1
00:00:00,550 --> 00:00:02,050
Let me introduce you to the door.

2
00:00:02,260 --> 00:00:04,590
You're very light I've heard of the term before.

3
00:00:04,620 --> 00:00:05,460
I don't know.

4
00:00:05,720 --> 00:00:13,690
Also is a dot where is a general term for any encrypted overlay network that you can only access with

5
00:00:13,690 --> 00:00:19,410
specific types of software or authorization or protocols or ports.

6
00:00:19,420 --> 00:00:25,780
The term dark is used because it is dark or not visible to those that don't have those special tools

7
00:00:25,780 --> 00:00:35,260
software and access the conventional Internet like Facebook or Amazon Google would be called the clarinet

8
00:00:35,380 --> 00:00:38,640
or surf web is a reciprocal term.

9
00:00:38,750 --> 00:00:42,910
Mostly you can consider the Dot Net much the same as the surface web.

10
00:00:42,910 --> 00:00:48,950
The main difference being you need to use special encryption to access it which is what keeps it dark

11
00:00:49,600 --> 00:00:53,770
generally don't mix cannot be searched with tools like Google.

12
00:00:53,950 --> 00:01:00,820
Any dot net that is public accessible such as Tor could be indexed for searching and projects all the

13
00:01:00,820 --> 00:01:01,910
way to do this.

14
00:01:01,990 --> 00:01:10,100
The dot net is used by governments military companies and anyone really who needs privacy plus criminals

15
00:01:10,170 --> 00:01:13,080
as they obviously value their privacy.

16
00:01:13,170 --> 00:01:20,530
It's generally a tool to maintain anonymity and is in some sense to maintain security.

17
00:01:20,590 --> 00:01:27,980
Example Doenitz include Retros share which is a file sharing peer to peer or friend to friend network.

18
00:01:28,000 --> 00:01:33,040
You have other networks like Tor which is very common and very popular.

19
00:01:33,040 --> 00:01:37,650
You have to be anonymous which is becoming more popular.

20
00:01:37,780 --> 00:01:46,660
You have the Ganu net framework and the Free-Net project all meaning special software to access which

21
00:01:46,660 --> 00:01:51,420
is available on their corresponding sites the interfaces to these.

22
00:01:51,430 --> 00:01:57,430
You can see here on the screen these services should not be considered a panacea for anybody interested

23
00:01:57,430 --> 00:01:58,700
in privacy though.

24
00:01:58,840 --> 00:02:06,670
In Cambodia anonymised through the darkness you can access dark markets and hack forms the cell every

25
00:02:06,670 --> 00:02:13,750
sort of good and service from assassination to drugs and of interest it was things like malware or no

26
00:02:13,780 --> 00:02:17,490
access to rats hacking tools exploit kids.

27
00:02:17,500 --> 00:02:24,090
And so I'm here in front of you you can see some examples of markets at the moment that are around dream

28
00:02:24,120 --> 00:02:32,860
market Wall Street Market torture etc. and the you are l here that you can see ending in onion is the

29
00:02:32,860 --> 00:02:39,910
address to reach that site which is a special address you can only access via the Tor network using

30
00:02:39,910 --> 00:02:42,710
the Tor browser which you can see here.

31
00:02:42,760 --> 00:02:44,440
We have a whole section on using Tor.

32
00:02:44,470 --> 00:02:46,000
Later on in the course too.

33
00:02:46,060 --> 00:02:51,220
So don't worry about that for now but let's have a look around Tor see what we can find in terms of

34
00:02:51,430 --> 00:02:54,520
hacking tools and exploit kit.

35
00:02:54,520 --> 00:02:58,810
Here we are in the hidden wiki showing some of the hacker sites.

36
00:02:58,810 --> 00:03:01,250
This is the zero day forum.

37
00:03:01,420 --> 00:03:08,820
You can see here selling credit card details personal information secure hosting to host malware exploits.

38
00:03:08,890 --> 00:03:15,500
That's the Sphinx banking trojan that would be packed into another program you might download the Trojans

39
00:03:15,500 --> 00:03:19,410
designed specifically to target bank account details.

40
00:03:19,540 --> 00:03:22,150
It will target specific banks as well.

41
00:03:22,180 --> 00:03:28,720
That is found to have some sort of useful way to harvest access the user account details

42
00:03:32,440 --> 00:03:38,740
here PayPal accounts for sale that will have been stolen from hacked machines software to help with

43
00:03:38,740 --> 00:03:39,700
codding.

44
00:03:39,730 --> 00:03:47,560
Corning is another term for stealing GUIL using credit card details how to transfer money anonymously

45
00:03:47,800 --> 00:03:49,870
hacking tools exploits

46
00:03:52,910 --> 00:03:59,570
here this is the black hole exploit kit easy stage fright exploit where you can send picture messages

47
00:03:59,570 --> 00:04:01,640
to an Android phone to take over.

48
00:04:01,640 --> 00:04:03,660
Still millions of phones are vulnerable.

49
00:04:03,920 --> 00:04:09,560
Let's give you an example of how these export kits and hacking tools might work in the real world.

50
00:04:09,560 --> 00:04:17,570
So back to our entrepreneur hacker he's bought himself an exploit kit from one of these sites or perhaps

51
00:04:17,570 --> 00:04:20,780
he's managed to acquire one free somewhere.

52
00:04:21,690 --> 00:04:31,560
He has also bought services from a hacker that has given him access to a hacked site so he can now upload

53
00:04:31,560 --> 00:04:35,580
his exploit code onto that Web site.

54
00:04:35,580 --> 00:04:40,020
You or I or someone else unknowingly visit this Web site.

55
00:04:40,530 --> 00:04:48,150
If you are up to date with your patches and you have the good security controls then the exploit won't

56
00:04:48,150 --> 00:04:49,230
work.

57
00:04:49,230 --> 00:04:54,240
Which is a lot of what we're going to go through in this course on how to stop those sorts of things

58
00:04:54,240 --> 00:04:55,110
happening.

59
00:04:55,440 --> 00:05:04,070
If you are on patched or you have poor security or in the worst case scenario has a zero day exploit

60
00:05:05,310 --> 00:05:10,770
then you could be compromised again with correct security practice.

61
00:05:10,770 --> 00:05:16,810
You can still be protected against that if you don't have solid security the export is very light.

62
00:05:16,890 --> 00:05:18,270
Access to your machine.

63
00:05:18,360 --> 00:05:22,640
From there he installs a rat to control what the machine does for him.

64
00:05:24,720 --> 00:05:30,660
This you can see here is the admin interface for a rack called Snake wrap.

65
00:05:30,670 --> 00:05:38,590
So as you know looking for files on the victim machine looking at the desktop can access the webcam

66
00:05:39,130 --> 00:05:46,980
can steal or harvest passwords bank account details personal information etc..

67
00:05:50,290 --> 00:05:57,300
You can see other types of goods and services that are available in the Dark Market everything from

68
00:05:58,040 --> 00:06:05,580
initial access tool so they exploit kids that we've talked about zero day vulnerabilities payload parts

69
00:06:05,580 --> 00:06:06,820
and features.

70
00:06:06,870 --> 00:06:16,340
These are hackers crackers binder's obfuscate is these tools used to create malware that the anti-virus

71
00:06:16,470 --> 00:06:17,920
cannot pick up.

72
00:06:18,120 --> 00:06:25,630
And you've got all sorts of things bottlenecks for sale hackers for hire deed of services etc etc..

73
00:06:26,800 --> 00:06:28,920
And here's another interesting list.

74
00:06:28,960 --> 00:06:44,800
This shows the cost for exploit kids over the years and how the costs of evolved.

75
00:06:44,800 --> 00:06:47,830
Here are some of the prices for zero day vulnerabilities.

76
00:06:47,830 --> 00:06:52,510
Remember those are the vulnerabilities that don't have any patches and that maybe nobody even knows

77
00:06:52,510 --> 00:06:53,810
about.

78
00:06:54,010 --> 00:07:01,900
These are extremely deadly and the cost of the shows you how much people must get from them if they're

79
00:07:01,900 --> 00:07:08,440
willing to pay this march there is even a gray market of countries and governments and companies buying

80
00:07:08,650 --> 00:07:16,800
these for all sorts of nefarious reasons and you can see because they are buying go downloading breed

81
00:07:16,900 --> 00:07:18,320
these tools.

82
00:07:18,580 --> 00:07:20,940
They don't have to develop them themselves.

83
00:07:21,070 --> 00:07:25,120
So the barrier to entry to become a cyber criminal is low.

84
00:07:25,270 --> 00:07:33,940
The average intruder knowledge is now low i.e. they are script kiddies with little skills is the now

85
00:07:33,970 --> 00:07:39,600
high level of attacks fisty cation given they have access to such powerful tools

86
00:07:42,330 --> 00:07:44,210
only a small percentage are elite.

87
00:07:44,230 --> 00:07:50,740
Researchers exploit developers zero day researches malware writers etc..

88
00:07:50,880 --> 00:07:56,610
The majority of buyers aren't sophisticated and less skilled So this means you have a lot of people

89
00:07:56,610 --> 00:08:01,440
with highly sophisticated tools and the numbers are only exponentially growing.