill is a B2B company, meaning its customers are other businesses. It doesn’t work with individual victims of hacking, who are pretty much passive victims.

“If you’re the victim of a bigger scam, it’s not in your hands to solve that.“

Instead, he said, the best you can do to protect yourself is to be careful when you enter your details into a website.

“Make sure the URL is correct and you’re not the target of a phishing scam. In addition, the URL should start with https (as opposed to http), which means it’s encrypted when sending sensitive data.”

Beyond that, use your common sense.

“If you get an email that you won the lottery, don’t touch any attachment, even an email from one of your friends, if it seems strange to you.”

But if you are the victim of a cybercrime, Kasztan says the first thing is to report it to the authorities, “your bank, credit card company and the police.” Beyond that, he says, it would be advisable to format your computer (uninstall and reinstall the operating system) as well as update your antivirus protection and change all of your passwords.

What kind of person commits cybercrimes?

Money is one motivation, says Kasztan, but is not the sole one. Most hackers have skills that are in high demand, he says, and could easily get a well-paid job in the software industry.

“Some criminals are rogue employees within organizations. You hate someone in your organization and want to cause damage and make money in the process. A lot of teenagers do it just for the thrill of it.“

Kasztan says that some hackers are regular people with jobs who hack late at night when their spouse and children are asleep.

Is cybercrime safer than real crime?

Katzen describes an apocryphal story of a guy who hired a dark web assassin. “He was divorcing his wife and he offered him money to kill his wife. Two days later he got phone call. ‘You made an offer—but your wife called to offer more than you. Do you want to make a better offer?’”

Katzen has no idea if this story is true, but it illustrates the point that despite the illusion of safety, virtual crimes can come back to bite the perpetrators. As for who commits them, he says it cuts across geographical and demographic divisions, with the common denominator being that most dark web criminals “are really, really smart.”

“Give people the possibility to be anonymous and have no rules — what kind of people do you think are attracted to that?”