World markets rattled by US inflation concerns

Asian shares fall again as countries that borrowed heavily in dollars could be hit by further US interest rate rise

Mounting concern about the inflationary impact of falling US unemployment has sent tremors through global financial markets amid fears that the long post-financial crisis rally in asset prices is nearing its end.

The effective interest rate on 10-year benchmark US bonds reached their highest level for seven years after the latest snapshot of the American labour market showed fewer workers claiming jobless benefits.

Related: Soaring US dollar threatens trouble for emerging markets

Continue reading…

Cyber Criminals Can Buy Passports On The Dark Web For As Little As $15, Study Finds

Are you a convicted felon who has dreams of traveling abroad? Or a cybercriminal looking to set up a legitimate bank account into which you can deposit your ill-gotten funds? Then buying a passport off the dark web is an option that you should consider!

But while in the past forged or stolen passports would fetch a hefty sum on the black market, thanks to the modern marvel that is the dark web, prices have fallen significantly. Last month, Comparitech analyzed listings on a handful of illicit marketplaces to try and determine exactly how much a passport or passport scan can fetch in the seediest corners of the Internet. Their analysts scoured  marketplaces like Dream Market, Berlusconi Market, Wall Street Market and Tochka Free Market, among others.

During their search, they discovered that passport scans, which are often enough for a scammer or criminal to set up a bank account in another person’s name, can be purchased for as little as $15. For slightly more, an aspiring criminal can purchase a passport and drivers license scan – which would be enough to open an account on a cryptocurrency exchange or – better yet – hack into the account of an unsuspecting trader by exploiting password recovery tools.

However, real passports still fetch a hefty sum, and even forgeries can be prohibitively expensive for some.

Here are Comparitech’s key findings:

  • The average price of a digital passport scan is $14.71.
  • If proof of address or proof of identification —a selfie, utility bill and/or driver’s license—is added to a passport scan, the average price jumps to $61.27.
  • Australian passport scans were the most common, and yet, the most expensive ($32).
  • The average price of a real, physical passport is $13,567.
  • The average price of a counterfeit, physical passport is $1,478.

Real or forged, passport scans are typically accompanied by other forms of identification – a utility bill, selfie of the ID card owner holding up their ID or a driver’s license. But they cost significantly more than the passport scan alone – often upwards of $60. But scammers get what they pay for: Because multiple forms of ID are usually required to bypass proof-of-address and proof-of-identification controls on websites. But if a user has one, they can seize control of the account of another individual, assuming the documents are in the correct name.

The bulk of Comparitech’s analysis focused on digital scans and images of real passports. The site’s researchers found 48 unique listings for real passports scans, 38 of which were not sold with any accompanying proof of ID or address, spanning 20 countries. While they found no discernible pattern in pricing relative to supply or the power of the country’s passport, they did discover the Australian passports were the most common and the most expensive.

Passport

And while a wide range of vendors appeared to sell passport scans, only a small handful specialized in providing them.

Passport

Passports sold on the dark web came in a few forms:

  • Editable Photoshop templates used for making fake passport scans. These cost very little and are available for almost any Western country. They make up the majority of marketplace listings when searching for “passport”.
  • Digital passport scans. These real scans of actual passports cost around $10 each and are often sold in bulk. They are available for several countries and are fairly common.
  • Physical passport forgeries. We found listings for counterfeit passport forgeries for a handful of European countries. They typically cost north of $1,000.
  • Real, physical passports. These are the real deal (according to the listing), so they are not common nor cheap. Most of them cost more than $12,000.

Dark web vendors accept payment exclusively in cryptocurrency, typically Bitcoin or Monero. (all pricings in Comparitech’s research were based on conversion rates on Sept. 24 and Sept. 25).

Most of the physical passports that Comparitech found for sale on the dark web were from European countries, with physical passports coming in two forms: genuine and forgeries. They can be used in fraud-related crimes as well as illegal immigration, human trafficking, and smuggling.

Authentic passports from Europe are hard to come by and cost a lot, with prices ranging from $8,216 for a German passport to $17,116 for the UK.

Passports

Forgeries are about one-tenth the price of real ones – but they still cost in excess of $1,000.

Six

Criminals who purchase passport scans typically target one of three venues for fraud-related crimes: cryptocurrency exchanges, payment systems, and betting websites.

Here’s an example of how a passport scan might be used in an account recovery scam (summary courtesy of Comparitech):

  • The target has an account with a cryptocurrency exchange. They’ve set up two-factor authentication on their account, so a code is sent to an app on their phone to verify logins.
  • Through some other means, the scammer steals the user’s password (perhaps through phishing or a data breach). But because 2FA is enabled on the account, they can’t get in.
  • Instead, the scammer poses as the victim and approaches the cryptocurrency exchange, saying they’ve lost access to their phone and cannot get the authentication PIN, and thus cannot log in.
  • The cryptocurrency exchange requests the account holder send a scan of their ID to prove their identity before resetting the 2FA on the account. In many cases, companies will require the person take a selfie while holding the ID, hence the higher price for passport scans with selfies.
  • The scammer modifies the scans from the dark web as necessary to match the victim’s personal details, then sends it to the exchange, still posing as the victim.
  • Upon receipt of proof of identity, the cryptocurrency exchange resets or removes the 2FA on the account, allowing the hacker to access and drain the victim’s crypto assets. Hackers routinely change the passwords and email addresses associated with accounts to make it harder for the account owner to regain control.

Cryptocurrency exchanges and individual wallets are becoming popular targets, with more than $1 billion in crypto stolen last year. And as cryptos become more widely adopted, this type of fraud is only going to spread.

 

 

 

 

 

 

 

 

 

Men with few qualifications ‘most exposed to Brexit’

Fifth of UK men who left education at earliest stage are in vulnerable sectors, says IFS

Male workers with few qualifications will be the hardest hit by fresh barriers to trade erected after Britain leaves the European Union, according to one of the UK’s leading thinktanks.

The Institute for Fiscal Studies said men in manufacturing jobs who had left school with GCSE qualifications or below were the most exposed to curbs on the flow of goods after Brexit.

Continue reading…

Bizarre Cosmic Rays Are Shooting Out Of Antarctica And Physicists Can’t Explain It

Authored by Emma Fiala via TheMindUnleashed.com,

Just over ten years ago, NASA-affiliated researchers set out to observe cosmic rays showering down on Earth from above. During the experiments in Antarctica, physicists found something unexplainable, something that could change everything we think we know about physics.

The Antarctic Impulsive Transient Antenna (ANITA) balloon experiment began in 2006 when the balloon spent a month hovering over Antarctica’s ice. Using sensors, ANITA began detecting high energy neutrinos interacting with the ice sheet below.

Neutrinos are unique in that they don’t lose energy as they disseminate throughout the universe. Because of this, neutrinos are capable of providing humans with a peek into the vast expanse of the universe that would otherwise be unavailable.

According to Motherboard, the Soviet physicist Gurgen Askaryan once theorized that “when a high energy particle interacted with a dense dielectric medium – a type of insulating material that doesn’t conduct electricity – it would produce a shower of secondary charged particles whose radiation can be detected by standard radio antennas. This interaction, now known as the Askaryan effect, allows physicists to detect particles that hardly interact with normal matter (like neutrinos) by observing their secondary effects.”

During ANITA’s time in the Antarctic, it detected never before seen “upward-pointing cosmic-ray-like events.” The rays detected had horizontal planes of polarization, which may suggest they didn’t originate in space. The detection of these events means a new type of particle may have been evading detection by sophisticated particle accelerators since we began using sophisticated particle accelerators.

Thanks to the Standard Model, physicists have known that cosmic rays are capable of reaching and penetrating Earth. However, according to the model, those rays shouldn’t be able to pass all the way through our planet. So are the anomalous high energy particles measured by ANITA originating from Earth, or are they actually passing through it?

Some existing physics models that exist beyond the Standard Model involve theories that the interactions between cosmic rays and ice actually produce micro black holes that open into small dimensions. ANITA’s first mission didn’t detect the black holes, but it did detect the Askaryan effect.

Last week, a group of researchers posted a new theory about the rays measured by ANITA. The group, led by Pennsylvania State University physicist Derek Fox, suggests ANITA may have found evidence of a particle that lies completely outside of the Standard Model of physics.

The Standard Model has been successful as long as we’ve been using it, but it hasn’t been able to explain everything. For example, things like gravity and the accelerating expansion of the universe are not adequately explained by the model. That’s where the physics beyond the Standard Model (BSM). Some of those theories include string theory and extra dimensions.

Fox’s theory relies on a type of BSM called supersymmetry. “We argue that if the ANITA events are correctly interpreted then they require some beyond the Standard Model particle,” Fox told Motherboard. “The likely properties of the particle seem consistent in at least some ways with the predicted properties of the stau in some supersymmetric models.”

In order to delve further into the unknown when it comes to these upward-pointing cosmic rays, they must also be observed at other locations. Fox and his colleagues took the first step when analyzing data from the IceCube Neutrino Observatory in the Arctic. Despite the difference in detection systems, three events were identified in the data that were analogous to the cosmic rays observed by ANITA in Antarctica.

Fox’s theory is only one interpretation of the ANITA data. The fourth ANITA mission was launched in 2016 and researchers are hopeful that its data, once completely analyzed, will reveal additional examples of these unusual cosmic rays.

‘Intrusion Truth’, The Mysterious Group Doxxing China’s Hacking Army

An anonymous group calling itself Intrusion Truth has exposed members of APT10, an elite Chinese hacking unit that has targeted aerospace, engineering, and manufacturing firms to steal trade secrets, including from the US government.

Since mid-summer, Intrusion Truth has published a list of alleged names of individual APT10 hackers. Sources with knowledge of APT10’s operations told Motherboard some of the details in Intrusion Truth’s blog posts and tweets match other data points on the Chinese group.

Intrusion Truth’s controversial approach of anonymously unmasking government-backed hackers and exposing a foreign intelligence agency is something new and seen as a method to put pressure on Chinese companies cooperating with state-sponsored hacking efforts.

“We will work with companies, private analysts, hackers, governments—whoever can provide the data that we need,” a spokesperson of Intrusion Truth told Motherboard via email.

China has hacked its way to the second largest economy in the world. It has stolen other nation’s manufacturing secrets for years, stealing military fighter jet schematics and information on solar power, among other industrial secrets. The hacking became so bad that former President Obama brokered a deal with Chinese President Xi. In 2015, the two countries reached an agreement to stop hacking focused on the theft of intellectual property. However, the deal did not last long, as China stole 614 gigabytes of submarine secrets from a US Navy contractor earlier this year.

US officials and security analysts have linked Chinese hackers for years to government-backed hacks into US firms. China has since denied involvement in the hacks.

Intrusion Truth’s anonymity might be a clue to its identity. Some large corporations and security companies that employ researchers who track China’s hackers might be hesitant to release findings for concern of retaliation from China’s government, said Ben Read, who manages cyberespionage investigations at FireEye Inc.

On Thursday morning, Bloomberg reported a new massive hack, China used tiny microchips on computer motherboards to gain access to almost 30 US companies’, including Amazon and Apple, technology supply chains.

This type of wide-spread industrial espionage that Intrusion Truth is motivated against.

“Intellectual property theft is a global confrontation fought between the West and its online adversaries, mainly China. This theft damages hard-working individuals, their companies and entire economies through lost revenue and competition that is completely unfair,” Intrusion Truth told Motherboard.

“Until recently, China has been winning—it has acted with impunity, stealing data using commercial hackers that it pays and tasks but later claims are criminals. The use of commercial hackers is a deliberate attempt to circumvent the statements that China has made committing to stop this illegal activity,” the group added.

In a first, Intrusion Truth unmasked individual alleged Chinese hackers, posted photographs, and even showed their places of work through Uber receipts. There was even evidence that some hackers were traveling to buildings operated by China’s intelligence agency.

Thomas Rid, a professor at Johns Hopkins University, told Motherboard this kind of internet sleuthing is advance, and the language skills, tools and research abilities to pull off something like this is of a professional.

“It’s somebody who is professional,” he said, “somebody who knows what they’re doing.”

According to one theory, the group may work for a corporate victim of Chinese hackers.

Intrusion Truth has posted 40 tweets to Twitter dating back from April 2017 and more than a dozen articles to the blog site Medium over the past year. In them is evidence linking Chinese companies to a suspected China-backed hacking group known as APT 3 and another known as APT 10, or Stone Panda, giving the public an understanding of the continued threat of Chinese hacking.

“APT 10 is one of the most active groups we track,” said Mr. Read. The group has hacked multinationals from Japan, Europe, and US.

Intrusion Truth focused on several Chinese companies, alleging they are connected to government-backed hacking programs.

“We are focusing our efforts on determining whether these are just ‘companies that hack,’ or would they be better described as fronts enabling the Chinese state to employ hackers who can later be scapegoated as criminals?” Intrusion Truth tweeted in August.

Last year, Intrusion Truth said two employees of Guangdong Bo Yu Information Technology Co., were part of APT 3. Six months later, US officials indicted the men—Wu Yingzhuo and Dong Hao—saying they were involved in hacking Moody’s Analytics and Siemens AG.

Intrusion Truth also linked internet domains and email addresses associated with websites used by APT 10 to two other Chinese companies, Tianjin Huaying Haitai Science and Technology Development Co. and Laoying Baichaun Instruments Equipment Co.

“We will never name ourselves or those who work with us. Our ability to contest China’s despicable activities in Cyberspace is derived precisely from our anonymity,” Intrusion Truth concluded. “That, and our willingness to tell the whole truth.”

On top of the tit-for-tat exchanges between US-China on economic, political and military fronts, it now seems the battlefield is expanding to cyberspace. As a group of anonymous hackers (most likely tied to corporate America) has launched a counterattack deep within China — exposing a massive cyberespionage ring that has stolen countless secrets from manufacturing, aerospace, and engineering firms over the years.