f-Society: Hackers’ Social Network?

Alright, technically this site isn’t on the “dark web,” but that’s how I came across it.

I had clicked on the Atlayo Search Engine, and to my surprise, it had been hacked:

atlayo_hacked_edited

If you go by what the picture says, the person (or people) responsible were 7ulzSec – well, I guess that’s pretty obvious, huh? I had thought that the original LulzSec group had disbanded, so maybe this is an offshoot (or just someone who liked the name).

As to why they hacked this particular search engine, I have some idea. Besides the fact that it was vulnerable, it was quite easy to find CP on it, according to its “most popular search results,” which were listed on the front page. Contrary to popular belief, not everyone on the dark web approves of that (me included).

Anyhow, from this “hacked” page, I discovered f-Society, which looks like a Facebook for hackers, coders, etc. The site is at https://f-society.me; as far as I know, they don’t yet have an onion site. Oh, how did you know I was a Mr. Robot fan?

lulzsec_tor_edited

At any rate, like Blackbook, Mona, and some others, f-Society also uses a similar format to Facebook. You can send friend requests, write on people’s “walls,” make pages and groups, etc. Of course, like the aforementioned sites, most people don’t use their real names or photos, although it appears that a few people do – these could be fake, however.

The reason I say that is that from past experience, I’ve had people contact me using what appeared to be real photos, and it turned out they were either stock photos or even photos of celebrities. (These were scammers, however.)

tagged-online-scam

Most of the groups I’ve seen on the site thus far are hacking/security related – not that surprising. Awhile ago, someone suggested a file sharing function on his profile; actually, that would be cool!

Speaking of which, I’ve been meaning to write more about P2P networks that are good for filesharing (specifically ZeroNet and I2P), but have been focused on other projects. It’s in the works.

So, if you’re someone who’s into hacking, or are just looking for another alternative social network, stop by f-Society. I’m sure they’d love to have you.

fsociety.png

 

 

 

Advertisements

Is the Shadow Web a Reality? (No!)

I was checking my stats earlier today, and I noticed that there are still a lot of people searching for the so-called “Shadow Web.” Plus, one of my most popular posts is the one called Is the Shadow Web a Reality? (Updated).

shadowweb

I hate to disappoint you, but there is no Shadow Web; I’m certain of it. I wrote that post back when I was new to the dark web, and still believed a lot of the myths. The image above is from a scam site that’s trying to capitalize on these myths. A lot of other similar sites exist as well, that claim to be red rooms, like this one:

Red-room-1024x576

Someone even contacted me not too long ago and said that he knows the operator of the hidden service that claims to be the “Shadow Web,” and that this person is “…a big troll.” That should tell you all you need to know. I could see why people would want to believe in such a thing, of course.

The dark web has a larger-than-life reputation, and numerous creepypastas have only added to this. Here’s one example: “Underground Families”. Don’t get me wrong – I love a good horror story as much as the next guy, but Tor has gained a terrible reputation because of things like this, and we need to separate fact from fiction.

Furthermore, there’s no Marianas Web either, so you can forget about finding that too. The things that do exist are networks like Tor, I2P, Freenet, GNUnet, ZeroNet, and Decentralized network 42 (dn42).

68747470733a2f2f7a65726f6e65742e72656164746865646f63732e6f72672f656e2f6c61746573742f696d672f7a65726f74616c6b2e706e67

If you haven’t used them, I could see where your imagination might go, but most of the sites revolve around things like technology, privacy, and anonymity. Here and there, you might find some disturbing things too, but those are in the minority.

There’s also Blockchain DNS, an alternative domain name system using blockchain technology, but that’s a bit different.

blockchain-dns-links

On very rare occasions, I’ve found creepy sites, but those are few and far between. I guess the dark web isn’t the best place to hang out on Halloween.

 

So, I’m a Psycho Now Too?

For those of you who’ve read my earlier posts about Tor social networks, I thought it might interest you to know that I was made a moderator on one of my favorites – namely, Psycho Social Network 1.0.

psycho1_edited.png

I don’t feel all that different from when I was just a “psycho” (normal member), but it’s kind of cool. The main difference is that, if I come across something that doesn’t fit in with the site’s guidelines (mainly CP), then I can flag it and/or remove it. It probably also includes certain unsolicited ads (like marketplaces and hitmen).

Beyond that, however, most content is allowed. I must confess that I sometimes enjoy seeing gore sites, and things of that nature. Surely I’m not the only one, because said gore sites are quite popular, and plus, many people flock to the dark web looking for stuff like that!

On one of my few Spanish posts (which I’ll probably attempt again at some point), I mentioned the site riGOREmortis. I’ve since learned that that site is the work of former contributors to Bestgore.com, one of the more infamous gore sites.

rigoremortis

Anyhow, the kinds of pictures that you see on either of those sites are ubiquitous on Psycho Social Network. What did you expect? We’re a bunch of psychos! So, if you’re the type of person who’s come to the dark web looking for sick stuff, I highly recommend Psycho Social Network.

There’s also a group for people who, allegedly, are into murder. That’s not really my thing, despite the fact that I have sought out the gory sites on occasion (honest!).

So, although I may use Reddit, Twitter, etc. on the clearnet, it’s fun to take a break from the “normal” social media at times, and take a walk on the psycho side.

 

 

 

 

Darknet Market Shopping?

Good afternoon, readers! I’ve been getting a lot of questions in private messages about buying goods on darknet markets recently, so I thought I’d share some general advice from what I know.

There has been a lot of turmoil in the darknet market world lately, due to the shutdowns of major markets like AlphaBay and Hansa, as well as many arrests. Just so you know, there’s never a guarantee that you won’t get caught.

That aside, first – figure out which markets are reliable, in general.

DeepDotWeb.com has a master list of darknet markets that are, at the very least, not phishing links or scams: Darknet Markets List. This helps you to weed out marketplaces that are phishing links from the very beginning.

deepdotweb_markets_list

If you aren’t comfortable using their clearnet site, then they have a Tor hidden service as well: http://deepdot35wvmeyd5.onion. Keep in mind, of course, that like lots of other Tor sites, many phishing sites have been made of DeepDotWeb as well (with market phishing sites under the listings)! I find that the site DNStats is pretty helpful this way too; if you don’t want to use their clearnet site, try http://dnstatstzgfcalax.onion (no, that’s not a phishing link!).

dnstats2018

Once you’ve chosen the market that interests you, then make sure you have a good bitcoin wallet, like Electrum Bitcoin Wallet, which, in general, is considered to be one of the most secure.

electrum-android-beta-screens

Of course, you’ll need to have some bitcoin as well, or Monero, or whatever cryptocurrency your market of choice accepts. Some others are beginning to take Ethereum or Litecoin.

Finally, register for the market that you have in mind. The process is different depending on the market, but in general, you need to come up with a username and password, and sometimes a PIN to withdraw bitcoins. Many of them give you the option to upload your PGP key as well (which I would recommend). You can use your PGP key not only to encrypt messages, but also as a form of two-factor authentication (2FA).

dream_market_login

Once you’ve done all that, then shop around as usual. It can also help to sign up for the market’s official forum, or to use one like DNM Avengers, so that you can get good feedback on which vendors are legit.

One of the trickiest parts of all this can be receiving your goods, so try to ensure that whichever vendor you use is good with “stealth.” Strangely enough, you should probably have the goods delivered to your home address, unless you live with your parents. Or at the very least, have it delivered somewhere that you trust, where the package is less likely to be intercepted. I assume that by doing all this, you know of the potential consequences.

my-bank-account-cocaine-3Fj3O

Some of this, unfortunately, you just have to learn from experience. It seems inevitable that whenever you’re new to something, you’re going to make mistakes.

Is It Possible to Be Anonymous Online?

In light of the recent news about Facebook’s numerous privacy issues, I got to thinking, “Is it even possible to be anonymous online anymore?”

I think it is, but that would require dialing back a lot of your social media use, and so you would have to take that into consideration. What brought this to mind, in part, was the article It’s Time To Think: How Many Whistleblowers Do We Really Need? on Fossbytes, by Aditya Tiwari.

One of the points that Tiwari made is that we often install apps without giving much thought as to what data the app may be collecting in the background. Granted, we do allow apps “permission” to access certain things on our devices when we install them, but how many people really pay attention to that?

app-permissions-w782

I have an internet friend who says he doesn’t use social media in general, and he is, for the most part, anonymous online. He’s one of the people who introduced me to things like Maltego, which I mentioned on Beware, Maltego Will Find You!

If you didn’t read that post, to sum up, one of the things that Maltego does is collect publicly available information about you on the internet, and put it together into a nice graph. It also shows the various links and connections between these bits of information.

maltego_graph2

My friend had said that, when he did a report on himself, only information that he wanted to be available was found. The same was not true of me, although since then, I have taken down quite a few profiles, email accounts, and other bits of info that I didn’t want online.

Still, unlike my friend, I do use social media, partly because, as a writer (even one who writes about the dark web), that’s important. In fact, I know of other authors who write about this subject and also use the same tools.

The Fossbytes article made this important point about large companies like Google, however:

Google possibly has the largest collection of user data than any other company. Because why not? It has more presence in our lives. Google has some contribution in almost everything we do on the internet. In fact, many people open Google to check if their internet is working or not.

google_awsnap

I think that, if you want to be “anonymous,” or at least have less information about yourself out there, you would have to become acutely aware of what services you’re using, and how you’re using them (I include myself in this).

For instance, start using DuckDuckGo or StartPage rather than Google for your searches, or use open source alternatives to your favorite apps. One place you can find some of these open source apps is on F-Droid (if you have an Android phone, that is). The downside to this, of course, is that the alternatives may or may not work as well as their closed-source counterparts.

Still, this could mean that you (or anyone else who’s interested) has the chance to help improve these decentralized apps. Think of it as a grassroots movement.

To really take it all the way, you would probably have to create some fake identities for yourself (and this is one of things I’ve found difficult so far), as well as separate IP addresses for those identities – Tor might help with that. I did come across a site called Fake Person Generator that can assist with the identity creation process as well. It lists such things as names, birthdays, addresses, phone numbers, email addresses, height, weight, and even passport numbers. You would have to actively use them to make them appear real, of course.

fake_person_generator

 

So yes, to answer the question, it is possible to be anonymous online, but challenging, especially if you’re accustomed to using products like those of Google or Apple on a daily basis.

Hmm…I would really miss saying “OK Google.”

 

Must-See Onion Sites? Request from ExpressVPN

The makers of ExpressVPN contacted me via email and asked if I would share a link to their article 9 must-see .onion sites from the depths of the dark web. Very well, there you go! The article also mentions that ExpressVPN has their own Tor hidden service: http://expressobutiolem.onion/ (I should probably do that at some point.)

expressvpn

While I appreciate that they reached out to me, I read the article, and I somewhat disagree that these are the “best” onion sites on the dark web. Why?

Well, first of all, most of them have clearnet mirrors. If you’re looking for sites that are unusual or different from what’s available on the clearnet, then these aren’t necessarily what people have in mind.

For instance, one of the sites they list is http://3g2upl4pq6kufc4m.onion/ (DuckDuckGo), which is also on the clearnet at https://duckduckgo.com. Another example is http://blockchainbdgpzk.onion/, which is also on the clearnet at https://blockchain.info/.

blockchain-info

There are many other sites like this as well, such as Beneath VT (http://74ypjqjwf6oejmax.onion/), which you can find on the clearnet at http://beneathvt.com.

beneathvt

To give ExpressVPN the benefit of the doubt, I will say that sites like these are a good “introduction” to Tor, because they are relatively harmless and won’t take advantage of you.

You’ve probably been told not to just click on random onion links, because you never know what you’ll come across, and that’s true. I have had the experience of clicking on some unlabeled link, and being horrified at what I “discovered.”

In my opinion, the “must see” onion sites are the puzzle ones (like Red Triangle), or perhaps some of the social or tech-related ones. Of course, that’s the kind of thing I’m into, so it makes sense.

Of course, you could just head “into the jungle” yourself, so to speak, and see what you uncover.

By the way, if anyone wants me to feature their site, feel free to suggest it! I might want some bitcoin in exchange, though. (wink)

The Dark Lair: My Intro to the Dark Web

Back in 2015, when I first “joined” Tor, I came across a site called The Dark Lair, via one of the many link lists. Its Tor URL is http://vrimutd6so6a565x.onion. It seemed like a rather friendly place, so I joined. At present, it looks like this:

thedarklair_edited

The Dark Lair’s creator is a dark web denizen named Garnech the Prime; I’ve run into him on some of the social networks too. His site has several main features: The Board, which is like a newsfeed; a list of links, which no good Tor site should be without; The Enigma, which is a cryptographic puzzle; The Gallery, which is a group of photos; and Pages, which caters to various interests (e.g. Cybertron, Techno, and “Spices”).

dark_lair_pages_edited

Anyhow, the site isn’t all that “complicated”; it’s just a place for people to socialize and share ideas anonymously. I like it better than the ones that copy Facebook’s format, because I had initially ventured onto Tor looking for something different than Facebook. I didn’t really know what to expect.

Well Garnech, I love how the site looks, and keep up the great work! Perhaps one day I’ll even solve The Enigma.