Threat Intelligence
5/19/2017
12:00 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

International Consortium Launches to Prevent Criminal Use of Dark Web and Virtual Currencies

Seven European countries launch project to curtail criminals and attackers from using blockchain technology to avoid law detection.

Vienna - A group of 15 consortium members from seven European countries has initiated this week a new project to curtail criminals and attackers from using blockchain technology to avoid law detection, while at the same time respecting the privacy rights of legitimate users. Blockchain technology is an electronic ledger under decentralized control, which allows it to evade traditional investigative measures.

The best-known application of blockchain technology is Bitcoin, which has many legitimate uses but is also used for criminal purposes in the so-called dark web (i.e., the part of the internet that is beyond the reach of Google and other search engines). The attackers who froze computers in 150 countries last Friday, 12 May, demanded a ransom paid in Bitcoin.

The researchers are in a consortium undertaking a three-year, €5 million project, funded by the European Union aimed at developing technical solutions for investigating and mitigating crime and terrorism involving virtual currencies and underground market transactions.

The researchers, including four law enforcement agencies (LEAs) and INTERPOL, aim to develop and implement tools to reveal common characteristics of criminal transactions, detect anomalies in their usage, and identify money-laundering techniques. The researchers will also conduct training activities in order to develop skills and knowledge among EU law enforcement agencies. As part of their project, which is called TITANIUM (Tools for the Investigation of Transactions in Underground Markets), the researchers plan to test and validate their tools and services on the premises of the LEAs to assess the effectiveness and overall impact of the project results.

Project co-ordinator Ross King, a senior scientist at the AIT Austrian Institute of Technology GmbH, said, “Criminal and terrorist activities related to virtual currencies and darknet markets evolve quickly and vary in technical sophistication, resilience and intended targets.”

To counter such activities, Dr King said it was necessary to develop efficient and effective forensics tools enabling the reasonable use of different types of data from different sources including virtual currency ledgers, online forums, peer-to-peer networks of underground markets, and seized devices.

Dr. King also emphasized that the tools developed within the TITANIUM project will respect individual privacy and other fundamental rights.  "The consortium will analyze legal and ethical requirements and define guidelines for storing and processing data, information, and knowledge involved in criminal investigations without compromising citizen privacy."

In addition to the AIT Austrian Institute of Technology GmbH, the partners in the TITANIUM consortium are:

Bundeskriminalamt (Germany)

Coblue Cybersecurity (Netherlands)

Countercraft S.L. (Spain)

dence GmbH (Germany)

Universität Innsbruck (Austria)

INTERPOL (International Criminal Police Organization)

Karlsruhe Institute of Technology (Germany)

Ministry of the Interior (Austria)

Ministry of the Interior (Spain)

National Bureau of Investigation (Finland)

TNO (Netherlands)

Trilateral Research (UK)

University College London (UK)

VICOMTECH-IK4 (Spain)

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Security Operations and IT Operations: Finding the Path to Collaboration
A wide gulf has emerged between SOC and NOC teams that's keeping both of them from assuring the confidentiality, integrity, and availability of IT systems. Here's how experts think it should be bridged.
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.

Dark Reading Radio
Archived Dark Reading Radio
In past years, security researchers have discovered ways to hack cars, medical devices, automated teller machines, and many other targets. Dark Reading Executive Editor Kelly Jackson Higgins hosts researcher Samy Kamkar and Levi Gundert, vice president of threat intelligence at Recorded Future, to discuss some of 2016's most unusual and creative hacks by white hats, and what these new vulnerabilities might mean for the coming year.