gAtO tHiNkS - the Black Market in cyber space exist in both the surfaceWeb and the darkWeb. For some reason the general internet user thinks of the ToR-.onion network is for bad guys only and only because of the Black Market in the onion network which is a small part of the network… The general concession is the black market rules in ToR onionLand is a joke let me tell you why.
What is the Cyber Black Market:
A black market or underground economy is a market in goods or services which operates outside the formal one(s) supported by established state power.
From DHS CyberCrimes is a bigger threat than terrorism – From Symantec/Norton Cyber Crime Statistics in the SurfaceWeb:
Here are some quotes from their report.
1.Cybercrime cost $388 billion across 24 countries.
2. 69% of adults have been a victim of cybercrime.
3.10% of mobile phone users have experienced cybercrime, up 42% from last year.
4.Cybercrime costs the world significantly more than the global black market in marijuana, cocaine and heroin combined ($288B).
White Collar -Cyber Crime
In the Surface Web -CyberSpace- crime is well and dandy but we have become accustom to it – If your a Windows user how many security updates do you get a week, a month. That alone tell you that in the surface Internet we have lot’s of cyber-crime going on — and so pharmacy spam email are normal, offers from Africa millionaire that left you money come every other day. In these hard economic times offers to make big bucks $$ working from home -becoming a re-shipping mules for commercial criminals are normal offers from people looking for jobs. These are all organize cyber criminals groups. dealing in the surface web.
Blue Collar -Cyber Crime
Now take ToR-.onion Black Market: It’s a little more in your face drugs, guns, stolen goods, sex, hacked data- in the darkWeb you know that these merchants are crooks and criminals. In Silk Road or BlackMarket Reload they now verified sellers and now even buyers. To make it look more legit. What does verified mean in these .onion market-places. It usually mean that the admin of the site has somehow check that this is a real person w/real whatever. Or he has done business with someone and they write a nice review. Never thinking that the review could be the crook with another login name just like they do in the surfaceWeb.
gAtO would not do business with any black market in the surfaceWeb or the darkWeb -If my products are bad at least I can complain to Amazon, I can’t do anything but write a bad review in BlackMarket-Reload in the darkWeb.
-honest crooks? In the Tor-.onion Black Market you can assume everyone is a thief a crook or a criminal.
Let’s look at the black market in the surface web.:
WHITE COLLAR CYBER CRIMES – cybercrime ecosystem
ATM skimming: – ATM skimming is proliferating, next to the overall availability of bank plastic cards, holograms and pretty much everything a carder needs to cash out the fraudulently obtained credit card data.
pharmaceutical e-mail spam problem: -The general public is addictive to drugs- legal – illegal – copy-drugs – fake claim drugs – and they e-mail you the consumer you seen them “Viagra” cheap -Canada – Europe – nah it from Asia or Russia.
Eastern Europe is the epicenter of the cybercrime epidemic-financially-motivated cybercrime – without question hackers in Russia and Eastern Europe are the most active, if not also the most profitable. sophisticated groups tend to be regional and stick to attacking their own (Brazil is a good example).
active malware/crimeware campaigns:
Risk-forwarding cybercrime ecosystem
the rise of money mule recruitment
Are reshipping mules more popular than money mules
advanced persistent threats (APT attacks)
Let’s look at the black market in the dark web.:
BLUE/BROWN/BLACK-(low end) COLLAR CYBER CRIMES
Selling Guns and explosives
Selling Stolen goods
Selling Hacked Data
Buy an Assassin
Rent a Hacker
So now we can see that in the Surface black market the legit merchants are watching everything you do and selling your information to the highest bidder. While the sophisticated crimes agains normal people backed by organized crimes is normal in the clearWeb. So in the Deep -Dark -Tor -.onion web the low end criminals haunt this area. The problem I have is that the same things that are in the deep dark web are the same things I can get at -EBAy- Guns – Stolen Goods, -CraigsList- Assassin, legal/illegal Drugs, Sex, Stolen Damage Goods, Drugs, so in the surface web you can get the same as the dark web what’s the difference. Inside the matrix you have more anonymity -
No matter the anonymity gATO would not do business with the black market in the deep web or out. Use your own common sense my friends. We are judging that those people that use the ToR protocol to communicate with more privacy are all bad when only a few sites sell (bad) stuff there is some good in the network – and – bottom line –it’s all about freedom of choice . The other thing is that the commercial cyber-criminals ecosystem in the clearWeb has not picked up on this newer technology (ToR-onion network) that is more secure and are harder to scam and gain your personal and their information while online.
The Black Market is the same or worse in the surface web than in the deep-dark web so- stay away from the black market period use the ToR network to be smarter, quiter without leaving digital bread-crums -
Below I have my notes and the ToR Cleaned Hidden Directory WiKi so you can see yourself some of the things that go into the black market Tor-.onion network- Remember that this is only a small part of the network their is millions of terabytes undiscovered in the ToR-.onion network it’s just hidden. They don’t want you too know.
Goerge Carlin said it best – Your not in the club- and they are not going to let you in – they are never going to let you in-
They are going to scare you away from the ToR-.onion network because “they” the powers that be –will hide their little business secrets in this network and they want to scare you away from it. I found a great article from “Kerb on Security Interview” outlining the cyber criminal ecosystem where I drew a lot of the surface web black market anyway - gAtO oUt
lab Notes: =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
lab Notes: =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
lab Notes: =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
ToR Cleaned Hidden Directory Wiki
Hidden services – HTTP/HTTPS
Volunteers last verified that all services in this section were up, or marked as DOWN, on: 2012-01-24
OnionLand link indexes and search engines.
Index pages in Wiki-based format.
Other places/directories you may be able to find links.
Google for Tor. Search for links.
- TORCH – Tor Search Engine. Claims to index around 1.1 Million pages.
- Deepsearch – Another search engine.
- Torgle – Torgle revived. Based on OnionWare’s server. Web crawler.
- The Abyss – Administrator’s search engine. Supports submitted links.
- Ahmia.fi – Clearnet search engine for Tor Hidden Services (allows you to add new sites to its database).
- DuckDuckGo, clearnet – Clearnet metasearch engine with heavy filtering. Not like the aforementioned search engines to look up Hidden Services. Just searches the clearnet.
Other general stuff to see
See also: Marketplace Reviews – Reviews of the marketplace experience (ALL reviews go in this article, NOT in the listings below).
See also: The separate Drugs and Erotica sections for those specific services.
Remember that “feedback” can be faked in the Marketplace Reviews. Try to use escrow as much as possible to ensure you won’t be scammed.
Currencies, banks, money markets, clearing houses, exchangers.
- Anonymous Internet Banking Anonymous Debit Cards with EU bank account and VCCs by A HackBB trusted vendor
- The Bitcoin Laundry Service- Bitcoin Laundry service.
- InstaCard – Sell your bitcoins for a virtual VISA credit card, in $25, $50, or $100 denominations. $5 fee.
- Paypal4free – Hacked Paypal accounts for cheap, with balances
- PayPal Store – Purchase clean, verified USA PayPal accounts with Bitcoin. (Host: FH)
- Bitcoin Fog – Laundry service.
- anonXchange – Ecurrency exchanger, exchange LR, Bitcoin, PSC, Ukash, Pecunix, Cash. Also doing Bitcoin washing.
- Acrimonious – A bitcoin escrow checkout. Free if there are no disputes. Works with tor2web. (UNABLE TO REGISTER)
- Bitcoin2CC, clearnet – Converts your Bitcoins into a virtual VISA credit card instantly.
- The Bitcoin Washing Machine – Can launder large amounts of coins without same-coin contamination. (Host: FH)
- Little BTC Ebook – The new way of selling and buying Bitcoin is through Second Life, more information here.
- Mystery File a Day – Want to see something cool?
- Brand New Microsoft Products – Brand new Microsoft Hardware/Software up to 80% off Retail price. Start your own eBay/Amazon Business.
- Killer for Hire (Now Called C’thulhu) – Permanent Solutions to Common Problems! (Cash/BitCoin/LR accepted)
- Creditcards for all CCs from EU/US – Bitcoin. (WARNING: http://xkhu7alqhs4ig3fu.onion/ is a Fake-Site!)
- Megaupload.com Accounts for BTC – sells megaupload.com accounts in exchange for bitcoins.
- Quick Kill – Remove That Problem From Your Life. (LR/Bitcoin)
- Stolen Mac Store – We have many products, contact at email@example.com
- Skimmers for SALE and RENT – No more fake CC IDs, make your own!!
- BitJack21, [clearnet - Bitcoin Blackjack.
- Tor Poker - Tor Poker, gamble Bitcoins playing 5 card draw.
- Two Glock 22 for sale Two Glock 22 for sale.
- Help Guy - Work in your interests, business partner, friend or whatever else.
- EU Weapons - Europe Weapons and Ammunition (Pecunix, Bitcoin). (Host: FH)
- KordTusten Weapons and Firearms - Various guns for sale with pictures.( Fake board )
- All Purpose Identities - Get your Fake ID in the form of US and Canada Drivers Licenses, passports and many more
- Buttery Bootlegging - Get expensive items from major stores for a fraction of the price! (Host: FH)
- Stat ID's - Selling fake ID's.
- Gun Guys Den (Sell's Firearms to Canada and US)
- Red Dog Gaming - The Biggest and Best Casino on Tor: Baccarat, BlackJack, Keno, Let It Ride, Three Card Poker, Sports Book, Deposit Bonuses! Play Now!
- Terminal Velocity United States Identification Store.
- Patricks Mail Forward Mail forwarding service. DOWN 2012-01-27
- PPSEE - The PayPal-Shop extreme Experience! (Bitcoin) FH (under construction)
- FreshTec - SCAM! A bounty is being put on you unless our money is returned by the fifth, you've been warned.
- Tor University (#1st) -
- Bidcoin - Like Ebay. We increase the gross national product. (Host: FH)
- Fixed Match Service - Fixed Match Service. Lets you buy into fixed sporting events. (Host: FH)
- Cheap SWATTING Service - Calls in raids as pranks. (Host: FH)
- Data-Bay - Buy and sell files using digital currency.
- Tor University (#2nd) - Research and Writing services for the college student. (Host: FH)
- Pirax Web DDoS - Take out your enemies in seconds. (Host: FH)
- Onion-ID Get your 2nd identity from Onion-ID, real passports and proffessional id card + drivers license replicas.
- Hacking Services - Hacks IM and Social Nets, does DDoS, sells bank/credit/paypal accounts. Se Habla Espanol. (Host: FH)
- Slash'EM online - Super Lots'A Stuff Hack-Extended Magic tournament server (Bitcoin).
- Rent-a-Hacker - Professional hacker for hire, DDOS, hacking, ruining people, espionage etc.
- Contract Killer - Kill your problem (snitch, paparazzo, rich husband, cop, judge, competition, etc). (Host: FH)
- BacKopy - Sells game, software and movie discs (Bitcoin).
- Flip the coin, get the money! - A simple coin tossing game with 50-50 chance.
- Assassination Market - A market following the "Assassination Politics"
- Underground Market Board - Underground Market Board is intended to be used as a market.
- FancyPower Macbooks - "Acquired" Macbook Pros and Airs for sale. (404 Not Found) - Broken 2012-01-29
- Underground Market Board
- Downloaditforyou - File Download Service. We download files, burn them to DVD's and send them to you in the mail.
Hosting / Web / File / Image
- The Onion Cloud - Tor/ownCloud based cloud. Login/Pass: public/public. (Host: FH)
- Megaupload.com Accounts for BTC - sells megaupload.com accounts in exchange for bitcoins
- TOR host - Host your site anonymously in deep web for free. - DOWN 2011-12-24
- bittit, clearnet - Host and sell your original pictures for Bitcoins.
- Mystery File a Day - Want to see something cool?
- Blolylo - Simple file uploads. Won't accept plain text files. 2 MiB upload limit. (Host: FH) (Blank page) - Broken 2011-06-09
- CircleServices - Mixie's place. Provides: Circle-Talk, TorPM, ImgZapr, SnapBBS, qPasteBin, AnonyShares, Circle-IRC. (Provider: CS)
- Anonyshares - File upload up to 10MB. (Provider: CS)
- qPasteBin - A pastebin. (Provider: CS)
- 5am - File dump and Image Board. 5MB Limit. DOWN 2012-01-05
- Potaoto - Image hosting. Generates large thumbnails. DOWN 2012-01-05
- Onion Fileshare - 2GB Upload file size limit. Upload any files you want.
- ES Simple Uploader - Upload images, docs and other files. 2 MiB upload limit. (Host: FH)
- IMGuru (More info) - Fast GIF/JPEG host. No images removed. If you get the error Invalid File, retry the upload. (Host: FH)
- TorIB - Create and run your own imageboard. (Host: FH) (Neglected status note) - Broken 2010-06-16
- SquareBoard - Upload and share high quality images. (Moderated)
- sTORage - Upload files. Has WebDAV support.
- Onion Image Uploader - Image Hosting. 2 MiB upload limit. Generates medium thumbnails. (Host: FH)
- Freedom Hosting (More info) - Hosting Service with PHP/MySQL. As of 2011-06-04, it hosts about 50% of the live OnionWeb by onion. UPDATE 2011-06-05, probably owns a lot more than that now. Invite-only.
- PasteOnion - Paste and share text, sources, whatever. You can make your paste public or set a password. (Host: FH)
- QicPic - Upload any type of file. Caches and compresses uploaded files to decrease loading time. (Host: FH)
Blogs / Essays
- Nekro's Onion Shanty #Revived# - A personal page by Nekro.
- My Hidden Blog - Security politics, security, tor, tools, personal.
- The Most Dangerous Man in Cyberspace - Scans of a Rolling Stone article about Jacob Appelbaum (ioerror).
- RespiraTOR - If something is infuriating you, it's better to get it off your chest (Host: FH) (not updated since November 2011)
- Americans for Disparity - Exploring disparody.
- Tor and blosxom - A Tor hidden service running on the blosxom blogging platform.
- Coding Horror - Programming and human factors. DOWN 2012-01-24
- The Croat's Blog - It's all about the intel and knowledge! Whistleblowing FTW! (Host: FH) (Absolutely no content. But up.)
- 10 Step Guide to Bail Jumping - More about Jumping bail and fleeing the country (Host: FH)
- Gionn.net, clearnet - Technology blog and news aggregator.
- My Hidden Blog - Security politics, security, tor, tools, personal.
- Tornado - Forum, blogs, polls, registered or anon posting. User List. (Host: FH)
- Radio Free KENK - Music, media, anarchy. By: qfkenk. (Host: FH) (404 Not Found) - Broken 2012-01-16
- Shew's Blog #1st - Redirects Meta to: Shew's Blog #2nd. (Host: FH) - Redir 2011-08-01
- Shew's Blog #2nd - Blog and Shewstring, an anonymized FreeBSD distro, open commenting. (Host: FH) (not updated since 2011-09-04)
- Cone's lair #2nd - Yeesha. Back with Cone's journal and some other stuff.
- True Anonymous Confessions - A confession service based on a bash clone. (Host: FH)
- Beat Charges - Beat Criminal Charges, pass your sex offender polygraph, flee the country. firstname.lastname@example.org for special consultation / Bitcoin payment options.
- How to Get Away with Insider Trading - You always wondered why these guys were getting caught, now pull it off and make millions.
- Beat the Sex Offender Polygraph & Abel Assessment - Sex Offender? Here's how to stay out and prevent re-convictions or get a better plea offer.
- TORus.net - A micro-blogging service based on the Free Software StatusNet tool. DOWN 2012-01-16
- Beneath VT - Information on the steam tunnels at Virginia Tech.
- Keep Bitcoin Real, flickr, imgur - Fuck the day traders, take Bitcoin back to its roots. (Host: FH)
- The Human Experiment - Human medical experiments. We go, where few dare. (Host: FH)(Direct FH URL). (Host: FH)
- - Steal This Wiki mirror - Steal this wiki mirror, no editing, hosted at NoReason.
Forums / Boards / Chans
A relatively simplistic messaging board owned by Mixie. Various discussion boards. There's lots of these, but here are a couple.
Other forum types. Usually phpBB.
- Circle-Talk - A board on the front page of CircleService. (Provider: CS)
- Torduckin0 #1st - Citadel BBS with chat and IM to support Torduckin. (Provider: JF)
- Onionforum 2.0 - A restart of the popular Onionforum. No login required. (Host: FH)
- OnionTalk - 2ch-inspired messaging board. No registration required! DOWN 2012-01-22
- Talk.Masked, clearnet contact form - Talks and Notes. 2nd generation. Famous messaging board. (Provider: JA)
- Torduckin0 #2nd - Citadel BBS with chat and IM to support Torduckin. (Provider: JF)
- Anonymous BBS, gopher interface, telnet interface - Another variation of the talks style of board.
- OnionMe - Forum for personal ads. All ages welcome.
- Torduckin0 #3rd - Citadel BBS with chat and IM to support Torduckin. (Provider: JF)
- Torduckin0 #4th - Citadel BBS with chat and IM to support Torduckin. (Provider: JF)
- Leaf's underground horticulture - Minimalist, multipurpose text boards. No login required. (Host: FH)
- EpicIB - Private IB/Chan hosting by Onionymous. Boards: /tib (A TinyIB) (needs to be configured) - Broken 2012-01-23
- Torsquare - Anonymous board, shares posts and discussions with Torbook's public square.
- HackBB - Forums for hacking, carding, cracking, programming, anti-forensics, and other tech topics. Also a marketplace with escrow. Should be H/P/A/W/V/C but it can go under here as well.
- Freeside - WHY WAIT? Leave the crazy at the door.
- RedditTor - Anonymous Reddit. Broken until further notice.
Non-CP or generally safe imageboards on Tor.
- Torchan - /b/, /i/, programming, revolution, tons of other boards
- Anonchan - Boards: /b/ - Random, /a/ - Anime/Manga/NSFW.
- Hidden Image Site - HIS
- TriChan - Revived, now only has /p/ Pokemon, /mlp/ My Little Pony, and /b/ Random
- Lukochan - A Russian/English text discussion board in imageboard style.
- RundaChan - Share ideas and ask or answer questions
- Bobby's board Channel with currently only 2 boards but growing - about 75% LOL 0% uptime
Forums Scripts Besides SnapBBS
- PunBB 1.3.6 Forum script - During installation, you need not give your email address to create your forum! When registering you do not need feeding your e-mail! You can register without e-mail. The script does not register in the forum database your IP! nor the Administrator / Moderator cannot see your IP address gives you a much safer use of the forum because your IP is not logged anywhere in the database! Two mirrors download.
If anyone knows of anything else that provides this, send an e-mail.
Email / Messaging
See also: The compendium of clearnet Email providers.
- Startbook - online management of your bookmarks/favorites
- TorPM - Tor Private Messaging. (Provider: CS)
- SimplePM - A PM service by CWKU. No registration needed. (Host: FH)
- GPF AnonymousWebservices, clearnet - Proxies for I2P, mail, news, tor, web. By: GermanPrivacyFoundation
- Anonymoose Chat - An HTML-only chatroom. (Host: FH) (doesn't work) - Broken 2012-01-23
- GPF PrivacyBox, clearnet - Private messaging service. Proxies for I2P, tor, web. By: GermanPrivacyFoundation
- Tor Mail - Webmail/SMTP/IMAP/POP3. Can send/receive mail from outside Tor with a email@example.com address.
- Remailer Reliability Stats, clearnet, clearnet - Mixmaster/Cypherpunk remailer stats.
- mul.tiver.se, clearnet - Censorship-free distributed social network hosted by the Chinese Pirate Party DOWN 2012-01-05
- Newzbin, clearnet - Crowdsourced Usenet index based in the UK
- ChatRoom - BlaB! Lite AJAX based chat system, use any browser. No registration. (Host: FH)
- EFG Chat - HTTP refresh chatrooms. (Host: FH)
- Torbook - A way to make friends in onionland.
- ELIZA - Free pyschotherapy!
- n0id - n0id's crypto identity and contact page.
- Narcan's GPG key - Narcan's GPG key. (Host: FH)
- TorStatusNet - Twitter clone on tor.
- Heidenwut - Politics, Occultism, Spy vs Spy, Revolution!! clearnet
- BuggedPlanet.Info - Information on Telecommunication Interception Companies & Installations
- PURE EUROPE - Cleanse Europe of the dirt! (Host: FH)
- Keep Internet Open! - Small unofficial AnonOps site, currently instructing how to DDoS MasterCard and other WikiLeaks opponents.
- A website - Free speech advocacy. (About 50% uptime.)
- paraZite #2nd, clearnet 301 redirector - paraZite: Illicit activities advocacy and censored information archive.
- Neutering NOT Org, clearnet - Why Non-Human Beings Should NOT Be Castrated. Has WolfHowl.Org mirror. (Host: FH)
- House of Anonymous - Satirical manifesto regarding anonymous. (Host: FH)
- paraZite #1st, clearnet 301 redirector - paraZite: Illicit activities advocacy and censored information archive.
- FREEFOR - USA-based FREEdom FORces developing a turnkey distributed Temporary Autonomous Zone. FAQ
- The Movement of torism - New activist group organized in OnionSpace. (Host: FH)
- Wake up Europe! - This is a call to arms!
- Revolution Bunker - h3x's blog on censorship, hacking, privacy, crypto, capitalism, war, corruption, etc. (Host: FH) (not updated since August 2011)
- LoM's Revolutionary Codex - Revolution/Subversive texts, forum soon, blog. (Host: FH) (not updated since November 2010)
- Heidenwut - Politics, Occultism, Spy vs Spy, Revolution!! (Host: FH)
See also: WikiLeaks Official Site and Official Submission Onion (temporarily closed).
Hack, Phreak, Anarchy (internet), Warez, Virus, Crack.
- DOXBIN - DOX go here. A pastebin for personally identifiable information.
- HackBB - Forums for hacking, carding, cracking, programming, anti-forensics, and other tech topics. Includes a marketplace with escrow.
- VIAGRA - Read-only site with archives of files/texts related to hacking/security. DOWN 2012-01-09
- Carders Forums - Ministry of Fraudulently Affairs.
- hashparty - Password hash cracking site.
- Kaspersky Key Share - Get KAV and KIS keys here. DB ERROR (Provider: RA)
- OnionWarez - Warez forum
- Polyfront #2nd (mirror) - Tradecraft and security tutorials
- OpenSource Intelligence - LEA ops capability docs with an emphasis on cyber crime DOWN 2012-01-17
- OnionUserX Censor Page - Seriously, the fuck? Anyone mind reposting the original links?
- The KMs Bird (WhiteHex) - School hacker. (Host: FH)
- DeepSec, clearnet - An annual European two-day in-depth conference on computer, network, and application security.
- BRAMA - Linux/Wireless/Mobile tech consortium in Poland.
- TM Comm - For a Chaotic Tomorrow. (Host: FH)
- The KMs Bird (GreenBin) - School hacker. (Host: FH)
- Shell In A Box - Shell In A Box.
- Requiem - Software for removing iTunes DRM
- keys open doors - Mirror of geohot's PS3 hacking tools (censored on the clearnet by a Sony lawsuit)
- Speakeasy #2nd - Paper describing a highly-secured forum system (current version). (Host: FH)
- Crackwar - Pirates are the good guys! (Host: FH)
- Cycekkk - A browser exploit page using 302 mailto method. Tries to send bad words/links to Mr. Brejza. (Host: FH)
- Weird and Wonderful Old Stuff - A collection of old DOS and Windows software. (Host: FH)
- PayPal Store (no contact info) - Broken 2012-01-29
- New Diceware Lists - Randomization for file names. Multiple lists, more to come. (Host: FH)
- Speakeasy #1st - Paper describing a highly-secured forum system (old flawed version). (Host: FH)
- Onion Desktop - eyeOS web desktop. (Host: FH)
- Dear PayPal, (clearnet) - AntiSec's message.
- thE LisT oF SQL data bases! - MySQL credentials archive. Hosted on this page.
- bugmenot@tor - A user supplied database of account credentials for various websites.
Audio - Music / Streams
Video - Movies / TV
See also: Category:Novel - List of books on this wiki.
- The Tor Library - 47 GB. pdf, chm, djvu. Design by Russebertene
- Example rendezvous points page - Thomas Paine's Common Sense and The Federalist papers
- Destination Unknown - Small selection. Searchlores, Cryptonomicon, Thelema...
- LiberaTor - Making weapons, military training, and related subjects. (Host: FH)
- Free Bibliotheca Alexandrina - English, Spanish and German book fileserver and wiki. Mostly sf/fantasy. (Host: FH)
- The Laughing Nihilist - Drugs + writing. (Host: FH)
- Mister's Library - Mostly philosophical. (Host: FH) (403 Forbidden) - Broken 2012-01-23
- Mister - Collection of writings, art, selected texts and deeply personal views on philosophy of existence. (Host: FH)
- ParaZite - Collection of forbidden files and howto's (pdf, txt, etc.).
These sites have only drug-related information/talk. No sales or venues.
See also: Marketplace Reviews and Onion Reviews - Reviews of the marketplace experience (ALL reviews go in these articles, NOT in the listings below).
- oxiD Shop - Marijuana, Cocaine (Bitcoin)
- Silk Road - Marketplace with escrow (Bitcoin)
- Pot2Peer - Marijuana and cannabis products delivered safely and discreetly to your door. Always anonymous. (Bitcoin)
- Paradoxum - Cannabis, MDMA, LSD, Mushrooms, Coke, DMT (BTC, Dwolla, Pecunix, LR, Paxum)
- DrugSpace - Dispensary Grade Sour Diesel Marijuana and Cambodian strain Psilocybin Mushrooms. Get the URL from the Onion Reviews, people keep changing it here
- Trees by Mail Beta - Cannabis from Northern California (Bitcoin)
- and - Yummy edibles and other cannabis related stuff. Nothing but the best. (Paypal and Bitcoin)
See also: Marketplace Reviews - Reviews of the marketplace experience (ALL reviews go in this article, NOT in the listings below).
Services that defy categorization, or that have not yet been sorted.
- Kenny - You killed Kenny! You're a bastard! DOWN
- Carson - Nature Boy poem. Previously The Ultimate Guide for Anonymous and Secure Internet Usage v1.0.1.
- The LG enV2 - Very basic information and photo gallery about a wireless digital messaging phone. (Host: FH)
- Questions and Answers - A little truth game. Ask questions and give answers anonymously. Answers also support image uploading.
- noreason - Info and pdf files on weapons, locks, survival, poisons, protesters, how to kill. Hidden Wiki, TorDir, Steal this wiki, Telecomix Crypto Munitions Bureau mirrors. Guro, dofantasy / Fansadox Collection. DOWN D:
- The Outlaw Project - "Free for all" - links to various files and known .onion sites. Onion address hosted an FTP service.
- Fenergy file-server - File collection that includes books and other resources energy related.
Czech / ?eština
Danish / Dansk
- DanishChan - Scandinavian focused imageboard. Boards include drugs and IT security as well as a Random board. Fast and clean layout, little downtime.
- drugs.dk - Danish Drug Trade. (Host: CS)
Dutch / Nederlands
Estonian / Eesti
- Vileveeb - Anonüümsete raportite esitamine. DOWN 2012-01-24
Finnish / Suomi
French / Français
German / Deutsch
Hebrew / ?????
- Samim.onion - Selling and shipping of drugs and medicine in Israel (Bitcoin). (Host: FH)
Italian / Italiano
Japanese / ???
Korean / ???
Polish / Polski
- Torowisko - Forum Polskiej Spo?eczno?ci Tor. Nowe ogólnotematyczne forum bez rejestracji i cenzury. Godny Nast?pca Onionforum, ju? z ponad 8000 postami (codziennie przybywaj? nowe!). (Host: FH)
- Fundacja Panoptykon, clearnet - Strona fundacji przeciwstawiaj?cej si? coraz powszechniejszej inwigilacji oraz tendencjom nasilania nadzoru i kontroli nad spo?ecze?stwem.
- George Orwell "Rok 1984" - polskie t?umaczenie znanej powie?ci
- Polska Ukryta Wiki - PUW, wiki polskiej spo?eczno?ci Tor. (Host: FH)
- FAQ – Freely Answered Questions - Portal typu Q&A, gdzie mo?esz zadawa? pytania zwi?zane z undergroundem (czyt. pytania niewygodne). (Host: FH)
Strony porzucone, nieaktywne lub ?mieciowe:
Portuguese / Portugues
Russian / ???????
- R2D2 - ????????? ?????, ??????? ????????????, ???????? ????????
- Runion - ????????? ?????: Bitcoin, Tor, ????????? ?????
- Runion Wiki - ??????? ?????? ? ????????? ? Runion ?? ???????
- ??????? - ??????? ??????? ?????. (Host: FH)
- ???? - ??????????? ???????? ???????? ?????????????. (Host: FH)
- ??? - ????????? ????????????? ?????.
- ????????, clearnet - ?????? ???????? ????????????? ????????? ????????.
- ?????-?????? - ????? ??????? ?????? ? ???? ?? ??????? ?????. (Host: FH)
- Russian Road - ??????? Silk Road(?????????, ??????, ?????????, ?????????)
Slovak / Slovenský
Spanish / Español
- Abusos - Abusos judiciales en España.
- Quema tu móvil!, clearnet - Interceptación de comunicaciones móviles. Cell phone eavesdropping techniques used by Intel agencies. DOWN 2012-01-24
- HoneyNet, clearnet - Hacking ético, técnicas especiales de seguridad empleadas en los test de intrusión para evitar ser detectados. DOWN 2012-01-24
- T0rtilla - Shoutox webchat. (Host: FH)
- CebollaChan - CebollaChan, el tor-chan en Castellano.
- T0rtilla - Shoutbox webchat. (Direct FH URL). (Host: FH)
- Forocoches 2.0 - Torocoches - Forocoches 2.0 (Host: FH)
Swedish / Svenska
Hidden Services - Other Protocols
Volunteers last verified that all services in this section were up, or marked as DOWN, on: 2011-06-08
For configuration and service/uptime testing, all services in this section MUST list the active port in their address. Exception: HTTP on 80, HTTPS on 443.
For help with configuration, see the TorifyHOWTO and End-to-end connectivity issues.
Running P2P protocols within Tor requires OnionCat. Therefore, see the OnionCat section for those P2P services.
IMPORTANT: It is possible to use Tor for P2P. However, if you do, the right thing must also be done by giving back the bandwidth used. Otherwise, if this is not done, Tor will be crushed taking everyone along with it.
- The Pirate Bay - Download music, movies, games, software! The Pirate Bay - The galaxy's most resilient BitTorrent site - Official(?)
- GNUnet files sharing - GNUnet URI index site with forum. (Host: FH)
- Sea Kitten Palace - Torrent site and tracker for extreme content (real gore, animal torture, shockumentaries/mondo cinema, and Disney movies)
- AshANitY - Anonymous sharing of Humanity, torrents. (Host: FH)
Chat centric services
Some people and their usual server hangouts may be found in the Contact Directory.
See also: IRC Anonymity Guide
- AnoNet - Each server is on its own network and connects to a chat cloud
running on: (various).oftc.net, ports:: plaintext: 6667 ssl: 6697
- Federation: OnionNet - IRC network comprised of:
running on: unknown, ports:: plaintext: 6668, ssl: none
running on: (various).freenode.net, ports:: plaintext: 6667 ssl: 6697/7070
running on: kropotkin.computersforpeace.net, ports:: plaintext: none ssl: 6697
running on: unknown, ports:: plaintext: 6667 ssl: 9999
- hackint - hackint is a communication network for the hacker community.
running on: lechuck.darmstadt.ccc.de, ports:: plaintext: none ssl: 6697
running on: unknown, ports:: ssl: 6697
XMPP (formerly Jabber)
- xmpp:ch4an3siqc436soc.onion:5222 – public server. No SSL. Chatrooms. No S2S. – DOWN 2011-08-01
- xmpp:okj7xc6j2szr2y75.onion:5222 – xmpp:jabber.ccc.de:5222 as a hidden service
Humans are listed in the above contact directory. Bots are listed below.
- 7oj5u53estwg2pvu.onion:11009 – TorChat InfoServ #2nd, by ACS.
- gfxvz7ff3bzrtmu4.onion:11009 – TorChat InfoServ #1st, by ACS.
List of only the Tor-backed fd87:d87e:eb43::/48 address space, sorted by onion. There are instructions for using OnionCat, Gnutella, BitTorrent Client, and BitTorrent Tracker.
- fd87:d87e:eb43:f683:64ac:73f9:61ac:9a00 – ICMPv6 Echo Reply
- a5ccbdkubbr2jlcp.onion:8060 – mail.onion.aio
- fd87:d87e:eb43:0744:208d:5408:63a4:ac4f – ICMPv6 Echo Reply
- ce2irrcozpei33e6.onion:8060 – bank-killah
- fd87:d87e:eb43:1134:88c4:4ecb:c88d:ec9e – ICMPv6 Echo Reply
- [fd87:d87e:eb43:1134:88c4:4ecb:c88d:ec9e]:8333 – Bitcoin Seed Node
- taswebqlseworuhc.onion:8060 – TasWeb – DOWN 2011-09-08
- fd87:d87e:eb43:9825:6206:0b91:2ce8:d0e2 – ICMPv6 Echo Reply
- vso3r6cmjoomhhgg.onion:8060 – echelon
- fd87:d87e:eb43:ac9d:b8f8:4c4b:9cc3:9cc6 – ICMPv6 Echo Reply
- bitcoinbudtoeks7.onion:8333 – DOWN 2011-08-20
- nlnsivjku4x4lu5n.onion:8333 – DOWN 2011-08-20
Dead Hidden Services
Main article: List of dead hidden services
Do not simply remove services that appear to be offline from the above list! Services can go down temporarily, so we keep track of when they do and maintain a list of dead hidden services.
- In addition to an onion simply being gone (Tor cannot resolve the onion), sites that display 404 (and use a known onion/URL based hosting service) are the only other thing that is considered truly DOWN. Presumably the account is gone.
- If a service has been down for a while, tag it with ‘ – DOWN YYYY-MM-DD’ (your guess as to when it went down).
- If a tagged service on the above list of live hidden services has come back up, remove the DOWN tag.
- If a tagged service is still down after a month, please move it (along with the DOWN tag) to the list of dead hidden services.
- The general idea of the remaining four service states below is that, if the Hidden Service Descriptor is available, and something is responding behind it… the service is considered up, and we track that fact on the Main Page. If any of these subsequently go offline, append the DOWN tag and handle as above.
- Hello world’s / statements, minimal sites, services with low user activity, etc (while boring)… are listed as usual.
- Broken services are those that display 404 (and do not use a known hosting service), PHP or other errors (or they fail silently)… any of which prevent the use of the service as intended. They also include blank pages, empty dirs and neglected status notes. Presumably the operator is in limbo. Broken services are tagged with ‘ (reason) – Broken YYYY-MM-DD’ (your guess as to when it went broken)
- Services that automatically redirect to another service (such as by HTTP protocol or script), have their redirection destinations noted in their descriptions. These are tagged with ‘ – Redir YYYY-MM-DD’ (your guess as to when it went redir)
- Sites that are formally closed via announcement are tagged with ‘ – Closed YYYY-MM-DD’ (your guess as to when it went closed)
Kerb on Security Interview:
Black Market : Tales from the underground
ATM skimming is proliferating, next to the overall availability of bank plastic cards, holograms and pretty much everything a carder needs to cash out the fraudulently obtained credit card data. From ATM skimmers with bluetooth notification, to ATM skimmers with SMS notification, what are some of the latest innovations in this field that you’re observing?
Brian: One innovation in skimming that I wrote about recently is that crooks are starting to turn to 3D Printers to make these devices. An investigator in California shared with me some photos of was was believed to be a 3D printed skimming device, which was the news hook for that story. But as I was researching the topic, I discovered that a skimmer gang had recently been convicted of creating skimming devices made with a 3D printer they had purchased with the proceeds of their previous skimming crimes.
pharmaceutical affiliate networks
Brian: I think there are a few trends emerging, and they all have to do with the fact that it’s getting harder for rogue pharmacies to make money. One is a shift toward more generic and herbal medications. The affiliate programs seem to be looking for drugs to sell that don’t incur intellectual property violation cases, which can get them shut down in a hurry. But I think it is becoming much harder for the larger volume spam and scareware affiliate programs out there to retain reliable processing, and that’s a long overdue but welcome development.
Eastern Europe is the epicenter of the cybercrime epidemic
Brian: If you mean financially-motivated cybercrime that affects the rest of the world, I would say without question hackers in Russia and Eastern Europe are the most active, if not also the most profitable. I think there are cases where (dis)organized crime groups have and are conducting a lot of cybercrimes, but many of these sophisticated groups tend to be regional and stick to attacking their own (Brazil is a good example).
But generally speaking I think it is a mistake to try to measure cybercrime by actual losses, which almost never comes close to the real losses and damage done by cybercrime, costs incurred by software and hardware and personnel defenses, etc. Don’t get me wrong: I strongly believe that all nations should be working harder to quantify and publish data about cybercrime losses, particularly in the financial sectors. But the reality is that even some of the most active criminal groups — such as the rogue pharmacy “partnerka” programs like SpamIt and GlavMed and Rx-Promotion — employed some of the biggest botmasters with the biggest botnets, and while some of them made a lot of money, most did not. And the spam partnerkas are excellent examples of cases where there are huge asymmetries between their earnings for these activities and the tens of billions of dollars companies and individuals need to spend each year to try to block all of its attendant ills.
active malware/crimeware campaigns:
I think we can continue to expect to see Microsoft doing whatever it can to disrupt cyber criminal activity, because 95 percent of it or more is aimed squarely at their customer base. Whether the gains from those take downs and targeted actions have long or short-term consequences may not be so important to Microsoft. From my lengthy interviews with Microsoft’s chief legal strategist on this subject, it was clear that their first order of business with these actions is raising the costs of doing business for the bad guys, and I think on that front they probably will succeed in the long run if they keep going after them as they are.
cybercrime ecosystem – sophisticated cybercriminals
I consider it a badge of honor that these guys bother to thumb their noses at me. The most recent one I’m aware of was whoever was in charge of coding the Citadel Trojan added some strings in the malware that said, “”Coded by BRIAN KREBS for personal use only. I love my job & wife”. Sort of a friendly jab and a vague, nonspecific threat rolled into one. Sometimes it is just kids looking for attention, but by and large I think most of these guys truly resent having any outside light — especially from “amers” or Americans — shed on their operations. They also don’t like it when you distill their operations, norms or processes into bite sized chunks that demystify their ecosystem or forums.
I can’t speak for law enforcement activity, but as a journalist and investigative reporter, I’m always sad to see these communities go away. I think it’s safe to say that most of them are already infiltrated by several national law enforcement organizations. I’d be very surprised if they were not. Some operating right now probably were even set up by law enforcement. We’ve seen them do that a few times before. I think most of the fraudsters who’ve been doing this long enough probably understand that and act accordingly. Others do not, and that is why you tend to see lots of people come and go, but the same core group of a few hundred guys are the top dogs on most important forums.
Communities and crime forums are great places to learn intelligence about upcoming and ongoing attacks, breaches, 0days, etc. Shutting them down seems to me to be counterproductive, since you almost always force the forums to go more underground and use more security features to keep untrusted people out, and known sources of intelligence go away, or worse yet change their nicks and contact info and all of a sudden a source you have developed you may never see or hear from again.
Risk-forwarding cybercrime ecosystem
the rise of money mule recruitment
Brian: I’ve identified quite a few distinct money mule recruitment networks. I don’t know about templates, but many of them tend to recycle the same HMTL content and change the names of the fake companies. That’s handy I guess for keeping track of which group recruited which mules, but beyond that I’m not sure it tells you much. What I have noticed is that money mules are the bottleneck for this type of fraud, and often
times the cyber crooks will leave money in the victim’s account because they simply didn’t have enough mules to help them haul all of the loot. So with any one victim, it’s typical to find mules recruited through 4-6 different mule recruitment gangs, because the fraudsters who outsource this recruitment will simply go from one to the other purchasing the services of these recruitment gangs until they’ve got enough to help them haul the loot, or they’ve exhausted the available mule supply. But usually, the mule gangs don’t have any problem finding new recruits.
Are reshipping mules more popular than money mules
Brian: I think reshipping mules tend to be more useful. Most regular money mules are one-and-done. They’re used for a single task and then discarded (although one group I am following re-uses money mules as many times as they can before the mule starts to ask for their monthly salary). Typically, a reshipping gang will get 3-5 packages reshipped per weekday per mule, and the average reshipping mule works for 30 days before figuring out they’ve been working for free and great personal risk and they’re never going to get paid, or the check they got from their employer just bounced. But several mule gangs I’m aware of do both reshipping and money mules interchangeably.
advanced persistent threats (APT attacks)
Brian: I think if there has been a net positive about the shift in focus (at least from the mainstream security industry) away from traditional threats to APT attacks it is in the increased attention paid to social engineering attacks, which form the basis of most successful attacks today. 0day threats get a lot of press and are frequently associated with APT attacks, but it is far more common for these attacks to leverage known vulnerabilities for which there are patches, much like exploit packs that are used in many Zeus attacks and other more traditional cyber crimes. Unfortunately, educating users about what not to click on or trust or open is always an uphill battle. There are some things that companies could be doing more on this front, and I’d like to see more firms randomly test their employees to help speed the process of learning how not to fall for phishing and social engineering scams.
scareware industry, scareware remains one of the most profitable monetization strategies within the cybercrime ecosystem
Brian: I don’t think scareware is the same scourge it used to be, although it’s clearly still a problem. I would say this problem — like the pharma spam problem — must be attacked at the payment processing point; that is where it makes the most sense. There are some things afoot in the payment processing space that I think will probably start to show major results in the coming months on this front, but the proof will be when the scareware partnerka programs start dying off completely because the business model has dried up. I think we can expect to see the costs of acquiring banks taking on this business continue to rise, and that will help make the scareware industry less profitable and less attractive for scammers.
like the pharma spam problem