Mona Social Network: More Dark Web Friends

Continuing my fascination with dark web social networks, I just discovered one called Mona Social Network. At the moment, it doesn’t seem to have many members.

It uses a UI that’s almost identical to Facebook’s. This isn’t that surprising, as many of the other social networks I’ve joined (e.g. Blackbook) also borrow from Facebook’s design. Looks pretty similar, doesn’t it?

mona_social_edited

On a side note, I discovered that Blackbook is testing a new beta design at http://blkbook3fxhcsn3u.onion/beta/. Feel free to check it out if that interests you. Just be careful about buying or selling anything on that site (I’ve heard through the grapevine that they’re all scams).

There isn’t a whole lot to say about Mona yet, as it seems very new and hasn’t attracted that many members. More or less, it’s quite similar to Facebook: photos, followers, followings, notifications, etc. It even has a “Messenger” like Facebook’s, for (you guessed it) sending private messages!

One advantage I would say that a social network like Mona has over Facebook is privacy (as with any Tor social site). As on any Tor hidden service, you are visiting it via your Tor IP, so unless you do something to leak that IP address, that already gives you an advantage.

If anonymity is your concern, I wouldn’t suggest using your real picture or real name (most don’t).

Out of curiosity, I decided to take a look at Mona’s “privacy policy,” and it looks like they don’t have one:

mona_privacy_policy_edited

It’s not uncommon to see “unfinished” pages on the dark web, to be honest, so I kind of expected this. I’m not really sharing any personal information with Mona, except my username.

Still, I’m curious to see how this site develops, and if it attracts more users.

Oh, alright – I’m just waiting to see if I can play Candy Crush on it.

 

 

Advertisements

All Onion Services: New URL

Awhile back, I mentioned the site All Onion Services (AOS), which lists every .onion site that exists on Tor. At one point, it had existed on the clearnet at onions.system33.pw, but this is no longer the case. (“system33”, a.k.a. Matt Traudt, is one of the developers. Thanks, Matt!)

At present, the site can be found on Tor at http://jld3zkuo4b5mbios.onion/. While this is true, the developers have expanded their site since I last wrote about it.allonionsv2_edited

As before, however, this link list is, as they put it, “The longest and least useful onion index in the galaxy.” Does this mean it includes illegal stuff? Sure, but good luck finding it! I’d also describe it as the most boring-looking onion index in the galaxy, but that was probably on purpose as well (wink).

I have attempted, in the past, to find “interesting” sites just by clicking random links on AOS, without much luck. Most of the ones listed are not online (which they mention). One difference between this updated version of the site and the original is that this one lists next-gen onion services (both v2 and v3).

V3 onions have 50 characters in them, so there are a lot more possibilities for an onion URL now (but don’t ask me to memorize them). Here are a few examples:

http://hnvcppgow2sc2yvdvdicu3ynonsteflxdxrehjr2ybekdc2z3iu63yid.onion/

http://x5id3qfgzppwxe5fyzxrkrczohc675atmygdresvx7nuexqnlsvorryd.onion/

http://nfctdewc36j6womh4ibm3tyu7glqdtc3at6can7uzmz7shfgho6773id.onion/

http://bypwnyfl4lwrlxduryjsnp5wijrus45ftolxqcbzkazk7biwbpidpnid.onion/

Because these are somewhat new, most aren’t online (nonetheless, this is the case with the v1 onion services too). If you are looking for onion links that are online, I’d suggest using some of the link lists that I’ve mentioned before, such as Fresh Onions, or The Onion Crate (which also has some of the v3 onion services).

the_onion_crate_edited

If you can read the picture (which you probably can’t), I’ve got some more links in there! Here, just for you (descriptions are accurate, I promise!):

http://3xeiol2bnhrsqhcsaifwtnlqkylrerdspzua7bcjrh26qlrrrctfobid.onion/ – Riseup Red

http://occgshn6gz4je57wyhpijni7waod6yxpxwihjdxjwrnpjtbayliei2id.onion/ – Cyberia Cafe and Club

http://oqwc4xrfgysdgw52tercv56vl2tfk5u7r6dspr2g2mwsj3dvb7zef4id.onion/ – Daniel – Onion Link List

http://hsqluhqe6dlfl7jaxulf7cfun6xt274btvnqvaorliem5j6sqjiwhdyd.onion/ – Empire Market

Note: I don’t know if the “Empire Market” above is trustworthy or not. It isn’t on DeepDotWeb’s “master list,” which I always consider to be reliable. At first glance, it looks like an AlphaBay clone (or at least it uses their layout). Let’s see if it perseveres!

empire_market_edited

The market designates that it’s “In Memory of Alexandre Cazes,” the late admin of AlphaBay, which would explain its similar look. Perhaps this will be the subject of a future post.

Anyhow, check out All Onion Services and see if you can find anything interesting. If you’re looking for red rooms, that may take awhile.

Can You Access .Onion Sites Without Tor Browser?

by Ciphas

(Note: Thanks to Ben Tasker’s Security Blog and traudt.xyz for being references.)

Can you access .onion sites without the Tor Browser? Short answer? Yes, you can – but I don’t recommend it…I cannot stress this enough.

I’ve mentioned Tor2web proxies in a few previous posts, but didn’t elaborate on it much. onionto

In their own words, “Tor2web is a project to let Internet users access Tor Onion Services without using Tor Browser.” Tor2web and Web2Tor are reverse proxies which allow clearnet users (such as someone using Chrome, Firefox, etc.) to access Tor hidden services.

reverse_proxy

The proxy listens on port 80 (or sometimes 443) on a clearnet server, and then proxies requests to the Tor hidden service.

If you’re unfamiliar with proxy servers, Indiana University gives a great definition of one: What is a proxy server?  (Psst…I talked about this a little in my earlier post ‘Anonymous’ Proxy List?)

The example they use to illustrate on Tor2web.org is that when you see an onion URL, for example, http://pbfcec3cneb4c422.onion/, if you add “.to,” “.link,” “.cab,” etc. to the end of the URL (e.g. http://pbfcec3cneb4c422.onion.to), and that proxy will connect you to the onion service. Great, right?

Well, no – not great. In spite of its convenience, the problem with using these proxies is that whomever is operating the Tor2web proxy can spy on your web traffic. While this may not sound like a bad thing, if said proxy operator has malicious intent, then you (the user) are basically a sitting duck. Plus, if the point of Tor is being anonymous, and someone can detect your web traffic that defeats the whole purpose!

In fact, even onion.cab themselves – the proxy service, that is – warns users when they first try to access a site this way:

onion

If this doesn’t sound bad, then it should be noted that not only can the operator see your web traffic, but they can also modify it and inject code if they so desire.

Ben Tasker Security Blog has an excellent post about this called Don’t Use Web2Tor/Tor2web (especially Onion.cab) – the example he gives is that some Web2Tor services “have some pretty bad habits, including playing fast and loose with your privacy.”

If you visit  https://6zdgh5a5e6zpchdz.onion, but do so through onion.cab instead of through Tor, the proxy service injects piwik analytics code into the page, which looks something like this:

piwik_tracking

So why should you care? Well, the proxy service who injected the code now knows that your IP address accessed said onion service at a specific time. In addition, they’re also executing code on your browser that the operator of the original site is unaware of.

Within the code, some of the information that it can discover about you is:

  • The title of the page you’re viewing
  • An ID for the site
  • The time that you made the request
  • The exact URL you were looking at
  • The page that sent you to that URL
  • Details of which plugins you have installed
  • Whether cookies are enabled
  • Your screen resolution
  • A unique ID for you

Alternately, this third party operator can inject code into the site that may track you across hidden services – that is, if you’re using the onion.cab proxy.

You can even contract malware via some Tor2web proxies – read this article by Virus Bulletin – Vawtrak uses Tor2web to connect to Tor hidden C&C servers. Granted, this article is over two years old, but it can still give you an idea of what might happen if you rely on these proxies.

Thus, if your concern is privacy, it should be obvious why you don’t want to give this information away. The same goes for any proxy, really, but again, if you’re using Tor for anonymity, then accessing so-called “hidden services” via the clearnet is pointless.

I know that a lot of people who explore the “dark web” for fun just say, “Give me links!” But if you want to explore those links, do so in the right way – use the Tor Browser (from https://www.torproject.org/), and don’t try to do so via the clearnet.

There’s a reason it’s called the “dark web,” after all.

creepy_eyes