XARVIS utilizes 'DarkBERT,' a Dark Web specialized language model developed by S2W's AI team, to classify and provide threat information by category. This technology automatically analyzes the posts uploaded to hacking forums, identifying the targeted countries and industries, making it easier to monitor on a country-by-country and industry-specific basis. S2W's AI calculates threat levels, presenting the most dangerous content in order.

When a specific country is selected, users can assess the damage distribution across different industries within that country. Furthermore, users can explore the top 5 users targeting that country and the frequency of damage in comparison to neighboring countries.

Cybercrime is increasingly prevalent not only on the Dark Web but also within Telegram channels. The Telegram search feature is a newly added functionality that allows keyword-based searching of various crime-related Telegram channels collected by S2W.

Telegram channels integrated into the XARVIS platform are typically categorized under hacking, drugs, malware, hactivists’ activities, and more.

By entering drug-related slang terms into the Telegram search bar, users can access actual chat logs containing those keywords. This enables the identification of Telegram channels involved in illegal drug trading and their sellers. This information can be cross-referenced with other data in XARVIS, such as Bitcoin addresses, to track down sellers.

* Please note that this feature is in Beta version, and its public release schedule is currently undefined. Additional features and changes may occur upon public release, expected in the year '24.

* Please note that this feature is in Beta version, and its public release schedule is currently undefined. Additional features and changes may occur upon public release, expected in the year '24.

XARVIS's cross-analysis tool enables the tracking of threat actors effectively. XARVIS continuously collects real-time identifiers related to threat actors, and users can leverage this collected data for cross-analysis.

In 2022, XARVIS detected the activities of a user named 'Lost_Key' targeting Indonesia on the global hacking forum 'Breached.' XARVIS collected this user's cryptocurrency address and Telegram address. Furthermore, it confirmed that the collected cryptocurrency address was associated with the renowned cryptocurrency exchange 'Binance.'

By utilizing XARVIS's cross-analysis tool, law enforcement agencies and security professionals can identify the identity of threat actors. This powerful tool enhances their ability to uncover and trace the individuals behind cyber threats, ultimately contributing to improved cybersecurity and threat mitigation efforts.

XARVIS's threat actor analysis tool can effectively track users who operate with multiple identities on the Dark Web and Telegram.

In 2022, XARVIS detected the activity logs of a user named 'okito,' who was continuously targeting Singapore. This user was active on the global hacking forum 'Breached' and left their Telegram address in dozens of posts.

By tracing the Telegram address, XARVIS discovered that the same Telegram address was posted in messages authored by 'ttyper,' who had detected traces of access denial on the hacking forum.

This demonstrates how XARVIS can consistently track users who employ multiple identities on hacking forums, enhancing the ability to monitor and respond to potentially malicious activities effectively.

XARVIS collects approximately 150 new Dark Web domains on a daily basis. It leverages the 'DarkBERT' language model developed by S2W's AI team to automatically classify these collected domains into categories such as drugs, finance, hacking, weapons sales, and more.

This functionality enables organizations in specific sectors to periodically monitor threat websites relevant to their industry. For example, a drugs investigation agency can gather information on newly created drugs trading sites and utilize the data collected from these sites for their investigations.

By using XARVIS's automated classification and monitoring capabilities, organizations can stay vigilant against emerging threats and make informed decisions to bolster their cybersecurity efforts.

XARVIS provides the capability to monitor global issues that are gaining attention on the Dark Web.

Following the outbreak of the Russia-Ukraine war, the Dark Web saw a variety of opinions and discussions on this topic. Posts distributing the personal information of major government agencies, businesses, and citizens from both countries were frequently detected.

Similarly, after the outbreak of the Israel-Palestine conflict, XARVIS identified trends similar to those observed during the Russia-Ukraine war.

In this manner, XARVIS can concentrate on monitoring specific topics and detect related illegal transactions and harmful content. This enables organizations to stay informed about emerging issues and potential threats within these discussions on the Dark Web.

XARVIS allows users to monitor the sale and demand for internal network access permissions of specific country-based companies by entering specific keywords.

For example, if a post appears on the Dark Web offering account information that can access the internal servers of a specific institution in South Korea, XARVIS detects this post and sends an alert. Such leaked accounts could be exploited by threat actors to compromise internal servers, leading to potential disruption or ransomware attacks.

In order to respond quickly to such situations and prevent the spread of damage, regular monitoring and detection of account leaks are essential. XARVIS provides the necessary tools to proactively address these security concerns and protect organizations from potential threats.