Last September a well known independant Cyber Security Researcher, Dancho Danchev, disappeared while working on an assignment in his home country, Bulgaria. According to this report yesterday, by ZNet’s Ryan Naraine, they have been trying to reach him since August last year without success, and they now fear for his safety.
In another report yesterday, Kim Zetter of Wired.com’s Threat Level, says that Danchev may have fallen foul of the East European cyber-criminal groups that he has been bent on exposing. Danchev has been missing since at least September. It was around this time that he apparently sent a letter “as insurance” to a friend to the effect that his apartment was being bugged by Bulgarian agents. The letter included photos of what he thought was a bugging device that he found in his apartment. Says Kim:
“His last blog entry was a compilation of his research into the cyberjihad activity of terrorist groups. He was also particularly focused on monitoring the group believed to be behind the Koobface worm, which targets users of Facebook and other social networking sites.”
Naraine told Threat Level that Danchev would usually contact editors and fellow bloggers about once a week to let them know what he was working on. Since August non of these contacts had heard from him. His Skype, Google Talk and IM accounts have also been ominously silent.
“I’ve been hearing from a lot of people on private lists saying that Dancho is alive but no one can say where he is or why he has disappeared off the grid. He was not the kind of guy to just disappear.”
Just who would want to get rid of this man? Dancho Danchev’s blog, “Mind Streams of Information Security Knowledge” yields a liquorice-allsorts selection of bad guys that could conceivably benefit from his disappearance. Going back to December 2005 there are over 1000 posts, every one of which reveals the exploits of one or other hacker, identity thief, scam artist, malware engineer, botnet specialist, scareware vendor or cyber spy. It’s a lengthy list. Disturbingly, there are a number of posts which cover some real heavies, the likes of Hesbola and the Mossad, none of whom you would want to be inviting to your Saturday night dinner party. Even more disturbing is the fact that his last post was a summary of the cybercrime activities of Islamic Jihadists, posted coincidentally perhaps on 11 September 2010.
Cybercrime is big. Very big. As of June 2010 there were just under 2 billion users on the internet. In a recent study commissioned by Symantec 65% of the 77,000 users studied in fourteen different countries had been personally victimized by cybercrime. Just five years ago credit card fraud was the main game in town. Now it has moved to social networks. According to this report on Security Asia’s website:
. . there are reports of Twitter credentials changing hands for up to US$1,000 owing to the revenue generation that is possible from a Web 2.0 services account. This confirms our observations that credentials can fetch a high sum according to both the popularity of the application, and the ‘popularity’ of the account in question,” he added. This is clearly illustrated by the `going rate’ of US$1.50 for a Hotmail account, and more than US$80.00 for a Gmail account.
Clearly when the big money of organised crime is involved the stakes are correspondingly high for people like Dancho Danchev. Speculation is rife on the Internet. Some say that he may just have had a breakdown of some kind and will be back sooner than later. Others fear the worst. Here’s hoping that Dancho is alive and well, even though that may look like a stretch at this point.