from Security Intelligence | TrendLab...
Like many countries, France has its own cybercriminal underground marketplaces and forums. Almost all of France’s murky websites are hosted in the Deep Web, specifically in what we call the “Dark Web”—that part of Internet most people never visit or hear about. It relies on darknets or networks where connections are made between trusted peers. Examples of Dark Web systems include TOR, Freenet, and the Invisible Internet Project.
Being hosted in the Dark Web is not unusual for cybercriminal marketplaces. Because they are not referenced by search engines, they are harder to find. Staying on the Dark Web provides additional layers of anonymity for their users. Generally, the URLs for these sites are only distributed among fraudsters. They are never meant to be publicly advertised.
Dark Web on YouTube?
Imagine our surprise when on July 1, 2016, one of the biggest French Dark Web marketplaces “went public” and started promoting themselves via YouTube. (The video has since been taken offline due to a copyright claim.)
Figure 1. Screen capture from the YouTube video done by French Dark Net
This particular network was FDN, which stands for French Dark Net.
Figure 2. French Dark Net logo from the marketplace
The video is 3 minutes, 17 seconds long and is in French. It shows parts of an interview with Nicolas Arpagian, a French cybercrime expert. In the interview, Arpagian discussed the Dark Web.
Alongside the interview, screenshots from the actual FDN marketplace are shown, which highlight items that can be bought there—soft drugs, heavy drugs, online account credentials, credit card numbers, hacking tutorials, etcetera.
It then shows more content and some teaser text, which we have translated:
Are you ready…to enter…
The French Market…
With a unique system… for protecting the buyers…
Easy and simple purchase…
Fast, without any banana !Make your Game…
Live betting on the FRENCH DARK BET
Get your winnings fast…
Come on the French Dark Net & the French Dark Bet …Paypal accounts
Counterfeit papers
Credit cards
Fraud
Hacking
Carding
Online gambling
Sharing
Training
Weeds
CocaineCome live this experience…
The video ends by showing the URL for the FDN marketplace on the Dark Web.
What is FDN?
FDN is a well-known French cybercriminal underground marketplace where one can buy almost anything, even if it’s illegal—drugs, weapons, credit card dumps, compromised online accounts, full database dumps, compromised email accounts, ransomware, hacking tools, counterfeit documents, carding tutorials, stolen goods, and more.
Entering FDN is not particularly difficult if one knows its URL. After filling one registration page, anyone can become part of the place and take a look around.
Underground betting: French Dark Bet
French Dark Bet (FDB) is a new part of FDN—a place where one can take part in online gambling. This is the first time we’ve seen a “traditional” marketplace for cybercriminals also being used for illegal gambling.
Examples of the current bets placed on FDB are:
- Will the first Euromillion number for a particular date be odd or even?
- Will the share price of Coca-Cola increase or decrease?
- How many people will die on French roads in the month of July?
- Will one movie sell more than a million tickets in the first week of its release ?
- When will the iPhone 7 be released?
- Who will be the next prime minister of the United Kingdom?
These proposition bets don’t attract the most gamblers, however. Sports bets are the most valuable on FDB; every football match in the ongoing Euro 2016 tournament can be wagered on.
Figure 3. Ad for gambling on a Euro 2016 football match
The betting system is easy—winners get the total amount of money put in the game by the losers, divided by the number of gamblers. The more money someone puts in, the more he gains if he wins.
Currently the only sport available for betting is football–which just happens to be the most popular sport in France. FDB accepted bets on who the ultimate winner of the just-concluded Euro 2016 tournament would be, for example.
While the whole FDB system hasn’t attracted many players yet, we can expect it to get more as time passes. Although FDN has roughly 44,000 members, only a dozen seem to actually use FDB. This is probably the reason why an ad for FDB was placed on YouTube–to lure in users from the Surface Web.
Money Matters
All of FDN, including FDB, accepts only Bitcoins. Every item or service from FDN can be bought using the internal e-commerce system of the marketplace. While BTC transactions can be traced, it is still difficult to follow them all and get a clear view of the amount of money being passed around FDN. Perhaps one day that will be a proposition bet on FDB.
The bets are organized with the use of “tickets.” Users buy one or more tickets and place them on each bet. Ticket amounts vary, depending on the bet, from 1 to about 30 euros.
The legality of online gambling
Online gambling is regulated in France by ARJEL, a French acronym which roughly translates to “Regulatory Authority for Online Games.” Unsurprisingly, the criminals running a marketplace like FDN did not bother to file a case before ARJEL to get a legitimate online gambling license.
Conclusion
Illegal gambling is a very lucrative activity online. However, up to now we’ve never seen a gambling site being run by cybercriminals from the Dark Web more commonly associated with carding and hacking.
Building such a platform as FDB takes some energy and skill, and was done with an expectation of financial return. We expect FDN to keep advertising and try to bring more people in. This is a good example of how cybercriminals can evolve to keep surprising us and finding new ways to make some easy money.
We will keep an eye on sites like FDN as they try to expand to new “businesses” like online gambling. We will continue to work with law enforcement around the world to make the Internet a safer place for all users.
Post from: Trendlabs Security Intelligence Blog - by Trend Micro
French Dark Bets: Betting On Euro 2016
