A good friend and former colleague of mine asked me recently, whether I could give him a tip how to make 5M quick and easy. My answer was “Nothing I could think of which doesn’t involve a lot of nasty things and imply a long stay in jail”. But that’s not what I wanted to discuss here, although it’s somehow related:
We had a couple of talks at the DeepSec which shed a little light on the underground economy and I also started to take some dives into the “Deepnet” to get acquainted with jargon, topics, trends and so on. Btw: NO, no details on this: not what I have visited, not when or how I registered there, I don’t wanna get doxed (1), these guys can get nasty and we don’t need another tweet-drama.
But even in the shallow parts (I’m not really a “ultra-deep” diver, I just snorkel around the beaches) you will quickly stumble upon rather nasty stuff which will definitely imply a longer stay in jail. Besides of all sorts of entertainment which I can’t really approve of, recreational substances of organic and less organic origin through forged ID-cards and weapons you even find quite direct requests and offers for -how to put it safely?- doing harm to persons. Of course there is compensation associated with all that, monetary compensation which should be some sort of untraceable. I found several discussions and recommendations how to channel the cyber-money through a chain of payment systems of all sorts to get it out white and shiny with a little frictional loss, mostly because of transaction fees.
I do have a strong feeling that this is not everything, that would be too easy. Too open and too easy to infiltrate. Are there more options than webmoney, paypal, bitcoin and bitcoin-laundries? What are tools of the trade here? Anyone heard of “house-credit”? Are there fake invoices or forged identities for banking?
So: if you are brave and know something about that and feel confident to talk about this in front of a selected audience you should consider to submit a talk for DeepINTEL in late summer this year. We offer encrypted and/or anonymous communication via GPG and jabber if you are paranoid. And you have all reasons to be paranoid if you deal with such topics.
(1) Doxing: A common practice among hackers in which a hacker will publicly release identifying information including full name, date of birth, address, and pictures typically retrieved from the social networking site profiles of a targeted individual.