FBI Agents Spend Spring Phishing for Criminals on the Dark Web

It’s no secret that the dark web can be home to black markets galore (FBI set-ups included). People have the opportunity to illegally obtain firearms, drugs, and a wide array of criminal services. They can even obtain explosives such as car bombs and mail bombs.

Back in April, there was an instance of an attempted mail bomb purchase. The buyer never received his explosive weapon. Instead, he was arrested for contacting an FBI-orchestrated honeypot and later charged with the corresponding criminal offenses.

In the beginning, the honeypot was simply a website offering illegal purchases. The suspect, Clinton Scott Bass, messaged the website administrator towards the end of March inquiring about a car bomb.

Rather than selecting the explosive that would go off when opening a vehicle door, Bass chose to go with a mail bomb instead. This weapon would be set off the second the victim opened the package.

Paying $550 for the mail bomb, Bass even went as far as providing his victim’s address for delivery. According to Bass, the mail bomb was intended for a “rat criminal”.

Towards the end of the confrontation between him and the FBI correspondent, Bass wrote,

“If you have any advice like should I destroy this phone once completed and us both destroy all messages please let me know. Time is running out and I need this pos to get his bday present on time. Please let me know something as soon as possible so I can look elsewhere if you don’t want the job.”

After disclosing his email to the correspondent, Bass was sent “instructions” on operating the mail bomb and hiding his trail. This email was actually a disguised phishing email.

When Bass opened the file attached in the email, his personal information was transferred to an FBI server. A pen-trap tool was also implemented in order to record all incoming/outgoing materials. In the end, Bass experienced the beauty of a “controlled delivery” and was arrested later that day.

Related posts

Water Facilities Must Secure Exposed HMIs – Warns CISA

Microsoft December Patch Tuesday Arrived With 70+ Bug Fixes

NachoVPN Attack Risks Corporate VPN Clients