Krypt3ia

(Greek: κρυπτεία / krupteía, from κρυπτός / kruptós, “hidden, secret things”)

Archive for the ‘Black Market Arcology’ Category

DPR: Not so dread inspiring but surely now full of dread….

leave a comment »

DPRFAIL

zwfviyhpjvezupkhcfz?

No one would surrender to the Dread Pirate Ulbricht.

Well the news cycle exploded this week with the arrest of Ross Ulbricht aka DPR or if you like The Dread Pirate Roberts of Princess Bride and now Silk Road fame. The schadenfreude here had been epic as the criminal empire that was one of the largest in the darknet was taken down because the “pirate” could not comprehend how to carry out OPSEC properly. What lead to this guy’s demise was some good old fashioned internet gumshoe work by an SA who also worked on the Sabu case back last year. Ross it seems decided to use his personal Gmail address for postings pimping Silk Road as well as  other assets that tied it all together digitally back to him. Not the best of OPSEC here Ross.

I challenge you to a battle of wits.

Anyway Ross had an idea and that idea was pretty interesting in that he wanted to use the darknet to have a Libertarian nirvana of commerce for just about anything. He set up his site, maintained it himself for a time, and then began to realize that he could not do it alone and this is where things start to go wrong. You see, when you run something yourself you only have yourself to deal with. When you start bringing in people to work for you and they know things about you (and you will always slip up here and give things away unless you are a trained spook) and that makes them a liability to your Operational Security. Ross learned this the hard way I suppose in that he started to feel that people needed to be whacked because they knew too much.

Meanwhile the OPSEC failures that Ross had made were steadily creeping up on him. So too were the UC’s on Silk Road who worked their way into the boards making deals and gaining his trust. In the end Ross decided that one of the UC’s was actually a cool Huggy Bear kind of guy and asked him to whack one of his administrators who he felt was a threat… OOOPS! If it’s one thing a Dread Pirate should know is to “Trust No One” but Ross I guess did not read that lesson in his Econ Theory classes. I guess it’s just another pointer I would make to all of you would be Pirates or Ninja’s out there … You can’t trust anyone. Oh, and yeah unless you are trained for this at say Langley or maybe Академия федеральной службы безопасности Российской Федерации you are more than likely to fuck up majorly and end up in the clink with Ross and many others. I have to say though that the idea of using the darknet and all the means that Ross had put together was a pretty good plan. The only real hitch was that he never took into account that he was going to be going up against a nation state(s) and they always win.

Hey, at least he didn’t fall for that land war in Asia thing right? …..

Look, are you just fiddling around with me or what?

So Ross went on to become the ersatz Walter White of the darknet until one day at his apartment in San Fran his doorbell rang. At the door was ICE/DHS and they had an interesting package for him in their hands. The package was full of ID’s with his face on them but not his name and when asked about them according to the complaint/affidavit his answer was “Anyone could get documents like these online at places like Silk Road” which let me tell you Ross, isn’t the thing you want to be saying here. After some questions and answers it seems the ICE/DHS folks went away which is confusing to me. First off, I surmize that the ICE Q&A was just a front for the FBI’s ongoing investigation into Ross but really, why tip their hand like that? If I were Ross I would have closed the door, waved at the feds through the window, watched them leave and RAN to my system to have a fire sale at Silk Road. I would have chosen a new DPR and been on my way to a non extradition country but ol’ Ross?

…..Nope.

Ross instead of cutting and running doubled down! He went on to do an interview with Forbes and continued on his way doing the business of being the “Dread Pirate” which let me tell you son, was one of the most ballsy and stupid things I have seen since Barrett Brown on camera threatened federal officers lives. Ross what were you thinking? I mean damn dude, did you really think you were Walter White? Oh well I guess time will tell as interviews are carried out or data dumps come from the feds as we go along slouching toward a plea bargain. Perhaps though your cognitive dissonance between personae online and offline just sort of short circuited you out and you couldn’t do anything other than carry on thinking you were covered.

Time will tell… But let this be a lesson to all you would be Pirates out there. You may call yourself a pirate or a ninja or even a Ninja Pirate but you really are just some shmuck with a grandiose sense of the self instilled in you by your helicopter parents who always told you just how fucking special and magnificent you were. So as you sit in federal pound you in the ass prison Ross take heart, for I am sure there will be another DPR someday in the darknets ….Sailing the dark digital waters with the shrieking eels that will some day end up in the cell next to yours where you can commiserate.

K.

Written by Krypt3ia

2013/10/06 at 20:25

The Hidden Wiki: Between The Layers of The Onion Router Networks

with 10 comments

Inside The Onion Darknet:

Someone recently pm’d me online and asked if I had ever heard of “The Hidden Wiki” They said that they could not believe what they were seeing because they had just perused an ad that purported to offer “hired killer” services. This person immediately thought it was just a trap or a joke, but, it turns out that hired killers are just the tip of the iceberg within the TOR arcology.  The TOR network it seems has become the new ‘Darknet’ hiding sites within the onion router networks themselves, totally anonymous and offering every kind of illicit trade one could think of including pedophilia images. There are innocuous sites as well, but there seems to be quite a bit of content (links within the wiki and pastebin’s that offer up nasty things.

How, you might ask, is this possible? Well, it is because of the nature of TOR itself. The Onion Router Network was a project started by the navy to anonymize internet traffic. Once it was set loose to the masses, it was upgraded and brought to the masses as a means to surf the web anonymously. This is done by using a series of routers (which you can set up yourself on any machine with the software) to receive and direct traffic anywhere online without any kind of record where the traffic came from once entering the TOR node network. (see diagram)

Once inside the system, unless under specific circumstances, you cannot be tracked. There are methods to obtain a users real IP address but they are hard to implement. So, with that said, the TOR system seems to not only allow people to access content on the internet proper, but now a secondary internet has been created within the tor nodes themselves. It would seem that perhaps this secondary internet could either be a haven for good data, or bad.. And from what I have seen so far, its mostly bad. The illicit trade of pedophilia being the worst of that ilk and it would seem that the purveyors think that they can do so without any hindrance because it is on TOR.

The Marketplace, A Digital Mos Eisley:

The Wiki offers many services, most of them seem to be driven by ‘Bitcoins’ and you can even find software to mine bitcoins as well as create them within this space. One has to wonder if you can really hire a hitman here or if this is just a BS post for the Lulz, but, other services seem straight forward and their sites are working. These services also include a wide spectrum of hacking as well as alleged DD0S/Botnet offerings as well. My first thoughts about all of this tended toward the idea that Anonymous must be like a kid in the candy store here, and then I began to search for them. It did not take me long to locate some sites that were ‘Anonymous’ themed as well as dumps of all the LulzSec hacks as well as a full mirror of Wikileaks dumps.

Here are just a few of the services offered in the Marketplace:

    * Contract Killer - Kill your problem (snitch, paparazzo, rich husband, cop, judge, competition, etc). (Host: FH)
    * BitPoker v1.93 - Poker (Bitcoin). (Host: FH)
    * Buttery Bootlegging - Get any expensive item from major stores for a fraction of the price! (Host: FH)
    * Stat ID's - Selling fake ID's.
    * Bidcoin - Like Ebay. We increase the gross national product. (Host: FH)
    * Video Poker - A casino that features "jacks or better" video poker. - DOWN 2011-08-07
    * Cheap SWATTING Service - Calls in raids as pranks. (Host: FH)
    * Data-Bay - Buy and sell files using digital currency.
    * The Last Box - Assassination Market (Bitcoin). - DOWN 2011-08-07
    * Pirax Web DDoS - Take out your enemies in seconds. (Host: FH)
    * Hacking Services - Hacks IM and Social Nets, does DDoS, sells bank/credit/paypal accounts. Se Habla Espanol. (Host: FH)
    * Email Hacker - Hacks emails (Bitcoin). (Host: FH)
    * CC4ALL - Selling valid Credit-Cards. Most from Germany. (Host: FH)
    * Slash'EM online - Super Lots'A Stuff Hack-Extended Magic tournament server (Bitcoin).
    * Rent-a-Hacker - Pay a professional hacker to solve your problem, destroy your enemys. (Host: FH)
    * BitPoker v2.0 - New version of poker (Bitcoin). (Host: FH)
    * BacKopy - Sells game, software and movie discs (Bitcoin). (Neglected status note) - Broken 2011-08-07
    * The Pirates Cove - Classifieds. (Host: FH)
    * BitLotto - A lottery using Bitcoin. (Host: FH)
    * Brimstone Entertainment - Escort Ads, Strippers, Adult Entertainers. (Host: FH)
    * Red Dog Poker - Play a simple game of poker (Bitcoin).
    * CouponaTOR - A service for getting retail coupons created (Bitcoin). (Host: FH)
    * Virtual Thingies - Buy virtual goodies like premium accounts, usenet access or domains (Bitcoin). (Host: FH)

You can also get a range of services like chemicals to make as well as tutorials how to make and sell anabolic steroids not to mention pages and files on weapons and explosives. Anarchy it seems has found a new digital home. One wonders just how long it will be before the onion becomes a home for jihadi’s as well. I suppose if they aren’t already, it’s only a matter of time until they are hosting their own sites in here as well. The real problem is navigation though for anyone looking around. Which makes this all the better for those seeking to be anonymous and stealth. There are a couple of search engines on the wiki, but due to the nature of TOR, one has to list their site in order for it to be found, so, I assume there are many sites out there that are only known to a very select few.

Paedophiles LOVE Anonmymity:

Meanwhile, it seems that there may be a bit of a war going on between the paedo’s and the hackers within this space as well. This particular page on the hidden wiki had recently been hacked and taken down, but, within a day or so, it was back up online serving out links. The FBI is aware of this site and others that I passed along to them, but, they are once again hard pressed to do anything about it because of the nature of TOR. It would probably be a safe bet though, that they have been monitoring these sites for a little while as the agent I spoke with already knew about the hidden wiki and some of the links forwarded. I guess that things though, are steadily growing on the onion darknet so new stuff is being put out there all the time.

All in all though, this is just another battlefield that the authorities must learn to fight in. Personally, I am with HD Moore in thinking that there may be some way to put a stop to all this… But, when he posited the idea it was 2007. Its almost 2012 and we still have the problem. All I can really hope for is that the decent hacker types living within this liminal digital space will keep taking these sites down and making the paedo’s lives miserable in the meantime.

Anonymity For Better For Worse:

On the flip side of all this is the idea that we need to be able to be anonymous online. I agree with this, I mean, I use TOR every day, but, anonymity is a double edged sword. As you can see from everything above, that very same anonymity that is protecting those who need free speech, or other protections it can afford, are also faced with the darker side of the technology. This space still seems to be fairly new in the sense of services, chat boards, paste sites, and other more normal internet style applications, but, in the contained anonymity that the onion network is giving them, the end users just mostly seem to be using it all for darker purposes.

And this will make things more difficult for everyone else as governments seek to destroy the privacy as they see more of this type of activities going on to use as excuses to peer into them.

K.

Written by Krypt3ia

2011/09/04 at 22:21