Operation DarkNet: A Good Start, But There is More to Do

Thursday, October 20, 2011

Infosec Island Admin

7fef78c47060974e0b8392e305f0daf0

OP Darknet:

I saw in the news that Anonymous (factions thereof) have decided to go after the pxxdophiles using the hidden wiki and the “DarkNet” for their purulent files. The hack on the Lxlita City site was a success in that they got hold of user names and passwords.

Due to the nature of the site and its being in the hidden wiki (DarkNet) it is tough to know exactly where the systems sit that house/host the content, but, it seems that through certain techniques using TTL, they pretty much have a good idea of where the server may sit in the continental US.

I applaud their efforts and I hope that my article on the DarkNet was in some way involved in getting them inspired to hit the pxxdo’s where it hurts. Either way, I think that this could just be the start of things though, and I would like to just lay some things out for you all to consider as you move forward.

Pxxdophiles:

First off, pxxdo’s are for wont of a better description, pathological in their desires and actions. However, they have gotten much more savvy to the Internet and like jiadhi’s, may in fact not be using their real names in some cases.

Though, it seems from the reporting here that you all have found real names and links to facebook pages and the like? I would just like to caution you to vet your information well before you insist that someone is indeed trafficking in such material.

For the most part though, if you get into the systems of such sites and you gain access to email addresses, be sure you go the extra step and do some foot printing and OSINT to get as much as you can on those addresses and end users.

Often times I have found in the jihadi realm, these users tend to re-use ID’s in many places (as you likely have seen mentioned about you all as well in early posts of mine) that can be tracked and traced. With each post of data tying said email address to it, you can build a pretty good picture of a user and their habits.. And by proxy, perhaps their real identities.

Remember, these people are clinically ill, not just evil, so perhaps by placing yourselves in their heads a bit, you may also be able to predict their actions and gain some perspective on how to hunt them further.

The Darknet & P2P

The DarkNet is only the new anonymized space for these people. Did you know that they also have been trafficking in p2p’s set up as well for just this purpose? You might want to look within the DarkNet for hints or links to these sites as well.

Usually from what I have heard in the LEO space, that they are invite only, but, I believe that since these people’s pattern is pretty much creating the smut and trading it amongst themselves, that you are likely to find links that will allow you more surface space to attack.

Best part about this vector of attack as well is that those servers/boxes are not anonymized. You locate them, you got them dead to rights. I’d say keep working both ends of this picture and you will do some good. Just be careful in accessing such content.

It is a crime even to access it.

Goals

So, is outing these people the only goal here? I suggest more than just dropping Pastebin dumps… In fact, I suggest you don’t dump them at all. You can allude to the fact that you have popped something and you have the data, but, I would suggest you set up cutout accounts and directly dump that data to the Feds or local LEO’s if you like where the servers/people are located.

By dumping the data out in the open you give the pxxdo’s time to burn the evidence so to speak and potentially, you may be inhibiting the Feds from actually capturing and putting these people away.

Overall, I laud your work thus far in this respect, but I think there is more that could be done. If you want good press and good will, this is certainly a way to do it. You just have to work within the lines a bit.

Work smart and Keep it up. Perhaps the next one can be called Op Fedaykin

K.

Cross-posted from Krypt3ia

Possibly Related Articles:
12132
Network->General
Information Security
breaches P2P Cyber Crime Anonymous Hacktivist Data Dump DarkNet
Post Rating I Like this!
Bd623fa766512fdf6b57db66f522b741
Ali-Reza Anghaie I have strong reservations on any such operation, regardless of the target, being conducted by any anonymous entity. Transparency in law enforcement activities in particular is very fundamental to maintaining any semblance of trust. As a victim of lack-of-transparency in Government action I'm particularly sensitive to this. The repercussions of a lack of transparency are self-evident in most Western culture's sliding opinion of LEOs to what used to be the Dictator's Police in lesser developed countries.

Also, if you look at work done by the Institue of Justice (ij.org) and others, you'll see that rampant disclosure and use of data from/around a "crime scene" leads to many innocent lives being badly affected. What if the popped backend was shared w/ other services unbeknownst to those using them? What if people used email addresses of enemies intentionally or are accessing from other machines, etc.

This is all part of the due-diligence LEOs are supposed to do and don't get right all the time. So expecting Anonymous to do it, get it right, etc. would be unreasonable even if they were willing to try to structure around it. And even then, the issue of being ~Anonymous~ and lacking proper transparency still isn't addressed.

Your suggesting of them going straight to LEO is right-on. What I'm disagreeing with in your writing is you sound like you're ~encouraging~ this activity anonymously. While you simultaneously railed against Manning and friends for their actions. The big fat stonkin' gray line.

Anonymous, WL/OL. OWS, etc. are real people, real feelings, real movements, and hearts can all be right and well in the proper places. How to translate the hearts and minds into action that will meld into a system that isn't about to capitulate is still the $T question. -Ali
1319141848
Da3ca2c61c4790bcbd81ebf28318d10a
Krypt3ia @Ali,
As much as I respect your opinions here, I have to disagree. Transparency will have to be an issue of the legal side of this equation and, as the actions of the anon's are quote unquote "illegal or vigilante" I see no issue with their taking on this type of operation against criminals.

Where it does get sticky here for me is the current status quo of dumping data on pastebin. This may not be seen by law enforcement and give time to the paedo's to get their data elsewhere or destroyed. These actions today will not stop the paedofiles, instead it will only scurry off to other darker places to commit the crimes all over again.

No, what I see is that if the Anon's change their operations to actually just giving the data to the LEO's then its the LEO's jobs to do the investigation from there. Consider it a digital tip off.. Perhaps enough for the LEO's to get warrants and actually capture these guys. So, for me, this, unconventional means of digital warfare against these targets is much better time spent than say LOIC'ing paypal.

Ali, the transparency will have to come from the LEO's side... They got a tip.

As to the kids doing due diligence, well, the way I see it, the folks who have been working on the hidden wiki attacks are.. Shall we say more experienced than the average anon foot soldier? If you look at their pastebin they mention some techniques that are not the norm for the skiddies. So, I assume there are core anon's who are a little older and able to do a better job at it. From this, I think that given direction they can do things a bit more elegantly and effectively.

Now, to go on to moralizations.. We can talk about that offline. In this case though, I see it as the ends justifying the means.

K.

1319202164
2e7ceec8361275c4e31fee5fe422740b
Sam Bowne I am with Mr. Anghaie, and I would say it even more strongly: it is exceedingly irresponsible to encourage Anonymous to hunt down and expose pedophiles. Such accusations ruin lives, and we cannot trust any claims made by masked vigilantes--they could just be faked by any third party.

If they just gave their results to law enforcement, that would be better, but that is impossible--they hack for glory and LULZ, and even if they don't dump their stuff on Pastebin it's spread around in IRC and torrents.

Anonymous has no business handling such dangerous material. It must be done carefully by responsible law enforcement professionals. Anonymous is the champion of irresponsibility, the very worst people for this work.
1319220184
Da3ca2c61c4790bcbd81ebf28318d10a
Krypt3ia Oh Sammy, the things you say over and over again with Wright-i-an fervor and pomposity.

I disagree.
1319220883
Bd623fa766512fdf6b57db66f522b741
Ali-Reza Anghaie This is type of thing "we" warned about:

False accusation: http://pastebin.com/qWHDWCre

Result: http://pastebin.com/0cEYhmm3

*sigh* Truth will out I guess. -Ali
1320392979
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.