-
Notifications
You must be signed in to change notification settings - Fork 259
/
interpol-dwva.json
1005 lines (1005 loc) · 41.7 KB
/
interpol-dwva.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
{
"authors": [
"INTERPOL Darkweb and Virtual Assets Working Group"
],
"category": "dwva",
"description": "This taxonomy defines common forms of abuses and entities that represent real-world actors and service that are part of a larger Darknet- and Cryptoasset Ecosystems.",
"name": "INTERPOL DWVA Taxonomy",
"source": "https://interpol-innovation-centre.github.io/DW-VA-Taxonomy/",
"type": "dwva",
"uuid": "b15898ba-a923-4916-856c-0dfe8b174196",
"values": [
{
"description": "An application that does not rely on a central server but on several decentralized nodes. Each user can choose to be an active node serving the app. ",
"meta": {
"kill_chain": [
"Entities:Infrastructure"
]
},
"uuid": "469a982f-c2fc-557e-9539-39641d9cb842",
"value": "Decentralized Apps"
},
{
"description": "A [hardware] cryptocurrency wallet is a device, physical medium, (...) which stores the private keys for cryptocurrency transactions. It will normally also contain the associated public keys.",
"meta": {
"kill_chain": [
"Entities:Wallet"
]
},
"uuid": "6d62ceb4-d172-54da-9ae5-e766f58bf4d6",
"value": "Hardware Wallet"
},
{
"description": "A decentralized distributed system that provides sharing contact information, so people downloading the same file can discover each other. Both Tor and I2P use DHT. Due to the distributed nature of the hidden services domain resolution, it is possible to deploy nodes in the DHT to monitor requests coming from a given domain.",
"meta": {
"kill_chain": [
"Entities:Technology"
]
},
"uuid": "9d537e25-39d8-5cc3-b769-48ff900dfa70",
"value": "Distributed Hash Technology"
},
{
"description": "Bitcoin is a network protocol based on blockchain, introduced by Nakamoto [11] which allows payments and coin transfers to be made among participating entities. No trusted",
"meta": {
"kill_chain": [
"Entities:Cryptocurrency"
]
},
"uuid": "4a6cfe47-bfc3-574d-9d07-950bd045e305",
"value": "Bitcoin"
},
{
"description": "Counterfeit consumer goods are goods, often of inferior quality, made or sold under another's brand name without the brand owner's authorization.",
"meta": {
"kill_chain": [
"Entities:Asset"
]
},
"uuid": "f95b3fad-a0d1-5141-8729-689189ca70a9",
"value": "Counterfeit product"
},
{
"description": "A shop owner is an actor within the group of Criminal Actors; operating a DW shop.",
"meta": {
"kill_chain": [
"Entities:Actor"
]
},
"uuid": "80fc8f9c-26e8-5759-afde-26ac748193ea",
"value": "Shop owner"
},
{
"description": "An HD (Hierarchical Deterministic) Wallet is a tree of private/public keypairs starting from a master seed. This technology provides both account management and identity masking. A user only needs to keep the master seeds because she can generate following keypairs from the root key deterministically, and each public key that can be exposed is changed for each transaction. ",
"meta": {
"kill_chain": [
"Entities:Technology"
]
},
"uuid": "73b6cf78-ae88-5fd5-8514-99e59063f1aa",
"value": "Hierarchically Deterministic wallets"
},
{
"description": "A non-fungible token (NFT) is a unit of data stored on a digital ledger, called a blockchain, that certifies a digital asset to be unique and therefore not interchangeable. NFTs can be used to represent items such as photos, videos, audio, and other types of digital files.",
"meta": {
"kill_chain": [
"Entities:Technology"
],
"refs": [
"https://en.wikipedia.org/wiki/Non-fungible_token"
]
},
"uuid": "75a2011e-c289-5a69-ab7d-4259a333563b",
"value": "Non Fungible Token"
},
{
"description": "A (hosting) service that guarantees the availability of hosted resources even when they are found to be malicious or illegal. ",
"meta": {
"kill_chain": [
"Entities:Service"
]
},
"uuid": "f5c58c28-64ac-5cb4-aa01-6ff9e7eb0e7f",
"value": "Bulletproof Hosting"
},
{
"description": "Wiki services, including directory services for other hidden services, hosted in the Dark Web.",
"meta": {
"kill_chain": [
"Entities:Service"
]
},
"uuid": "63b2dd59-bc5d-5673-95bd-efca71d87c98",
"value": "Darknet Wiki"
},
{
"description": "In a Proof of Stake (PoS) network, users need to prove ownership of enough stakes to become validators. Ethereum (ETH) is moving from PoW to PoS. PoS offers several advantages over PoW: it is energy efficient, reduces hardware requirements and is less prone to centralisation ",
"meta": {
"kill_chain": [
"Entities:Technology"
]
},
"uuid": "ecf1ad91-1cf2-53dc-857e-f5f6b2b9223f",
"value": "Proof of Stake"
},
{
"description": "Multisig refers to all the transactions that require two or more signatures. Multisignature transactions and addresses are validated only when at least x of the possible y signatories have signed. x and y are defined at creation.",
"meta": {
"kill_chain": [
"Entities:Process"
]
},
"uuid": "2487485a-cd53-5e1e-82a5-b69a9422e469",
"value": "Multisig"
},
{
"description": "A cryptocurrency with a decentralized Blockchain that provides anonymity for its users and their transactions. It is similar to Bitcoin as an open-source, but their major differences are the increased level of privacy it provides. ",
"meta": {
"kill_chain": [
"Entities:Cryptocurrency"
]
},
"uuid": "d34972ac-80c3-58ed-8c13-76a3f7ff2f3a",
"value": "Zcash"
},
{
"description": "Buyers may \"finalize early\" (FE), releasing funds from escrow to the vendor prior to receiving their goods in order to expedite a transaction. This can be done when there is a trust relationship between vendor and buyer, however it does leave the buyer vulnerable to fraud if they choose to do so.",
"meta": {
"kill_chain": [
"Entities:Process"
]
},
"uuid": "e699a6f3-2dc3-5df1-a3e5-bec7974fc985",
"value": "Finalize Early"
},
{
"description": "CoinSwap is a protocol to make a transaction via a third party to obfuscate the money flow. For instance, when Alice would like to pay Bob, Carol offers to receive Alice's coin and pay Bob with an unconnected coin. While none of these parties trusts each other, this protocol does not allow Carol to rob Alice's coin.",
"meta": {
"kill_chain": [
"Entities:Service"
]
},
"uuid": "2605341c-b0d1-51db-89fa-8bf0a3d03941",
"value": "Coin swapping"
},
{
"description": "Ripple is a real-time gross settlement system, currency exchange and remittance network created by Ripple Labs Inc., a US-based technology company. (...) The ledger employs the native cryptocurrency known as XRP.",
"meta": {
"kill_chain": [
"Entities:Cryptocurrency"
]
},
"uuid": "00c741af-99c2-5c44-84bd-c4b83975e747",
"value": "Ripple"
},
{
"description": "Someone who is selling something.",
"meta": {
"kill_chain": [
"Entities:Actor"
],
"refs": [
"https://dictionary.cambridge.org/dictionary/english/vendor"
]
},
"uuid": "6e524ade-26e4-5fcf-9da1-e975ea8aaaa1",
"value": "Vendor"
},
{
"description": "Initial Coin Offerings (ICO) are public offers of new cryptocurrencies in exchange of existing ones, aimed to finance projects in the blockchain development arena. The typical pattern is for a startup to produce a white paper that describes their business model and technical approach. The white paper includes details about the functions that the tokens issued during the ICO will perform and the process of token creation.",
"meta": {
"kill_chain": [
"Entities:Service"
]
},
"uuid": "51c1324f-a92e-5803-861a-473ed2c26b4a",
"value": "Initial Coin Offering / Initial Crypto-Tokens Offering"
},
{
"description": "Layer 2 is a collective term for solutions designed to help scale decentralised applications by handling transactions off the Ethereum mainnet (layer 1), while taking advantage of the robust decentralized security model of mainnet.",
"meta": {
"kill_chain": [
"Entities:Technology"
],
"refs": [
"https://ethereum.org/en/developers/docs/scaling/layer-2-rollups"
]
},
"uuid": "e35d6c4e-27c8-5f5b-91e5-8738298388f7",
"value": "Layer 2"
},
{
"description": "Virtual asset service provider means any natural or legal person who (...) as a business conducts one or more of the following activities or operations for or on behalf of another natural or legal person: i) exchange between virtual assets and fiat currencies; ii) exchange between one or more forms of virtual assets; iii) transfer of virtual assets; iv) safekeeping and/or administration of virtual assets or instruments enabling control over virtual assets; and v) participation in and provision of financial services related to an issuer’s offer and/or sale of a virtual asset.",
"meta": {
"kill_chain": [
"Entities:Actor"
]
},
"uuid": "2e2f67bf-d5a0-544a-a5e4-7bb9da23fd0c",
"value": "Virtual Asset Service Provider"
},
{
"description": "Same as exchange but in a completely distributed environment. There is no central hosting server and all nodes are servers.",
"meta": {
"kill_chain": [
"Entities:Service"
]
},
"uuid": "754d163f-01fc-551f-b501-c65591307d02",
"value": "Decentralized Exchange"
},
{
"description": "Refers to data that provides information about a certain item's content. For example, an image may include information that describes how large the picture is or when the image was created, while a text document may contain information about the author of the document, or the IP address of the document's author, and so on. ",
"meta": {
"kill_chain": [
"Entities:Technology"
]
},
"uuid": "bf02d987-1f4e-500f-af39-8d85cda7ffd1",
"value": "Metadata"
},
{
"description": "An exit scam can be performed by a dark net martket or single vendor shop and is the process in which the one or more of the market admins prevents users withdrawing funds through the escrow system and then closes the market, exiting with all the bitcoins and other digital currencies they were holding in escrow.",
"meta": {
"kill_chain": [
"Entities:Process"
]
},
"uuid": "d457fb70-6f79-5e0b-aad0-c947a6b61faf",
"value": "Exit scam"
},
{
"description": "A smart contract is a self-executing contract with the terms of the agreement between buyer and seller being directly written into lines of code. The code and the agreements contained therein exist across a distributed, decentralized blockchain network. The code controls the execution, and transactions are trackable and irreversible.",
"meta": {
"kill_chain": [
"Entities:Technology"
]
},
"uuid": "ebf4b07b-e879-53c5-9b9e-862178742112",
"value": "Smart contract"
},
{
"description": "An actor that provides a service by making available and managing infrastructure or by executing a process",
"meta": {
"kill_chain": [
"Entities:Actor"
]
},
"uuid": "6e27d6e7-bb5f-5f8b-acff-2cb2a8e7ad02",
"value": "Service Provider"
},
{
"description": "An actor whose job it is to supervise the technical operation of a service",
"meta": {
"kill_chain": [
"Entities:Actor"
]
},
"uuid": "4040b338-591d-5863-8d5e-474294e603e4",
"value": "Administrator"
},
{
"description": "A virtual asset is a digital representation of value that can be digitally traded, or transferred, and can be used for payment or investment purposes. Virtual assets do not include digital representations of fiat currencies, securities and other financial assets that are already covered elsewhere in the FATF Recommendations.",
"meta": {
"kill_chain": [
"Entities:Asset"
]
},
"uuid": "1666d707-c38a-5153-88fc-9ed6fdfeef75",
"value": "Virtual Asset "
},
{
"description": "Forum services hosted in the Dark Web.",
"meta": {
"kill_chain": [
"Entities:Service"
]
},
"uuid": "c50cbe2d-8c5d-556c-a3a0-1ee2edf8091c",
"value": "Darknet Forum"
},
{
"description": "A shop is a service where products from one actor (the shop owner) are traded.",
"meta": {
"kill_chain": [
"Entities:Service"
]
},
"uuid": "d6a68be7-82e7-5fd4-b653-27e8d15fb6dd",
"value": "Shop"
},
{
"description": "A digital account hosted by third party financial institution, known as Virtual Asset Service Provider(VASP), which allows the account-holder (the user) to store, send, and receive cryptocurrency.",
"meta": {
"kill_chain": [
"Entities:Wallet"
],
"refs": [
"https://home.treasury.gov/system/files/136/2020-12-18-FAQs.pdf"
]
},
"uuid": "951ea43f-6acc-56c4-b51d-0618a7f23c3f",
"value": "Hosted wallet"
},
{
"description": "A special-use top level domain name designating an anonymous onion service, which was formerly known as a \"hidden service\". It is referred to as that because of the “layered” approach to relays on the Tor Browser.",
"meta": {
"kill_chain": [
"Entities:Technology"
]
},
"uuid": "229e9ab2-4c75-52af-aab8-e73d0fe8b493",
"value": ".Onion"
},
{
"description": "Blockchain bridges enable interoperability between vastly different networks, such as Bitcoin and Ethereum, and between one parent blockchain and its sidechains.",
"meta": {
"kill_chain": [
"Entities:Technology"
],
"refs": [
"https://blog.makerdao.com/what-are-blockchain-bridges-and-why-are-they-important-for-defi/"
]
},
"uuid": "309242e2-7882-558e-9563-0bb477bff5b8",
"value": "Bridge"
},
{
"description": "A wallet that is not hosted by a third-party financial system. It can be very difficult or impossible to determine who is accessing or in control of the use of cryptocurrencies in an unhosted wallet. Unhosted wallets allow for anonymity and concealment of illicit financial activity.",
"meta": {
"kill_chain": [
"Entities:Wallet"
],
"refs": [
"https://home.treasury.gov/system/files/136/2020-12-18-FAQs.pdf"
]
},
"uuid": "206859e5-f52b-5bad-8f49-08bc28d4e378",
"value": "Unhosted wallet"
},
{
"description": "A vending tactic involving the vendor passing the buyer’s address on to another vendor to ship to, eliminating any need for the middleman (dropshipper) to handle anything illegal in person.",
"meta": {
"kill_chain": [
"Entities:Generic"
],
"refs": [
"DNM Bible Glossary"
]
},
"uuid": "3ba88867-6567-5102-97e5-ecc23145593c",
"value": "Drop Ship"
},
{
"description": "A sidechain is a side blockchain that is linked to another blockchain, referred to as the main chain, via a two-way peg.",
"meta": {
"kill_chain": [
"Entities:Technology"
],
"refs": [
"https://coinmarketcap.com/alexandria/glossary/side-chain"
]
},
"uuid": "087b61b1-86b8-5859-95ec-ab26d76bd050",
"value": "Sidechain"
},
{
"description": "A cryptocurrency loan executed trough a smart contract, with no collateral, that must be paid back in the same block. The purpose of a flash loan is to gain money through arbitrage (on different exchanges or different assets) without providing any collateral.",
"meta": {
"kill_chain": [
"Entities:Technology"
],
"refs": [
"https://www.coindesk.com/what-is-a-flash-loan"
]
},
"uuid": "d04b5d8c-a7ea-52f0-a5cc-96133466fe07",
"value": "Flash Loan"
},
{
"description": "An escrow is a contractual arrangement in which a third party (the stakeholder or escrow agent) receives and disburses money or property for the primary transacting parties, with the disbursement dependent on conditions agreed to by the transacting parties.",
"meta": {
"kill_chain": [
"Entities:Service"
]
},
"uuid": "fc936928-f8be-5652-b13c-a0491158959a",
"value": "Escrow"
},
{
"description": "Bitcoin blockchain is constructed and validated by computation. Miners work to validate the blockchain with their computation power, proving their work for a reward. The Bitcoin Blockchain is based on Proof-of-Work. ",
"meta": {
"kill_chain": [
"Entities:Technology"
]
},
"uuid": "f4377e3b-ed10-5291-b984-4225013cde1b",
"value": "Proof of Work"
},
{
"description": "A method of scrambling or anonymizing the source of one’s cryptocurrencies. ",
"meta": {
"kill_chain": [
"Entities:Service"
]
},
"uuid": "7739c2a5-45f5-58b1-97af-59e65f69284c",
"value": "Tumbler"
},
{
"description": "An unspent transaction output of cryptocurrencies. This output is considered as an input to new transaction.",
"meta": {
"kill_chain": [
"Entities:Technology"
]
},
"uuid": "ea28ccaa-9786-5871-bda1-add90914da3d",
"value": "Unspent Transaction Output"
},
{
"description": "A crypto-asset (...) is a digital asset designed to work as a medium of exchange wherein individual coin ownership records are stored in a ledger existing in a form of a computerized database using strong cryptography to secure transaction records, to control the creation of additional coins, and to verify the transfer of coin ownership.",
"meta": {
"kill_chain": [
"Entities:Asset"
]
},
"uuid": "e9bf2ffe-9695-5c79-a88d-792fefbed39b",
"value": "Crypto-assets"
},
{
"description": "Bitcoin Cash is a cryptocurrency that is a fork of Bitcoin. Bitcoin Cash is a spin-off or altcoin that was created in 2017.",
"meta": {
"kill_chain": [
"Entities:Cryptocurrency"
]
},
"uuid": "ff848751-0764-5053-89af-e0feb4aeb482",
"value": "Bitcoin cash"
},
{
"description": "Fiat money is a currency (a medium of exchange) established as money, often by government regulation. Fiat money does not have intrinsic value and does not have use value. It has value only because a government maintains its value, or because parties engaging in exchange agree on its value. ",
"meta": {
"kill_chain": [
"Entities:Asset"
]
},
"uuid": "5b639ba0-e080-548b-9950-6e6c6f4a1fbd",
"value": "FIAT currencies"
},
{
"description": "A Bitcoin ATM (Automated Teller Machine) is a kiosk that allows a person to purchase Bitcoin and other cryptocurrencies by using cash or debit card. Some types of ATM also allow users to sell their cryptocurrency, dispensing cash in payment. Depending on the provider, the ATM can require KYC verification.",
"meta": {
"kill_chain": [
"Entities:Service"
]
},
"uuid": "2bb19164-c3ff-503f-9971-400de7af7fee",
"value": "Crypto ATM"
},
{
"description": "Ethereum is a decentralized, open-source blockchain with smart contract functionality. Ether (ETH) is the native cryptocurrency of the platform. It is the second-largest cryptocurrency by market capitalization, after Bitcoin. Ethereum is the most actively used blockchain. ",
"meta": {
"kill_chain": [
"Entities:Cryptocurrency"
]
},
"uuid": "2c0ef492-3bc0-510b-bd43-0802d9adf3f5",
"value": "Ethereum"
},
{
"description": "A process that lets you earn either fixed or variable interest by investing crypto in a DeFi market.",
"meta": {
"kill_chain": [
"Entities:Process"
],
"refs": [
"https://decrypt.co/resources/what-is-yield-farming-beginners-guide"
]
},
"uuid": "cd806af8-2674-5d40-a0ed-af194df5737a",
"value": "Yield farming"
},
{
"description": "An “anonymous overlay network” using the garlic routing protocol that encrypts multiple messages together to make data traffic analysis difficult, while simultaneously increasing network traffic speed. Each encrypted message has its own specific delivery instruction, and each endpoint works as a cryptographic identifier or what we refer to as “keys.” Since I2P is entirely peer-to-peer in structure, there's no hard-coded trusted set of directory stores. Instead, the network directory of I2P is netDb, a distributed database that is replicated across the network.",
"meta": {
"kill_chain": [
"Entities:Technology"
]
},
"uuid": "30b69477-70ff-51dc-b8f6-f29f03f5f0ac",
"value": "Invisible Internet Protocol"
},
{
"description": "Authority that defines (national) regulations",
"meta": {
"kill_chain": [
"Entities:Authorities"
]
},
"uuid": "30e65bc1-97e7-588f-a717-cb47a52b6ec6",
"value": "Regulator"
},
{
"description": "A collective name used to describe websites which require a special browser in order to access.",
"meta": {
"kill_chain": [
"Entities:Technology"
]
},
"uuid": "46800c1a-cceb-555d-9a22-5ebaebf62625",
"value": "Hidden Service"
},
{
"description": "A relay is a node in the Tor network. When a request to access a particular hidden service is made, the browser calculates the optimal route through a series of relays, exchanging cryptographic keys between nodes, to display the content without disclosing the IP address of the request originator. Each relay decrypts a layer of encryption to reveal the next relay in the circuit to pass the remaining encrypted data on to it. The final relay decrypts the innermost layer of encryption and sends the original data to its destination without revealing or knowing the source IP address. ",
"meta": {
"kill_chain": [
"Entities:Infrastructure"
]
},
"uuid": "c751ccc2-a365-51f1-97a1-1fec29b9726d",
"value": "Relay (node)"
},
{
"description": "Bitcoin improvement proposals, these are the equivalent of RFCs. They define the protocols and structures of Bitcoin. They are developed and maintained at the Bitcoin Github.",
"meta": {
"kill_chain": [
"Entities:Process"
]
},
"uuid": "acbb92c2-be9c-55db-a264-2eb3ec09e6ce",
"value": "Bitcoin Improvement Proposals"
},
{
"description": "Smart Contracts on blockchains, DApps, mainly via the Ethereum technology and network. They are used to provide traditional financial services. The technology provides strong immunity against attackers and some level of anonymity and privacy. Transactions are confirmed relatively fast, but mostly lack KYC and AML compliance controls and offer limited to no user support and customer care. Current DeFi innovations include: Lending platforms; Prediction markets; Decentralised Exchange (DEXs); Staking and pooling platforms. ",
"meta": {
"kill_chain": [
"Entities:Service"
]
},
"uuid": "a65902c5-b9d4-59ae-9b83-144923cea2bc",
"value": "Decentralized Finances"
},
{
"description": "The end user of a service. Customer would be paying for the services (buying good, using a service, owning an asset...).",
"meta": {
"kill_chain": [
"Entities:Actor"
]
},
"uuid": "7a226797-891c-55f6-8f2e-0753c8c43fec",
"value": "Customer"
},
{
"description": "Litecoin (LTC or Ł) is a peer-to-peer cryptocurrency and open-source software project released under the MIT/X11 license. Litecoin was an early bitcoin spinoff or altcoin, starting in October 2011. In technical details, Litecoin is nearly identical to Bitcoin.",
"meta": {
"kill_chain": [
"Entities:Cryptocurrency"
]
},
"uuid": "6317fb5c-072e-5a80-845f-2577b18e4d89",
"value": "Litecoin"
},
{
"description": "Cyberterrorism is the use of the Internet to conduct violent acts that result in, or threaten, loss of life or significant bodily harm, in order to achieve political or ideological gains through threat or intimidation.",
"meta": {
"kill_chain": [
"Entities:Actor"
]
},
"uuid": "61bbe7e3-3ad2-5e44-bd76-91c5058e301a",
"value": "Cyberterrorist"
},
{
"description": "Tether is a controversial cryptocurrency with tokens issued by Tether Limited. It formerly falsely claimed that each token was backed by one United States dollar, but on 14 March 2019 changed the backing to include loans to affiliate companies.",
"meta": {
"kill_chain": [
"Entities:Cryptocurrency"
]
},
"uuid": "058eb937-cce7-5469-a5fa-9def1e7b3744",
"value": "Tether"
},
{
"description": "A bank is a financial institution that accepts deposits from the public and creates a demand deposit while simultaneously making loans.",
"meta": {
"kill_chain": [
"Entities:Actor"
]
},
"uuid": "4ccf207f-40df-59ad-99d0-17fc7f9fd055",
"value": "Bank"
},
{
"description": "An open-source cryptocurrency created in April 2014 that focuses on fungibility, privacy and decentralization. Monero (XMR) uses an obfuscated public ledger, meaning anybody can broadcast or send transactions, but no outside observer can tell the source, amount or destination. ",
"meta": {
"kill_chain": [
"Entities:Cryptocurrency"
]
},
"uuid": "d41ae632-4373-5915-b339-39ffe6ddff7d",
"value": "Monero"
},
{
"description": "BNB powers the Binance Ecosystem. As the native coin of Binance Chain, BNB has multiple use cases: fueling transactions on the Chain, paying for transaction fees on Binance Exchange, making in-store payments, and many more.",
"meta": {
"kill_chain": [
"Entities:Cryptocurrency"
]
},
"uuid": "45800897-766c-51fe-ad0a-c33bb56277ba",
"value": "Binance Coin"
},
{
"description": "A type of anonymity network similar to Tor, based on the Invisible Internet Project protocol.",
"meta": {
"kill_chain": [
"Entities:Dark_Web"
]
},
"uuid": "27636f7b-1ac6-5db7-b322-045ed04b2de5",
"value": "Invisible Internet protocol network"
},
{
"description": "A darknet market is a commercial website on the web that operates via darknets such as Tor or I2P. They function primarily as black markets, selling or brokering transactions involving drugs, cyber-arms, weapons, counterfeit currency, stolen credit card details, forged documents, unlicensed pharmaceuticals, steroids, and other illicit goods as well as the sale of legal products.",
"meta": {
"kill_chain": [
"Entities:Service"
]
},
"uuid": "dae3b4a9-7838-5761-9356-faa9c55f0d47",
"value": "Darknet market"
},
{
"description": "An abbreviation for Pretty Good Privacy, an encryption program popular for encrypting emails and files. Through the use of public and private keys, it allows users who have never met to send encrypted messages etc. to each other without exchanging private encryption keys.",
"meta": {
"kill_chain": [
"Entities:Technology"
]
},
"uuid": "0db385a9-9cbd-5420-acef-472029b9cd0a",
"value": "Pretty Good Privacy"
},
{
"description": "Notice and take down is a process operated by online hosts in response to court orders or allegations that content is illegal. Content is removed by the host following notice. ",
"meta": {
"kill_chain": [
"Entities:Process"
]
},
"uuid": "a22efe40-4a32-59af-b219-216e8ced8dd5",
"value": "Takedown notice"
},
{
"description": "Someone or something that has been hurt, damaged, or killed or has suffered, either because of the actions of someone or something else, or because of illness or chance.",
"meta": {
"kill_chain": [
"Entities:Actor"
],
"refs": [
"https://dictionary.cambridge.org/dictionary/english/victim"
]
},
"uuid": "73f67ffc-a672-55dc-a0e0-6a21f22b5033",
"value": "Victim"
},
{
"description": "Polkadot is a heterogeneous multi-chain interchange and translation architecture which enables customised side-chains to connect with public blockchains.",
"meta": {
"kill_chain": [
"Entities:Cryptocurrency"
]
},
"uuid": "6d36792e-836a-5c87-9f8c-a826169eb2c8",
"value": "Polkadot"
},
{
"description": "Login credentials for e-services that are provided by financial institutions with a bank license.",
"meta": {
"kill_chain": [
"Entities:Asset"
]
},
"uuid": "d9620d2b-7f4a-5a04-aa8a-63935f1d3011",
"value": "Bank credentials"
},
{
"description": "A money mule, sometimes called a \"smurfer,\" is a person who transfers money acquired illegally in person, through a courier service, or electronically, on behalf of others. Typically, the mule is paid for services with a small part of the money transferred. ",
"meta": {
"kill_chain": [
"Entities:Actor"
]
},
"uuid": "91c16626-6b05-50e2-a344-62e07abac344",
"value": "Money mule"
},
{
"description": "A text-based chat service enabling users connected to a server to communicate with each other in real-time. ",
"meta": {
"kill_chain": [
"Entities:Service"
]
},
"uuid": "14461a3c-b0f9-57b7-9aae-633988f910d4",
"value": "Internet Relay Chat"
},
{
"description": "A [software] cryptocurrency wallet is a (...) program or a service which stores the private keys for cryptocurrency transactions. It will normally also contain the associated public keys.",
"meta": {
"kill_chain": [
"Entities:Wallet"
]
},
"uuid": "b2d781a1-97d1-503e-b7e1-d099fc348071",
"value": "Software wallet"
},
{
"description": "Cardano is a public blockchain platform. It is open source and decentralized, with consensus achieved using proof of stake. It can facilitate peer-to-peer transactions with its internal cryptocurrency Ada.",
"meta": {
"kill_chain": [
"Entities:Cryptocurrency"
]
},
"uuid": "f8b5c74e-6cdd-5bf0-9f11-c2419db6bab4",
"value": "Cardano"
},
{
"description": "Dogecoin (code: DOGE, symbol: Ð) is a cryptocurrency created by software engineers Billy Markus and Jackson Palmer, who decided to create a payment system that is instant, fun, and free from traditional banking fees.",
"meta": {
"kill_chain": [
"Entities:Cryptocurrency"
]
},
"uuid": "c93f371a-4d61-57fc-a3ef-e296eb5ddc4e",
"value": "Dogecoin"
},
{
"description": "Trading platform (commonly referred to as an “Exchange”) is the term within this paper used to describe any venue which facilitates the exchange of tokens for any form of money or asset. Trading platforms provide services to buy and sell tokens and/or for exchange of national (fiat) currencies backed by central banks.",
"meta": {
"kill_chain": [
"Entities:Service"
]
},
"uuid": "470b9309-79e3-545e-bc6a-df45df7e43af",
"value": "Exchange"
},
{
"description": "Blockchain is a distributed technology built under peer-to-peer network principles and cryptographic primitives, such as asymmetric encryption and digital signature. It allows trust-less users to exchange information and record transactions without external interference and coordination.",
"meta": {
"kill_chain": [
"Entities:Technology"
]
},
"uuid": "3fc478f2-b949-5b25-aecd-c7263e0f453d",
"value": "Blockchain"
},
{
"description": "Messaging services hosted or accessible via privacy enhanced networks.",
"meta": {
"kill_chain": [
"Entities:Service"
]
},
"uuid": "58868c19-cee0-5f5c-b8fa-2db0e7be4277",
"value": "Darknet Email Service"
},
{
"description": "A credential is a piece of any document that details a qualification, competence, or authority issued to an individual by a third party with a relevant or de facto authority or assumed competence to do so.",
"meta": {
"kill_chain": [
"Entities:Asset"
]
},
"uuid": "211d1030-727f-50e6-ae6e-05dd76bc72bd",
"value": "Credentials"
},
{
"description": "A rug pull is a malicious maneuver in the cryptocurrency industry where crypto developers abandon a project and run away with investors’ funds",
"meta": {
"kill_chain": [
"Entities:Process"
],
"refs": [
"https://coinmarketcap.com/alexandria/glossary/rug-pull"
]
},
"uuid": "87a990fe-f558-5dc6-93c4-385c76160c83",
"value": "Rug pull"
},
{
"description": "A person who manages the discussion contributions in an online forum.",
"meta": {
"kill_chain": [
"Entities:Actor"
]
},
"uuid": "e9b5e147-ae3f-52fa-a927-e0fd45af269c",
"value": "Moderator"
},
{
"description": "A network of routers that adds encryption to conceal a web user’s location and usage so that these are resistant to surveillance and hence are truly anonymous. The domain names of these hidden sites all end in ‘.onion’ and they are only accessible by using a Tor browser. Tor stands for ‘The Onion Router’. ",
"meta": {
"kill_chain": [
"Entities:Dark_Web"
]
},
"uuid": "01d8b306-9f3c-58f3-a262-3666ef5422a6",
"value": "TOR Network"
},
{
"description": "One of the newest Darknets, becoming increasingly popular. It is a combination of trackerless Bittorrent and a Blockchain for persistent site and user identity. ZeroNet optionally uses the Tor network as a virtual private network. As a full mesh network, all clients are also servers. By browsing to a “zite” as they are known in ZeroNet lingo, the machine used automatically becomes one of the servers for this zite also. ",
"meta": {
"kill_chain": [
"Entities:Dark_Web"
]
},
"uuid": "2aef7bc3-7dec-55e7-8efb-09f2c2d4b998",
"value": "ZeroNet"
},
{
"description": "The dead drop is a delivery model used by some vendors to distribute their products. A vendor uses a ‘dropman’ to hide consignments of pre-packaged drug deals in a number of suitably discreet offline locations. When a buyer makes a purchase from the vendor the geo-coordinates are provided to them for them to collect their order.",
"meta": {
"kill_chain": [
"Entities:Service"
]
},
"uuid": "06d58504-8603-57cf-9684-fd170aec3e19",
"value": "Dead drop"
},
{
"description": "Coinjoin is a method of mixing cryptocurrency tokens or coins, where two or more user transactions are combined into a single transaction on the blockchain, with multiple inputs and outputs. The concept behind that methodology is to obfuscate the link between an input and an output that would otherwise be apparent in a standard, single-user transaction. The coinjoin methodology is open-source and integrated into some software wallets, and is also available for use via a hosted online service.",
"meta": {
"kill_chain": [
"Entities:Technology"
]
},
"uuid": "3b0afb33-efce-56e5-9d17-9c4e29c24194",
"value": "Coinjoin"
},
{
"description": "A pastebin or text storage site is a type of online content hosting service where users can store plain text, e.g. to source code snippets for code review via Internet Relay Chat (IRC).",
"meta": {
"kill_chain": [
"Entities:Service"
]
},
"uuid": "1d370886-ae76-561b-bfda-00d7276a2672",
"value": "Paste site/service"
},
{
"description": "The deep web, invisible web, or hidden web are parts of the World Wide Web whose contents are not indexed by standard web search-engines.",
"meta": {
"kill_chain": [
"Entities:Infrastructure"
]
},
"uuid": "1671f327-3e58-5f64-94fe-acf0860effbe",
"value": "Deep Web"
},
{
"description": "(User of) Decentralized virtual currency that employs cryptography to accomplish tamper-resistance.",
"meta": {
"kill_chain": [
"Entities:Actor"
]
},
"uuid": "980a0996-5c70-5de2-9698-e5057015702d",
"value": "Cryptocurrencies User"
},
{
"description": "An attack to a DeFi protocol that exploits vulnerabilities in the flash loan system",
"meta": {
"kill_chain": [
"Entities:Process"
]
},
"uuid": "9f510016-a418-563f-9ffc-0a8fb1393d07",
"value": "Flash loan attack"
},
{
"description": "Privacy coins are a class of cryptocurrencies that power private and anonymous blockchain transactions by obscuring their origin and destination. Some of the techniques used include hiding a user’s real wallet balance and address, and mixing multiple transactions with each other to elude chain analysis.",
"meta": {
"kill_chain": [
"Entities:Asset"
]
},
"uuid": "96ccc6d4-fce6-5d4e-bfdc-4888a5af9aaa",
"value": "Privacy coin"
},
{
"description": "The exchange or sharing of information, data, or assets between parties without the involvement of a central authority. Peer-to-peer, or P2P, takes a decentralized approach to interactions between individuals and groups. This approach has been used in computers and networking (peer-to-peer file sharing), as well as with virtual assets trading.",
"meta": {
"kill_chain": [
"Entities:Technology"
]
},
"uuid": "acf94ffc-7cfe-5f59-84a4-63c07b283e3c",
"value": "Peer-to-peer exchange"
},
{
"description": "A virtual service that changes users’ IP addresses when using the Internet. ",
"meta": {
"kill_chain": [
"Entities:Infrastructure"
]
},
"uuid": "70d38f80-be9b-54aa-8918-3450db195147",
"value": "Proxy"
},
{
"description": "Scam denotes a fraudulent or deceptive act or operation.\n",
"meta": {
"kill_chain": [
"Abuses:Concept"
],
"refs": [
"https://www.merriam-webster.com/dictionary/scam"
]
},
"uuid": "f29c9e38-b210-5e57-9c04-c9e24936b72e",
"value": "Scam"
},
{
"description": "Sextortion refers to the broad category of sexual exploitation in which abuse of power is the means of coercion, as well as to the category of sexual exploitation in which threatened release of sexual images or information is the means of coercion.\n",
"meta": {
"kill_chain": [
"Abuses:Concept"
],
"refs": [
"https://en.wikipedia.org/wiki/Sextortion"
]
},
"uuid": "c47c83c2-bd3f-5168-af5a-4ecb29a8def4",
"value": "Sextortion"
},
{
"description": "Phishing is the fraudulent attempt to obtain sensitive information such as usernames, passwords and credit card details by disguising oneself as a trustworthy entity in an electronic communication.\n",
"meta": {
"kill_chain": [
"Abuses:Concept"
],
"refs": [
"https://en.wikipedia.org/wiki/Phishing"
]
},
"uuid": "d2206519-0e80-5794-8d4f-7c5ae4321da9",
"value": "Phishing"
},
{
"description": "A service hack denotes the digital intrusion into a service with the goal to steal funds.\n",
"meta": {
"kill_chain": [
"Abuses:Concept"
]
},
"uuid": "6ee22586-865d-5aa9-8b5a-7c667fd8f236",
"value": "Service Hack"
},
{
"description": "Ransomware is a type of malware from cryptovirology that threatens to publish the victim's data or perpetually block access to it unless a ransom is paid. \n",
"meta": {
"kill_chain": [
"Abuses:Concept"
],
"refs": [
"https://en.wikipedia.org/wiki/Ransomware"
]
},
"uuid": "cf8e3755-4918-581f-b4cb-542b916cb2db",
"value": "Ransomware"
},
{
"description": "A Ponzi scheme is a form of fraud that lures investors and pays profits to earlier investors with funds from more recent investors\n",
"meta": {
"kill_chain": [
"Abuses:Concept"
],
"refs": [
"https://en.wikipedia.org/wiki/Ponzi_scheme"
]
},
"uuid": "8a79fc5f-1639-564c-8c09-8dc0dc1abb9b",