CgAn – Rogue Media: Introductory Guide To DarkNet’s

The Internet is the global system of interconnected computer networks that use the Internet protocol suite (TCP/IP) to link devices worldwide. It is a network of networks that consists of private, public, academic, business, and government networks.

The 3 Layers of The Internet:

ClearNet. The “World Wide Web,Surface Web, ClearNet or simply referred to as the Web. Quite simply, the Surface Web refers to the portion of the internet only accessible by standard search engines – such as Yahoo, Bing and Google. While Google search results may feel endless at times and while you might think of them as being quite large in size, in reality, the Surface Web only consists of roughly 7% of the combined browse-able/accessible internet. Typically, it’s used for Email, Fax, File sharing, File transfer, Games, Instant messaging, Podcasts, Voice over IP, Searches, Streaming – etc.

Deep Web. The “Deep Web,” invisible web, or hidden web are parts of the World Wide Web whose contents aren’t indexed by standard search engines – for any reason. Rather, the content is hidden behind HTML forms, Javascript and custom code to protect it from the public eye. Generally speaking, the Deep Web is host to roughly 92% of anything which can be found on the internet. Typically, the Deep Web consists of information such as web archives, scholarly articles/resources and network databases such as cloud servers. While this isn’t the case 100% of the time, you usually also need a 3rd party software system, such as the “Tor Browser,” in order to access at least some of its content as well.

To describe how it works, think about all of the web pages you can visit on your bank accounts homepage or email account. While all of those sites, links, addresses and emails technically exist on the internet, and while you can still search Google for Bank of America‘s website, this doesn’t mean you can search Google for the web pages associated with each Bank of America’s customers accounts. Nor can you search Google to find everyone elses emails hosted on Gmail – get it? Those web archives still exist on the internet all the same as their homepages, but are not indexed on the Surface Web to be publicly available – which is why we say they exist on the Deep Web, below the normal surface layer of the internet.

DarkNet. While the Deep Web is in reference to any site that cannot be accessed through traditional search engines, the “DarkNet” or “Dark Web” is a small portion of the Deep Web that has been intentionally hidden to hide in plain site, and is completely inaccessible via standard browsers and search methods. The DarkNet is by far the smallest layer of the Internet, estimated to consist of less than 40,000 websites in total – less than 1% of the browse-able internet.

Not only will you need to install a special type of software to access a DarkNet website, but the URL Address associated with it will almost certainly be encrypted with a randomized sequence of numbers and letters – literally making it impossible to find or type in by accident. Instead, you must know exactly what this sequence is – usually from someone else who already knows or has it. Even then, once there, you will also most likely need to enter a custom password in order to enter – making it virtually impossible to browse any DarkNet webpage without the proper permission.

As explained by CyberGuerrilla, DarkNet websites don’t rely on the IP/DNS system (typing mysite.org in a web browser will take you to an IP address like 10.11.12.13). Darknet websites are accessible only through networks such as Tor “The Onion Router” and I2PInvisible Internet Project” and their respective software. Identities and locations of DarkNet users stay anonymous and cannot be tracked due to the layered encryption system. The DarkNet encryption technology routes users’ data through a large number of intermediate servers, which protects the users’ identity and guarantees anonymity. Due to the high level of encryption, websites are not able to track geo-location and IP of their users, and users are not able to get this information about the host; communication between DarkNet users is highly encrypted allowing users to talk, blog, and share files confidentially.

The DarkNet is also used for illegal activity such as illegal trade, forums, and media exchange, making it a prime target for Law Enforcement Agencies around the world. The 2 main DarkNet‘s networks are TOR (The Onion Router) and I2P ( Invisible Internet Project). While Tor focuses on providing anonymous access to the Internet, I2P specializes on allowing “anonymous” hosting of websites called “Eepsites.

Active Darknets worth mentioning:

Freenet is a peer-to-peer platform for censorship-resistant communication. It uses a decentralized distributed data store to keep and deliver information, and has a suite of free software for publishing and communicating on the Web without fear of censorship
GNUnet another peer-to-peer network that offers users full link encryption.

Decentralized network 42 (not for anonymity but research purposes)

Syndie is software used to publish distributed forums over the anonymous networks of I2P, Tor and Freenet.

Riffle is a client-server Darknet system that provides secure anonymity and minimal bandwidth

Tor Browser and Tor-accessible sites are widely used among the Darknet users and can be identified by the domain (.onion). Servers configured to receive inbound connections only through Tor are called hidden services. Rather than revealing a server’s IP address (and thus its network location), a hidden service is accessed through its onion address,

The TOR Network works by bouncing your communications around a distributed network of relays (nodes) run by volunteers all around the world: it prevents somebody watching your Internet connection from learning what sites you visit, and it prevents the sites you visit from learning your physical location.

Tor passes your traffic through at least 3 different servers before sending it on to the destination. Encrypting your packets and bouncing them around the Internet isn’t cost less. All that extra work means that browsing the Web via Tor feels sluggish compared to using a conventional browser. Tor is not meant to completely solve the issue of anonymity on the web and is not designed to completely erase tracks but instead to reduce the likelihood for sites to trace actions and data back to the user. Users are also warned to use https versions of websites, not to use Tor over Tor, not to torrent with Tor, not to enable browser plugins, not to open documents downloaded through Tor while online, and to use safe bridges. Also, Bittorrent over Tor is not anonymous.

References:

https://en.wikipedia.org/wiki/Internet
https://en.wikipedia.org/wiki/Dark_web
https://en.wikipedia.org/wiki/I2P
https://en.wikipedia.org/wiki/Tor_(anonymity_network)

Software:

The FreeNet Project: https://freenetproject.org/pages/download.html
The Tor Project: https://www.torproject.org/
I2P: https://geti2p.net/en/download

Projects Using TOR:

Tor Browser: https://www.torproject.org/projects/torbrowser.html.en – comes with a pre-configured web browser to protect your anonymity, and is self-contained (portable)

TAILS Operating System (Linux): https://tails.boum.org/about/index.en.html – Tails is a live system that aims to preserve your privacy and anonymity

Whonix Operating Systems (Linux): https://www.whonix.org/ – Whonix is a Debian GNU/Linux based security-focused Linux distribution. It aims to provide privacy, security and anonymity on the internet

Orbot (Tor for Android OS’s): https://guardianproject.info/apps/orbot/

Warnings:

Some links may be disturbing and dangerous to visit.

To avoid be tracked or watched online, I strongly recommend you to run a VPN service on the system that you access. VPN will give you a double layer protection against the unknown.

** DISCLAIMER: BEFORE YOU ACCESS THESE LINKS YOU SHOULD UNDERSTAND THAT SOME CONTENT PROVIDED ON THESE DEEP WEB LINKS MIGHT BE DISTURBING, UNPLEASANT OR FRAUDULENT. VISIT THEM AT YOUR OWN RISK. WE RECOMMEND TO USE THOSE DEEP WEB LINKS ONLY FOR RESEARCHING PURPOSES! WE ARE NOT RESPONSIBLE FOR ANY DAMAGE CAUSED BY YOUR ACTIONS! **

Some Popular TOR .onion Sites:

http://hss3uro2hsxfogfq.onion/ (notEvil search engine)
http://xmh57jrzrnw6insl.onion/ (TORCH search engine)
http://uhwikih256ynt57t.onion/wiki/index.php/Main_Page (Uncensored Hidden Wiki onion link)
http://answerstedhctbek.onion/ (uncensored General-subject Q&A forum)
http://torvps7kzis5ujfz.onion/ (VPSSHell .onion hosting)
http://grrmailb3fxpjbwm.onion/ (TorGuerrillaMail – Disposable Temporary E-Mail Address)
https://protonirockerxow.onion/ (Fully encrypted email hosted in Switzerland offering free accounts)

Clearnet HTTPS signup & JavaScript! Must pay or verify via previously existing email or SMS to get an account

http://nzh3fv6jc6jskki3.onion/ – Riseup provides online communication tools for people and groups working on liberatory social change
http://tetatl6umgbmtv27.onion/ (Tor Chat roulette style service)
http://6dvj6v5imhny3anf.onion/ (CyberGuerrilla leAkboX)
http://76qugh5bey5gum7l.onion/status.xsl (Deep Web Radio)
http://deepdot35wvmeyd5.onion (DeepDotWeb -Surfacing the News)
http://grams7enufi7jmdl.onion (Search Grams)
http://kpynyvym6xqi7wz2.onion main.paraZite (Anarchy files and Underground)
http://valhallaxmn3fydu.onion (Valhalla Market)
http://silkkitiehdg5mug.onion (Silkkitie Market)
http://lchudifyeqm4ldjj.onion (Dream Market Dark Web Market)

Some I2P:

http://direct.i2p/ (Direct Search)
http://forum.i2p (Main i2p Forum)
http://imgbi.i2p img.bi (Secure Image Hosting)
http://pastethis.i2p/ (Pastebin)
http://zerobin.i2p (ZeroBin)
http://git.repo.i2p/ (Anonymous Git Hosting)
http://freedomforum.i2p/ (Privacy Forum)
http://leakager.i2p/ (A Cat’s Mirror of Wikileak)

General Chatter Putting In Perspective:

[Mink] oh, then go go go
[Mink] right, today we are going to talk about Darnets and TOR in particoular
[Mink] *darknets
[Mink] i made few notes to read to get us started
[Mink] https://pad.riseup.net/p/r.50b7831a5a3e919781433e4819976169
[Chanlog] Title: Riseup Pad (at pad.riseup.net)
[Mink] please, wait 10 minutes before starting to ask questions
[Aspire] ok
[n1ck1] yeah
[Mink] i’ll just write few points here while you read
[Mink] the Internet is big, really big
[Mink] what we think of the internet are webpages, blogs, email, instant messaging, webradio, voip (like skype) etc
[Mink] most of those services use the tcp/ip protocol to connect the resouces together
[amoruxX] When do we start ?
[RedAcor] Already started.
[Mink] oh amoruxX , we just did
[Mink] fundamental to make the internet work is the IP/dns concept, where a number (like 176.23.98) gets translated to a name (like mysite.com) and back
[Mink] this makes these resources available to the public and available to Search Engines (like google and yahoo)
[Mink] once a new website name is registered, a IP address is assigned to it
[Mink] this is what most people call “the internet” but there is much more
[Mink] there is a part most people will never see
[Mink] it is hidden on purpose
[B[U]G] where the address is assigned by your isp Internet Provider Service , where are two ip address ( public ) and ( local ) with mask subnet and principal gateway , the public have han UDP connetion to the internet call other service and TCP have an entrance connection to localhost
[Mink] imagine big companies networks, government agencies, or really anyone that doesn’t want their site or resources been indexed by search engines
[Mink] that we will call “DARKNET” or hidden web
[Mink] sorry “deepweb”
[Mink] :”)
[Mink] deepweb/invisible/hidden, basically not available to the public
[Mink] unless you have a login/password or a very precise address
[Mink] the deepweb is the biggest part of the internet
[B[U]G] This is because it is not possible to search through a search engine because each address is generated randomly
[Mink] in the deepweb, there is a small portion that we can only see with “special software”
[Mink] that we will call “darknet”
[Mink] for today we will talk about the main Darknet networ, the TOR (onion) network
[Mink] with TOR software (like torbrowser) we can access the normal web AND the onion network
[Mink] onion sites end with .onion and use different protocols from the norm
[Mink] the TOR network anonimize both the user and the server, automatically
[Mink] as a user, your traffic will pass trough at least 3 different servers, before reaching the target site
[n1ck1] what are the names of the different protocols for me to look for later?
[B[U]G] thanks to a connection called “onion”, by most users who share the relay
[Mink] sock
[B[U]G] “cipolla”
[n1ck1] ok tks
[n1ck1] I need t reed more about socks
[Mink] all the traffic from those servers (called “nodes” or “relay nodes” is encrypted
[Mink] making using the tor network slower than normal
[Mink] surfing the web is the main use of TOR, but it can be used to send/receive mail, IRC (like i’nm doing right now) or even voip (IF YOU CAN GET A FAST CONNECTION
[Aeolus] you can voip through tor?
[Mink] yes, with a bit of luck
[Aeolus] cool, didnt know that
[Mink] TOR can be used pretty much like any other proxy
[Mink] u could plug it in Thunderbird for emails
[Mink] in Hexchat for IRC
[B[U]G] using the gpg encryption with thunderbird or claws mail for more security
[Mink] in Mozilla for ftp, etc
[n1ck1] voip + “proxuchains firefox(TOR)”
[n1ck1] three at a time, using a VPN to open the terminal with the configured proxychains and run the TOR browser??
[Arkhangel] why with torrent no, p2p
[Arkhangel] ?
[n1ck1] VPN….voip=error
[Mink] no, but you can use vpn+TOR
[Aeolus] like me
[n1ck1] why not proxychains too?
[n1ck1] tor first or VPN first?
[B[U]G] proxychains is a simple script
[Aeolus] vpn then tor
[Aeolus] for me
[B[U]G] tht filter tor
[Aeolus] others prefer elseway
[Mink] Bittorrent over Tor is not anonymous, becouse needs to aware of other seeds/leecher sharing the files
[B[U]G] you can use for launch any application
[l0t3D_] what difference does it make
[Mink] also would put too much stress on the network
[Arkhangel] Aeolus, if someone uses TOR then VPN, I dont think he can access to onion network xD
[l0t3D_] Mink how do you even Bittorrent over tor?
[Mink] so p2p with TOR: possible, but really a waste of time
[n1ck1] yeah…rsrsrs I see
[B[U]G] l0t3D_, set tor as proxy socks
[B[U]G] or http
[B[U]G] (client)
[B[U]G] or generate
[Mink] again, it’s just possible to plug TOR port in your client
[B[U]G] iptables rules
[n1ck1] VPN + TOR is the best right?
[Mink] yes n1ck1
[Arkhangel] Mink do u mean that seeders/leechers should know your real IP?
[B[U]G] the best configuration are , tor – vpn – tor ,
[Mink] but now.. the bad part
[Aeolus] Arkhangel i used to be able to do that especially with my whonix settings
[l0t3D_] so to “torrent over tor” you need to plug TOR into my bittorent client
[Aeolus] i talk about normal browsing when you want to use tor as an extra layer
[Arkhangel] Aeolus U think that the best configuration is the config shown by B[U]G XD
[l0t3D_] but if i torrent normally and TOR is running that’s okay right?
[Mink] yes Arkhangel ,serius bitorrent users should use proxies or VPNs , not TOR
[Aeolus] Arkhangel xD
[Mink] yes l0t3D_
[l0t3D_] okay
[Arkhangel] what is the bad part? Mink
[Mink] ok, let me make one more point, then u free to ask questionbs
[Mink] right, bad part is TOR is not perfect
[n1ck1] a few days ago they tracked the IP of many users
[Mink] and it’s been under scrutiny for vulnerabilies for years
[Arkhangel] I think* (I wrong to write before lol)
[Mink] “”Tor is not meant to completely solve the issue of anonymity on the web and is not designed to completely erase tracks but instead to reduce the likelihood for sites to trace actions and data back to the user””
[Mink] there are ways and attacks to “deanonimize” a small portion of TOR users
[n1ck1] how?
[B[U]G] for example
[Aeolus] like FBI running nodes
[B[U]G] a plugin
[Aeolus] 😀
[B[U]G] in browser
[B[U]G] you can deanonymize you
[Mink] ” Users are also warned to use https versions of websites, not to use Tor over Tor, not to torrent with Tor, not to enable browser plugins, not to open documents downloaded through Tor while online, and to use safe bridges.”
[Arkhangel] why?
[B[U]G] by an javascript exploit
[Arkhangel] how a plugin can do this?
[l0t3D_] Aeolus do they?
[Aeolus] yes ofc they do
[B[U]G] or you find it on an exit node,
[Arkhangel] a javascript exploit that affects the TOR software or the plugin itself?
[Mink] the NSA is known to have run TOR “nodes” , also known as a man-in-the-middle attack
[n1ck1] TOR over TOR?
[l0t3D_] Tor over Tor? Mink
[Mink] never tor-over-tor
[l0t3D_] hahaha n1ck1
[l0t3D_] how do you even TOR over TOR
[n1ck1] so far so goof rsrsrs
[Mink] that would be running 2 instances of TOR
[Arkhangel] in which manner TOR over TOR can make u not anon?
[l0t3D_] Mink tor stops you from doing that
[n1ck1] like in the real machine and the VM use TOR?
[B[U]G] sure
[Mink] it’s like an internal thing, the “relay” will just not work, 2 likely result, no traffic go trogh, or worse no encryption between the relays
[Arkhangel] lol
[n1ck1] I’m going to print this
[Mink] if you don’t like the 3 “hops” of a standard TOR connection, you can ofcourse increase it
[forceMajeure] the problem with using tor to browse is that 99 out of 100 people will deanonymize themselves by accident without ever realizing it. User error
[Arkhangel] n1ck1 this lesson will be printed later
[Arkhangel] n1ck1 u can access it on the site of cg
[B[U]G] you can use a gateway into your vm as whonix , then use a vpn on you local machine host , and reuse tor setting of your vm gateway
[Mink] ok, now, to cover my ass
[n1ck1] ok thanks Arkhangel
[Mink] WARNING: BEFORE YOU ACCESS THESE LINKS YOU SHOULD UNDERSTAND THAT SOME CONTENT PROVIDED ON THESE DEEP WEB LINKS MIGHT BE DISTURBING, UNPLEASANT OR FRAUDULENT.
[Mink] VISIT THEM AT YOUR OWN RISK.
[Arkhangel] forceMajeure how an user can realize it?
[n1ck1] ok….send please
[Mink] you can see from the list at the bottom of the pad
[Mink] there is a bit of everything
[Mink] email services, blogs, forums, chats
[forceMajeure] lets say you visit your own website, log into ANY account associated with your real identity, attack a cpu of someone you know, just little things
[Arkhangel] forceMajeure and what are the user errors that bring the user to be deanonymized?
[Aeolus] use tor to log to FB
[forceMajeure] look up
[Mink] of course all end in .onion, and using a normal browser won’t work
[Aeolus] something stupid like that
[Arkhangel] forceMajeure ah ok… this should answer to my second question
[forceMajeure] turn on js to access a site, etc.
[Arkhangel] ty
[Arkhangel] forceMajeure why if I use js to access a site, I m not anon anymore? js stores my real IP over TOR?
[Mink] remember, and this is for clearnet aswell, your browser is the single most dangerous point of failure
[forceMajeure] if the site is compromised, someone can use something like burp to insert a malicios js
[forceMajeure] they did it at defcon years ago
[forceMajeure] you should always be using noscript
[Mink] ok, questions, and please let me answer first before giving your opinion
* Aeolus agrees with Mink
[Arkhangel] forceMajeure so if I am on TOR network, if I go on a onion malicious website and I click where I have to not click, this malicious js can decrypt the routing information to get my real IP?
[Mink] yes Arkhangel
[Arkhangel] lol
[forceMajeure] ))
[n1ck1] Is it set by default to accept or reject scripts?
[Arkhangel] sorry but, at this point
[n1ck1] TOR Browser
* Aeolus thinks we all tell shit and not let Mink who knows educate us
[Arkhangel] why didnt they do a strong encryption?
[Arkhangel] that cannot be decrypted?
[Arkhangel] like
[Mink] even worse, it can inject code into your browser, activate your webcam and mic, take screen shots and much more, no kidding
[forceMajeure] true story
[Arkhangel] not inverse hash algorithms
[Arkhangel] not invertible*
[Mink] nothing to do with encryption, JS runs on your computer, not the server
[Arkhangel] Mink if I click on a js hosted on an onion website, it runs on my pc?
[B[U]G] depends
[B[U]G] you can
[Mink] not only .onion
[B[U]G] disable flash/javascript
[Aeolus] js runs client-side
[B[U]G] and disable WebRTC leak
[B[U]G] on you browser settings
[Arkhangel] good to know XD
[Arkhangel] y
[Arkhangel] I have other different questions
[Mink] ok
[Arkhangel] the onion websites store the (false) IP of each user accessing to it?
[Mink] no
[m00trix] Let’s just agree on that TOR is great. If used out of the “box” the TOR Browser will in most cases keep you safe. If you decide to disable or allow sites through the build in TOR Browser plugins, you are taking a risk that not even TOR, nor any other level of anon tools can protect you from.
[RedAcor] For webrtc settings: https://www.privacytools.io/#webrtc
[Chanlog] Title: Privacy Tools – Encryption Against Global Mass Surveillance (at www.privacytools.io)
[B[U]G] or simply edit your about:config asd
[Arkhangel] Mink, if today TOR gives me a certain IP address, tomorrow or after a month, another user of another part of the world can be assigned to that same IP?
[B[U]G] to http.refer and media.peer connection
[m00trix] Arkhangel, yes that is the hole point…
[Mink] the TOR network will not need your IP address, the danger of that comes from javascript/ajax/bad code
[B[U]G] how all – all store a log , depends if the owner delete it
[Arkhangel] m00trix why “hole point”?
[m00trix] yea
[m00trix] if 200 users on that exit node
[m00trix] with the same “ip”
[B[U]G] but the node change every time
[m00trix] you get plausible deniability
[Arkhangel] is it a problem if an IP assigned by TOR is used in the future by another user?
[m00trix] no
[m00trix] its a bonus
[Arkhangel] ah ok xD
[Mink] again, TOR will not give you an IP address, but an “identity”
[m00trix] yea Mink
[Arkhangel] Ok Mink so that “IP” address does not work on IP protocol?
[m00trix] I think he means when using the browser, it tells the exit nodes ip
[m00trix] 🙂
[Arkhangel] yes, in practice
[l0t3D_] okay so if i have scripts disabled globally but lets say i enable it only on youtube to play a video
[n1ck1] how many connections can a node make with the same IP
[Mink] yes Arkhangel , TOR architecture does not use the same IP ]DNS as normal internet
[m00trix] that IP is your source proxy IP when browsing trough the TOR browser
[m00trix] or using any service to proxy through it
[n1ck1] and how many users can be on the node at the same time?
[l0t3D_] could another malicious website use that youtube tab to attack me?
[Mink] when a new .onion site is created it doesn’t get a IP address, but a .omnion address
[n1ck1] sorry…. my mistake
[n1ck1] but a node can handle how many requests?
[n1ck1] and perform how many for another node?
[B[U]G] all it’s possible this it happens if youtube link it’s embedded in page builded ad hoc
[m00trix] Mink, still, when you use the TOR Browser, it will tell you what the exit nodes IP is when you start it. That exit node IP is also the source of the browser requests you make and the source of any program you proxy trough it
[Arkhangel] Mink in practice you are saying that, unlike normal internet where a service like a website is on the 3rd level (IP level ISO/OSI), the onion network is completely on the 7th level (application level) of the
[Mink] ok, to spend those few minutes: TOR isn’t the only darknet network
[Arkhangel] ISO/OSI?
[m00trix] okay stop
[l0t3D_] if it’s a normal youtube link i opened myself B[U]G?
[Mink] wot?
[B[U]G] depends if in source
[B[U]G] a function
[B[U]G] call
[m00trix] When you are using the TOR browser, to go on midgetporn.org or whatever. Midgetporn.org will see your source IP as the exit nodes public IP
[B[U]G] a malicious “file”
[B[U]G] or host
[m00trix] simple as that
[Aeolus] guys thanks for today info. i suppose logs will be up later so i can read again, got to go.
[Aeolus] good work Mink thx 🙂
[Mink] you welcome Aeolus
[Arkhangel] in practice m00trix your machine is overlapped on the exit node
[l0t3D_] but if there is nothing in this source but there is a malicious “file” in another tab i have opened in the same time but I have no scripts enabled?
[m00trix] fire up the TOR browser, and press the “test tor…” thingy
[forceMajeure] Is it possible for tor to assign you a new circuit while an existing connection is still established say through a python script ran through port 9050
[B[U]G] for example : [script src=”DownloadThisEvilCode.js”/] [iframe]youtube embedd[/iframe]
[Mink] Arkhangel, , you want to rephase your question?
[B[U]G] afk
[forceMajeure] thus severing the connection
[m00trix] any site that want’s to can see the visitors source IP – and with TOR browser, that source IP is the IP of the current exit node your are on.
[Arkhangel] Mink, about the https://en.wikipedia.org/wiki/OSI_model
[Chanlog] Title: OSI model – Wikipedia (at en.wikipedia.org)
[m00trix] really pretty simple
[m00trix] jesus
[Mink] yes forceMajeure , not only possible, but advisable, tor will change nodes randomly to add anonimity
[Mink] Arkhangel, i know the OSi model :/
[forceMajeure] but what happens to the connection that was established before the circuit changes
[Arkhangel] Mink, if the normal websites have associated IP
[forceMajeure] is it passed into the new connection
[Arkhangel] so the 3rd level of OSI model
[Arkhangel] the onion network, since it does not have IP, it is completely on the application level of OSI model?
[m00trix] no
[forceMajeure] I guess I could see what happens by sending newnym to 9051 I just thought of that
[Arkhangel] since it does not have IP ( i mean the onion websites)
[Mink] no Arkhangel
[m00trix] you need to not compare hosting an onion site with using the TOR browser
[Mink] lets’ amke it clear TOR and TORbrowser are 2 different things
[Arkhangel] y
[m00trix] I think Mink covered all the questions really good already
[Arkhangel] in the pad
[Mink] torbrowser connects to tor
[Arkhangel] it talks about the Freenet platform
[Mink] yes?
[Arkhangel] continue xD I was thinking u finished to answer my prev question xD
[Arkhangel] ok so torbroweser, application level, connects to TOR network
[Mink] yes, trough socks
[Arkhangel] socks is an application protocol?
[Mink] taht’s 5 i think
[Arkhangel] ah ok
[m00trix] Arkhangel, you need to unleash your mind from that OSI layer shit 😀
[Arkhangel] ahahahah
[Arkhangel] ok xD
[n1ck1] socks is a protocol right? the TOR Browser is the application?
[Arkhangel] y
[Mink] yes n1ck1 , but it’s easy to confuse “an application(like a program) and the “application layer” of the stack
[Mink] so yes
[Arkhangel] tell me when I can continue with another question
[m00trix] Arkhangel, if you fire up a VM with like parrotsec.org OS – It have a build in function that routes all traffic through TOR. There are other distros that does this as well. But any way, if you do that, you can look into how the traffic flows using the terminal – when all traffic is routed using TOR. Might give you more insight
[l0t3D_] i dont know if this is related to this lesson or not but what are Obfuscated servers?
[l0t3D_] or “obfs”
[Arkhangel] m00trix traceroute?
[forceMajeure] lsof -i -n -P
[m00trix] well for a start heh
[m00trix] and many more
[Arkhangel] ah ok
[m00trix] but it will show you the traffic flow
[Arkhangel] nice to know
[Mink] one thing i wanted to talk about, but we have no time, whonix
[Arkhangel] another doubt is: since ISP knows what I am visiting as website, if I access to an onion website, my ISP can know it?
[vivek] m00trix: you can achieve the same with almost any distro
[m00trix] and if there are like 200 others using the same exit node that you are on, for that current TOR connection – it’s all good.
[m00trix] vivek, I know
[Mink] the ISP will know you are using TOR, but not which sites you are visiting
[Arkhangel] Mink the ISP cannot know the onion address?
[m00trix] no
[vivek] Parrot one is highly unstable and my exp. Was not very good
[m00trix] And if you combine TOR with an OpenVPN on port 443 then even less
[Arkhangel] Mink it because ISP can see destination IP but onion website are not based on IP scheme? this is the reason?
[Arkhangel] or one of the reasons
[m00trix] vivek, I only have a VM with it. But yes, it’s Debian aka unstable heh
[Mink] no Arkhangel , unless the ISp is running the last TOR exit node
[Arkhangel] normally, an ISP in the clearnet precisely what can see from me? Only the IP of website that I am visiting?
[m00trix] Arkhangel, your ISP cant see what sites your are browsing trough TOR
[l0t3D_] [l0t3D_] i dont know if this is related to this lesson or not but what are Obfuscated servers?
[l0t3D_] [l0t3D_] or “obfs”
[m00trix] all your DNS lookups and what you are doing
[m00trix] if you use the ISP’s dns servers
[Mink] in clearnet, your IS know your favourite pornhub page
[Arkhangel] guys so the ISP can read only the DNS lookup table inside the router?
[m00trix] they can see all, but not https login data
[l0t3D_] lol
[Arkhangel] ah ok
[Mink] sorry l0t3D_ , obfuscated are another kinfd of “relay nodes” to help tranport info
[m00trix] Arkhangel, if you use the DNS servers provided by the ISP you have. They can see what sites you visit, the IP of the sites, what traffic you generate, they can see close to anything
[l0t3D_] obfuscated servers are used to access vpn or tor in some places like the great firewall of china?
[Arkhangel] cannot I change the DNS server where I want to go?
[Mink] yes l0t3D_ , and Iran and N korea
[l0t3D_] well i think ill be up on that list soon too
[Arkhangel] provided by other companies?
[m00trix] If you change the DNS servers on your router to some that does not log and are not your ISP’s. They loose the ability to view your DNS req
[l0t3D_] thath’s the only way i can access tor or vpn
[m00trix] next step is then, VPN and TOR
[Arkhangel] m00trix so you mean that then internet in my location does not work lol
[l0t3D_] makes the connection very f’in slow tho
[m00trix] I would advice any one to NOT use the default ISP provided DNS servers as a pure basic step
[m00trix] should be the first step you do on the router
[Mink] l0t3D_, remember for help with anonimity and privacy you can always ask in #opnewblood, we will be happy to help with that
[Arkhangel] m00trix how can we do this?
[m00trix] set WAN DNS to manual and find some good non logging DNS
[Arkhangel] do u know some non logging DNS?
[m00trix] Arkhangel, depends on what router you have
[m00trix] sure
[l0t3D_] thanks Mink
[m00trix] Also you will get arround of most censorship
[m00trix] by stat step alone
[Arkhangel] can you list some of them here?
[m00trix] gov dns blocks
[m00trix] I switch it up
[m00trix] but run
[m00trix] https://blog.uncensoreddns.org/
[l0t3D_] should i call them and ask them nicely to change my DNS? 🙂
[m00trix] some places
[Arkhangel] ty
[m00trix] just login to your router
[m00trix] and change it
[m00trix] if in doubt give me a priv
[Arkhangel] ty very much
[l0t3D_] WAN settings right?
[m00trix] yea
[m00trix] and then
[m00trix] set DNS do manual
[m00trix] not the IP 😀
[m00trix] only dns
[Arkhangel] another question: the pad talks about the freenet platform… is it a software to be installed on my computer?
[Mink] yes Arkhangel
[m00trix] l0t3D_, priv me if you need help
[Arkhangel] what is the difference between freenet platform sw and tor bundle sw?
[m00trix] If I run with my basic ISP DNS servers sites like http://1337x.to/ are blocked 🙂 a torrent site. Gov block
[Chanlog] Title: Torrent Search Engine | 1337x.to (at 1337x.to)
[n1ck1] if I change my DNS the VOIP stops working in my house
[Arkhangel] or better: if torbrowser allows me to access to the tor network, freenet and other shown platforms on pad, what do they allow me to do?
[m00trix] wut n1ck1?
[m00trix] makes no sence
[n1ck1] my ISP has a separate physical VOIP phone but connected by cable to the router
[n1ck1] minha mae é velha e não sabe usar muitas tecnologias e o telefone é similar ao antigo porém funciona como VOIP
[n1ck1] sorry
[n1ck1] my mother is old and does not know how to use many technologies and the phone is similar to the old one but it works like VOIP
[n1ck1] if I switch to any other, VOIP does not work, it has been months of technical visits, tests, and unsolvable configurations.
[RedAcor] Set DNS on your network manager.
[RedAcor] So that will not affect your router.
[RedAcor] Also you can use unbound on your system.
[RedAcor] You can check lesson 4 logs for that.
[m00trix] yes
[m00trix] thx to Mink for a great course 🙂
[RedAcor] There many different and hybrid solutions.
[RedAcor] Anyways. Mink Thanks for delicious lesson. 🙂
[Arkhangel] guys is better vpn tor vpn tor or tor vpn tor?
[Arkhangel] is better starting with vpn or tor?
[n1ck1] YES
[n1ck1] This worked …. It’s simple but I had not thought of it.
[RedAcor] Arkhangel Tor VPN Tor
[Arkhangel] why starting with tor RedAcor?
[RedAcor] Some people use VPN ] VPN ] Tor also
[RedAcor] Because it is secure than VPN. jijiji
[n1ck1] tails pendrive, VPN, TOR, break everything later and throw it in the trash lol
[Arkhangel] instead, when I connect to tor network, when I reach the exit node, the IP of my computer is in clear there?
[RedAcor] If i talk about last bug of TOR: Nah.
[l0t3D_] 2 tor?
[m00trix] Arkhangel, really depends what you are doing also 🙂
[l0t3D_] [RedAcor] Arkhangel Tor VPN Tor
[n1ck1] RedAcor thanks for the DNS tip
[RedAcor] But they fixed that issue.
[RedAcor] n1ck1 You’re welcome.
[Arkhangel] to discover some user, agency like NSA what look for?
[Arkhangel] they use only their exit node and check for all users that go in, or they can know information also about exit node that are not theirs?
[m00trix] hard to say
[m00trix] you need to stop overthinking it
[Arkhangel] im afraid to forget these questions and these doubts xD
[m00trix] I get that bro. But I can’t answer you how the FEDS, CIA or NSA track people on TOR 🙂
[m00trix] or if they even can and with what success
[Arkhangel] dont worry. I have a last question: why tor works on SOCKS and not HTTP/HTTPS protocol?
[m00trix] Arkhangel, per design I think
[Arkhangel] in the network settings, for HTTP/HTTPS I cannot use the 9050 or 9150 port to use TOR, right?
[m00trix] network settings for what?
[m00trix] program
[Arkhangel] for example if you want to use a proxy on the system of the operating system
[m00trix] what OS Arkhangel
[m00trix] You want to route all traffic out through TOR
[Arkhangel] windows or linux-based
[Arkhangel] y
[Arkhangel] in that case for HTTP/HTTPS I cannot use port 9150
[Arkhangel] right?
[Aspire] i have to go bye all and thanks for the lesson
[Arkhangel] since SOCKS and HTTP/HTTPS talk different “languages”
[m00trix] Arkhangel, are you trying to run another browser through TOR?
[m00trix] what are you trying to do, that would help heh
[Arkhangel] no
[Arkhangel] I want to use just the normal browser with no opening torbrowser
[Arkhangel] but where I can surf on tor
[m00trix] you have to have the TOR Browser running to proxy the traffic
[m00trix] unless you run a plain tor from a terminal
[Arkhangel] exactly
[Arkhangel] on windows I should run tor browser
[m00trix] and there is a reason for why the TOR browser is at is is. And have the plugins it have
[m00trix] to protect you
[m00trix] you can do what you are trying to do, but even TOR warns against it
[Arkhangel] i know that torbrowser is better for that, but just for information, if I start torbrowser and I enable a proxy that route the data to the tor network by a normal browser, it is not a connection tor over tor right?
[m00trix] when you start the TOR browser, you can tell most programs yo use 127.0.0.1:9150 as a proxy and it will proxy over TOR
[m00trix] but on Windows, the TOR Browser needs to be running
[Arkhangel] exactly, so it is simple one tor connection, is not tor over tor, right?
[Arkhangel] in case of windows I mean
[m00trix] tor over tor?
[Arkhangel] y, since it s not a good idea running tor over tor, I would like to know if, on windows, open torbrowser and proxying the other programs to 127.0.0.1:9150 is not a tor over tor
[l0t3D_] alright thanks all for the lesson i need to go
[l0t3D_] bye
[n1ck1] no
[n1ck1] not is
[Arkhangel] ok ty
[Arkhangel] Im so sorry I forced everyone to run away
[n1ck1] you only configure that program to use this network
[n1ck1] ahsuhahsauhsauhusa
[Arkhangel] ahaha
[n1ck1] but use linux
[n1ck1] windows sucks
[Arkhangel] I use Linux, but I need to have all possible information
[n1ck1] try ubunto first, it is easy
[n1ck1] yes
[n1ck1] this is right
[Arkhangel] culture is power
[n1ck1] y
[n1ck1] tks all

Online Tutorial: Building & Selecting Safer Web Browsers

As I was going about re-configuring my website and domains earlier this week I noticed something very interesting, while my SSL Certificate was in the process of being authenticated I was able to access my unsecured website on every web browser except for one; Mozilla Firefox – which would not allow me to connect to the web page in order to keep me protected.

Just so you understand what I am talking about here, browsers like Microsoft Edge, Google Chrome and Apple Safari will all freely allow you to access a web page which has the potential to compromise your security – including websites which do not have an authenticated or verified SSL Certificates. This is because these web browsers are configured to be “convenient” and easy to use, security is either nonexistent or an afterthought on these particular browsers. With that said, there are a number of web browsers out there specifically designed around security, which also happen to be equally as easy to use/operate. Here are some of those browsers, along with some other helpful information to help you make more informed security choices online in the future.

Mozilla Firefox

Mozilla Firefox is considered by some to be the world’s most secure web browser. I say “some” specifically because many people would argue that Tor is actually the most secure browser out there. However, without Mozilla Firefox the Tor browser wouldn’t even exist. This is because Tor uses the source code of Firefox as the foundation to build their browser. As for why I personally consider Firefox more secure than Tor, this is because the DarkNet is inherently a much more dangerous place than the ClearNet, and you can’t access the DarkNet or Deep Web on Mozilla Firefox alone. Browsing through and interacting with the Deep Web, even while using Tor, naturally puts you and your security at a much higher risk.

What makes Firefox particularly unique is that much like WordPress.com, the browser allows you to install various Add-Ons, extensions or plugins that can help you maximize your security. For the purposes of this article, if you are going to use Mozilla Firefox, I highly recommend that you install NoScript, HTTPS Everywhere, Ad Blocker Ultimate and Disable WebRTC connections. There are more plugins than I could possibly mention here, those are just some of the most important ones you can install specifically in terms of online security.

WebRTC is a little talked about “glitch” that allows third parties to circumvent your security and compromise your systems, even when you are using a VPN or Proxy service. As of today, Mozilla is the only web platform I am aware of that allows you to disable all WebRTC connections entirely. By comparison, other browsers like Google Chrome literally ban people from disabling WebRTC connections through their browser, as to allow US “authorities” like the NSA and FBI to more easily hack and track users online if need be. However, non-Government hackers exploit WebRTC all the same as Federal hackers, and for all the same reasons.

Download Firefox Here: https://www.mozilla.org/en-US/firefox/download/

Tor

I understand that the Tor Browser has gone on to develop a slightly negative reputation in today’s society but, believe it or not, the Tor Project was first developed by and still receives a majority of its funding from the United States Department of Defense. It is important to understand that even though some people use Tor to do some pretty bad or illegal things, just like anything else in life, the browser is only what you make of it.

Tor was not developed for criminals, it was first developed by the US Government in order to keep agents, operatives and members of the Armed Forces safe and secure online. It just so happens that over time the browser and its systems were hijacked by criminals and terrorists alike, whom also need to remain hidden and secure online for many of the same reasons as Government employees.

The Tor browser works by bouncing your internet connection through thousands of individual “proxy servers” around the world on a perpetual randomized time loop. At any given moment in time your internet connection could be bouncing from Thailand to Venezuela to Canada and theoretically anywhere in between, concealing your computers identity and making your internet activity essentially impossible to trace. In addition to redirecting your internet traffic away from the eyes of your Internet Service Provider, it also conceals the IP Address of the computer you are using behind a proxy. This is particularly important/valuable for political activists and human rights defenders living in oppressive countries all around there world, where peoples online activity can get them arrested or killed. Since the browser directs all of you online activity to different countries around the world, this allows activists to remain hidden from their Governments while also granting them access to any sites banned or restricted by their respective Governments.

It is important to note that Tor is perhaps the best web browser at preventing or deflecting an active hacking attempt against your computer. However, I would never use Tor for things like credit card transactions or editing/customizing your personal website. This is because anytime you are using a proxy you are using someone else’s connection. While this may hide your internet activity from 3rd parties, it makes you internet activity available specifically to the owner of whatever proxy server you happen to be using at that time, and not every proxy server exists with honorable intentions – though “most” Tor exit node operators tend to be trusted activists.

Download Tor Here: https://www.torproject.org/download/download-easy.html.en

Opera

Opera is a little known web browser that has traditionally had a minuscule following throughout the past. However, in 2016, Opera started to gain a more main stream following, particularly with the cyber security community, after the browser started to become standard with a built in VPN. This means that the Opera browser stands in front of your computers IP Address while you browse the internet and your activity will remain hidden from your Internet Service Provider and/or 3rd parties. While the VPN is far from the strongest of safest on the market, it is still a very unique feature that has helped the browser grow in popularity over the years.

Download Opera Here: http://www.opera.com/

Epic Privacy Browser

One of the newer browsers on the market, Epic is specifically designed around online security. Each time you close the browser all of your cookies and tracking information is automatically deleted, preventing any websites from remembering or recording your previous activity. Similar to Opera, the Epic Privacy Browser also connects your computer through the companies own servers, acting as a proxy service for your device. This prevents any hackers/websites from recording the IP Address of the device you are using to browse the internet. Additionally, much like Mozilla, the browser will not allow you to connect with or access any site that does not have a recognized SSL Certificate.

Download Epic Here: https://www.epicbrowser.com/

Browser History, Cache & Cookie Management

If someone gains access to your computer for malicious reasons one of the first things they are going to want to do is check your browser history to gain access to websites and accounts that you frequent the most. Just think for a moment about all the pages you visit online, that you do not need to log into every time you visit. While this may be convenient for your personal browsing habits, it is also very convenient for hackers.

For this reason, you should always delete your browser history and clear all browser cookies on a fairly regular basis. You would be surprised to know how much information your browser stores/remembers about you, until you delete it all. Please note that some browsers offer to delete cache and cookies through the settings menu and some anti-virus programs also offer to do the same. However, if you cannot find or do not own these programs, one of the best programs to clear history, cookies, cache and everything else is known as CCleaner and it is completely free and open source for anyone to own. The “C” in CCleaner literally stands for “Crap,” because the program deletes all of the useless crap your computer happens to store about you. The program itself is entirely free to own, but it is one of the most effective programs on the market. For example, even multi-billion dollar tech companies are known to use the program on a regular basis.

Download CCleaner Here: www.ccleaner.com/download

US Central Intelligence Agency Releases Location of New DarkNet Version of cia.gov Website

Earlier today, May 7th 2019, the US Central Intelligence Agency came out with a bizarre press release announcing the launch of their own .onion website. Upon investigation, the “Darknet” version of their site appears to look, feel and function in the same manner as their “ClearNet” version, with only one exception – it features a revolving slideshow of all the agencies latest stories, releases and events – such as you can see with a story of the launch of their .onion website below. Though it must be noted, you can only access the link below with a download of the Tor Browser, Freenet Browser or I2P setup.

Location of Site: https://ciadotgov4sjwlzihbbgxnqg3xiyrg7so2r2o3lt5wz5ypk4sxyjstad.onion/

Screen Shot:

No photo description available.

Being as deep in the rabbit hole as I am, and have been, I can’t help but wonder if those slideshow pictures/reports are somehow zero days meant to compromise the web browsers/identities of any suspicious visitors to the site – especially in regards to recent Tor zero days made aware to me over the course of the last two months? I honestly cant think of any reason to tailor their website specifically to a DarkNet crowd/audience, unless it was just a trap (HoneyPot). Regardless, at least according to the CIA itself,  they are calling the site the “latest layer” to their international operations, hoping the tool will help the public send in more truly anonymous tips throughout the future.

Secure, anonymous, untraceable—traits ever-present in CIA’s intelligence collection mission,” says the CIA “and the same is true for our onion site, which is now available over the Tor network. Adding that “Our global mission demands that individuals can access us securely from anywhere. Creating an onion site is just one of many ways we’re going where people are” – says Brittany Bramell, CIA’s Director of Public Affairs. However, as someone whom has personally sent dozens of Anonymous tips to the CIA over the course of the last several years, I know it is entirely possible to send them Anonymous tips independent of the Tor Browser – using combinations of VPN’s, Proxies and DNS edits, making their logic even more suspicious.

Learn More – Anonymous Intelligence Agency: https://roguesecuritylabs.ltd/anon-intell

Submit Tips: Tips@AnonIntell.org

 

Infamous/Notorious Hacker Forum Known as Dark0de Comes Back Online Under New Ownership

Roughly 3 years after first being taken down by European/international police in 2016, the infamous hacking forum known as “Dark0de” has officially come back online. For those of you whom may be unfamiliar with the sites legacy/history, originally founded in 2007, Dark0de went on become perhaps the single largest and most notorious hacking forum in the world up until the time of its closing just a few years ago. In fact, as described by Europol, the police organization which initially closed it, “Darkode is the most prolific English-speaking cybercriminal forum to date.

The operation to close the forum, originally code-named “Operation Shrouded Horizon” by the FBI, ultimately resulted in the arrests of 70 people across 20 countries – including Denmark, Germany, India, Israel, Romania, Sweden, and the UK. At the time, then US Attorney General, Leslie Caldwell, called the closing of Dark0dea milestone in our efforts to shut down criminals’ ability to buy, sell, and trade malware, botnets and personally identifiable information used to steal from US citizens and individuals around the world.” Also stating how she believed that “this operation is a great example of what international law enforcement can accomplish when we work closely together to neutralize a global cyber-crime marketplace.

Learn More – Operation Shrouded Horizon: https://www.fbi.gov/news/stories/cyber-criminal-forum-taken-down

 

 

 

Today however, the site is now being managed by “Hitman,” the owner of Dark0de, as well as “Ownz” – the leader/founder of New World Hackers. At the current moment in time the site and its forums are back online and open for business – featuring categories/information such as leaks, forum resources, webmasters, malware, exploits & 0days, cracking, hacking, technology and gaming – among many more.

Access Website: https://dark0de.net/
Online Chat Affiliated w/ Dark0de: https://discord.gg/hBcze2E

In statements made available to Rouge Media Labs, Dark0de‘s developers explained how “we plan to bring back Dark0de to give hackers a place to go to look for accounts, tools, proxies, methods, and configs – not to mention email:username combinations for cracking accounts.” According to Ownz, “the goal is to become the #1 hacking forum once again like done in the past back in 2013-2015.” Adding that “the reason we waited three years is because we were aware that there was an investigation ongoing because the actual original owner of the site was not ‘Hitman‘ but it was ‘Obstriegel‘ aka ‘Sp3cial1st‘ and we didn’t want the same troubles as he had trying to cover up what he had created.

While the forum used to be associated almost primarily with the DarkNet, it is now freely available across the ClearNet. Aside from a change of ownership, the sites current developers claim that “nothing has changed, but we did add more site categories for Malware, Exploits, and the Marketplace” – etc. For example, the forum has already been restored to its previous version – with over 12,000 registered users, featuring +55,000 postings across +6,000 different threads.

Εργαστήριο Αναγνώρισης Προτύπων Hacked by AlbSec, Administrator Login Credentials Leaked Online

Earlier today the Computational Biology and Bioinformatics Group of the Department of Electrical Engineering of the University of Patras, Greece compromised via data leak by a group of hackers calling themselves “albsec.” Researching the group a little further, there appears to be no information about the group available on the ClearNet and it doesn’t appear as though they are active on social media venues either. 

It remains unknown what the motivation behind the hack and leak was, but exposed by the data breach are the usernames, emails and passwords of 26 users stolen from one of the sites internal databases entitled BioInfo. The login credentials theoretically allow anyone to log onto the website and gain access to whatever information each individual user has uploaded about themselves. Given that the credentials of one of the sites admins was also exposed in the breach, the leak also allows for root administrator level access over the website as well.  

Target: hxxp://prlab.ceid.upatras.gr/
Raw Leak: https://pastebin.com/raw/fXKsQJ8d
Leak Backup: https://anonfile.com/T1v04evbbb/leak_by_albsec_txt

In One Massive Cyber Attack, Kurdish Hackers Hack and/or Deface 530 Websites Across Turkey

This is one of the hardest hacking events I’ve had to cover recently because the censorship in/around Turkey is so rampant and the hackers behind the attacks are so obscure. But according to a source inside Anonymous CyberGuerrilla, the same group of hackers behind the 2018/2019 Integrity Initiative hacks and leaks, approximately 530 corporate, private and Governmental websites across Turkey were hacked and/or defaced by a swarm of Kurdish hackers throughout the course of the last week.

More specifically, the hacks were carried out by multiple Kurdish hacking groups going by the names of Coldhackers, Mesopotamia Hackers, RojavaHack and PKK-HackTeam. Little to no traces of the aforementioned hacking groups can be found on the ClearNet, but what we do know is that Coldhackers, the primary actors behind this weeks attacks, were originally formed sometime in 2015 – and have presumably been carrying out attacks against enemies of the Kurdish people ever since, particularly against Turkey.

Learn More About ColdHackers: https://wikileaks.org/akp-emails/emailid/102539

What makes this news particularly interesting is the fact that the Government of Turkey has banned Turkish news outlets from reporting on the incident, meaning that the only way for the world to know about the hacks is for the hackers behind the incident to push the news coverage themselves – which is exactly why they decided to publish news of it through Anonymous CyberGuerrilla. For example, below you can find three photos released by the hackers documenting the attacks.

Screenshots/Photos from The Attacks:

No photo description available.

No photo description available.

Image may contain: 1 person

Additionally, in a message to the public attached to the initial release of the hacks, Anonymous CyberGuerrilla translated the following message from Kurdish:

Leader of the Kurdish people, in particular, we have a promise to our martyrs and our resisting people that we will continue our actions in the virtual environment as well as in all areas against the continuation of the isolation conditions that are not applied to any law or humanity, which is applied on all the oppressed and exploited leaders and people of Rêber APO.

We reiterate that we will continue our attacks in virtual environment as the virtual guerrillas of the President APO. In this context; As Coldhackers, Mesopotamia Hackers, RojavaHack and PKK-HackTeam, the fascist isolation on the President APO will end, and we will continue to make the most severe attacks, from the freedom of the President to the freedom and security of the APO.

According to the laws of the Republic of Turkey, Hakkari, who are elected by the popular and popular votes of the Hakkari deputy, Leyla Güven, raises the ongoing hunger strike actions against the isolation in the regions of Strasbourg, Hewlêr, Galer, Russia, the TC dungeons, Kurdistan and different parts of Europe. We note that we have hacked hundreds of sites we have hacked in order to salute all hunger strike actions, especially President APO, and we have captured a lot of confidential and important information.

Again, here is the news site and page of our virtual attacks. The most powerful way to respond is to remain silent while attacking your enemies site.

Source: https://www.nuceciwan12.com/ku/

This latest hack also comes on the heels of a separate incident involving the Government of Turkey, in which hackers claim to have stolen over 400 classified files belonging to a corporate manufacture of weapons and systems for Turkey’s Armed Forces earlier this year in the beginning of January. While the hackers behind the hack did not reveal much about themselves at the time, its strongly suspected that they originate from Greece – essentially claiming as much in their original press release. The hackers have offered to share the files with any/all interested parties, but no official leak has ever been published from them – including by/from CyberGuerrilla.

Rogue Media Labs has made several attempts to contact the hackers behind the breach, even going as far as to attempt to barter/trade for the documents and files in question, but have still yet to receive a response. For more information you can try to reach them yourself at spyontarget@protonmail.com

DDoSecrets Publishes “The Dark Side of The Kremlin,” Over 254 GB of Leaks Stolen from Kremlin Servers

One of the most common/re-occurring questions I keep getting asked from people is why doesn’t Russia get hacked like the rest of the world? How come we never hear of any hacks or leaks coming out of Russia like we do other countries? Well, the answer is rather simple – kind of.

First off is because Russia has much harder/stricter internet controls and/or regulations in place than most Western countries, especially the United States, and it is therefore much harder for outside countries to get into Russian network infrastructure than it is for Russia to get into theirs. For example, Russians can freely advertise here in the United States, essentially unrestricted, but it is almost impossible for me to reach Russian citizens with an advertisement from here in the US – at least it would cost me astronomically more to do so. Second is because, starting in 2016, the Russian Government abandoned Microsoft products, including Windows, essentially switching over to their own prototypes, literally running software, Operating Systems and machines that no one else in the world has or has even seen for that matter. Thirdly is the fact that if you ever get caught leaking sensitive material in Russia, about Russia, forget going to trial, you are probably just going to wind up being shot in the head and/or assassinated – something which is usually not the case in Western democracies, Jamal Khashoggi not withstanding.

Learn More | Russia’s Parliament Puts Forth New Initiative To Create Backup Infrastructure To Global World-Wide-Web: https://roguemedia.co/2018/12/16/russia-aims-to-create-backup-to-the-world-wide-web-create-its-own-national-internet-infrastructure/

With that established however, it doesn’t necessarily mean that Russia’s systems are infallible either. For example, last Friday, January 25th 2019, a new publishing outlet formed in December 2018 going by the name of DDoSecrets published a new series of leaks entitled “The Dark Side of The Kremlin” – two massive data dumps comprising of greater than 258 Gigabytes of data stolen from various servers belonging to the Russian Government (Kremlin).

As was explained by DDoSecret co-founder Emma Best in an article with The Daily Beast, the first international news outlet to cover the leaks, the information stolen from Kremlin servers includes “stuff from politicians, journalists, bankers, folks in oligarch and religious circles, nationalists, separatists, terrorists operating in Ukraine.” They also contain “hundreds of thousands of emails, Skype and Facebook messages, along with lots of docs.

As was also explained by reporters at The Daily Beast, DDoSecrets has managed to compile “more than 200,000 emails into a spreadsheet for ease of searching.” Adding that “in all, its cache now contains 61 different leaks totaling 175 gigabytes, dwarfing, by quantity at least, Russia’s leaks against the Democratic National Committee and Hillary Clinton campaign.” The collection also “includes files from Alexander Budberg, a Russian columnist married to Dmitry Medvedev’s press secretary; Kirill Frolov, vice-director of the Kremlin-backed Institute for CIS Countries; and Vladislav Surkov, a top aide to Vladimir Putin who was hacked by CyberHunta in October 2016,” in addition to much more. You are invited to learn more by browsing through the leaks/links provided below.

For those of you whom are unfamiliar how to navigate the DarkNet, the location where these files/archives were originally stored, member of Anonymous have done their best to backup and reload the torrent files via the ClearNet and AnonFiles.com so that anyone/everyone in the world can have access to the content. Over the course of the last week there has also been 3 leaks tied to the Kremlin and/or Russian-based email domains. Though there is not telling how old/antiquated the information may be, they consists of over 3,300 emails along with their login passwords – over 3,000 of which allegedly belonging to various members of the Russian Government/Legislature.

You can search all files and emails from all 5 of the leaks below. If you need to download Tor first, you can find a download link here: https://www.torproject.org/download/download.html

Original Publication (DarkNet): http://ddosecretspzwfy7.onion.to/data/asia/#russia

Search Through Entire Kremlin Email Archive: https://search.bivol.bg/kremlin/

File Download 1 (Darknet): http://ddosecretspzwfy7.onion.to/DarkSideoftheKremlin.torrent
File Download 1 (ClearNet): https://anonfile.com/CaPcYdrfbe/DarkSideoftheKremlin_torrent
File Download 1 Backup:
https://anonfile.com/PfVcZfrcbd/DarkSideoftheKremlin_torrent

File Download 2 (DarkNet): http://ddosecretspzwfy7.onion.to/DarkSideoftheKremlin.csv.torrent
File Download 2 (ClearNet): https://anonfile.com/0aP2Y5r7b6/DarkSideoftheKremlin.csv_torrent
File Download 2 Backup:
https://anonfile.com/UdU3Z5r1b5/DarkSideoftheKremlin_torrent

Additional Russian Email – Password Dumps:

[pdf-embedder url=”https://roguemedia.co/wp-content/uploads/2019/01/Russia_Email_Leak_List.pdf”]