A Darknet Dictionary (Work in Progress, with Links!)

darr5

by Ciphas

So, given that there seems to be a lot of confusion about certain terms connected with the darknet and/or dark web, I thought it might be useful to have a “darknet dictionary” here. I must give some credit for this idea to Deepdotweb.com, who featured a similar article at DeepDotWeb’s DarkNet Dictionary Project! This isn’t a carbon copy of theirs, but they inspired me.

Their darknet dictionary is an ongoing project, so I think I’ll do the same with mine. If anyone wants to suggest new entries (or corrections) in the comments, feel free! I just may add them.

NOTE: Some links below may be down.

2FA – Abbreviation for “two-factor authentication.” 2FA is a type of multi-factor authentication (MFA), i.e. a user is only granted access to a site after presenting multiple pieces of authentication. Although used on the clearnet as well, 2FA is used on many darknet markets (and other sites) to verify users’ identities.

Example: a username and password, plus a separate PIN or a security question.

img21

Active at Dark Markets? – A Tor hidden service set up by Dutch law enforcement to warn darknet market users that they are being tracked.

activedark.png

Ahmia.fi – A search engine that finds Tor hidden services and I2P eepsites. Also available on Tor at http://msydqstlz2kzerdg.onion/.

ahmia

Alienet – A VPN-based hidden network that offers messaging, mail, IRC, and hidden services. Not as well known as some other darknets, but it is real. Their site is at http://darknetproject.info on the clearnet, or https://unionsoe3yw6fxaq.onion on Tor.

alienet

AlphaBay – Currently one of the top darknet markets on the Tor network. Uses both multisig transactions and a traditional escrow system (depending on the vendor). Access it at this link: http://pwoah7foa6au2pul.onion/register.php?aff=41211

AlphaBay-Home-e1440639625779

AYW – All You’re Wiki [sic]. The Hidden Wiki with all CP links removed.

allyourewiki

Besa Mafia – A fake hitman service that (surprise, surprise) turned out to be a scam. Though a number of people paid to use their “services,” no one was ever hurt or killed. The admin of the site did escape with a number of people’s bitcoins, however.

besa

Bitcoin– A digital currency created by the mysterious “Satoshi Nakamoto” in 2009. Bitcoin incorporates encryption techniques to regulate the creation of new units, and to verify the transfer of funds. The smallest units of bitcoin are called “satoshis.”

bitcoins182way

Bitcoin billionaire yet?

Bitcoin Mixer – A service used to disguise the trail of bitcoins back to their original owner. Often used when buying and selling illicit goods on darknet markets. A few examples of bitcoin mixers are: BitCloak, Grams Helix, and BitBlender.

bitcloak

Blackbook – A former social network on the Tor network, modeled after Facebook. Used to be located at https://blkbook3fxhcsn3u.onion.

Blackbook

Black Market Reloaded (BMR) – A former darknet market on Tor, and one of the oldest, which is currently offline. Plans have been announced for it to restart.

black-market-reloaded-screenshot

Blockchain – A public ledger of all bitcoin transactions that have ever been executed. This applies to other cryptocurrencies as well.

blockchaininfo

BotDW – Boss of the deep web.

botdw

Candydoll – A term referring to non-nude photos of children in suggestive poses or sexy clothing. Softcore child pornography, more or less. (Also may refer to makeup kits that are designed for this style of photography.)

NOTE: The screenshot below is from one of the sites selling the makeup kits.

candydoll_makeup.png

Carding – The trafficking of credit cards, bank accounts, website accounts, and other financial or personal information. May or may not take place within larger darknet markets. Some vendors on the dark web specialize in this type of crime.

darknet_forum

Cheese Pizza – Another slang term for child pornography.

Cipherspace – The “hidden internet,” built on top of anonymity networks like Tor, I2P, Freenet, and others.

Clearnet – The “normal internet” accessible without special software or configurations. (e.g. Google, Bing, Facebook, Wikipedia, Twitter, Reddit, etc.) Also sometimes referred to as the “surface web” (though this term is wildly inaccurate and confusing.)

surface-web-anz-tech-anztech-pc-fix-in-manukau-computer-repair-in-penrose

Enough with the icebergs, already!

Cold storage – Keeping a reserve of bitcoins offline (e.g. on a USB drive or encrypted media) to prevent tampering or theft.

coldstorage_bitcoin

CP – An acronym for “child porn” or “child pornography.”

Cryptography – The art of writing and solving codes. With regard to the dark web, it is a means of encrypting data (messages, etc.) that you send over the network.

Daisy’s Destruction – An infamous film made by child pornography producer Peter Scully (see entry), through his company No Limits Fun. The film shows the sexualized torture and abuse of several young girls, one of whom is referred to as “Daisy.” However, the film has reached mythological status on the web, with the details and facts about it being blown out of proportion.

daisy

Darknet – An overlay network that requires specific software, configurations, or permission to access. Examples include: Tor, I2P, Freenet, GNUnet. Some of these networks (like Freenet) have both “darknet” and “opennet” modes, where you can choose whether to connect only to peers that you trust, or connect to anyone.

ccnx_166975_full

Darknet Heroes League (DHL) – DHL is an escrow market comprised of old school vendors who were invited to sell there. Access it at http://darkheroesq46awl.onion.

dhlmarket

Darknet Market – A market hosted on an anonymity network (such as Tor) that often (but not always) deals in illicit goods. Popular purchases include drugs, drug paraphernalia (like pipes), firearms, hacked PayPal accounts, skimmed credit cards, counterfeit money, porn accounts, and fake official documents.

dream_market_drugs

Dark0de (a.k.a. Darkode) – A notorious hacking and cybercrime forum, originally hosted on the clearnet, which transitioned to the Tor network.

DarkodeKoS.png

Dark Mamba – A new “private military company” that claims to offer murder-for-hire services, run by the admin of the old Besa Mafia site. (i.e. another fake hitman site.) Located at https://darkmambawopntdk.onion.

dark-mamba

Dark Web – The part of the web that exists on darknets like Tor, I2P, Freenet, GNUnet, and other networks, and requires special software, configurations, or permission to access. The dark web is a small part of the deep web. The word “dark” does not refer to the content, but rather the fact that the networks are special access.

SIGAINT-attack

Dark Web News – A news site that reports on events that take place on the dark web. Also features bitcoin tutorials, links, and a comparison of darknet markets. Located at https://www.darkwebnews.com.

darkwebnews

DBAN – Darik’s Boot and Nuke – free erasure software that automatically deletes the contents of any hard drive it can detect, developed by Darik Horn.

dban11

Deep Web – The part of the web not indexed by traditional search engines, like Google. This term is often confused with “dark web,” but the two are not synonymous.

91d6d0cc4ed117a62f37c70d97e1a077_original

Deepdotweb – A site that releases news, articles, and occasionally tutorials about the dark web (primarily Tor). They also keep an accurate, updated list of darknet markets that’s very reliable. Can be found at Deepdotweb.com or https://deepdot35wvmeyd5.onion.

deepdotweb3.png

DisconnectA clearnet search engine that prevents other search engines from tracking your searches. It used to be the standard search engine on the Tor browser. Located at https://search.disconnect.me/.

disconnect_search

DNStats.netA site that monitors the status of various darknet markets and a few other sites on the Tor network. Located at https://dnstats.net/ on the clearnet, and https://dnstatstzgfcalax.onion/ on Tor.

dnstats

Doxing – The act of researching and posting someone’s personal information (e.g. phone number, address, full name) on the internet. Takes place on both the dark web and clearnet.

doxbin

Doxxters, The – A group who offers a doxing service for pay. Located at https://doxxtereufvckkiz.onion.

doxxters

Dream Market – Another top darknet market hosted on the Tor network, which uses a traditional escrow system. Access it at http://lchudifyeqm4ldjj.onion/?ai=1675.

dreammarket-drugs3

DuckDuckGo – Currently the standard search engine used on the Tor browser. Is popular with privacy-minded users. Located at https://duckduckgo.com/ on the clearnet, and https://3g2upl4pq6kufc4m.onion on Tor.

duckduckgo

Dump – The sharing of stolen data, such as usernames, passwords, credit card numbers, and bank account data. Also takes place on the clearnet, but is more infamous on networks like Tor.

dumpsad

Eepsite – The name for hidden services hosted on the I2P network. They end in the domain name .i2p.

eepsite

Freedom Hosting – A former Tor specialist web hosting service which, at its height in 2013, was the largest hosting service of its kind. Was the target of an attack by Anonymous, as well as a large law enforcement operation headed by the FBI. Has since been succeeded by another service dubbed “Freedom Hosting II.”

freedom_hosting

Freenet – A peer-to-peer network for censorship-resistant communication, touted as an alternative to other networks like Tor and I2P. It features anonymous messaging, email, social networking, and site hosting. A typical Freenet URI looks like this:

USK@MYLAnId-ZEyXhDGGbYOa1gOtkZZrFNTXjFl1dibLj9E,Xpu27DoAKKc8b0718E-ZteFrGqCYROe7
XBBJI57pB4M,AQACAAE/pyFreenetHg/31/

Download it at https://freenetproject.org/.

freenet_mainpage

Freesite – The name used for Freenet’s hidden services.

freenet_fms_setup

FullzIn carding terms, “fullz” refer to full database records of personally identifiable information. Such things might include names, addresses, phone numbers, bank account information, social security numbers, passwords, etc.

SPAM_smtp-rdp-cc-fullz-plus-bitcoin-carding-methods_6115250321125192472-a347a8c0d08d4002b40415e8063cdb64.jpg

Galaxy2 – A popular social network on Tor. It is a follow-up to the original Galaxy social network, created by “Lameth.” Located at https://w363zoq3ylux5rf5.onion.

0b034e7890a8d0073b501f05601a4071

GNUnet – A free software framework for decentralized peer-to-peer networking. It includes P2P applications, such as chat, file sharing, and VPN.

gnunet_screenshot

Grams – A Tor-based search engine for darknet markets, which helps compare goods, prices, and vendors. Tor link: http://grams7enufi7jmdl.onion/

grams-black-market-search-engine

HANSA Market – A darknet market with a multisig escrow system. Tor link: http://hansamkt2rr6nfg3.onion/affiliate/110

hansa_market

Hard Candy – Slang term for an underage girl – roughly age 12-16, on both the dark web and clearnet. Also can refer to child pornography featuring girls of this age.

Harry71’s Onion Spider – A popular link repository on Tor. Is respectable because it’s updated daily, and the links are generally accurate and active. Tor link: skunksworkedp2cg.onion

harry71_onion

Helix Light – A bitcoin cleaner available from the developers of Grams. Tor link: http://grams7enufi7jmdl.onion/helix/light

helix_light

Hell – Infamous hacking forum formerly hosted on the Tor network, where users share hacking tips as well as stolen data. There is another site currently going by the same name, but it is actually a clone site made with a stolen private key from the original site.

Hidden Wiki – Name for a popular wiki on Tor that links to and describes some basic Tor hidden services (for noobs). The main one is located at http://zqktlwi4fecvo6ri.onion/wiki/index.php/Main_Page. There are several other sites that use the name Hidden Wiki as well, but this one is usually the site in question.

hiddenwiki2

Hitmen/Assassins – A service that’s supposedly easy to find on the dark web. All of the sites offering these services have turned out to be elaborate scams, but the myth continues to be perpetuated by creepypastas and rumors.

hitman_network

Hurtcore – Most extreme form of child pornography, involving such things as physical injury and rape, which can be found on the dark web. Avoid at all costs.

screen-shot-2015-09-10-at-8-54-44-pm

Credit: allthingsvice.com

I2P – An overlay network and darknet that allows applications to send messages to each other anonymously and securely. Download it at https://geti2p.net/en/.

I2P_router_console_0.7.7

L33TER – A vendor shop started by L33Ter, vendor from most of the early darknet markets. Specializes in digital and physical products. Located at http://l33ter2w7q4bytfh.onion.

l33ter

LE – An abbreviation for “law enforcement.”

Litecoin – A peer-to-peer cryptocurrency that is based on bitcoin. Find out more at Litecoin – Open source P2P digital currency.

litecoin

Lux – Username of Matthew David Graham, convicted (and imprisoned) owner of child pornography sites PedoEmpire, Hurt 2 The Core, and Love 2 The Core (among others).

matthewdgraham

Mesh routing network – Networks made up of radio nodes arranged in a mesh topology. Examples include Netsukuku, GNUnet, Hyperboria, and CCNx. Many of these are still in beta mode and have not been officially released, but they have been advertised as alternatives to the traditional internet structure being used right now.

netsukuku

Multisig – An abbreviation for “multsignature.” The requirement for more than one key to authorize a bitcoin transaction.

multisig

Credit: deepdotweb.com

not Evil – The premier search engine on Tor. Was originally designed to look like a parody of Google. Located at https://hss3uro2hsxfogfq.onion.

notevil-chat

Onionland – A nickname for the Tor network.

2000px-Tor-logo-2011-flat.svg.png

OpenBazaar – A decentralized peer-to-peer marketplace that sells a variety of goods for bitcoin and currently runs on the Tor network. Not a “darknet market,” per se, but uses a similar concept.

openbazaar

Operation Onymous – An international law enforcement operation targeting darknet markets and other Tor hidden services in 2014. Supposedly shut down over 400 sites (although many were clone sites).

xzfzwwhgrbpgguhzhkiu

Outlaw Market – Another of the top darknet markets on Tor. Sells drugs, digital goods, weapons, and other merchandise. Access it at http://outfor6jwcztwbpd.onion/indxx1.php.

outlaw.png

Pedo – A slang term on the dark web for “pedophile.” Refers not only to the people themselves, but related sites and materials. (e.g. PedoEmpire)

PedoFunding – A now-defunct website on Tor run by convicted freelance photographer Richard Huckle. Huckle has since been imprisoned, and received 22 consecutive life sentences.

PGP An encryption standard created by Phil Zimmermann in 1991. The initials stand for “Pretty Good Privacy.” PGP is frequently used to encrypt and decrypt messages on the dark web.

public-key

PlayPen – A large child pornography site that, in 2015, was seized by the FBI and used to catch pedophiles who were accessing the site. This has been one of the more controversial cases, as some have questioned the legality of the FBI’s actions.

Qubes – A security-focused operating system that aims to provide security by isolation. One of many distros that can help provide security and anonymity. Official site: https://www.qubes-os.org/

r3rc1-nalu-desktop-1

/r/darknetmarkets – A subreddit dedicated to information and discussions about darknet markets.

/r/deepweb – A subreddit dedicated to factual information about the deep web and dark web (as opposed to urban legends).

Red Room – A series of mythological sites on the dark web that supposedly feature live torture and murder (see “Shadow Web”). Entrance to these sites (in theory) requires bitcoin, as well as special credentials, such as a password given by an administrator. They are, more or less, an extension of the urban legend of “snuff films.”

All of the ones that have become public knowledge have turned out to be scams, yet many creepypastas and YouTube videos have continued to perpetuate the myth.

darkredroom

Scam/Scammer – In the context of the dark web, someone who purports to be selling certain goods or services, and doesn’t follow through, or misrepresents their intentions (e.g. a drug vendor who never delivers their goods, or a “financial service” designed for identity theft).

sheep-scam1

Credit: Deepdotweb.com 2013

Scream, Bitch! – A hurtcore forum on the Tor network. For those of you thinking of joining, registration is closed.

sb_darkweb

Scully, Peter – An infamous Australian pedophile and producer of child pornography, most notably the film Daisy’s Destruction, which has achieved internet notoriety. Scully had formed his own production company to make these films, called No Limits Fun.

peter_scully

Shadow Web – A fictitious part of the dark web perpetuated by creepypastas and YouTube videos. Supposedly features live torture and murder shows for those who pay the right price. A number of sites on Tor claim to offer access to the Shadow Web, but they are all scams. Here’s one example: Shadow Web Gateway 2.0

shadowweb_3

Silk Road – An online black market, considered to be the first modern darknet market. Launched by founder Ross Ulbricht in 2011, the site was shut down by feds in October 2013.

2013116192258674734_20

Silk Road 3 – An escrow market that used to go by another name, but adopted the Silk Road brand. There has been much speculation as to whether or not the market will exit scam or will be taken down, but it is still currently running. Located at reloadedudjtjvxr.onion.

silkroad30_login

SSH – Stands for “secure shell.” SSH is a cryptographic network protocol for operating network services securely over an unsecured network. As with PGP, SSH uses public and private keys to authenticate users.

puttytunnel_06

Suicide Apartment – Members-only social network on Tor (which used to exist on the clearnet). It’s meant to be a site for people who are suicidal and want to find someone else to “leave the world with.” The only way to become a member is to receive a voucher from an existing member.

suicideapartment

Tails – A popular Debian-based live operating system that many dark web users install for extra protection. “Tails” is an acronym for “The amnesic incognito live system.”

tails_screenshot

TLA – An abbreviation for “three-letter agency.” Includes federal agencies such as the CIA, FBI, NRO, NSA, DEA, DHS, and others, who are looked upon with suspicion in the dark web.

hidden_site_seized.png

Tor – An anonymity network on which many “dark web” sites are hosted. The name “Tor” stands for “the onion router.” Frequently, people who say they’re on the “deep web” are referring to Tor. Download it at https://torproject.org.

tbb-screenshot3

TorBay – A Tor-based social network and forum which more or less replaced Blackbook.

torbay

Torch – A simple Tor search engine. Located at https://xmh5752oemp2sztk.onion

torch_search

Traderoute – A traditional and multisig escrow marketplace on Tor.

traderoute

Valhalla (Silkkitie) – Originally a Finnish-only darknet market, now available in English. Valhalla is invite-only, and offers both traditional escrow and multisig transactions, 2FA, and PGP. Requires a referral link to register as either a buyer or a vendor.

silkki

Vendor Shop – Smaller shops started by some of the major darknet market vendors, usually specializing in certain types of items. Examples: Mollyworld and MegaPack.

VPN (Virtual Private Network) – A private network which extends across a public network (internet). Many experts recommend using a VPN in addition to using Tor! (hint hint)

vpn10

Welcome to Dark Web Links and More! – Link list for Tor hidden services. Notable because they do not accept submissions of CP links, and also feature links to Usenet groups. Access it at https://jdpskjmgy6kk4urv.onion/links.html.

welcometodarkweblinks

Zion Market – A newer multisig darknet market without user wallets. Buyers have the option of selecting 2-of-2 (the server and vendor have the keys), or 2-of-3 (the buyer also has a key). Uses 2FA, automated PGP, and Bitmessage alerts. Access it at http://zionshopusn6nopy.onion/_reg23.

zionmarket

Zocalo – A former darknet market specializing in marijuana, hash, and various paraphernalia associated with it. Recently closed due to lack of business.

zocalo_market_weed

Zork – A 1980’s text-based RPG that is now playable on the Tor network (via the not Evil search engine).

zork

P.S. As I said above, this list is far from finished. So I’ll either add more entries in later, or do a part 2 to the post. Anyhow, hope you had fun, and feel free to add your suggestion

Advertisements

Dream Market: Drugs, Data, and Digital

by Ciphas

DISCLAIMER: This article is for informational and entertainment purposes only.  I do not condone the use of illegal substances and/or services.  Anything you do on the dark web is at your own risk!! 

Good morning, readers!  In my earlier post Interview: Eileen Ormsby, Author of Silk Road & All Things VICE, I thought of one of Ms. Ormsby’s answers to the question: “Have you explored some of the darknet markets that are still in business?”

Her answer began with: “Yes, all of them.  And they are boring.  Which is exactly what a market should be to stay in business.”  Ormsby was making this statement in comparison to the Silk Road market, which attracted a lot of buzz and public interest.  I see her point, but I still wanted to find out for myself if some of these markets were as “boring” as she claimed.

So, one of the markets I chose to look into was Dream Market, which is currently one of the top darknet markets.  (And as I always say, I’m sure you dark web veterans already know about it.)  It’s an escrow market (established in 2013) that can be accessed via the Tor network.

dream_market_drugs

Dream Market – the real one.

What I’m tending to notice as I explore more of these markets is that they look very similar (as far as site design goes).  On the sidebar are usually the various categories of goods, and within those, you can navigate to specific products and vendors.  The difference, often, is with the individual vendors and products.

As I’ve said before, I haven’t exactly gone through and snorted all the coke and GHB to see if it was high-quality.

GHB

7.8/10 – Too much water.

Drugs seem to be the most popular product by far, which isn’t really that surprising – but they aren’t the only thing for sale, believe it or not.  Also popular are drug paraphernalia (pipes, needles, etc.), and then, of course, there are many non-drug-related products as well (even…gasp!…legal things).

Register, Please

In my opinion, the registration process for Dream Market was very easy – but if you want a more in-depth guide (that you can access without Tor), look at How To Access Dream Market.

Basically, like most sites where you have to register, you create a username and password, and also a security PIN.  Unlike markets such as Python, Acropolis, and Apple Market, you don’t need an invite or referral to join this one; you just sign up and boom!

You also need to have a bitcoin wallet of some kind in order to purchase the goods (hey…tell something I don’t know!).  There are various bitcoin mixers (a.k.a. tumblers) that help obscure the transactions, such as Grams Helix or BitCloak.

bitcloak

Screenshot credit: deepdotweb.com

So, that’s the easy part.  The question is – how does it compare to other markets?  Well, if you go by the reviews on Deepdotweb: Dream Market, it’s a very good site (although sometimes these reviews are made by the vendors themselves).  You can’t trust anyone, can you?  (Well, sometimes you can; other times, you just learn the hard way.)

dreammarket_reviews

Short of trying the products yourself, it can also be helpful to visit the official Dream Market Forum, in which customers often share their experiences.  If there are scammers within the market (and this seems to be a frequent occurrence), they usually get outed sooner or later.

I Don’t Like the Drugs…

tumblr_mz6ug7RfZp1rft78uo1_1280.png

As I mentioned before, drugs aren’t the only product available, even if they are the most popular.  Though I have yet to actually purchase any goods, I’ve half-considered buying some of the legal goods (like the books on hacking), to see if I would actually receive the product.

If I succeed at this in the near future, I’ll definitely post about it.  Other products you might come across include include pornsite accounts (that you would normally pay a fortune for), hacked accounts (PayPal, etc.), skimmed credit cards, computer equipment, and other things.

For those of you who’ve never ventured into any of these markets (but might be curious), feel free to visit Dream Market and experience it for yourself.  As Eileen Ormsby said, the site itself might be boring, but if you’re the type to do drugs (or what-have-you) anyway, this is probably a safer alternative than buying them on the street.

Some people do get scammed out of their bitcoins, and others do sometimes get arrested in the process, just to warn you.  On the other hand, that seems a bit less common than it used to be with the “Silk Road” markets.

So…if you do decide to shop at Dream Market, just know what you’re getting into.  And don’t tell them I sent you.

So-Called Red Room Site: A Creepy Experience

red_prison_torture_room

Ah, the legend continues!  I’ve done several posts about the so-called “red rooms” that may or may not exist on the dark web, and it’s been an interesting process.  (I’m leaning toward not, by the way.)  For the newcomers, here are the previous entries:

Are Deep Web Red Rooms Real?

Is the Shadow Web a Reality? (Updated)

Dark Web Sites That *Claim* To Be Red Rooms

Red Rooms Finally Debunked Forever?

A Chat with the Directors of The Darkest Alley! (interview)

In the process, I’ve become more and more convinced that it would be extremely difficult, if not impossible, to host something like a red room on the dark web (Tor in particular).  Not only is livestreaming very difficult due to latency problems, but you would also have the problem of something like a live murder leaving behind evidence for law enforcement.

Nonetheless, in my research process, I’ve continued looking for sites that are labeled as red rooms, or sell themselves on the premise of being a red room.  I have come across several of those while hunting, and most seem to be scams.

Red Room #12589903

red room scam

The alleged “red room” site.

 

Most recently, I found yet another site with a similar premise, located at http://5xcds7yhgisfm6mu.onion/.  As you can see from the screenshot, it’s rather basic looking and gives very few details.  You had to contact them to get any other information.

Once again, out of curiosity, I contacted the site owner (or whomever) via the email address that was listed, and sent a PGP-encrypted message asking how to sign up.  He sent me back a PGP-encrypted message with details on what I had to do, and how much I had to pay, etc.

Now, here is the creepy part: the person who responded actually knew my real name.  That was enough to freak me out, at least a little bit.  I didn’t ask, but I was also concerned if he had any of my other personal information.

(Later, when he found out I was blogging about him, he spewed out a list of other personal info, like my wife’s name, the city I lived in, and several places that I frequent.  But you could honestly find those just by Googling me.)

It reminded me, at least slightly, of some of the “deep web” stories like the previously mentioned Horrifying Deep Web Stories: Why I Quit Hacking or 3 Disturbing Deep Web Stories by Mr. Nightmare.  And yes, I know that those are just stories,  but it was the possibility of someone finding out my real identity that was reminiscent of some of the stories.

His response to my first question, like most of the others, was that I had to pay 2.0 bitcoin (a.k.a. $1344.80) to gain access, and then to actually be the “master” of the show, I had to win an auction (similar to most of the other supposed red room sites).

Once you paid, supposedly, you would be given a username and password to simply access the site.  (You could only access the landing page without it.)

Invasion of Privacy??

panic-lots-you-just-got-hacked

So my question was – where did the guy get my name from?  Well, without asking directly, I had several theories.

When I had used my PGP key on the message I sent initially, it’s possible that my name was encoded into it somehow.  I actually find that less disturbing than some of the alternatives.

Beyond that, I combed through my system with various anti-malware tools, and came up with a few troubling findings.  One of them was a type of trojan (whose name I forget at the moment) that is specifically designed to steal login credentials and personal information.

I was able to remove it, but the question still remained – was that what gave away my name?  I still don’t know for certain, and I would feel more comfortable if I did.

Moral of the Story…

53865-bigthumbnail

So what have I learned from this?  I need to be more careful about whom I correspond with on the dark web, and when I do so, it’s imperative that I have all privacy and security protocols in place, and don’t do anything idiotic.  (Insert “I told you so” here.)

In the meantime, I’m still finding the process enjoyable, and believe it or not, I have learned a few things from my mistakes.

I hope you can, too.

 

 

ChaosVPN: Making Friends with Hackers!

Bildschirmfoto_2013-12-04_um_09.54.42

Alright, I admit it!  I’d been debating what to write my next post about, because everything that I had in mind required a lot of reading, research, and experimentation.

Fortunately, I came across something called ChaosVPN not too long ago.  I had heard about it via a deep web/dark web-themed Google+ group, in which I’ve made friends with many coders and fellow dark web explorers.  The name conjured up all sorts of silly tech-related movie tropes in my mind.

So what is it?

It’s a VPN designed to connect hackers and hackerspaces.  Keep in mind that this doesn’t necessarily constitute malicious (or “black hat”) hacking.  ChaosVPN has a wiki maintained by the Chaos Computer Club in Hamburg, Germany.

The idea sounded cool enough, but what really inspired me to look into it further was this image on the main page:

chaosVPN

If that’s hard to read, the quote I’m thinking of is the one in red that says

“ChaosVPN is a VPN to connect Hackers and Hackerspaces – it does NOT provide anonymous internet access!  For this look at tor or other similar services.

It will also not help you to reach domains like .rdos, .lll, .clos or any other strange things supposed to be available on the ‘dark web.'”

Does that sound familiar?  No?  Let me refresh your memory:

shadowweb

*Sigh* Yes, it’s our old friend “The Shadow Web” again.  The text is cut off in the screenshot, but the original page claimed that if you downloaded the software, you would be able to “access hundreds of other domains like .LLL and .RDOS sites.” ಠ_ಠ

By the way, if you’re still interested in that, you can contact the owner at shadow-web@sigaint.org.  Just don’t give him your money, OK?

So, if you can’t access .lll or .rdos sites, why install ChaosVPN? (I kid.)  Well, personally I love the idea that it connects different networks of hackers, and makes communication simpler.

If you read the “Goals” section of the wiki, the creators actually outline the purposes of ChaosVPN:

“Design principals [sic] include that it should be without Single Point of Failure, make usage of full encryption, use RFC1918 ip ranges, scales well on >100 connected networks and is…able to run on a embedded hardware you will find in [today’s] router…

“Therefore we came up with the tinc solution. tinc does a fully meshed peer to peer network and it defines endpoints and not tunnels.

“ChaosVPN connects hacker[s] wherever they are. We connect roadwarriors with their notebook. Servers, even virtual ones in Datacenters, Hackerhouses and hackerspaces. To sum it up we connect networks – maybe down to a small /32.

“So there we are. ChaosVPN is working and it seems [as] the usage increases, more nodes join in and more [services] pop up.” 

(For full text go to ChaosVPN – CCCHHWiki).

I may not be a hacker [yet], but as an investigative tech blogger and aspiring coder, this is definitely something that interests me (and I figured it would interest you too, readers!).

Tinc-erbell? 

tinc_2

 

As the creators of ChaosVPN mention above, the network uses tinc, a VPN “daemon that uses tunneling and encryption to create a secure private network between hosts on the Internet. tinc is Free Software and is licensed under the GNU General Public License version 2 or later,” according to their official site.

“Because the VPN appears to the IP level network code as a normal network device, there is no need to adapt any existing software.  This allows VPN sites to share information with each other over the internet without exposing any information to others.” 

Wow – am I wrong in saying that that sounds like some technobabble they would use on CSI: Cyber or something?

69118661

Nope.  It’s 100% accurate!  From the description, this sounds ideal for a VPN designed to connect hackers, as ChaosVPN is intended to do.  I know I’ve been quoting a lot of technobabble in this post, but I felt it was somewhat necessary to get an understanding of how ChaosVPN worked!

I’ll be honest – I’m really not an expert with it yet, and I’m still in the process of building ChaosVPN on my system.  I’m determined to get it working, though, and I thought you all could accompany me along the way!

Wiki of Chaos

The ChaosVPN wiki has a set of excellent how-tos for the following operating systems:

I went with the Ubuntu Howto, since I have that installed on my system.  (When I do finish setting it up, I think that would warrant a sequel to this post.)

No matter which operating system you’re using, you need to install Tinc VPN (mentioned above) first.

Initially, I was going to quote portions of the setup instructions in this post, but the ChaosVPN wiki is currently down.  I should’ve printed them when I had the chance! 

Oh wait, never mind – it’s up again.  Well, perhaps I’ve done enough plagiarizing in this post, but you can look at any of the links above for detailed instructions.

Fortunately, they also have a repository on GitHub: GitHub – ryd/chaosvpn: Config generator for chaosvpn.  I think that should help!

If any of you are able to get the VPN up and running, feel free to let me know.  I’m sure I’ll be able to put it together soon.

Well, that just means we’ll have a part 2 to this post!

In the meantime, I return to my ARG – real life, that is.

 

 

Q & A with a Member of Anonymous (Italy)

by Secrets of the Dark

anonymous_hacked

If you already have an interest in the dark web and/or hacking, the name “Anonymous” might immediately come to mind.  Yes, I’m referring to the people in the Guy Fawkes masks.

For my readers who have never heard of Anonymous or don’t know what they stand for, check out The Anonymous FAQ on Reddit.  (Hope you can handle a dose of snarkiness.)

I recently became friends with a member of Anonymous from Italy (via social media), and decided to interview him about his hacking experience, as well as some of the objectives of the organization. (The members of this particular derivative refer to their group as “Xud Anon.”)

NOTE: There were a few language barriers between us;  I’ve attempted to fill in the gaps, but it may not be perfect.  Enjoy, anyway!

Secrets of the Dark: I’m curious – how did you initially learn to hack (if you’re willing to say)?

Xud Anon: I worked in [a] bank…which I will not name, my interest was then related to this kind of thing.  But since sometimes I had free time, I spoke with the head of communications, who worked as a clerk in there…and I [tried to learn about] computer topics (in general), and from there I started to try to learn that kind [of thing], and I saw that my interest was growing day by day…

SOTD: What attracted you to this kind of thing?

XA: I do not know what attracted me to this kind of thing but it…slowly became like a drug.

SOTD: Interesting – I could see how it would be addictive.  Do you think that your goals, personally, are in sync with the rest of Anonymous?

XA: Maybe or maybe not, but I am sure that their (or rather, our) interests are very much reflected with [mine].  [Therefore] now seeing how to run things in the world, I try to support this movement to the best of my ability.

SOTD: What are you trying to achieve as a hacker?

XA: What we try to achieve, and what I think now…most people in the world [want], [is] a dramatic change of the system in which today we are REQUIRED to submit to people who do nothing but create confusion in people’s minds through their issuers.  Television, newspapers – tell us that we are free – but ask those who will read this: “Are you really sure about this?”

SOTD: That’s a good question.  Is your society supposedly a “free society”?

XA: The only thing I am proud of [is] the fact and the will to live, and in my own way [I do what] I can to follow the lines of the other…

SOTD: What do you mean by “follow the lines of the other”?  Of the opposite side?

XA: A free society – for me it would be a society without distinctions, social castes and distribution…present goods in the world are in the hands of a few.

SOTD: Some people call it socialism, what you’re describing.  But do you think change is possible?

XA: …Tell me [what] one person can be worth [in the sum of] a day’s work.  And this in my opinion [is] not absolutely beneficial.  [In the] sense that, with all the advanced technologies now present in the world, everyone [should] be able to have enough food.  Same thing for the work…housing [and] health.

SOTD: That sounds like a worthwhile goal to me!

XA: And [is it] possible that a signed paper (like the dollar or the euro) can create so much suffering in the world and those who inhabit it?

SOTD: Yes it is.  You’re right!  Even if it wasn’t meant to.  So, one last question…[do you officially] consider yourself a member of Anonymous?  What name do you go by?

XA: I would prefer to define [myself] as just one of many Italian XUD Anon…and I would also add that if you want it and believe in similar ideals, [you] may also be defined almost too (on other levels) one of many Anonymous, because our strength is in the group moving as if it were only one person.

screen-shot-2012-02-18-at-5-11-24-pm