- Joined
- 31.10.19
- Messages
- 140
- Reaction score
- 63
- Points
- 28
IT'S IMPOSSIBLE TO HIDE COMPLETELY IN THE DARKNET
Think again about it! I'll tell you how people are identified in the dark segment of the internet.
The darknet is teeming with offers for illegal deals and those willing to participate in them. It's very naive to think that law enforcement agencies ignore it. Operating in the darknet through Tor, sellers of weapons, drugs and other illicit goods conceal their identities. But buyers have the same right. As a result, the seller doesn't know who they're trading with. However, buyers are also not immune to fake sellers. Police often conduct "control purchases". Representatives of law enforcement gain trust with sellers, place several orders and suggest meeting up. Next come clean methods of social engineering, surveillance of delivery service records and so on catching them "in the act". No high technology involved. Anyone could turn informant - a supposed friend, neighbor, colleague, disgruntled ex. You don't have to look far for examples. The founder of the largest darknet marketplace Silk Road was caught due to his forgetfulness. Ross Ulbricht managed to hide and encrypt himself well but he slipped up by using the same nickname he had used on old forums where he had previously posted a job vacancy for another project. That's it! Ulbricht was arrested in a library where he was sitting with his laptop on Silk Road under an administrator account. They also traced a package containing nine fake documents that Ulbricht planned to use to rent servers for Silk Road and they discovered his place of residence. He was given two life sentences, as well as 20, 15, and 5 years for separate episodes. He was 31 at the time and his life outside of prison is now over.
Okay, but what about Tor? Isn't it anonymous?
Here's a teaser: in the fall of 2016 Swedish police in collaboration with colleagues from other countries conducted an international operation called "Titan". The result? 3000 drug buyers on the Tor network were caught. There you have it, the protected Tor with the darknet! The reality is that Tor only conceals a user's activity within its network. Once any communication "tail" extends beyond these boundaries it becomes a glaring piece of evidence that leads to the unraveling of the aforementioned criminal cases. In other words, darknet users are often caught based on their external activities. Activities that start in Tor and end in the real world. But darknet users also face other privacy threats...
1. Hacking accounts on darknet sites.
Hacking an account on a darknet site is generally easier than on platforms like eBay or Amazon. Hackers take advantage of this. They gain control of the account and operate on behalf of its previous owner for some time. The original owner may not even have time to warn anyone because messages sent from a "fake" account in the darknet look especially suspicious. Other communication channels in this sphere are not frequently used either. Moreover, after hacking an account the hacker gains access to the previous owner's old correspondence. So setting up passphrases or requesting proof from past communication doesn't help. Essentially, the user's identity is stolen, and a lot can be done in their name. The joke is that the real account owner cannot prove anything without de-anonymization. They won't show their personal photo, phone number, or social media profiles.
2. Uploading viruses and malicious scripts.
Darknet sites can be infected with viruses. Why not? They are not fundamentally different from regular websites. For example, a malicious script can reveal a user's real IP address or intercept their traffic without hacking their account. The advantage of infecting sites is the scale of the attack. While accounts are usually breached one by one, here you can obtain all traffic or IP addresses of users who visited the site within a certain time frame. After that you can calmly uncover identities, initiate legal proceedings and apprehend lawbreakers as if nothing happened.
3. Cryptocurrency transactions are transparent.
It's time to dispel the myth of bitcoin and many other cryptocurrencies offering complete anonymity. In the bitcoin blockchain every transaction can be traced back to the genesis block (the very first block in the chain). This means that if you know the bitcoin address of the seller you can see all the transactions made from it. Consequently, you can identify the other party in the transaction. Sometimes addresses can be easily Googled to establish a connection between them and real people outside the darknet. By the way, a U.S. Secret Service agent involved in the Silk Road investigation was identified after stealing 13,000 bitcoins (approximately $108 million at today's rate). He transferred the bitcoins from his wallet to an exchange to convert them into traditional currency. He was tracked down based on the exchange's data and credit card information. To enhance transaction anonymity bitcoin mixers can be used. They blend transactions from different addresses masking the sender and receiver and breaking down a large transaction into many small ones. But they don't provide 100% anonymity.
What to do now?
First and foremost, acknowledge that everyone is eventually found in the darknet and cryptocurrencies are not 100% anonymous. Secondly, avoid doing things you'll regret later. Thirdly, don't intertwine your life in the darknet with your life outside the closed network such as using the same logins and passwords. To identify people in the darknet malicious scripts embedded in site code, tracking bitcoin transactions, hacking accounts on dark web platforms are used. But more often than not simple methods of social engineering prove effective. Friends, neighbors and acquaintances snitch, fake sellers and buyers operate, forum posts under darknet nicknames are found, coincidence and carelessness lead to prison sentences. It's better not to venture into the darknet.But if you do, know this: if necessary, you can be found.
The FBI easily conducted a successful operation and apprehended Harvard University student Eldo Kim, who sent a bomb threat message to a university building. Notice that Tor didn't help the "miner," and now the prankster faces up to 5 years in prison and a fine of $250,000. Student planted a bomb threat at the university. The 20-year-old student admitted to writing the message in hopes of avoiding a final exam. For added certainty he duplicated the threat message to the university security department and the university newspaper. Although he succeeded in causing the evacuation and postponement of all morning exams, the student now faces more serious problems. Tor won't protect against identification by law enforcement. Kim took measures to avoid identification. He created an anonymous email address and used the Tor anonymization service. However, he was still tracked down. According to FBI agents' statements in court documents they obtained a list of users on the local computer network in the university dormitory. They analyzed the traffic and identified which students were using the Tor service. As known, Tor traffic can be identified by specific characteristics. The FBI then interrogated all users of the anonymous network one by one. Since there weren't too many it was relatively easy to pinpoint the criminal. One could argue that the student was unlucky to send the message from a student computer. If he had done it from a public Wi-Fi routing the traffic through some other machine the FBI's method wouldn't have worked.
Tor won't shield you from the police!
Nevertheless, the story demonstrates the weakness of relatively rare information security tools writes renowned cryptographer Bruce Schneier. "The same thing that allows you to hide your involvement makes you the prime suspect". The FBI didn't need to break Tor; they simply used standard police methods to identify the sender of the message. In other words, even in the most robust cryptographic protection there is a weak spot - the person. If you can't break the code you can always break the person.
Providers identify Tor users.
Similar methods for identifying Tor users can be used at the level of any provider. Don't be surprised if intelligence agencies already have a list of Tor users in every city. Can a person using Tor be traced? Easier than you might think. Firstly, intelligence agencies have backdoors in popular operating systems. This means that a user can be sitting behind Tor feeling completely safe while their real IP address is being leaked through a parallel line. Secondly, Tor guarantees security only when strict rules are followed. Are you sure you know these rules 100%? For instance, you shouldn't enable JavaScript. But some sites won't work without it. Turn it on - and your IP is known to all. Very often a site requires JavaScript to be enabled and refuses to work further until the user complies. So if you've enabled JavaScript in Tor your IP is no longer a secret to the external site.Why isn't Tor anonymous?
Because there's no such thing as a free lunch. Tor was developed with financial support from the U.S. government. The entry nodes of Tor see your real IP address while the exit nodes see all your traffic. Where's the anonymity in that? How to hide Tor usage? You can't. Your real IP address will be replaced by the Tor exit node's IP. This IP can be checked against the list of Tor network nodes to confirm usage.
Why Tor is unsafe?
Only pioneers believe in Tor's security and they believe in it rather than trying to analyze how effective it really is in providing anonymity. However, experts have long warned about the unreliability of Tor:- In 2008 a method was presented that could de-anonymize any Tor user within 20 minutes;
- In 2013 reports emerged that intelligence agencies had learned to tag Tor traffic and in some cases reveal the identities of network users;
- There is a way to track users using the Google AdSense advertising network;
- Moreover, 40% of Tor's budget comes from "donations" from the U.S. government.
Last edited:
