Krypt3ia

(Greek: κρυπτεία / krupteía, from κρυπτός / kruptós, “hidden, secret things”)

Archive for the ‘DARKNET’ Category

Art Forgeries Sold In The Darknet

leave a comment »

Stolen Forgeries:

Surfing the Darknet, as one does, I came across a new site that finally settled a prediction I made a few years ago. The site, “Fisher Shop” claims to be selling forged artworks as well as gold and diamonds. Now, I don’t really care about the diamonds and the gold bullion, but the art is the thing that enthuses me. I think I even once posted a blog about how I thought the Darknet could be used in art forgery, theft, and other machinations to sell stolen or forged artworks. This day has come to pass and I thought I would share it with you all.

The site itself is kinda poorly put together, or renders poorly on my browser for some reason and thus the text is all messed up pagination wise and makes it harder to read. Security wise the site is secure enough, an onion scan produced no vulnerabilities or leaks of data save for the email addresses that they are providing for contact. Both of the emails are easily obtainable sites like protonmail and sigaint so there isn’t much there unless you start talking to them and they slip up somehow OPSEC wise so at least this seems somewhat professional at the least.

The artwork though is what interests me most of all but I also will be taking a look below at the bitcoin acct they are using and those who have transfered money to it in the past. First though, the art…

The art works for sale range from old masters to Picasso. Two of the paintings on offer are missing pieces that have been stolen and not recovered yet. The one that intrigues me the most is the Rembrandt piece “Christ In The Storm On The Lake of Galilee” which was stolen from the Isabella Stewart Gardner museum in 1990 and recently was being searched for just a few miles from where I live a year or two ago. This work has been missing since 1990 but was claimed to have been seen by a reporter who was taken blindfolded to an unknown location and shown the work unrolled lit by a flashlight.

Scan of original from Isabella Stewart Gardner Museum of Rembrandt Van Rijn Christ on Sea of Galilee

Image from darknet site. Not whole image of the painting

Now in looking at the image provided by the darknet site along side the image presented by the Isabella Stewart Museum of the lost work itself, you can see variance in the image already. The colors are not the same and there are subtle differences in the work itself. Also the image that is provided on the darknet is not the whole canvas that was lost in the theft in 1990. The image has no real EXIF data to work with either so I cannot tell if this was a copy from elsewhere on the net easily. I have hashed the image and will do a bit more searching to see if I can lock it to a specific sample. However, when using image search for this hosted image we get a plethora of hits that are very much like it.

By looking all of these you can see a great variance in the colors but most of them have the same cropped image to show you. all of this is just stuff to go down the rabbit hole on but my main concern here is that this site is offering forgeries, and in some cases forgeries of lost art …Which makes you wonder just who might buy it? In the case of the Rembrandt the cost of the painting for purchase in bitcoins is 7,000 Euro’s which as of today is $8.331.00 ! Eight grand for a forgery of a stolen painting! Oh and this guy claims that he has been doing this for years and not been caught all the while admonishing the buyer about the security around packages and shipping.

Anyway, the original Rembrandt that was stolen has a 3.2 million dollar reward on it so I guess eight grand for a forgery of it is a steal huh? Speaking of steal, I started looking through the image search engine for the other paintings on offer and low and behold the Raphael on offer was stolen in 1945 and the Picasso went missing in October 2012! So, looking for a forgery of a stolen work? Look no further than Fisher on the Darknet it seems.

Picasso Harlequin Head

 

Raphael: Portrait of a Young Man

 

Now where the searches got interesting on the images was from the two listed paintings with original photos; the Frederick H. Clark painting of a cottage in Martha’s Vineyard and the John Bunyon River School pieces both it turns out are photos that originated from PlayTheMove.com where one can sell artwork and other things. If you look closely at the photos from the darknet forgery site and the images from playthemove they are identical. You can see that there has been some manipulation of the tones (contrast shift) but by looking at the background you can see that the backdrops are the same. So, the forgery site is using these images to show you “forged” paintings on offer. Now the playthemove site claims that these are original paintings for sale. So, either these images were cribbed from playthemove and used on the darknet (which I cannot prove as the images have been manipulated and metadata stamped out) or the same people at playthemove have taken second sets of these photos sans the time stamp that we see on playthemove.

Notice identical background folds and lack of time stamp on darknet sample (bottom)

Implies it is an original…

 

Same folds from playthemove but lacks the time stamp and has been edited (timestamp and curves)

 

Curiouser and curiouser no? Now the question becomes are the people selling these works on playthemove also trying to sell forgeries of the paintings in the darknet? Or was this just conveniently found online so they decided to use these because really, when you pay for them you will get nothing back? Which at this point one has to ask the question “Will you get anything from these guys?” I mean, caveat emptor in the darknet right? But what if you did get a copy? What if it really came? These two paintings are fairly odd in that they are not commonly known works that people are looking for so it begs the question, did someone have the original and decided to maximize their returns by making copies?

Interesting…. Oh and one more fun fact, they are wanting just a bit more for the fakes than the original sold for on playthemove!

Bitcoins and Wallets:

Next I looked at the bitcoin wallet that they are using on this darknet forgery site. The wallet (1DEKexRrsUadfiLF3gvzMCSMoBkmMHjRhV ) has 70 transactions on it and held about 8.10093985 BTC or the equivalent of $77,201.92 which is a pretty penny indeed. Of course the wallet is empty presently but that is quite the bit of traffic through there up to Oct 17 2017. The transactions spread out to numerous addresses and I started to go down that rabbit hole with Maltego but after a while it just became a morass. I may pick at this later on but the largest set of transactions happened in September of this year;

Overall I have not been able to see this wallet used on other darknet sites and I have yet to run into anything that could tip me off as to who may own the wallet or where else on the darknet it has been used with other entities. So we are back again to the whole idea of forgeries being sold as “forgeries” on the darknet. One has to ask are these being sold to people who will put them in their house or, do you think perhaps the goal here might be to sell these on to those who may try to pass them off as real to unsuspecting buyers in the art world?

This is an interesting conundrum for me because who would you sell a hot forged Rembrandt to? I mean, wow, you would have to then claim you are part of the cabal who stole it and entice someone to buy this highly known piece, stolen in a highly known robbery that the FBI and everyone else is looking for. Now that takes some major balls! Though, in the art theft world and grifter verse, I can see some of them trying to pull this one off. I mean if there were the mythical “collector” who was offered a painting like this, would they take the offer? Ok ok ok, so look at it this way, if you even got the painting in the first place from this site, to be able to turn that eight thousand dollar investment into say, five hundred thousand dollars to an unscrupulous buyer… WIN right?

Interesting… Very interesting.

I will keep an eye on this site and maybe send them an email asking some questions. If I see anything else I will update this piece.

Ciao

K.

Written by Krypt3ia

2017/11/27 at 19:59

Bluebox2600: It’s Time

leave a comment »

So the other day I posted about some puzzle sites linked together in the darknet by someone calling themselves BlueBox2600. Today I am bringing you their new game site and the creepy imagery and puzzles that are there. Check the site out for yourselves but I thought it appropriate to pull apart some of the stuff that is there and having copied the site totally locally I have posted the videos for you on YouTube if you don’t want to dare go to the darknets. Inasmuch as this site is supposed to be a puzzle box of sorts, I will tell you know on the surface of it I am kinda meh. The only really interesting bits are Doors one and four but you decide for yourselves. The site just went up this week and is fresh so this may be virgin territory for the Reddit set.

Let’s begin….

Entrance

The entrance has a video that shows what looks to be some hooded figure who brings in a small body and begins to dissect it or gut it. Within the imagery you get a quick flash of the following text below…

I have tried to string this together into a sentence but have yet to make it work. I will say that there are two capitalized letters “On” and “I” and either could start a sentence. I will play with this some more….

Choose your door

Once you enter the “game” you are presented with four doors to choose from…. Below are the videos behind each.

Door One

This starts with a pan of an outdoor scene and a song by Billie Holiday but starts to skip and break up. The scene goes blank and words start to appear on the screen…

 

Mortus

Dead Man!

The screen clears to the sight of what I liken to Batman’s Scarecrow villain…

It’s at this point that the figure begins to talk and it is garbled at first but clears up. The scarecrow starts talking about stalking a woman…

I saw you with your true love…

I saw you with your child….

I have watched the child…

I have watched your child but some day I may decide to do more…

One day I merely may decide not to follow, not to watch…

I may decide something needs to be done…

Something more vicious…

Whether it be with you or your child….

The face of Scarecrow

So far this is the creepiest and longest of the videos on the site but amazingly the hidden code in the HTML says that it is not the right door. As far as I am concerned it is in fact the right door for creeptastic imagery and sound.

All in all, this video has the most interest for me with the imagery and the strange details it is putting out there for us all to parse. Is this some kind of scary footage you would see on YouTube that would lead to other sites or some kind of creepypasta? I have yet to see anything in the footage to show a link anywhere but I have yet to look at the file itself to see if there is something else there. Are there more things interlaced into the video that you cannot see with the naked eye? Basically the story line of some crazy scarecrow like figure hunting/stalking some poor woman and her kid is disconcerting.

Door Two

Door two is a bit strange…

KITTY CANDY!

Strange shots of a mannequin and yelling about feeding the kitty….

Go watch it… But it is not the right door according to the hidden text in the HTML

Door Three

Door three’s video is just plain boring to me and the fact that the hidden text in the HTML is telling you that it is the right door kinda makes me wonder what I am missing here. I will see if I can take a look at the file itself and look for interlaced things you can’t see with the naked eye but all this is some rando images of a hokey mask like figure and nothing more.

Door Four

Now, here at door four we have something interesting.. Actually some “things” that are interesting. The footage is a staged scene of a devil or Baphomet figure who is holding some woman in a chair hostage… Poorly. She breaks free of the chair easily all the while screaming about feeling gross from being in the chair and unwashed. However, once this cuts away we have the Baphomet figure holding a giant fan open and this has some interesting things on it in handwritten text…

So once again, the most interesting content is marked as not important but yet here we have all this stuff on the fan. You are sleeping is the clearest thing to see but under it are esoteric symbols again and names like David Kelly and Steve Mostow and Ian langford. Now once you start to Google those names you get some interesting things popping up;

Steven Mostow is either a character on Grey’s Anatomy or it is this guy, I am gonna go with this guy because the other name above him is David Kelly..

David Kelly refers to another scientist who was killed which is in turn connected to Ian Langford, yes, another scientist who got whacked. One of 24 scientists alleged to have been killed by some cabal…

 

Right! So all of these names lead back to conspiracy theories surrounding these doctors deaths! Interesting and yet NOT the door we want? Something is out of whack here I think.

You can also make out three Bible verses scrawled on the fan;

Genesis 5 3:1 When Adam had lived 130 years, he had a son in his own likeness, in his own image; and he named him Seth.

Revelation 12:9 And the great dragon was cast out, that old serpent, called the Devil, and Satan, which deceiveth the whole world: he was cast out into the earth, and his angels were cast out with him.

Revelation 20:2 And he laid hold on the dragon, that old serpent, which is the Devil, and Satan, and bound him a thousand years,

All of this is tied back to the esoterica of previous puzzles by BlueBox2600 (oh and yeah, for all you hackers out there BlueBox 2600 come on!) All of this seems to be pointing in the general direction of esoteric beliefs, conspiracy theories and general creepypasta action on the darknet. Hell, there’s even a Fibonacci Sequence on the fan as well!

Mostly I find this stuff to be kind of muddled and not really leading me in any one direction. Maybe there are clues within clues I haven’t seen yet and I will keep looking for a bit. I thought though that this site was worth a gander for you all. If you are in the darknet feel free to slide on over and check it out yourselves… And if you find something new let me know.

K.

 

Written by Krypt3ia

2017/10/13 at 19:11

Posted in DARKNET, Esoterica

Bluebox2600: Darknet Games

leave a comment »

It all started for me yesterday when a new darknet site popped up on the spider. The page primarily consisted of the image above that contained a movie that plays automatically. The movie consists of what looks like a hooded figure bringing in a small corpse of some kind and through cut scenes begins to dissect it with a kitchen knife. This of course intrigued me so I went down the darknet rabbit hole to find out more. Luckily for me the breadcrumb trail was left on the page listing the previous sites that the user had created “games” on in the past.

 

I then copied down the urls in that image file above and began to call them all up in the browser. It turns out I had seen these sites before and dug around a bit on them in the past. The reason for my interest back then, which waned eventually, was that each site had embedded codes in the html to break. These codes weren’t hard really and I wondered if I was missing something else but you know me, I get bored and I walked away after a bit. Of course now with this new site I had to go back and take another look.

Once I went down the rabbit hole, I kinda found myself in an interesting esoterica hell. The pages pretty much all lead to one after the other when you decode the hidden codes. Note that I have only looked at the HTML and not into the imagery itself (e.g. looking for Steg) and maybe I will do that after a time. Anyway, these are the sites as linked by code and the “puzzle” that this person(s) has put out on the darknet for the chosen few to work out. It all comes down to some kind of esoterica that is supposed to enlighten the puzzler.

I don’t feel too illuminated but it was fun. I did get a little turned around a couple times and I still have not quite solved the math problem into a URL. I do dig the imagery used especially all the old creepy photos and shops of things like the anthropomorphic rabbit. I don’t quite know what about him there is that makes it nightmare fuel for me but I am all up into that. These pages though as a whole don’t seem to give you a way to talk to the creator, but maybe they were watching the hits on the pages to see if people were working them out. As I show in the post here I also was able to dig up a WHOIS and a name as well as an email address used in Domain Tools so I may have nailed down who made these and what else they have online. I will look more into that later on and let you know…

For now, enjoy the puzzling and know that the images at the top here? Well, they are back at it and I already am going down the new rabbit puzzle hole too.

K.

Illuminati

Code in HTML:

.-.. .. --. .... - .- --.. .--. .. -.. --- -..- -.- --.- -.-. . .-.-.- --- -. .. --- -. -..-. - .... . -.. --- .-.. .-.. .- .-. .-.-.- .... - -- .-..

Translation: LIGHTAZPIDOXKQCE.ONION/THEDOLLAR.HTML

The Dollar

HTML code:

http://lightazpidoxkqce.onion/_ _ _.html Looking for 3 letters here .. Type illuminati backwards then add .com what is the abbreviation of the organization this leads you to.

itanimulli.com redirects to the NSA website

TEXT

WHOIS info on this is interesting…

Domain Name: ITANIMULLI.COM
Registry Domain ID: 92386827_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.godaddy.com
Registrar URL: http://www.godaddy.com
Updated Date: 2017-06-22T22:32:21Z
Creation Date: 2002-11-20T07:54:13Z
Registrant Name: John Fenley
Registrant Organization:
Registrant Street: 1985N 360E
Registrant City: Provo
Registrant State/Province: Utah
Registrant Postal Code: 84604-1803
Registrant Country: US
Registrant Phone: 8014273274
Registrant Phone Ext:
Registrant Fax:
Registrant Fax Ext:
Registrant Email: pontifier@hotmail.com
Registry Admin ID: Not Available From Registry
Admin Name: John Fenley

Crop Circles

Code in HTML:

<!–
2+3=8,
3+7=27,
4+5=32,
5+8=60,
6+7=72,
7+8=?? 98
/??.html

As a math problem:

*1 + 3 *2 = 2+6 = 8

*2 + 7 *3 = 6+21 =27

*3 + 5 *4 = 12+20 = 32

*4 + 8 *5 = 20+40 = 60

*5 + 7 *6 = 30+42 = 72

*6 + 8 *7 = 42+56 = 98

SOLVE: 7+8 = 98

I never quite got this one… Can you put this solve into a URL?

To Wonderland

Code in HTML:

01101000 01110100 01110100 01110000 00111010 00101111 00101111 01100011 01110010 01100101 01100101 01110000 01111001 01101101 01101000 01110000 01100111 01101001

01100010 01110011 01100101 01110111 01110010 00101110 01101111 01101110 01101001 01101111 01101110 00101111 01110100 01101000 01100101 01110010 01100001 01100010

01100010 01101001 01110100 00101110 01101000 01110100 01101101 01101100

Binary Translation: http://creepymhpgibsewr.onion/therabbit.html

The Rabbit

Code in HTML:

WVVoU01HTkViM1pNTWs1NVdsZFdkMlZYTVc5alIyUndXVzVPYkdRelNYVmlNalZ3WWpJMGRtUkhhR3hhTWtaNllsZEdlbUY1Tlc5a1J6RnpTVU13ZEZveU9YWmFRMEp4WWpKSlBRPT0=

Base 64 decode thrice = http://creepymhpgibsewr.onion/thegasmask.html –good job

The Gas Mask

Code in HTML: 68 74 74 70 3a 2f 2f 63 72 65 65 70 79 6d 68 70 67 69 62 73 65 77 72 2e 6f 6e 69 6f 6e 2f 66 61 63 65 6c 65 73 73 2e 68 74 6d 6c

HEX decode: http://creepymhpgibsewr.onion/faceless.html

Faceless

Code in HTML:

\x68\x74\x74\x70\x3a\x2f\x2f\x63\x72\x65\x65\x70\x79\x6d\x68 \x70\x67\x69\x62\x73\x65\x77\x72\x2e\x6f\x6e\x69\x6f\x6e\x2f \x68\x61\x6c\x6c\x6f\x77\x65\x65\x6e\x2e\x68\x74\x6d\x6c

HEX Decode: http://creepymhpgibsewr.onion/halloween.html

Halloween

Code in HTML:

104 116 116 112 58 47 47 99 114 101 101 112 121 109 104 112 103 105 98 115 101 119 114 46 111 110 105 111 110 47 116 104 101 115 99 114 101 97 109 46 104 116 109 108

Decimal Decode: http://creepymhpgibsewr.onion/thescream.html

The Scream

Code in HTML: http://creepymhpgibsewr.onion/thepic.jpg

The Pic

This kinda dead ends for me….

Page # The Witch

Code in HTML:

V1ZWb1UwMUhUa1ZpTTFwTlRUSlNkMXBGWkU5aU1EVklWR3BhYTFZeFNuWlhWRTV2WVZad1dHUXpWbWxOYWxaM1dXcEpNR1J0VFhsU2FrSmFWbnBTTVZsVmFGTmtSMHBFVVZoU1RWWXlVakpaYWtwU1dqSkdkRTlYYXowPQ==

Base64 Decode: http://witch4czudhcxbel.onion/satan.html –good job

I am going to assume that the witch is the solve for the math problem converted into a URL…

Satan

Code in HTML:

WVVoU01HTkRWWHBSVTFWNVVtbFZlVkp1WkhCa1IwNXZUa2RPTm1SWFVtOVpNMmhwV2xkM2RXSXlOWEJpTWpSc1RXdGFlbVZYTVdsaU1uaDZURzFvTUdKWGQzSk1VekZ5V2xkV2Qwc3laSFpoVnpWdQ==

Base 64 Decode: http//witch4czudhcxbel.onion/symbols.html+–keep+going

Symbols

Code in HTML:

YUhSMGNEb3ZMM2RwZEdOb05HTjZkV1JvWTNoaVpXd3ViMjVwYjI0dmRHaGxaRzl2Y25NdWFIUnRiQT09

Base 64 Decode: http://witch4czudhcxbel.onion/thedoors.html

Doors

Choose your doors…

Door One “Gore 226”

Code in HTML:

Base 64 Decode: http://gore226jrod4ia2c.onion/gore911/ — enter

Once you put in the url you get the following text on the new page:

Door Two “Grandma’s Garden”

I have yet to play with this one… I will get round to that.

Door Three “The End”

Code in HTML:

Congrats!! You broke the witches code.There will be more puzzles to come. Hope you enjoyed this Bluebox2600 @ http://blueboxlxc4o7mvk.onion/

Now the Esoterica begins…

Door Four “Sacred Geometry”

Code in HTML:

“Once in a while you get shown the light In the strangest of places if you look at it right”

Right! Well we are back to esoteric teachings that seem to be Illuminati in nature. I am not sure where this guy is going but it was a fun trip.

 

Written by Krypt3ia

2017/10/12 at 14:32

Posted in DARKNET, Esoterica

Who’s Molesting Your Corpse?: Necrophilia and Snuff In The Darknet & Clearnet

leave a comment »

Vault of Sex and the Dead

Just when you thought I could delve no more deeply into the darknet I bring you this….

RIGHT! Well, since my deep dive into the world of cannibalism, I began to look at the other links out there to other paraphilia’s on offer in the darknet and once again to the clearnet. Today’s menu consists of Necrophilia and Snuff, which is quite the taboo really and something you would expect to be in the so called Darknet. In as much as what is indexed currently out there in the darknet there are a total of two sites that really cater to these two particular bents. The first being the one you see above in the screen shot. This one requires bitcoin payment just to see the content but you can get a taste by clicking on their samples.

Sex & The Dead

 

Sex & The Dead

What seems to be on offer here is a melange of snuff films and images that are staged mixed with actual gore photos culled from the clearnet and other places I suspect. Generally, it is all pretty vile and all rather violent which then in tandem with the data concerning how much money their bitcoin wallet has ($3140.76) one wonders just how many people are buying this service and how many are here just for the day or are return customers. The nominal fee to gain entry is (0.027 BTC) which is presently ($112.06) per entry fee. So, let’s tally that one up shall we?

Lesee, carry the one….

That’s thirty users of this site. Thirty people have paid over one hundred dollars to get into this site with bitcoin and wank to this stuff.

*shiver*

Oh and look someone just bought access on the 25th of this month!

So someone has at least some pocket money it seems from this little darknet adventure. I guess it all depends on how much you put into it though eh? I mean, how much is the hosting per month? Are you hosting this yourself? Web design seems to be not so much something they care about so no real expense there. Overall, this site seems to be a going concern because it is affordable and maybe has some content these thirty people want. I do wonder just how many though are seriously “using” the content as opposed to how many investigative entities bought access to “investigate” criminal activity. I suppose we could take all those bitcoin wallets and do some mining to see if anyone made some OPSEC mistakes but meh.

The second site in the darknet has a theme in that it is called “Japanese Lady Extermination” and they live up to that name with a lot of Asian/Japanese content. Between you, me, and the lamp post, we all know that the Japanese have some particular, well, shall we call them tastes in porn? On first look this site has much more content and the design is a bit better but is it a hub for this activity? How many people use it? Well, it seems that this one is the high price callgirl of the darknet in that they want some big bucks to get in on the action.

Dig this, they have two options for access. One is for a month of access which they want 0.6 bitcoins and the other for three months which costs a whopping 1.2 bitcoins! That translates into the one month access being $2493.34 and the three month plan being $5026.27! Now that is steep for access to some lady killin and if you have sticker shock so to do all the would be customers of this site as well. In looking at the wallets for the plans both have nothing in them. There are no transactions at all for both so this is a bust for the lady killers owners it seems.

Three months

One month

Three month wallet

Zilch

Nada

 

One month wallet

 

It seems to me that Japanese Lady Killin just ain’t a money making concern so far. Of course it seems that a lot of this content could be gotten via the clearnet and a vendor in Japan willing to ship a DVD so there is that. So that brings me to the conclusion that the darknet is not that scary and dark when you really take a look into it. Nope, what’s much more scary is the prevalence of this kind of thing on the clearnet available to all and easily gotten to by mistyping a URL. When I began Googling for links the first one that came up was darksites.net which is another site designed by our friends at Geocities.

My god.

…The horror.

The domain was created in 2000 so that probably answers the question right there. Why upgrade the site when you have a good thing going right? The site has a couple names attached over time from the WHOIS history and one of them goes back to a “Michael Guy” which has info out there. Just another rabbit hole one could go down to ask why? WHY? But I will continue on with the sites contents.

Domain Name: DARKSITES.NET
Registry Domain ID: 20065601_DOMAIN_NET-VRSN
Registrar WHOIS Server: whois.enom.com
Registrar URL: http://www.enom.com
Updated Date: 2017-02-18T07:42:12Z
Creation Date: 2000-02-17T20:13:39Z
Registry Expiry Date: 2018-02-17T20:13:39Z
Registrar: eNom, Inc.
Registrar IANA ID: 48
Registrar Abuse Contact Email:
Registrar Abuse Contact Phone:
Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
Name Server: DNS1.REGISTRAR-SERVERS.COM
Name Server: DNS2.REGISTRAR-SERVERS.COM
DNSSEC: unsigned

 

Darksites

Darksites

Darksites

Darksites

This site is the clearing house of all things deviant. All your desires can be sated with this list of things.

There are things I have never heard of here…

Like the whole cannibal thing I reported on before, all of this could just be fantasy and acting or it could lead to actual committing of crimes. As we saw on the cannibal sites it was all fun and games until someone got really eaten by that whacky German guy right? I am not trying to say that these desires are bad or dirty but the paraphilia’s could lead one down the wrong path if they go too far or are unbalanced to start with. In the case of Miewes in Germany he had been fascinating about eating people since he was eight years old. At what point do kinks turn into actual crimes? Now add to this that the clearnet seems to be the biggest purveyor of this fantasy fuel free on the net (or for a nominal fee) one has to start wondering just how many people have stepped over that line after becoming addicted to this kind of content.

I also have to look at the psychology of being exposed to this stuff and becoming hooked on it. You become inured to it and it becomes pedestrian, then you need more of it to sate yourself and perhaps even things that are even further outside the norms just to feel the thrill? I have read such things in treatises by psychiatrists in the past, so now instead of having to really do the leg work and go somewhere to get the content you can just Google it up. Think about the pathology here…

Interesting stuff.

Anyway, the other outcome from my foray into this dark world is that the darknet is not really so dark. Well, at least where it concerns this stuff, the clearnet has it beat by a mile in amounts and ease of access. And this is one of the things I started down this path wanting to get out there. Other than the voyeuristic aspects here, I wanted to take a plain look at the oft spookily talked about darknet and defuse the hype. It’s not that scary and it isn’t that hard to get into no matter what Hollywood would like you to think. Nope, it’s just another space for people to do things they probably shouldn’t with a cool name.

But hey, at least in the darknet I found a manual on how to Necrophilia…

Woo!

K.

Written by Krypt3ia

2017/09/28 at 18:01

Posted in DARKNET, Paraphilias

What’s eating you?: On-line Cannibalism in the darknet and clearnet

leave a comment »

 

There are so many mis-perceptions about the “Darknet” out there but when you really start to dig right down into the bone and sinew of it you start to see that it really isn’t so dark and certainly not as spooky as one might see on CSI Cyber. I for one have had a yen lately for a serving of cannibalism content on the darknet and boy I was kinda let down by the deep dark nopesauce that I found. See, when you look into the darknet and it blinks back you know you have come to the end of the line and it is time to go back to the clearnet for some real horror.

So yeah, I was messing about in the darknet with my spider looking for some marbled fleshy goodness that I had heard was available out there on the clearnet. You know how you Google something and the usual tinfoil alien type of search results come up? Well the same can be said for things like necrophilia and all the other paraphilias out there. The spiders turned up only one site that had cannibalism in there as a subject so I went there. The site is titled “Japanese Lady Extermination” and it is true to its name in content.There’s a lot of Japanese lady killin going on in there on film and yeah, no, I am gonna opt out of the bitcoin purchases there. No, what I wanted was full on cannibalism for realz and I was bound and determined to find it!

I finally found a link in the darknet to a clearnet Reddit site that had the url to an archived version of “The Cannibal Cafe Forum” a now defunct site that was archived by the nascent “Wayback Machine” at archive.org. Now this site was stood up in 2001 (May 2nd was the spider) and it served up a board feature for those who wanted to roll play cannibalism …Maybe? I am not quite sure on how many of these “Fine Young Cannibals” were serious about their desires and how many weren’t, well, except for the one case where the guy actually killed and ate the other guy!

…but now I am getting a head of myself….

*snicker*

OK! So this board on (necrobabes.org) was stood or was run by someone calling themselves “Perro Loco” or the “Mad Dog” and they ran the show using an email address for their own domain of perroloco.net (see whois data below *wink*) which still exists today and in fact has spawned another site in the aftermath of the flame out of necrobabes circa 2003. As you can see from the screen shots below this site was pretty active and they had a bunch of links for services, offerings, and an application to become …well …uh …meat?

Livestock available

Application to be …Livestock

Films and animations

“Stockman” Association I guess you could join the “club”

Loco’s actual daughter who wanted to get into porn….

Another one to be served up

I can’t even make this shit up!

Click me…

Right, well looking at all those images you get a sense of what the flip was going on in there back in the day. It was all good, if you can call it that, until it went bad for Perro and his merry gang of paraphiliacs. I mean, never mind that he is serving up his own daughter in this thing and all of the cray cray “eat me” discourse that is fairly graphic but man these people had no idea what they were doing OPSEC wise either. I understand it was 2001 and really the net was new but boy oh boy did they leave a trail to their real identities here. If you decide to take a look at the archive note that their IP’s were captured for each post as well as they were offering up their email addresses that they CONTINUE TO USE! I have looked up several and located their real names and locations today.

<BLINK>

OY VEY!

</BLINK>

Now I am going to pause here for a moment to take all this in and maybe say a couple things about pathology and psychological illness…

Eh fuck it.

On to the CRAZIER CRAZY!

So yeah everything was just super great in the Cannibal clearnet back in 2001 until a certain character showed up on the board. His name was “Franky” and he was a German dude who wanted to eat someone and this was the hot spot for this kind of thing right? Well, maybe it was and maybe it wasn’t. I mean all these folks may actually have been just living out their fantasies right? Well Franky would have none of that, he was gonna chow down and he was gonna have a nice time at it provided he could “meat” someone at necrobabes.

Oddly enough you all may know of Franky through the IT Crowd. Does everyone remember the IT Crowd episode titled “I want to cook with you” ? Well, this parody is based on Franky, the German IT guy who put an ad out for someone to eat.

Go on, click the video, I know you wanna… I will be waiting below.

Franky

Young Boys

MOAR FRANKY

Frankalicious

Armin Meiwes

Franky, aka Armin Meiwes literally wanted to eat someone and had wanted to do so since he was eight years old. He met a poor sod on the cannibal site who agreed (Bernd Brandes) of whom he ate about 20kg of his flesh. You can read the grizzly bit below on how that happened and the whole article right here. It seems that Bernd was rather tasty and Miewes took his time with the rest saving it in the freezer for later. I am guessing that after Miewes was caught and the searches were begun it quickly became apparent that he had been on the necrobabes site. I kinda have to wonder at how they all took it on that site. I mean, they were all into the cannibal thing, they talked a good game but just how many of them were all McConaughey about it…

So the site pulls the cannibal board and sometime later the site kinda dies itself. Meanwhile your friendly neighborhood “loco” is like “I am gonna start my own site now man, I need me some cannibalism!” and get’s a new domain started. This site is supposed to be private and you have to email to get an invite. So, me being me, I decided to use a cutout and send an email in to get that freaky e-vite! I got turned down though, so I was disappoint! That is until I decided to use my super Google Fu and shit, he really hasn’t secured the site. You can see all the shit in there with a good Goog session and in the end there isn’t much traffic in there at all. I guess you can’t keep a good cannibal down but you can not sign up for his whacky site and just move on to other places right?

His site is still up and MAN is it GEOSHITTIES

DUDE DUDE DUDE NO MENTION OF DOLCETTEGIRLS?

Who is this Poizner cat?

The perro himself…

dolcettegirls.com

Inside dolcette

More boards and it’s all quiet

For more just use the Google Fu: site:dolcettgirls.com
Now you can just say well that guy is a bit whack and move on but once you start going down the rabbit hole on him you kinda just get sucked into the Nick Cage level shit in Eight Millimeter. Ancillary searches on this guy turned up some real crazy shit. I mean just look at that photo of him above here!

Holy Church of Dolcette?

WHAT THE?

I CAN’T!

It seems like ol’ Perro wanted to have himself a cannibalistic religious org that could maybe be tax exempt? I can imagine that might be hard to get past the IRS, I mean, how are you gonna make that a religio… Wait.. Wafer and wine…

SHIT!

Whoa!

Anyway, Perro is still kicking around on the tubes and seems to have slowed down but where have all those cannibals gone since the necrobabes site went bye bye? Well, it isn’t to the darknet as far as I can tell from all my searches. Nope, it is once again the clearnet that hosts this kind of crazy and I found the new mother load by accident.

It seems all the kids are now at ForumJar which is a low end board much like the original necrobabes but this one is much more sedate and hidden. These people are offering themselves and looking for others to consume just like the old days so I guess you really can’t keep a cannibal down eh? These guys though seems to be a little more savvy about their security but even so, one I looked at is looking for a “chunky” female and offers a kik address to chat them up. I read this and just had a flash of Hannibal Lecter asking Starling if Bill’s ladies were “roomy”

New board

Secondary board

Take me!

“Chunky female”

Well, I guess it’s time to put the lotion on the skin…

Remember, this is what happens when I have idle hands kids. All in all, this is pretty twisted and it all lives mostly in the clearnet so don’t believe all the BOOGA BOOGA DARKNET shit you hear. The clearnet is maybe even more scary and when you think about it, kids today can just google this up and get an eye full.

…. Even if you have those filters on your router.

Heh.

K.

UPDATE: As if by some quirk of fate this turns up today in the news… 30 people eaten at least! http://www.independent.co.uk/news/world/europe/cannibal-couple-eat-30-people-russia-dmitry-baksheev-natalia-military-aviation-academy-krasnodar-a7967216.html

Written by Krypt3ia

2017/09/25 at 21:08

Posted in DARKNET

The Psychopath: A Darkweb Manifesto

with 7 comments

The darkweb spider kicked out an interesting albeit kind of freaky site this morning for me. The site “The Psychopath” has a long rambling diatribe on how the world has become too domesticated and that this group, the psychopaths, are starting a war against “the man” so to speak. I honestly had a hard time reading this darkweb manifesto because it is poorly written in a long winded sort of way as well as reminded me greatly of Ted Kaczynski‘s rant that he sent to the New York Times and other papers back in 1996. The rambling text with the pseudo educated diatribe on this site reminds me of Ted’s particular bent as well about society and it’s ills. In this case though it seems that the creators have a grudge against societies conformity.

The site names names of targets they have in mind and claims there will be actions against them while seeking to entice you yet scare you to their position and call to action. I will keep an eye on this one to see what else comes of it and perhaps do a little more digging on the clearnet for hints as to the person(s) involved. Until then, I leave you with the full in screen shot and uploaded here for you to read through. It seems that they set up the robots.txt well so I could not wget it.

 

Written by Krypt3ia

2017/08/07 at 20:11

Posted in DARKNET

The Darknet As Medium for Proof of Life K&R Deals AKA OpFOQ

leave a comment »

Last week someone pointed out a story about how the Qatari government or relatives of some Qatari’s that had been kidnapped on a falcon hunt had started a darknet site and a fund in bitcoins for information on their whereabouts and return. This story intrigued me so I went looking for the site and someone on Twitter kindly pointed to it and the twitter feed with the address. I went to the site and took a look at it and then started looking at the larger picture of who the Qatari’s hired to do this as well. What follows are my thoughts on using a darknet site like this for proof of life and or transactions like this as well as the company that the Qatari’s turned to to do it for them. Of note is that this attempt was closed down as soon as the story came out in the press so that is an added twist but given the things I have seen it makes total sense why a little light on the subject would make the “company” hired by Qatar to close shop and run away.

Qatari’s abducted falconing

Global Strategies Council Inc:

As reports online had mentioned, the “company”  Global Strategies Council, was given 2 million dollars up front for work attempting to get proof of life for the abducted falconers. I decided to look further than the reporters (at least as much as they reported) and found some interesting things concerning this alleged company and the person(s) involved in it. First off, the company is so stealth that you have to really dig a fair bit to get to the guts of what it is. Even then, you really do not get much detail on who is in the company, who works there, and what it does exactly. The hinge seems to be on this “shoe salesman” or “Shoe Mogul” if you will, Miltos Goudamanis and no, it is not Militas as you see in the reports in the news. His real name is Miltos and he has a rather obscure past, unless you just go with the shoe angle.

Miltos is evidently the international sales guy for “Naughty Monkey” shoes, a crappy ass site that sells shoes and poorly for a number of years attached to Cyprus. Now, one lately hear Cyprus and think first off of money laundering and banks and so did I. I checked the Panama papers and he is not in there but generally everything is pretty sketch around this guy. Naughty Monkey is the most solid hit for this guy that you can backtrace, so now one has to ask how does the Greek Al Bundy get to the point of dealing with international terrorists and asking for an advance of 2 million dollars to set up darknet sites eh? That question kept ringing in my ears as I dug deeper into the inception zone.

If you look at all the data above in the screen shots you can see that this guy has no real experience with military or national affairs so how does he suddenly become a director or chair at this Global think tank? Furthermore how does a guy who makes less than 10G’s a year is getting a net of 499k?

Blink blink…

SHOES MUST BE SELLING LIKE NO TOMORROW!

This is starting to smell like some rotting carcass in the San Diego sun….

So yeahhhh, this “company” this think tank specializing in… In what? Well, fuckall really, is being run out of this condo it seems in San Diego according to all the records I could find. In fact the phone number to the place also matches with a land line for the area. Not one thing about this company says it has offices in Washington DC at all. Even though their site makes all kinds of DC imagery and allusions to connections therein… Obliquely that is.

Saaaaaaaayyyyyyyy.. is that office condo space zoned for this kind of fuckery?

Looking at their site you have to just ask yourself after reading it all; “Is this Enron?” because they seemed not able to tell you exactly what they did either and look what happened there huh? There are no employees, no experts listed on their rolls and certainly very little on Miltos as to his history or education for these kinds of things. If I were the Qatari’s I would be asking the guy who hooked this all up what cut of that two million he got. I am just gonna lay it out here in plain language;

  1. Company site is poorly made and has no real data
  2. No employees
  3. No history
  4. Two million up front and we get proof of life!
  5. PROFIT!

This all screams scam and when the whole operation was shut down I think we all got the same feeling about it huh? How are the Qatari families feeling about this? Is this guy just an opportunist shoe hawker or is there more? So far as I can tell this guy has been trying for years to get USGOV work and hasn’t been able to land anything. So a little grift for a cool two million and a cheap darknet site/twitter account is easy peezy.

About that darknet site….

Darknet Site:

The idea behind this site was to allow the hostage takers a medium to connect with the alleged “middle man” Miltos, to get in touch as well as maybe open source this thing so that anyone with information could leave a tip. Now, on the face of it this may be something of use if you keep it really down low and release that information only to the hostage takers right? I mean you leave this on the darknet and then publish it in the paper you are only gonna get trolls right?

I went to the site and checked it out. It was a clone of the global leaks site (using their frame) and you could create an ID and drop information there. You could log back in and see what responses came from Miltos and his crew but when I looked there were no other info drops that I could see. I signed up and got a number just to see how it would work.

Basically this was ill thought out and deployed so once again I think fly by night and not really meant to gather real intel on the status of the poor Qatari’s who have been jacked. Of course, it is now all shut down according to the Twitter account for the “Op” so so much for gathering information of proof of life for the families of those Qatari’s huh? I will keep an eye on the site to see when it comes down but generally I suspect it will just sit there on some rented space littering the darknet for years.

Thoughts on Darknet as Medium for Ransom:

Aside from thinking that this whole thing was just a grift by this guy Militos and his wife, the notion of using a site in the darknet as a means of proof of life is iffy at best. I should think that the terrorists or whoever that took these people is not surfing the darknet in the first place and would just as easily pick up a sat-phone or regular phone and call the Qatari government with their demands. These arcane measures just isn’t their shtick man.

For that matter just use a cutout gmail account and PGP huh? What the fuck! This whole debacle is just an exercise in how to pull off a short con on a lot of families looking for answers about their lost loved ones. If I were Qatar, I would be asking this Ali Hani about his connections to this Greek guy in San Diego tootsuite man. I am sure the money is spent already anyway…

Oh and as for the hacker angle of “OOOH SCARY HACKERS IN THE DARKNET MAKE SITE” cut the shit media! Anyone with half a brain can stand up a site in the darknet so cut it the fuck out. There was nothing spectacular here other than the lede that looked good for clickbait.

Now.. About those lost Qatari’s….

K.

Written by Krypt3ia

2017/04/17 at 17:09

Posted in DARKNET