Dark web goldmine busted by Europol

By John E Dunn

What’s the safest way for a criminal to buy counterfeit banknotes?

Curiously, it’s not necessarily from the dark web, as 235 people now “detained” by police have just discovered.

According to Europol, between 19 November and 3 December police forces in 13 countries searched 300 properties, uncovering caches of drugs, guns and knives, along with computer wallets containing Bitcoins and the hardware needed to mine currency.

About 180 of the searches were in Germany, with 28 in France, and 20 in Italy. Others took place in Croatia, Cyprus, Finland, Ireland, the Netherlands, Portugal, Spain, Switzerland, and the UK.

To prove the adage that you never know what you’ll find until you look, German police even stumbled upon two facilities for growing marijuana, one cannabis plantation and a second counterfeit euro print shop.

The entire bust stemmed from the arrest in Austria in June 2018 of a single unnamed individual whom police discovered had been counterfeiting 10-, 20-, and 50-euro banknotes.

These days, simply stopping a criminal is becoming a small part of this kind of arrest operation – more important is finding out who that individual was doing business with, increasingly through the dark web.

Read more at https://nakedsecurity.sophos.com/2018/12/11/dark-web-goldmine-busted-by-europol/

Teen SWATter who had 400 schools evacuated lands 3 years in jail

By Lisa Vaas

Incorrigible SWATter George Duke-Cohan, a British teenager from a village near Watford, just north of London, has now been sentenced to three years in prison, according to the UK’s National Crime Agency (NCA).

In September, Duke-Cohan – at 19, the most outspoken member of a distributed denial of service (DDoS) gang – pleaded guilty to making bomb threats to thousands of schools and to a United Airlines flight between the UK and San Francisco while it was in mid-air.

The teenager sent bomb threats that resulted in 400 UK schools being evacuated in March. He was arrested just days later.

While still under investigation in April, Duke-Cohan sent a mass email to schools in the UK and the US claiming that there were pipe bombs planted on their grounds.

Then on 9 August, his hacking group – “Apophis Squad” – claimed on Twitter that flight UAL 949 had been grounded due to their actions.

Read more at https://nakedsecurity.sophos.com/2018/12/11/teen-swatter-who-had-400-schools-evacuated-lands-3-years-in-jail/

Facebook fined $11m for misleading users about how data will be used

By Lisa Vaas

Italy’s competition regulator announced on Friday that it’s fining Facebook €10m (USD $11m, £8.9m) for laying it on thick when it comes to the service being “free” to users but keeping quiet about how the company’s making money off their data.

The fines come out of an investigation the Italian Competition Authority (ICA) wrapped up on 29 November. Opened last April, it looked into alleged violations of the Consumer Code by Facebook Ireland Ltd. and its parent company, Facebook Inc.

Here’s what the ICA had to say about it:

Facebook emphasizes the free nature of the service but not the commercial objectives that underlie the provision of the social network service, thus inducing users into making a transactional decision that they would not have taken otherwise (i.e., to register in the social network and to continue using it). The information provided is in fact general and incomplete and does not adequately make a distinction between the use of data to personalize the service (in order to connect “consumer” users with each other) and the use of data to carry out advertising campaigns aimed at specific targets.

Four Consumer Code violations

Facebook violated four of the Consumer Code articles, the ICA concluded: by misleading consumers into “registering without adequately and immediately informing them during the creation of the account that the data they provide will be used for commercial purposes,” it’s violated articles 21 and 22.

Read more at https://nakedsecurity.sophos.com/2018/12/11/facebook-fined-11m-for-misleading-users-about-how-data-will-be-used/