Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
Security Crime

Crooks Reused Passwords On the Dark Web So Dutch Police Took Over Their Accounts (bleepingcomputer.com) 38

An anonymous reader writes: Dutch Police is aggressively going after Dark Web vendors using data they collected from the recently seized Hansa Market. According to reports, police is using the Hansa login credentials to authenticate on other Dark Web portals, such as Dream. If vendors reused passwords, police take over the accounts and set up traps or map the sales of illegal products. Other crooks noticed the account hijacks because Dutch Police changed the PGP key for the hijacked accounts with their own, which was accidentally signed with the name "Dutch Police." The second method of operation spotted by the Dark Web community involves so-called "locktime" files that were downloaded from the Hansa Market before Dutch authorities shut it down on July 20. Under normal circumstances a locktime file is a simple log of a vendor's market transaction, containing details about the sold product, the buyer, the time of the sale, the price, and Hansa's signature. The files are used as authentication by vendors to request the release of Bitcoin funds after a sale's conclusion, or if the market was down due to technical reasons. Before the market went down, these locktime files were replaced with Excel files that contained a hidden image that would beacon back to police servers, exposing the vendor's real location. Dutch Police was able to do this because they took over Hansa servers on June 20 and operated the market for one more month, collecting data on vendors.
This discussion has been archived. No new comments can be posted.

Crooks Reused Passwords On the Dark Web So Dutch Police Took Over Their Accounts

Comments Filter:
    • Re: (Score:3, Informative)

      by arth1 ( 260657 )

      they is?

      It is. It's American English, where group nouns usually take singular form in both determined and undetermined form.

      British English: Harrods are having a sale.
      American English: Macy's is having a sale.

      • Usually? No, not really. Not in my experience anyway.

        But what do I know? (I've been speaking (American) English for nearly 60 years. That probably doesn't count for much.).

        The Dutch police are is the correct usage, IMO.

      • by Anonymous Coward

        they is?

        It is. It's American English, where group nouns usually take singular form in both determined and undetermined form.

        British English: Harrods are having a sale.
        American English: Macy's is having a sale.

        NO!!

        American English:
        Macy's here is just one company or is being referenced to as a specific store that is having a sale.
        The police are using.. (They are a group of people, so is should never be used. Anyone using that is using it incorrectly or it could possibly be a region slang.)

        • by arth1 ( 260657 )

          The police are using.. (They are a group of people, so is should never be used. Anyone using that is using it incorrectly or it could possibly be a region slang.)

          I beg to differ. I think most Americans (with regional and personal exceptions) would say:

          Congress is debating...
          The military is bombing...
          The police is investigating...

          Personally, I would use "are", but my impression is that in the US, I'm in the minority.

          • Congress is
            Military is
            Police are raiding the trap

            Raised in Las Vegas and this is what I would say and everybody I know.

  • Legality (Score:5, Insightful)

    by Njovich ( 553857 ) on Saturday July 29, 2017 @05:52AM (#54903029)

    As a Dutch person I wonder what the legal basis is for all this. They are running illegal marketplaces, hacking into accounts on foreign services using data they got elsewhere, and exchanging data with countries like Thailand where people might get capital punishment for drugs related crimes. While going after black drug exchange markets is a good thing, it all gives the impression that they don't hold back. Dutch prosecutors say they have only done 'internal analysis' on the legality, which means that these actions have not even been approved by a judge. In emergencies this is allowed, but if a judge doesn't agree with any of this, or doesn't agree this was an emergency that enables doing this without court approval, Dutch police are committing a whole range of crimes here without legal backing.

    • We have some interesting court sessions ahead of us. I just hope the newspapers will understand what they are writing about.
    • ...like everywhere else. Which doesn't make it any better.
    • by Anonymous Coward

      It doesn't matter much whether its illegal or not. The question is whether or not it is a crime that is persecuted without petition (i.e., is just an Antragsdelikt). Just imagine the drug/weapon lord petitioning to persecute police like "they hacked my server I was using to sell drugs and weapons, here's all evidence needed...".

    • The post has a lot of problems. First, you don't "accidentally" sign your pgp key with "Dutch Police". These guys were amateurs that lucked into hijacking an existing site, then doing all they could to turn up information about the users of the site.

      While the site and its users are arguably "bad people", I agree with you that the evidence obtained may be very difficult to obtain successful prosecutions from. Has all the earmarks of an amateur investigation, if the info in the post is correct.

    • by gijoel ( 628142 )
      It's based on the very important legal concept of 'Quia Ego Sic Dico'
    • by golodh ( 893453 )
      The legal basis for all this is a recently adopted Dutch law that grants the Dutch police extremely wide powers to break into any computer system it believes is being used for criminal activities.

      Once this law has been triggered, the Dutch police are basically free to use all and any computer burglary tools on the market to gain access and/or control. And once inside the system they are allowed to collect any evidence they like, and transform the system into a honeypot if they feel like it,

      Note that the

      • by gweihir ( 88907 )

        Incompetent amateurs (the signature on the key) with the equivalent of nuclear weapons. Who thought this was a good idea?

      • by Njovich ( 553857 )

        The law you are talking about ('Wet computercriminaliteit III') has not been passed by the senate yet and thus cannot be the legal basis. The other parts are up to interpretation by the courts, it's quite possible that you will end up right about them.

    • by gweihir ( 88907 )

      Since this is about fighting evil people that want to put things in their bodies that the government does not approve of, it surely must all be fine!

    • by tlhIngan ( 30335 )

      Well, I'm sure the people involved can go and complain to the Dutch government and file lawsuits against the police for hacking and all that, then.

      Of course, I think the primary purpose is to disrupt the markets more than catch people - the people involved generally are in countries that won't have extradition treaties anyways. And if they are based in the usual Europe/North America first world country, well, they can always report the hacking to their local police who I'm sure will be more than happy to in

  • I do for ease of use. It's knowing when to use a unique one is the trick - to add: almost all of mine are unique.

    • I would think many use same the password. I do for ease of use. It's knowing when to use a unique one is the trick - to add: almost all of mine are unique.

      Why would you ever use the same password twice when there is KeePass [keepass.info]? You memorize one complex, annoying, long password which unlocks your database, then generate really really long, complex, annoying passwords (that tend to break the authentication software of many naively written websites) for each and every individual account. Everything goes into the database, with lots of nice metadata like the date of account creation and the recovery questions and answers. That way you can lie on the recovery answ

      • I would think many use same the password. I do for ease of use. It's knowing when to use a unique one is the trick - to add: almost all of mine are unique.

        Why would you ever use the same password twice when there is KeePass [keepass.info]? You memorize one complex, annoying, long password which unlocks your database, then generate really really long, complex, annoying passwords (that tend to break the authentication software of many naively written websites) for each and every individual account. Everything goes into the database, with lots of nice metadata like the date of account creation and the recovery questions and answers. That way you can lie on the recovery answers intentionally, and not have to worry about remembering which site you told which lie. (You didn't think my dog's name actually was AdmiralNelson did you?) About the only thing which doesn't go into the database is the passphrase for the encrypted volume in which I keep all my nuclear secrets. I memorize that one too.

        Linux tard :) I use acerose and have for many years. So buggy Wine program working site refused to post my "how to" :)

        As for my secret identity I use http://www.fakenamegenerator.c... [fakenamegenerator.com] and keep re-rolling it till my area code is close. (appears to be spam alone sides, all white space).

"How many teamsters does it take to screw in a light bulb?" "FIFTEEN!! YOU GOT A PROBLEM WITH THAT?"

Working...