Google Just Upped the Penalty for Not Having a Mobile-Friendly Hotel Website

Google Just Upped the Penalty for Not Having a Mobile-Friendly Hotel Website

Just when you thought you had mobile marketing covered, Google announced the forthcoming release of an update that will increase the importance of maintaining mobile friendliness. In May 2016, Google is expected to release another mobile-friendly algorithm update, further punishing sites that are not deemed mobile-friendly.

Google Mobile-Friendliness Algorithm Update 2.0 is the Issue

Last April, Google released its Mobile-Friendliness Algorithm Update, the most impactful change since the rollout of Google Panda in 2011. This update gave preferential rankings to those sites deemed by Googlebot to be “mobile-friendly” and punished “mobile-unfriendly” sites in Google’s mobile search rankings.

Google assesses whether or not a site is mobile-friendly on a pass/fail basis. If a site satisfies its front- and back-end requirements, it receives a passing grade and can earn higher rankings on search engine results pages. The search giant started using mobile-friendliness as a ranking signal on mobile searches to ensure users receive the best possible results, whether they are searching via mobile, tablet or desktop device.

If a hotel website is not easy to use on mobile, Google will penalize the site even further by ranking it lower on its mobile search pages. This upcoming update could result in non-mobile-friendly sites ranking even lower than they have been.

As a reminder, the criteria Google uses to deem a website mobile-friendly include:

  • Avoiding software not common on mobile devices, like Flash
  • Incorporating readable text without zoom
  • Sizing content to the screen to eliminate scrolling
  • Placing links far enough apart to be selected and tapped easily
  • Ensuring quick page load speeds

New criteria for the Mobile-Friendly Update 2.0 are expected to include Accelerated Mobile Pages (AMP). AMP HTML and AMP JavaScript components make better use of resources and ensure static content pages render faster in the mobile environment.

Google is expected to make AMP a ranking factor in the relatively near future, meaning pages utilizing AMP and cached in Google’s AMP cache could earn higher rankings than other content pages – even those pages deemed ‘mobile-friendly’ by the search engine.

Google offers a number of tools to help hoteliers ascertain their site’s level of mobile-friendliness. Google Search Console also highlights mobile usability errors that sites can correct for enhanced mobile search visibility. When a site satisfies both front- and back-end requirements, it receives a passing grade. This means that the site may earn higher rankings on search engine results pages as Google tries to provide users with relevant, helpful, and usable sites via organic search.

Why is it Important to Hoteliers?

At the recent HSMAI Digital Marketing Strategy Conference in New York, Google announced that nearly 60% of searches in 2016 already happen via mobile devices/smartphones.

According to Google Research, nine out of ten people are “cross-device” Internet browsers and researchers, using multiple devices sequentially (moving from one device to another at different times). Smartphones are by far the most common starting point for sequential activity: 65% of users start their research on a smartphone and 60% continue on a desktop device. As an example, 55% of users use multiple screens sequentially when researching pricing information in travel.

This upcoming algorithmic change grows out of a continuing trend toward mobile-friendliness:

  • Searches on mobile devices for hotels increased by more than 27% year-over-year (Google)
  • 52% of millennial business travelers book on their mobile devices (Skift)
  • By 2018, mobile is expected to account for 35 percent of online bookings (World Travel Market)

We clearly see the results of this age-defining shift from desktop to mobile and tablet devices across our hotel client portfolio: more than 20% of online bookings and roomnights are generated from non-desktop devices (smartphones + tablets), while nearly 50% of web visitors and over 44% of page views come from tablets and mobile devices. The mobile channel contributes directly to additional 30%-40% bookings via the voice channel (HeBS Digital Research).

If a hotel website is not accessible via mobile, travel planners will simply visit another hotel site. This lost opportunity costs hoteliers organic search visibility, website traffic, and direct online revenue. If your property does not meet the mobile-friendliness guidelines, now is the time to get in front of the problem. The greatest room for growth in the digital space is the mobile channel – smart hoteliers are capitalizing on this in 2016 by achieving mobile-friendly compliance.

What do HeBS Digital’s Digital Marketing Experts Recommend?

Google’s announcement of the Mobile-Friendliness Algorithm Update 2.0 in advance of the May 2016 rollout gives hoteliers ample time to make the updates necessary to meet the search engine’s new mobile standards.

At HeBS Digital, we’re thankful to be a Google Partner agency. To ensure our clients are delivering the best search results to prospective customers, our team of digital technology and marketing experts work proactively to deliver flexible website technology and SEO practices that comply with Google’s stringent and often-evolving requirements.

Here are some priority action steps:

Website Technology Audit:

Audit whether your property website technology platform and content management system (CMS) are engineered to comply with the latest Google Update. Using industry-leading technology as the backbone of your hotel website is the best way to ensure your site stays compliant with Google’s mobile-friendliness requirements.

For example, HeBS Digital’s award-winning website technology platform, used for all of our clients’ websites – the smartCMS v7 – meets Google’s mobile-friendliness guidelines by default. Thanks to our strategic partnership with Google and advance notice of the upcoming Google Mobile-Friendliness Algorithm Update, our team of digital technology and marketing experts worked proactively to ensure the smartCMS v7, was properly engineered to comply with Google’s new very stringent requirements, including the expected AMP ranking factor.

The smartCMS technology provides flexibility and responsiveness so that when algorithmic updates occur, our team of programming, development and organic search experts can act immediately to roll out up-to-the-minute automatic updates to ensure mobile-friendliness, even as Google’s requirements evolve. Each of our client websites has passed the Googlebot test and is fully compatible with this major Google update even before this next algorithmic update takes effect.

SEO Technology Audit:

Performing an SEO audit of your website, including a full audit of link structure, re-sizing of images, reconfiguring design elements, or replacing Flash with crawlable, search-friendly code, allowing the Googlebot to crawl pages fully, is vital to ensure your website complies with Google’s mobile search requirements.

User-Centric Content & Website Design:

In addition to running your hotel website on an adaptable and mobile-friendly CMS technology, remembering to create and display content with the user in mind is critical. Google’s emphasis on mobile usability should only reinforce the importance of designing and developing websites and creating content that benefits the user and serves a valuable purpose.

Website Download Speeds:

Audit your website’s download speeds, especially on mobile devices. Slow mobile download speed is “killer” of mobile usability and a big no-no, according to Google’s latest Mobile- Friendliness Algorithm Update.

Make sure your website is hosted in the cloud with built-in redundancies and load-balancing, and utilizes CDN (Content Delivery Network) platform enabling distributed content delivery of the rich media content. All of these dramatically increase download, improves user experience and conversions, and improves search engine rankings that are increasingly dependent on fast download speeds.

For example, here at HeBS Digital, our hotel clients’ websites enjoy lightning-fast cloud hosting and CDN (Content Delivery Network) download speeds – two to three times faster than the industry average. This can result in better user experience, better conversion rates, and better search engine rankings.

Read the original article here

Protect yourself from CryptoLocker

Over the years the nature of computer viruses has seen a change in focus. When the earliest reported example, Creeper, first appeared back in 1971 its sole purpose was to gain access to a system and display the message ‘I’m the Creeper, catch me if you can!’. Now, with so much valuable information about us stored on our computers and web services, something far darker has emerged. Ransomware is a new class of virus / trojan horse that has begun to appear on PCs in the last few years, and it is something you should be very concerned about.

The principle of Ransomware is simple. Usually it sneaks into a system disguised as an email attachment and, if opened, then proceeds to encrypt the files on your machine. When this has completed the virus deletes itself and tells the user that their data has been taken hostage and will only be released if they pay the demanded ransom for a key. These style of attacks were first reported in Russia back in 2004, with the Gpcode trojan horse. Security analysts at Kapersky labs were able to crack the hold Gpcode had over data by exploiting mistakes the author had made in the code.

Now it’s back and this time the encryption is rock solid.

Cryptolocker

CryptoLocker is the latest Ransomware virus to strike unsuspecting users, and so far it’s proven impossible to crack. What’s more, it doesn’t just take all the data on your hard drive.

“It also searches for files on all drives,” reported Steve Gibson on the Security Now podcast, “and in all folders it can access from your computer: including workgroup files shared by colleagues, resources on company servers, and more. Anything within its reach it encrypts…so if you have hot online backups they’re victims of this. Essentially the more privileged your account is, the worse the overall damage will be.”

When all of this is completed, Cryptolocker puts up its money demand page, complete with options of payment (Bitcoins or MoneyPak), usually for around three hundred Euros. There’s also a badly worded message telling you that your files have been encrypted and that any attempt to remove the software will destroy the only key that could possibly decrypt it. In a James Bond-style moment of drama the authors place a countdown clock, normally set for 72 hours, which immediately begins to tick down to the moment your data will be destroyed forever. Photos, videos, documents, music, pretty much anything at all that is on your hard drive, all gone.

The structure of the virus is such that it’s not actually possible to create a key for the encryption, because the data needed to do so is held only by the originators of the virus.

“The RSA encryption algorithm uses two keys: a public key and a private key.” explains Kapersky lab expert VitalyK on the Securelist website.  “Messages can be encrypted using the public key, but can only be decrypted using the private key. And this is how Gpcode works: it encrypts files on victim machines using the public key which is coded into its body. Once encrypted, files can only be decrypted by someone who has the private key – in this case, the author or the owner of the malicious program.”

The removal of the virus itself is of little use to the victim, and shutting down the server that holds the key will only result in the loss of the decryption tool, plus this is difficult because the servers switch location on a weekly basis. So most people who suffer a CryptoLocker attack are given the simple advice of either paying the ransom or losing the data, but like in any hostage situation you can never guarantee that the criminals will honour their terms.

Such is the increase of the CryptoLocker attacks in the UK that the National Crime Agency released a statement from its Cyber Crime unit in which it warned:

“The emails may be sent out to tens of millions of UK customers, but appear to be targeting small and medium businesses in particular. This spamming event is assessed as a significant risk.”

The complexity and sophistication of a program such as Cryptolocker is in itself an unsettling precedent. It suggests more than a simple bedroom hacker with impressive coding skills and little conscience, but instead has traces of the fast growing underworld of professional cyber criminals.

“Something of this size…is a well organised group.” says Stephen Doherty, Senior Threat Intelligence Analyst at Symantec. “There’d be dedicated segments to this, because its such a large and focussed operation. The distribution of Cryptolocker in recent weeks is as high, or higher, than most trojans you’d see out in the wild.”

The need for resources to actually run the scam is also a clue to size of the proponents.

“There’s a lot of stages to this,” Stephen continues, “to infect so many machines on an ongoing basis, and try to process all the money in the background. You’d want a well organised team behind you.”

How to protect yourself from a Cryptolocker attack

The rise of the interconnected digital world has brought with it problems that previously existed in the physical realms. From chancers who play on the innocence of victims, up to serious organised crime that has money, skills, cruel intentions and the willingness to use them on the unsuspecting public.

Take solace though, that we do have ways to protect ourselves from these evil spectres of the web.

The first, and most obvious, is to regularly run full backups of your valuable data and then remove the drive from your computer, preferably storing it off-site. See also: How to back up your PC and laptop

Another is to create several online backups via free services such as Dropbox, Google Drive, Skydrive, etc., which usually offer versioning – and thus a way to roll back to older versions of your files.

The most important though is to never, ever open a file or link in an email or on a social website unless you’re sure it was deliberately sent by the person themselves. It may seem interesting at the time, but the results could be utterly catastrophic.

This article appeared on PC Advisor

Irish Web Design – Protect yourself from CryptoLocker

Internet ransomware demands cash to unscramble files

Internet ransomware demands cash to unscramble files

cryptolocker
Cryptolocker’s sophisticated use of encryption has made it hard to defeat

Malicious programs that demand a ransom to restore files that they have encrypted are starting to proliferate.

Security company IntelCrawler has discovered malware called Locker that demands $150 (£92) to restore files.

The cyber-thieves behind Locker were trying to emulate the success of CryptoLocker that has racked up thousands of victims this year.

However, IntelCrawler said, flaws in the malicious program suggest it might be easier to defeat than CryptoLocker.

IntelCrawler said it first saw “large-scale distribution” of several different versions of Locker early this month. So far, the malware has managed to snare people across the US, Europe and Russia. It is spread via infected files placed on compromised websites and through booby-trapped files disguised as MP3s.

Unscramble

Analysis by Andrey Komarov, of IntelCrawler, shows that when Locker infects a machine, it deletes files leaving only encrypted copies behind and also drops a small file containing a unique ID number and contact details for Locker’s creators.

The file also warns that no key will be given to any victim who harasses or threatens the malware’s creators.

Those who want to get their data back are encouraged to use the contact details and, once the ransom is paid, each victim gets a key to unscramble files.

However, help could be at hand for anyone hit by Locker, said Mr Komarov, as IntelCrawler had managed to penetrate the network the cyber-thieves were using to monitor victims. This helped the company extract the universal keys used to scramble target files.

“Our researchers are working on the universal decryption software in order to help the victims,” said Mr Komarov.

Irish Web Design – Internet ransomware demands cash to unscramble files

This article is from the BBC News Technology

Garda Crest

Banks refuse to refund internet fraud victims

Bank customers urged to take more care of personal data

There are countless warnings from banks and police forces advising people to be careful what they download onto therir computers.

Foe example recently Gardaí advised that bank customers should not open phishing emails

Gardaí say they have seen a noticeable increase in cyber-criminals using “phishing” to steal money from people’s bank accounts.

internet search

Since January, up to 250 people have reported to gardaí that they have been victims of the crime.

The amounts stolen vary from €100 to €40,000.

Gardaí advise that bank customers should not open phishing emails, as they may contain a Trojan virus that will be downloaded to their computer.

If they do open one of these emails, they should contact their bank immediately.

They should also never respond to the phishing email under any circumstance.

Bank customers should also ensure their anti-virus software is up to date.

The Garda National Bureau of Fraud Investigation has said the thefts are being carried out by criminal cyber gangs over the web from various jurisdictions.

Some are using so called “mule” accounts in Ireland to transfer the stolen money into.

This can involve the gang paying unscrupulous individuals in Ireland small amounts of money for the use of their accounts, or the gangs themselves setting up their own Irish-based accounts.

Either way, money is transferred out of the victim’s account, into the mule’s account, before being withdrawn locally in Ireland and sent to the crime gangs abroad.

Gardaí say the gangs are based in a variety of locations, including West Africa and Eastern Europe.

However, using remote hosting technology, they can make the phishing emails appear to come from entirely different jurisdictions to the one they are living in.

Gardaí say in many cases banks refund the money that has been stolen.

However, this is not always the case, particularly in circumstances where the individual who has been defrauded has been warned about the dangers.

The Irish Payment Services Organisation has also noticed a spike in phishing crimes.

However, it says that a number of banks in Britain are now refusing to refund money stolen using this technique, because they claim they provide enough warning information to their customers.

One wonders how long before Irish Banks follow suit?

This article includes material from the RTE News Website

Irish Web Design – Banks refuse to refund internet fraud victims

internet users hit by ransom email spam

Internet users hit by ransom email spam

Internet users hit by ransom email spam

The emails appear to be from banks and financial organisations.

Millions of internet users in the UK are at “significant risk” from spam ransomware emails seemingly from banks and financial organisations.

The emails look like invoices or voicemails but in fact contain malware called Cryptolocker, which can encrypt files and the network, demanding payments in Bitcoins, worth about £536, to have it removed.

internet users hit by ransom email spam pc

The UK’s National Cyber Crime Unit (NCCU) warned that emails disguised as posts from banks and financial organisations are aimed at small and medium businesses and millions of bank customers.

In a statement, NCCU said: “This spamming event is assessed as a significant risk.

“The emails carry an attachment that appears to be correspondence linked to the email message (for example, a voicemail, fax, details of a suspicious transaction or invoices for payment).

“This file is in fact a malware that can install Cryptolocker – which is a piece of ransomware.”

NCCU deputy head Lee Miles said that the NCA are actively pursuing organised crime groups committing this crime. “We are working in cooperation with industry and international partners to identify and bring to justice those responsible and reduce the risk to the public,” he said.

Bitcoins have been increasingly targeted by cyber hackers, with about 4,100 Bitcoins valued at over a million Australian dollars being stolen from the online payment processor Inputs.io.

This article originally appeared on CBR

Irish Web Design – Internet users hit by ransom email spam

loyalty build logo

Data on 500000 people stolen

The Data Protection Commissioner has said the credit card details of up to 500,000 people across Europe may have been compromised by the data breach at Loyaltybuild.An inspection team from the Office of the Data Protection Commissioner has also confirmed that the names, addresses, phone numbers and email addresses of around 1.12 million clients were also taken.

Billy Hawkes said his office has now made contact with colleagues across Europe to inform them of the security breach.

Loyaltybuild runs special offers and incentive schemes for major retailers, utilities and service providers in Ireland, the UK, Scandinavia and Switzerland.

supervalu logoaxa insurance logo

The ODPC said an inspection team has confirmed that the full card details of over 376,000 customers were taken.

Of this figure, over 70,000 were SuperValu customers and over 8,000 were AXA Leisure Break customers.

The details of another 150,000 clients were also potentially compromised.

It said initial indications are that the breaches were the result of an “external criminal act”.

Managing Director Peter Steenstrup has said he is deeply sorry for what is described as a major security breach at the company.

He urged customers to check their bank account statements and report any suspicious activity.

Mr Steenstrup said Loyaltybuild takes data security very seriously and the company is working to ensure that this will never happen again.

The Data Protection Commissioner said the criminals who breached security have all the information they need in order to use the payment cards.

SuperValu and AXA have now suspended the schemes.

Customers are being advised to contact their banks and to check for any suspicious activity on their accounts.

Thousands of people who made Getaway Breaks bookings between January 2011 and February 2012 are advised to contact their financial institutions.

Stena Line has said it is working with Loyaltybuild to establish the extent of the security breach after it was involved with what the company said was a small scale, tactical hotel promotion.

It urged customers to contact Stena Line at 01-2047777 if they have concerns over the breach.

Independent investigation being carried out

Mr Hawkes has said that affected customers should check financial transactions on cards over the last two years.

Speaking on RTÉ’s Morning Ireland, he said: “It’s important that the customers affected actually look and check with their financial institutions, identify if there are any transactions they didn’t authorise.”

Mr Hawkes said it was a serious breach and his team will be attempting to see just how much information criminals have gained.

“We’ll also find out if, for example, other types of information might have been accessed such as passwords and so on because people often use the same password on different sites.”

Customers urged to cancel cards

The Consumers’ Association has recommended that any consumers affected by the security breach should cancel their cards.

Speaking on RTÉ’s Today with Sean O’Rourke programme, CEO Dermott Jewell said there is a strong likelihood that criminals have sold on sensitive information.

“With that news out there, there is every likelihood that criminal elements will say fine there is no point trying to use this because there will be a high alert.

“But that is not to say they haven’t sold some of these onto third parties in other jurisdictions.”

Andy Harbison, Director of Forensic and Investigation services at Grant Thornton, said there is a healthy black market for this form of data.

The specialist in combating cybercrime said that once the data has been stolen, it is auctioned off to other criminals who steal the money from bank accounts.

Mr Harbison said the gangs will often conduct a test on accounts to make sure they are active by instigating a small transaction for a few euro.

He said that previously cyber thieves would use credit card details to steal large amounts, but that it is now more common to take much smaller amounts on a frequent basis in order to avoid detection by account owners.

This story originally appeared on the RTE News website

Irish Website Design – Data on 500000 people stolen

java logo drawn

Bumper security update for Java released

Bumper security update for Java released

oracle java logo

Oracle has released a bumper update package for Java that closes lots of security holes in the software.

The update fixes 51 separate security bugs in Java, which owner Oracle says is used on billions of devices.

About a dozen of the bugs were serious enough to allow attackers to take remote control of a compromised system, researchers said.

Java is one of the most popular targets for cyber-thieves and malware writers seeking to hijack home computers.

In its advisory about the update, Oracle urged customers to patch the software as soon as possible “due to the threat posed by a successful attack”.

Programming language Java has proved popular because software written with it can easily be made to run on many different types of computer.

Twelve of the holes in Java addressed by the update topped the table that ranked the severity of security weaknesses in software, wrote Qualys security expert Wolfgang Kandek in a blogpost.

If these bugs were exploited, attackers could bypass ID controls and take over a target system, he added.

He said those seeking to exploit Java would probably seed web pages with booby-trapped links in a bid to catch vulnerable machines.

Security glitches in Java are favourites among those that write and run so-called “exploit kits” that seek to compromise vulnerable websites and other systems.

Security blogger Brian Krebs said if people needed to run Java, it was well worth taking time to apply the update.

Those that did not need the software should consider disabling it altogether, he said.

“This widely installed and powerful program is riddled with security holes, and is a top target of malware writers and miscreants,” he wrote.

The update is available via the main Java website and has prompted follow-up action from other electronics firms. Apple has released an update to the version of Java that runs on its computers. This update points people towards the official version of Java from Oracle instead of that supplied by Apple.

In the past, Apple has faced criticism over the speed with which it updated its version of Java.

This article originally appeared on the BBC News website

Irish Web Design – Bumper security update for Java released

black hole

Suspected Malware Criminal Arrested

Blackhole malware exploit kit suspect arrested

Russian police have reportedly arrested a man on suspicion of masterminding two infamous hacking tools.

He is suspected of being the man behind the alias Paunch – the nickname used by the creator of the Blackhole and Cool exploit kits, sold to cybercriminals to infect web users with malware.

The Russian authorities have not confirmed the details.

But security firms said they had already detected a decline in the programs’ use.

A spokesman for the law enforcement agency Europol told the BBC: “Europol and the European Cybercrime Centre has been informed that a high-level suspected cyber criminal has been arrested.

“We can only refer you to the Russian authorities, they are the ones who should speak about this topic.”

The Russian police’s press office said it had nothing to add at this time.

However, Alexander Gostev, chief security expert at the Moscow-based internet protection provider Kaspersky Lab, said the arrest had been confirmed to him by “anonymous sources”.

Blackhole software The Blackhole kit offered an interface used to manage malware attacks

 

Spreading malware

The Blackhole kit, released in 2010, dominated the crimeware market throughout 2012 and the start of 2013, according to Fraser Howard, a researcher at the anti-virus company Sophos.

He said the code had been sold for an annual licence of $1,500 (£940) or could be rented from its creator for $200 (£125) for one week’s use, among other price plans.

The software targeted a range of vulnerabilities in the Java programming language, Adobe’s Flash media player, Windows software and PDF files.

It had two ways of doing this:

  • adding malicious code to hundreds of thousands of legitimate websites, which then copied malware to visitors computers
  • creating links in spam messages to specially created sites that infected PCs
Blackhole email
Sophos said that Blackhole was used to send links that directed users to sites that downloaded malware

Among the malware downloaded was:

  • fake anti-virus software that falsely claimed the PC was infected and urged the user to pay a fee to remove viruses
  • Trojans that attempted to steal financial records stored on the PC
  • the ZeroAccess rootkit, which downloaded other software that hijacked the PC for use in a botnet – a facility used to overwhelm websites with traffic and force them offline
  • key loggers that took a record of what was typed on the PC
  • ransomware that attempted to blackmail the PC owner

Although Mr Howard said Blackhole was once the biggest threat of its kind, he added that in recent months it had been overshadowed by rival kits, including Sweet Orange and Neutrino.

According to the researcher, the Blackhole and Cool kits put together were only involved in about 4% of all malware detected by Sophos in August, down from 28% the previous year.

The figure had since dropped to 2% in recent days, he added.

Another independent security blogger stressed that the arrest was still significant.

“If it’s true that the brains behind the Blackhole has been apprehended it’s a very big deal – a real coup for the cybercrime-fighting authorities, and hopefully cause disruption to the development of one of the most notorious exploit kits the web has ever seen,” said Graham Cluley.

“However, it’s worth remembering that nature abhors a vacuum, and there would surely be other online criminals waiting to take their place, promoting their alternative exploit kits and malicious code.”

Mikko Hypponen, chief research officer at F-Secure, agreed.

“If indeed it is Paunch that they arrested, that is a major arrest – he is a big deal,” he told the BBC.

“He was clearly the biggest player in providing exploit kits – not just by selling them, but also renting and leasing them to online criminals.

“Both Blackhole and its successor Cool have been very popular.

“Users didn’t have to be very technical to operate them – there was a manual that came with them – they just had to get them running and be able to break into a high-profile website, or create a new one from scratch, to install something bad on your computer.”

This story appeared on the BBC News Technology Section

Suspected Malware Criminal Arrested – Irish Web Design

silk road caravan

Clandestine Silk Road online marketplace closed

The value of bitcoins has dropped after the closure of the clandestine Silk Road online marketplace.

The FBI seized bitcoins worth approximately $3.6m (£2.2m) on Tuesday.

The price of a bitcoin, a virtual currency for use online, fell steeply after the arrest of suspected website administrator Ross Ulbricht.

Investor confidence may have been shaken by the association of bitcoins with illegal activity, according to a security expert.

silk-road-marketplace-seized
Visitors trying to access the Silk Road are now presented with a seizure notice

“When there’s a big bust, that’s going to knock people’s confidence in investing,” said Rik Ferguson, a senior researcher at security company Trend Micro.

“The more a currency is associated with illegal activity, the more people will be nervous about using it,” he said.

Silk Road, which allowed users to trade in illegal drugs, required transactions to be made using the virtual currency.

silk road closed down

US authorities believe that 29-year-old Ross William Ulbricht, arrested on Wednesday, is Dread Pirate Roberts (DPR) – the administrator of the notorious Silk Road online marketplace.

 

It was an underground website where people from all over the world were able to buy drugs.

In the months leading up to Mr Ulbricht’s arrest, investigators undertook a painstaking process of piecing together the suspect’s digital footprint, going back years into his history of communicating with others online.

The detail of how the FBI has built its case was outlined in a court complaint document published on Wednesday.

The search started with work from Agent-1, the codename given to the expert cited in the court documents, who undertook an “extensive search of the internet” that sifted through pages dating back to January 2011.

The trail began with a post made on a web forum where users discussed the use of magic mushrooms.

In a post titled “Anonymous market online?”, a user nicknamed Altoid started publicising the site.

“I came across this website called Silk Road,” Altoid wrote. “Let me know what you think.”

The post contained a link to a site hosted by the popular blogging platform WordPress. This provided another link to the Silk Road’s location on the so-called “dark web”.

Records obtained by Agent-1 from WordPress discovered, unsurprisingly, that the blog had been set up by an anonymous user who had hidden their location.

But then Altoid appeared in another place: a discussion site about virtual currency, bitcointalk.org.

Altoid – who the FBI claimed is Mr Ulbricht – was using “common online marketing” tactics. In other words, he was trying to make Silk Road go viral.

Months later, in October, Altoid appeared again – but made a slip-up, granting investigators a major lead.

In a post asking seeking to find an IT expert with knowledge of Bitcoin, he asked people to contact him via rossulbricht@gmail.com.

With a Gmail address to hand, Agent-1 linked this address to accounts on the Google+ social network and YouTube video site. There he discovered some of Mr Ulbricht’s interests.

Among them, according to the viewing history, was economics. In particular, Mr Ulbricht’s account had “favourited” several clips from the Ludwig von Mises Institute, a renowned Austrian school of economics.

Years later, on the Silk Road discussion forums, Dread Pirate Roberts would make several references to the Mises Institute and its work.

Covering tracks

According to the court complaint document, it was the discovery of the rossulbricht@gmail.com email address that gave investigators a major boost in their search.

Through records “obtained from Google”, details of IP addresses – and therefore locations – used to log into Mr Ulbricht’s account focused the search on San Francisco, specifically an internet cafe on Laguna Street.

Furthermore, detailed analysis of Silk Road’s source code highlighted a function that restricted who was able to log in to control the site, locking it down to just one IP address.

As would be expected, Dread Pirate Roberts was using a VPN – virtual private network – to generate a “false” IP address, designed to cover his tracks.

Google Streetview image of Hickory Street, San Francisco
Mr Ulbricht said to have been running Silk Road from Hickory Street in San Francisco

However, the provider of the VPN was subpoenaed by the FBI.

While efforts had been made by DPR to delete data, the VPN server’s records showed a user logged in from an internet cafe just 500 yards from an address on Hickory Street, known to be the home of a close friend of Mr Ulbricht’s, and a location that had also been used to log in to the Gmail account.

At this point in the investigation, these clues, investigators concluded, were enough to suggest that Mr Ulbricht and DPR – if not the same person – were at the very least in the same location at the same time.

Fake IDs

The court complaint went into detail about further leads that followed.

In July of this year, by coincidence, a routine border check of a package from Canada discovered forged documents for several fake identities all containing photographs of the same person.

It was headed to San Francisco’s 15th Street. Homeland security visited the address, and found the man in the photographs – Mr Ulbricht.

He told officers that the people he lived with knew him simply as Josh – one housemate described him as being “always home in his room on the computer”.

Around the same time, investigators working on the Silk Road case later discovered, DPR had been communicating with users privately to ask for advice on obtaining fake IDs – needed in order to purchase more servers.

Further activity attributed to Mr Ulbricht took place on Stack Overflow – a question-and-answer website for programmers – where a user named Frosty asked questions about intricate coding that later became part of the source code of Silk Road.

In another apparent slip-up, one of Frosty’s messages initially identified itself as being written by Ross Ulbricht – before being quickly corrected.

“I believe that Ulbricht changed his username to ‘frosty’ in order to conceal his association with the message he had posted one minute before,” lead prosecutor Christopher Tarbell wrote in court documents.

“The posting was accessible to anyone on the internet and implicated him in operating a Tor hidden service.”

HOW BITCOINS WORK

Bitcoin is often referred to as a new kind of currency.

But it may be better to think of its units as being virtual tokens that have value because enough people believe they do and there is a finite number of them.

Each bitcoin is represented by a unique online registration number.

These numbers are created through a process called “mining”, which involves a computer solving a difficult mathematical problem with a 64-digit solution.

Each time a problem is solved the computer’s owner is rewarded with bitcoins.

To receive a bitcoin, a user must also have a Bitcoin address – a randomly generated string of 27 to 34 letters and numbers – which acts as a kind of virtual postbox to and from which the bitcoins are sent.

Since there is no registry of these addresses, people can use them to protect their anonymity when making a transaction.

These addresses are in turn stored in Bitcoin wallets, which are used to manage savings. They operate like privately run bank accounts – with the proviso that if the data is lost, so are the bitcoins contained.

Price drop

News of the closure was followed by a rapid drop in the price of bitcoins, according to figures from the Mt. Gox bitcoin exchange.

The going rate for the virtual currency dropped from more than $140 (£86) to around $110, before climbing back up to $123 (£75).

Investors may have been concerned about the FBI’s ability to confiscate bitcoins, said Mr Ferguson.

“Knowing that a currency could be seized or shut down could pressure people to look for alternative investment vehicles,” he said.

The FBI seized the virtual currency by getting hold of encryption keys for the bitcoins, according to Jerry Brito, George Mason University’s technology policy director.

The keys were made available through seized computer equipment, Mr Brito said in a blog post.

The FBI then transferred the bitcoins to an address controlled by the US government, according to the seizure order.

The content of this article originally appeared on the BBC News website and BBC News Technology

Clandestine Silk Road online marketplace closed – bitcoin seized – Irish Web Design

Visit Us On TwitterVisit Us On FacebookCheck Our Feed