The 19-year-old Teen Sold Bomb Threats Against Jewish Centers, Schools
An Israeli American teenager who was arrested on March 23 in connection with a string of bomb threats made to at least 245 schools and Jewish community centers (JCCs) in the U.S. earlier this year has been indicted for running a bomb threat business on the online black market.
Israeli prosecutors said the suspect made thousands of hoax bomb calls, including schools, shopping malls, police stations, airlines and airports in North America, Britain, Australia, New Zealand, Norway and Denmark.
According to unsealed court documents, the FBI revealed that Michael Kadar, 19, was running a “School Email Bomb Threat Service” on AlphaBay, a dark web marketplace which sold illegal goods and services until it was shut down by the U.S. authorities in July.
Kadar use to issue bomb threats through emails that contained the message “Comrades [had]planted a few bombs at school,” and that students and staff members will be “massacred mercilessly shortly”, which gave rise to fears of increasing anti-Semitism and provoking scores of evacuations, the FBI alleges.
A newly unsealed search warrant alleges that for each bomb threat, Kadar used to charge $30 and if the client wanted to frame an individual for the message, he would charge an additional $15.
Kadar was arrested by the police in Israel in March after he failed to route his internet connection via a proxy server that in turn gave away his IP address. He was arrested under suspicion that he was behind a wave of bomb threats targeting Jewish institutions in the U.S.
When the police raided Kadar’s residence, they found a flash drive containing the teen’s personal records on his alleged bomb threats.
Kadar allegedly joined the dark web market AlphaBay under the username “Darknet_Legend” on February 8.
“I have saved email bomb threat texts when I email the bomb threat,” Kadar allegedly advertised in an AlphaBay post under the name Darknet_Legend. “If you request that I send the school a custom email text that you wrote then give me the bomb threat text that you wrote in the buyer notes and I will send the school the text you provided.”
The post offered refunds to its customers for unsuccessful bomb threats, and tiered pricing ranging from $30 for a single threat, to $90 for “emailed bomb threat to a school districts\multiple schools + framing someone for it”.
For this latter service, Darknet_Legend added a warning: “there is a no guarantee that the police will question or arrest the framed person,” he wrote in the advertisement. “I just add the persons name to the email. In addition in my experience of doing bomb threats putting someones name in the emailed threat will reduce the chance of the threat being successful. But it’s up to you if you would like me to frame someone.”
And the business even had a very good review where one AlphaBay user wrote: “Amazing on time and on target. We got evacuated and got the day cut short” — that online post, made hours after a threat made to Rancho Cotate High School in Rohnert Park, California, north of San Francisco was closed as police investigated a threat.
Kadar totally racked up $240,000 for his services by the time he was arrested. He is facing accusations of making threats for financial gain alongside charges of money laundering and the attempted blackmail of Ernesto Lopez, a Delaware state senator. Kadar has been charged in the U.S. and Israel simultaneously. However, he has not been extradited to America until now. If he gets convicted on the charges in Israel, he can face up to 10 years in prison.
The teen’s U.S. born mother and Israeli father say their son, who moved to Israel aged 5 and lives with them in the southern city of Ashkelon, suffers from health problems.
“He has high-level autism. I appeal to the world on his behalf for forgiveness for he does not know what he has done,” his mother told reporters. “This tumour has caused a state of some type of mental dysfunction that he is not aware of what he is doing. My son does not hate anyone.”
RGV Not Meeting NTR Family
Ram Gopal Varma is trying to get maximum attention to his Lakshmi’s NTR movie, and there is quite a good buzz on the project even before it was launched. RGV is planning to make it big in the best way possible and trying to create a special interest towards the film in the public.
“I got this idea from the friends to make a film on the life of SR NTR. My film deals with the incidents that took place in his life from the time Lakshmi Parvathi entered his life till his death. The subject is ready and I am not going to meet the family members of NTR because all of them would narrate the incidents that are in favorable for them. I met NTR’s driver and cook recently and got some details.” said RGV about his research.
Actress Sada Turns Prostitute For Torch Light
Sada is a heroine in Telugu who was seen in homely roles in her career beginning. The actress who was shot with popularity also explored offers in Kollywood. She was a judge for the reality show being telecasted in ETV. The actress is always in her limits when it comes to giving her judgment, or behaviour in the show or presenting herself in a beautiful manner. She never crossed the limits in being glamorous.
The latest update is that the actress is going to be seen as a prostitute in the film titled Torch Light. The film is being made in Tamil and is directed by Abdul Mazeeth. The director said that he approached a lot of heroines before Sada but everyone rejected the role. He is happy that Sadha immediately accepted the role. The film is scheduled for a release in December.Readmore
Find your unprotected Amazon S3 buckets with this free tool
Services like Amazon’s S3 have made it easier and cheaper than ever to store large quantities of data in the cloud. Used properly, S3 buckets are a useful tool that can save time and money.
Used properly, I said. The problem is that plenty of companies fail to implement basic security. This, as I’m sure you’ve guessed, has resulted in an astonishing spate of (frankly) catastrophic data breaches. In October, researchers discovered an open S3 bucket containing the personal information of 1,113 NFL players and their agents. And in July, the details of three million WWE fans were chokeslammed onto the internet, after a third party contracted by the popular wrestling franchise set their buckets to ‘public,’ allowing anyone with an Internet connection to access and download content from it.
Sometimes, the leaked data is of a profoundly intimate nature. One leak, which emerged just last week, contained the blood test records of over 150,000 people.
Kromtech Security, a Cologne-based infosec firm, today released an open source script that should hopefully solve this problem for good. The tool, called S3 Inspector, is essentially a short Python program that uses your credentials to enumerate your S3 buckets. It will then identify which ones are secured properly, and which ones urgently require your attention.
Speaking over email, Bob Diamchenko, Head of Communications for Kromtech, explained the motivation behind S3 Inspector.
Amazon S3 is a popular storage service that is used by many enterprises, governments, and individuals across the globe. The service is fast, scalable and easy to use, but far too often we have seen cases where administrators fail to configure it properly or simply forget about configuration changes. This usually results in confidential user data or internal data is leaked online to anyone with an internet connection.
We began to see an increase in the number of instances of S3 misconfigurations. Recently we published a detailed guide, which explains how to protect your S3 buckets in detail. However, despite numerous warnings and a never ending cycle of data leaks, it seemed like those who store sensitive data online were not getting the message or unaware of the dangers.
When talking to the affected companies about the reasons for them to leave their repositories unprotected, we learned that oftentimes businesses have so many AWS S3 instances within their environment that it becomes hard for them to continuously check for their public availability.
We decided to make a simple tool that can help Amazon S3 users quickly check their S3 buckets for public access. We hope that by raising public awareness and giving people the tools to quickly check if they are protected from leaks. As responsible members or the cybersecurity community we hope that our hard work and dedication will reduce the occurrences of data leaks and financial, reputational damage, and cyber crimes.
S3 Inspector is available from today. You can download it from Github here.
Subscribe to our Newsletter
Serials2 days ago
Shaneeshwaruni Divya Charitra Episode 74
Serials2 days ago
Sundarakanda – Episode 17 – 17th Oct
Serials1 day ago
Shaneeshwaruni Divya Charitra Episode 75
Nandhini2 days ago
Nandhini Serial – Episode 230 – 17th Oct
Contributors2 days ago
South Africa’s biggest data breach affects over 30 million citizens — and nobody knows where it came from
Naagini 21 day ago
Naagini 2 Telugu Serial – Episode 117 – 18th Oct
Serials1 day ago
Tulasidalam – Episode 17- 18th Oct
Serials11 hours ago
Shaneeshwaruni Divya Charitra Episode 76