Fake Green Pass sales networks are increasingly frequent within the Dark Web . The mechanism through which criminals circulate counterfeit Green Certificates is mainly based on the instant messaging application such as Telegram and aims to increase their illegal business by sharing links. So let's find out how this sales network on the Dark Web works and what are the strategies that are adopted to counter this phenomenon.
Fake Green Passes for sale on the Dark Web
The European Green Certification mechanism allows citizens to move outside national borders, as well as being able to participate in both public and private events. Available to all those who have received the full course of vaccination against COVID-19 , the Green Pass has captured attention by generating a series of online scams, up to the illicit sale of Green Fake passes.
The Guardia di Finanza discovered ten Telegram channels in which hundreds of thousands of people were registered. The channels in question had the main objective of redirecting users to the Dark Web, the place where counterfeit Green Passes were bought and sold. The discovery of these channels was possible thanks to new investigation tools that include both Bots and Avatars. A real dynamic and innovative system that monitors in real time the threats present on the network.
How fake Green Passes are created
Fake Green Passes are at the heart of this new criminal business and, like the original versions, report identification data of the vaccinee with the relative QR Code , specially generated, as well as the number that distinguishes the batch of origin of the first and possible second dose of the vaccine. Obviously, in the case of Green Passes on the Dark Web all data is false and in the event of any control the person involved risks a real criminal complaint, which can be followed by a court case.
Being the Dark Web, digital certificates generated by cyber criminals can also be delivered to those residing in non-EU countries such as the United States, United Kingdom and Switzerland without any problem. At the payment level, however, cryptocurrencies such as Bitcoin and Ethereum are generally required.
How to access and buy on the Dark Web
To access the Dark Web it is necessary to use special tools such as the Tor browser (The Onion Router). Once installed on your computer, you can use a search engine such as DuckDuckGo or Torch to access the content available on the Surface Web, the Internet we visit daily, or as an alternative to non-indexed content in the Deep Web.
To access sites where fake Green Passes are sold you need to visit the Dark Web, a very small fraction of the web. A separate hardly accessible section based on Darknet, i.e. closed networks. Tor is the most popular and well-known Darknet network in the world based on a decentralized network consisting of several thousand servers around the world.
To see the sites present in the Dark Web it is generally necessary to have a link ending with the exact .onion domain. Precisely for this reason, the Most hyperlinks are shared through instant messaging platforms such as Telegram, as they are not indexed by any search engine.
Once the link is accessed, the trading platform in front of the user's eyes is a sort of online store where it is possible to communicate with the seller and conclude the transaction. These illegal dark web shops sell products or services such as fake Green Passes.
Once the price and all the details have been agreed, the payment is made through the use of cryptocurrencies. To ensure total anonymity, users usually create a new wallet for each transaction with tools such as Electrum , obviously without adding real information. The transaction, at this point, can take place by logging into your shop account and adding funds of Bitcoin or other cryptocurrency. After the necessary funds have been added to proceed with the purchase, the user can complete the purchase as happens in a classic marketplace.
Not only fake Green Passes, but also vaccines
We also remind you that in addition to the fake Green Pass, cybercriminals have also prepared for vaccines. Among the channels blocked by the Guardia di Finanza there were links that made it possible to purchase vials of Pfizer-BioNTech, Moderna, Astrazeneca, Johnson & Johnson and Sinopharm and Sputnik V vaccines with prices between 65 and 85 euros per vial. For those looking for an “all-inclusive” service, cyber criminals also guaranteed shipment traceability, refrigerated temperature packaging and vaccination certificate.
