The Hidden Wiki: Layers of The Onion Router Networks

Sunday, September 04, 2011

Infosec Island Admin

7fef78c47060974e0b8392e305f0daf0

Inside The Onion Darknet:

Someone recently DM’d me online and asked if I had ever heard of “The Hidden Wiki”. They said that they could not believe what they were seeing because they had just perused an ad that purported to offer “hired killer” services.

This person immediately thought it was just a trap or a joke, but, it turns out that hired killers are just the tip of the iceberg within the TOR arcology.  

The TOR network it seems has become the new ‘Darknet’ hiding sites within the onion router networks themselves, totally anonymous and offering every kind of illicit trade one could think of including pxxophilia images.

There are innocuous sites as well, but there seems to be quite a bit of content (links within the wiki and pastebin’s that offer up nasty things (click image to enlarge):

image

How, you might ask, is this possible? Well, it is because of the nature of TOR itself. The Onion Router Network was a project started by the navy to anonymize internet traffic. Once it was set loose to the masses, it was upgraded and brought to the masses as a means to surf the web anonymously.

This is done by using a series of routers (which you can set up yourself on any machine with the software) to receive and direct traffic anywhere online without any kind of record where the traffic came from once entering the TOR node network:

image

Once inside the system, unless under specific circumstances, you cannot be tracked. There are methods to obtain a users real IP address but they are hard to implement. So, with that said, the TOR system seems to not only allow people to access content on the internet proper, but now a secondary internet has been created within the tor nodes themselves.

It would seem that perhaps this secondary internet could either be a haven for good data, or bad.. And from what I have seen so far, its mostly bad. The illicit trade of pxxophilia being the worst of that ilk and it would seem that the purveyors think that they can do so without any hindrance because it is on TOR.

The Marketplace, A Digital Mos Eisley (click image to enlarge):

image

The Wiki offers many services, most of them seem to be driven by ‘Bitcoins’ and you can even find software to mine bitcoins as well as create them within this space. One has to wonder if you can really hire a hitman here or if this is just a BS post for the Lulz, but, other services seem straight forward and their sites are working.

These services also include a wide spectrum of hacking as well as alleged DD0S/Botnet offerings as well. My first thoughts about all of this tended toward the idea that Anonymous must be like a kid in the candy store here, and then I began to search for them.

It did not take me long to locate some sites that were ‘Anonymous’ themed as well as dumps of all the LulzSec hacks as well as a full mirror of Wikileaks dumps (click image to enlarge):

image

Here are just a few of the services offered in the Marketplace:

* Contract Killer - Kill your problem (snitch, paparazzo, rich husband, cop, judge, competition, etc). (Host: FH)

* BitPoker v1.93 - Poker (Bitcoin). (Host: FH)

* Buttery Bootlegging - Get any expensive item from major stores for a fraction of the price! (Host: FH)

* Stat ID's - Selling fake ID's.

* Bidcoin - Like Ebay. We increase the gross national product. (Host: FH)

* Video Poker - A casino that features "jacks or better" video poker. - DOWN 2011-08-07

* Cheap SWATTING Service - Calls in raids as pranks. (Host: FH)

* Data-Bay - Buy and sell files using digital currency.

* The Last Box - Assassination Market (Bitcoin). - DOWN 2011-08-07

* Pirax Web DDoS - Take out your enemies in seconds. (Host: FH)

* Hacking Services - Hacks IM and Social Nets, does DDoS, sells bank/credit/paypal accounts. Se Habla Espanol. (Host: FH)

* Email Hacker - Hacks emails (Bitcoin). (Host: FH)

* CC4ALL - Selling valid Credit-Cards. Most from Germany. (Host: FH)

* Slash'EM online - Super Lots'A Stuff Hack-Extended Magic tournament server (Bitcoin).

* Rent-a-Hacker - Pay a professional hacker to solve your problem, destroy your enemys. (Host: FH)

* BitPoker v2.0 - New version of poker (Bitcoin). (Host: FH)

* BacKopy - Sells game, software and movie discs (Bitcoin). (Neglected status note) - Broken 2011-08-07

* The Pirates Cove - Classifieds. (Host: FH)

* BitLotto - A lottery using Bitcoin. (Host: FH)

* Brimstone Entertainment - Escort Ads, Strippers, Adult Entertainers. (Host: FH)

* Red Dog Poker - Play a simple game of poker (Bitcoin).

* CouponaTOR - A service for getting retail coupons created (Bitcoin). (Host: FH)

* Virtual Thingies - Buy virtual goodies like premium accounts, usenet access or domains (Bitcoin). (Host: FH)

You can also get a range of services like chemicals to make as well as tutorials how to make and sell anabolic steroids not to mention pages and files on weapons and explosives. Anarchy it seems has found a new digital home.

One wonders just how long it will be before the onion becomes a home for jihadi’s as well. I suppose if they aren’t already, it’s only a matter of time until they are hosting their own sites in here as well.

The real problem is navigation though for anyone looking around. Which makes this all the better for those seeking to be anonymous and stealth. There are a couple of search engines on the wiki, but due to the nature of TOR, one has to list their site in order for it to be found, so, I assume there are many sites out there that are only known to a very select few.

Pxxdophiles LOVE Anonymity (click image to enlarge):

image

Meanwhile, it seems that there may be a bit of a war going on between the pxxdo’s and the hackers within this space as well. This particular page on the hidden wiki had recently been hacked and taken down, but, within a day or so, it was back up online serving out links.

The FBI is aware of this site and others that I passed along to them, but, they are once again hard pressed to do anything about it because of the nature of TOR. It would probably be a safe bet though, that they have been monitoring these sites for a little while as the agent I spoke with already knew about the hidden wiki and some of the links forwarded.

I guess that things though, are steadily growing on the onion darknet so new stuff is being put out there all the time.

All in all though, this is just another battlefield that the authorities must learn to fight in. Personally, I am with HD Moore in thinking that there may be some way to put a stop to all this… But, when he posited the idea it was 2007.

Its almost 2012 and we still have the problem. All I can really hope for is that the decent hacker types living within this liminal digital space will keep taking these sites down and making the pxxdo’s lives miserable in the meantime.

Anonymity For Better For Worse:

On the flip side of all this is the idea that we need to be able to be anonymous online. I agree with this, I mean, I use TOR every day, but, anonymity is a double edged sword. As you can see from everything above, that very same anonymity that is protecting those who need free speech, or other protections it can afford, are also faced with the darker side of the technology.

This space still seems to be fairly new in the sense of services, chat boards, paste sites, and other more normal internet style applications, but, in the contained anonymity that the onion network is giving them, the end users just mostly seem to be using it all for darker purposes.

And this will make things more difficult for everyone else as governments seek to destroy the privacy as they see more of this type of activities going on to use as excuses to peer into them.

K.

Cross-posted from Krypt3ia

Possibly Related Articles:
156483
Vulnerabilities
Information Security
FBI Cyber Crime DDoS Black Market Anonymity jihadist TOR
Post Rating I Like this!
94ae16c30d35ee7345f3235dfb11113c
Joel Harding Thanks, Scot! EXACTLY what I was looking for, your timing is impeccable!
1315274797
Da3ca2c61c4790bcbd81ebf28318d10a
Krypt3ia You're welcome.
1315317755
Default-avatar
Flo Nobody why don't you actually guide newbies to this underground world?
1315489978
Da3ca2c61c4790bcbd81ebf28318d10a
Krypt3ia Flo, RTFM
1315490379
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.