ICYMI: Tor criminals, the Apple 'virus' and InfoSec salaries
ICYMI: Tor criminals, the Apple 'virus' and InfoSec salaries

Tor dark markets hit by law enforcement

On Thursday, the FBI released a public notice which revealed that it had charged the perpetrator behind the Silk Road 2.0 website – a hidden website on Tor that enables more than 100,000 users to buy and sell illegal drugs and other unlawful goods. [Those with good memories will recall the original Silk Road, before it was taken down in October and Ross William Ulbricht, a/k/a “Dread Pirate Robert, was arrested.]

Blake Benthall, known online as “Defcon”, was arrested in San Francisco, California on Wednesday and was brought to a federal court just a day later with a charge that could face ten years in prison. He is said to have secretly owned and operated the underground website – which was ‘virtually identical' to the original Silk Road - since December 2013 and as of September this year, the website was lucrative business – generating at least US$ 8 million (£5 million) per month according to the FBI notice.

But this arrest was part of a much wider – and collaborative – law enforcement action between the FBI, the European Cybercrime Centre (EC3) and smaller agencies including Eurojust.

For Benthall's arrest, the FBI worked with HIS (a HIS agent acted in an undercover capacity to successfully infiltrate support staff in the administration of the website) but 24 hours later the EC3 released a press release of its own detailing its involvement in ‘Operation Onymous' – an effort to take-down 414 illegal websites operating on the Tor network.

Co-operating with the FBI, Eurojust and other law enforcement agencies – and with much of the work coordinated from EC3 offices in The Hague, the operation saw the arrest of 17 creators and administrators and the takedown of some 414 Tor dark markets. Roughly US$ 1 million (£630,000) in Bitcoins was also captured, as well as €180,000 (£140,000) and drugs, gold and silver.

WireLurker targets Mac, iOS – and Windows

Apple's Mac OS X and iOS devices have always been strong on security but it could argued that this is often overstated. The phrase ‘Macs don't get viruses' is a common misconception, for example.

That perception was shattered earlier this week though when Palo Alto Network's Unit 42 research team reported the existence of a new ‘WireLurker' malware family that was targeting iOS and Mac devices much like a traditional computer virus.

As the name suggests, the malware essentially spreads via wire but the first step is the compromise of Mac applications which can be downloaded from the popular third-party Maiyadi App Store in China which is often used by businesses to provision bespoke enterprise software. To date, Palo Alto Networks researchers say that 467 OS X apps have been infected, with these apps having been installed over 350,000 times.