Disclosed new information about Tor sites

Pierluigi Paganini June 23, 2015

A security researcher is trying to harvest information about Tor sites that propose illegal products, and in some cases he even discovered their address.

The Dark Web is known to be “the place” for sites where it can be found drugs, child pornography, weapons, because these websites can live on without disclosing the server location what makes life difficult for law enforcement catching the people running them.

But lately more and more flaws are coming out of the Dark Web, and one researcher in specific is trying to harvest information about these types of sites, and in some cases he even discovered the IP address, and he is able to get this information because the website administrators haven’t configured properly their sites.

Thomas White is a Tor hidden server developer, and last week he published a post revealing that he found out the IP Address of “Kiss marketplace” ( a site that is dead for some time now)( a site that is dead for some time now)( a site that is dead for some time now)

To give you a background, Kiss Market was shut down in May because it got hacked, and the site no longer exists.

Dark WebKiss Market Tor sites

For now the site is dead, he shared the IP Address of “Kiss Marketplace” (185.61.148.62), but he also told to motherboard.vice.com that he discovered the IP address of “Tor Carders Market V.2”, a place where stolen credit cards were sold, in January, but like “Kiss Marketplace” this site doesn’t exist anymore.

White also claimed that he got information about 500 sites and from those ones, he got IPs about eight of these sites, and seven of them are yet active.

In his interview for motherboard.vice.com Thomas White he shared his thoughts:

“It’s safe to say everything is under threat right now,” Scam sites, the “dark net” markets, fraud-type vendors, alleged hacker groups (probably scammers too), child porn sites, blogs, IRC servers.”

“Tor will help hide the location of the servers, but it is not a magic fix by any means, and lots of these hidden services, both legal and illegal, are not taking any measures to defend (their) system.”servers, but it is not a magic fix by any means, and lots of these hidden services, both legal and illegal, are not taking any measures to defend (their) system.”

Even with all this important information Thomas said that he will not be revealing this information to any government, neither exposing people, revealing these information to any government, neither exposing people, these information to any government, neither exposing people, “That is not to say they are safe though,” he added. “There are others out there like myself who could piece together my work and repeat it within days.”

The methods being used by Thomas White include:

  • “Trying to make the site fetch materials stored on a server that he controls and then looking whether a non-Tor IP was used.”
  • Checking whether the sites have bothered to change their default server settings

“The fundamental problem is that the people behind these sites are not serious techies. There is a difference between protecting a system from a script kiddie, and from agencies like the FBI,”people behind these sites are not serious techies. There is a difference between protecting a system from a script kiddie, and from agencies like the FBI,”

I totally agree with Thomas White, and let’s not forget how the well-known “Skill Road” ended up being busted, with a misconfiguration of a CAPTCHA, and all this because the site administrator wasn’t careful enough.

Of course, this gives an idea that even if someone is using Tor doesn’t mean he is fully protected, and yes, some sloppy administrator got busted, but others keep their business working, developing their security and getting a deeper level of security understanding.

About the Author Elsio Pinto

Elsio Pinto (@high54security) is at the moment the Lead McAfee Security Engineer at Swiss Re, but he also as knowledge in the areas of malware research, forensics, ethical hacking. He had previous experiences in major institutions being the European Parliament one of them. He is a security enthusiast and tries his best to pass his knowledge. He also owns his own blog McAfee Security Engineer at Swiss Re, but he also as knowledge in the areas of malware research, forensics, ethical hacking. He had previous experiences in major institutions being the European Parliament one of them. He is a security enthusiast and tries his best to pass his knowledge. He also owns his own blog McAfee Security Engineer at Swiss Re, but he also as knowledge in the areas of malware research, forensics, ethical hacking. He had previous experiences in major institutions being the European Parliament one of them. He is a security enthusiast and tries his best to pass his knowledge. He also owns his own blog http://high54security.blogspot.com/

Pierluigi Paganini

(Security Affairs – Dark Web,  Tor hacking)



you might also like

leave a comment