Pierluigi Paganini
June 23, 2015
The Dark Web is known to be “the place” for sites where it can be found drugs, child pornography, weapons, because these websites can live on without disclosing the server location what makes life difficult for law enforcement catching the people running them.
But lately more and more flaws are coming out of the Dark Web, and one researcher in specific is trying to harvest information about these types of sites, and in some cases he even discovered the IP address, and he is able to get this information because the website administrators haven’t configured properly their sites.
Thomas White is a Tor hidden server developer, and last week he published a post revealing that he found out the IP Address of “Kiss marketplace” ( a site that is dead for some time now)( a site that is dead for some time now)( a site that is dead for some time now)
To give you a background, Kiss Market was shut down in May because it got hacked, and the site no longer exists.
For now the site is dead, he shared the IP Address of “Kiss Marketplace” (185.61.148.62), but he also told to motherboard.vice.com that he discovered the IP address of “Tor Carders Market V.2”, a place where stolen credit cards were sold, in January, but like “Kiss Marketplace” this site doesn’t exist anymore.
White also claimed that he got information about 500 sites and from those ones, he got IPs about eight of these sites, and seven of them are yet active.
In his interview for motherboard.vice.com Thomas White he shared his thoughts:
“It’s safe to say everything is under threat right now,” Scam sites, the “dark net” markets, fraud-type vendors, alleged hacker groups (probably scammers too), child porn sites, blogs, IRC servers.”
“Tor will help hide the location of the servers, but it is not a magic fix by any means, and lots of these hidden services, both legal and illegal, are not taking any measures to defend (their) system.”servers, but it is not a magic fix by any means, and lots of these hidden services, both legal and illegal, are not taking any measures to defend (their) system.”
Even with all this important information Thomas said that he will not be revealing this information to any government, neither exposing people, revealing these information to any government, neither exposing people, these information to any government, neither exposing people, “That is not to say they are safe though,” he added. “There are others out there like myself who could piece together my work and repeat it within days.”
The methods being used by Thomas White include:
“The fundamental problem is that the people behind these sites are not serious techies. There is a difference between protecting a system from a script kiddie, and from agencies like the FBI,”people behind these sites are not serious techies. There is a difference between protecting a system from a script kiddie, and from agencies like the FBI,”
I totally agree with Thomas White, and let’s not forget how the well-known “Skill Road” ended up being busted, with a misconfiguration of a CAPTCHA, and all this because the site administrator wasn’t careful enough.
Of course, this gives an idea that even if someone is using Tor doesn’t mean he is fully protected, and yes, some sloppy administrator got busted, but others keep their business working, developing their security and getting a deeper level of security understanding.
About the Author Elsio Pinto
(Security Affairs – Dark Web, Tor hacking)
Cyber Crime / November 26, 2024
