v2 domains in the Tor network are becoming obsolete. The number of v3 domains is growing steadily and users appreciate their enhanced security.
In the last two years, the anonymity standards of the Tor network have changed dramatically. The goal of the updates was to improve the looks and functionality of .onion domains.
The Updates Calendar
Years ago, the Tor team announced that they were planning to enhance the network’s privacy, security and the potential to withstand deanonymization attacks. When they began the works, it took them around 14 months to finalize the process:
September 2020 – v0.4.4 of the Tor anonymity software saw light. It informed server operators of the fact that v2 addresses would become obsolete.
July 2020 – Tor v0.4.6 was released. New v2 onion domains could not be registered anymore.
October 2021 – Stable versions were released for all Tor branches. None of them supported v2 sites.
November 2021 – Tor Browser 11 was released. It failed to support v2 domains.
v2 addresses offered 16-character-long .onion domains. Their v3 counterparts feature 56-character-long domains. And that’s the main essence of the updates.
How Many v2 Sites Remain Accessible?
Tor’s team announced their plans well in advance, so both website owners and users had enough time to prepare. However, the network still largely relies on v2 addresses.
DarkOwl, a darknet monitoring organization, has shared the following insightful figures:
In total, there were approximately 104,100 active .onion services
38% of them belonged to the v3 segment
62% remain in the v2 category
These statistics were obtained through the DarkOwl’s Vision platform.
In July 2021, DarkOwl reported a dramatic increase in the number of new v3 domains. In the last 14 days of that month, almost 3,000 v3 domains appeared in the network. The most obvious reason for that trend was the fullscreen warning, created in preparation for the Tor browser’s v11 update in the fall. Anyone who tried to access a v2 domain would see it.
Since then, the number of v3 addresses in the network keeps growing and the number of their v2 counterparts keeps decreasing.
The Current Situation
Now, website owners can’t register new v2 domains. Users fail to visit v2 domains through the newest version of the Tor browser. But those who keep an older version of the browser should still be able to load a v2 domain.
At the moment of this text being written, v3 sites account for less than one-half of all the domains of the Tor network. But in 2022, v2 domains are expected to become extinct. In a few months, most Tor node operators will be required to update their servers to versions that fail to support v2 domains.
UPDATE. Is dark.fail down? No, but after the hack and seizing dark.fail domain – dark.fail moved to DARK.PE
Hackers seized control of a dark web market directory to steal Bitcoin from customers who attempted to buy drugs as usual. The attackers used a rather common phishing technique and managed to succeed thanks to an exceptionally high level of professionalism. The Vice online magazine was the first to report this news.
The name of that ill-fated web resource is dark.fail. For four whole days, hackers were using the opportunity to steal crypto and confidential information of people who visited any of the markets linked by the directory.
What Exactly Happened?
On April 28, someone acquired dark.fail. This person never revealed their name. To transfer the site’s ownership to a new administrator, the perpetrators relied on fake court orders.
Dark.fail is managed by privacy-centric Njalla, co-founded by Pirate Bay’s Peter Sunde in 2017. This service acts as middleware for individuals who would like to purchase domains anonymously. It bought dark.fail from Tucows, via Tucows’ Hover.
Sunde took to Twitter to explain how the story unfolded. The district court of Cologne, Germany allegedly sent an order to Tucows to demand ownership of three domains. One of them was registered through Hover and the others with Njalla.
Hover promptly transferred dark.fail to the hacker’s Namecheap registration. Sunde emphasized that the forged order also featured a gag order, which means the registrant didn’t know what was going on.
This story might sound a bit weird — but we should take into account that Tucows might need to deal with a whole avalanche of court orders. Maybe, they were just too busy to scrutinize one particular paper. Meanwhile, it was a classic phishing trick. The document looked highly plausible and the domain was almost correct. Anyone who had tried browsing it would have ended up on the right site.
How Did the Attack Manage to Last for the Whole Four Days?
In his Twitter thread, Sunde specified the following information about the attack. The hacker swiftly altered all links dark.fail to phish passwords, logins and other confidential details. Third-party sites were posing as dark web markets to steal people’s money.
Dark web markets normally accept BTC. Customers transferred their funds to addresses under hackers’ control, believing they were purchasing substances from markets.
Neither Hover nor Njalla could not do anything to stop the crime simply because they were not aware! As soon as they realized what a disaster was going on, they quickly responded to the attack. Yet it took four days to coax Namecheap to transfer the admin rights back.
The Results of the Attack
Now, you can access the fully operational onion version of dark.fail through the Tor browser. Plus, you can find archived versions of dark.fail displaying its dark web market status reports.
The organizers of the attack remain unknown. There is no clear evidence on how many people fell prey to hackers.
And the Trickiest Thing Is That…
Namecheap fails to admit that the court order was forged! The paper looked like it was 100% real. The company even issued a statement to support its point of view. The domain mentioned in the court order is registered through them. The web redirect is hosted with them and the incoming email is hosted by them. It hardly makes sense to deny the facts…
In his Twitter, Sunde repeats how well-versed the hacker is — and his words can serve as a warning for everyone else.
After the hack, dark.fail owner decided to move all content to https://dark.pe
DNStats.net went down in history as the first uptime monitor for onion services that was accessible to the general public. Darknet users knew that this resource was one of the few credible providers of dark web market mirrors. It used to be a firm favorite among market buyers, researchers and even police officers. Yet in 2018, things suddenly went wrong. The good old DNStats unexpectedly started shilling and redirecting users to fake markets. From this review, you’ll get to know how the story unfolded.
Please mind that this article was written about DNStats.net. You might come across some other resources whose names sound similar — but they won’t be discussed in this text.
DNStats Reddit Announcement
In mid-Spring 2014, a Reddit user /u/select1on announced the launch of DNStats.net on the /r/darknetmarkets subreddit. Followthis linkto check an archived version of that piece of news.
Back then, this information didn’t cause a sensation at all. Nevertheless, it took DNStats very little time to become one of the most reputable resources with marketplace mirrors and uptime information. Today, there are too many look-alike uptime monitors and news resources of this type. Instead of generating unique content, their copy it from elsewhere and paste with little or no editing.
It would be fair to say that in this sphere, supply exceeds demand. When you want to find a working mirror of a certain darknet marketplace, it should take you less than one minute. And you can be sure that you’ll discover numerous phishing sites on your way too.
Yet in the mid-2010s, there was a completely different situation. The number of sites for finding mirrors or checking the news on the clearnet was limited. In 2014, DNStats came as a revelation and we shouldn’t underestimate its importance for the Internet environment of that decade.
This screenshot shows the looks of the original DNStats.net after a redesign
In late 2011, the Silk Road subreddit was launched. Next year, Eileen Ormsby covered this marketplace in “All Things Vice“. By the end of 2013, DeepDotWeb and /r/darknetmarkets were launched. In a few months,DNStats and Grams saw light— and both were rather innovative for their time. The former, as was already said above in this article, provided marketplace mirrors and historical uptime data. The latter had search, Flow, Helix, Helix Light and Infodesk, to name a few.
To explain the significance of DNStats to its audience, we should probably use a comparison. For the audience of Agora Market, it was just as important asDark.Failwas to people who used Empire Market. The /r/darknetmarkets subreddit referred users to DNStats to check market uptime and Grams to check vendor profiles and data.
DNStats used to list the lifetime availability of multiple marketplaces
There were times when you would see the Dark.Fail link in the /r/onions subreddit’s sidebar. Then, it was replaced by the link to DNStats.net.
/r/darknetmarkets and DNstats left, /r/onions and Dark.fail right
DNStats Phishing Scandal
The previous admin of DNStats was a person with an impeccable reputation who had hardly any nefarious motives. Unfortunately, the individual who is supervising DNStats now pursues other goals. In late 2018, the design and functionality of the once-reliable project changed dramatically.
This is a screenshot of the new DNStats
If you try to dig a bit deeper, you’ll be unlikely to discover any valuable facts or reminiscence about the service. The good thing is that the current version of DNStats indeed features a few listings that display uptime information. But you’ll be able to see it only if the last hour is available. So the service is not as useful as it could have been. And alas, it’s not the only problem with it.
The most blatant issue is that the new DNStats displays phishing links that lead to fraudulent marketplaces and other overt scams. One of the most vivid examples is the listing for Escobay. The team behind it copied theCannaHome interface, so this platform might look like a market at the first sight. Moreover, Escobay tries to load some assets from a defunct CannaHome onion address. But in fact, it’s not a marketplace at all.
These days, you might come across weird links on DNStats. They lead to web resources that seem to have been launched yesterday. The lack of history is not a tell-tale sign of a scam but it creates a dubious situation. If only dicey sites refer to any onion service, users might start to ask rightful questions about the credibility of all parties involved.
BlackPass Market as well as a few other listings are mirrored by only other resources with a bad reputation. These resources got notorious for misinforming their audience and promoting scam projects.
DNStats left, another scam project of this type on the right
As for the legitimate darknet marketplaces, DNStats lists them too. But it is much more focused on their fraudulent counterparts. Basically, the situation is the same as on Dark.fail.
Besides, you shouldn’t 100% trust the descriptions for the listed markets. DNStats often shares wrong facts and value judgments. It might say that a certain platform is large and versatile — while in fact, it might be rather small and dedicated to one or several particular types of products.
DNStats characterizes Big Blue Market inaccurately, thus misinforming its users
Is DNStats Legit at all in Its Current Version?
Based on the Archive.org data, we can see that it took DNStats around one year to transform to a newer version. The conversion began in mid-Autumn 2018.
The new administrator of the platform got rid of all remainders of the DNStats that we liked so much. He or she placed referral links to Wall Street and Dream markets on the main page. A search of these links gave no results.
And that was just the first step on the long way to degradation. The loyal audience of DNStats quickly guessed that the previous admin was no longer in charge of the site. Some people were smart enough to pay attention to meaningful detail.
The last update of Whois recordstook place in 2017. That was months before DNStats began to deteriorate. This fact might prove that the initial administration never sold or transferred the domain to a third party. Consequently, the new admin seems to have legitimate access to the platform. Alternatively, they might have stolen the credentials and used them to modify the DNS settings.
Some day after September 27, 2018, the old admin deleted his or her Reddit account. The lastpost on Twitterwas published in July 2018. People who wrote emails to the publicly listed DNStats address never got any response. In August 2018, the DNStats donation wallet (1DNstATs59JANuXjbpS5ngWHqvApAhYHBS) sent BTC to an unknown recipient for the last time.
On October 28, 2018, the DNStats mx servers switched to Yandex — previously, they relied on Google Mail. As you remember, that was the day when the transition from Njalla to Cloudflare took place. Before that, DNStats hadn’t relied on the services of a webmaster. It hadn’t used the search console to verify TXT records. But suddenly, it got both.
This is the Google Search console TXT record from February 15, which was the latest update:
What we know for sure is that DNStats is alive and kicking. Its DNS records were tweaked. Someone keeps sharing Department of Justice press releases on the news page. Some time ago, the site warned its visitors about theApollon Market exit scam.
There is a referral link to Empire Market on DNStats — and it might give hints on the new administrator of the site. The description of the marketfeatures this link twice. The curious thing is that DNStats seems to be the only indexed site that offers this link — and it’s a phishing one.
However, you can find that link if you type “/ref/760948” in the DuckDuckGo search bar.
This is what you’ll see when you try to search for the Empire referral through DuckDuckGo
If we analyze the uniqueness of texts on DNStats, we’ll see that all the marketplace descriptions were purposefully created for this site. They often contain mistakes and misprints, which means that they might be written by the same person each time. Such misprints are not typical of any other site. But when the administrator writes news pieces, he or she copies them from the USAO press releases.
The overall impression is that the person who is in charge of DNStats now has certain expertise in frauds. Most likely, he or she has gained experience on some other sites of this type before. DNStats doesn’t closely resemble any other resource from its sphere, which is a bit weird.
We can suspect that the new admin of the site used to work for the old one for some time. At the beginning of 2015, /u/select1onshared a job offerfor a person who could carry out some research on dark web sites. That offer was very concise and lacked any details. It’s hard to say whether the employer managed to hire anyone then. But even if they did, they might have refused to share admin credentials with them.
In summer 2015, the old admin openly confessed that he or she had hired a developer to handle the database. Maybe, not one person but several professionals got access to the DNStats infrastructure. The administrator didn’t specify whether this helper or helpers worked with all the infrastructure of the site or just a part of it. Today, we might assume that a hired person became the new owner of the site. Yet we shouldn’t completely exclude another possibility: what if it’s the same old admin?
Just Sharing Some Guesswork
This is just one of the numerous theories whose authors try to explain what happened to DNStats. Maybe, the old administrator of this resource decided to disappear from the public eye for some reason. He (or she) posted his (or her) last tweet in July 2018. Three months later, they deleted their Reddit account. In August 2018, they transferred BTC to someone for the last time. By that moment, people had sent a total of 28.30143634 BTC to the DNStats donation address. At the current exchange rate, that’s a colossal sum.
Could the police arrest this person for any illegal activity on the darknet? In theory, yes. But if we think realistically, such an assumption would seem unlikely because DNStats keeps operating.
Back then, DeepDotWeb was still free. For many people, marketplace referral links from this site served as a source of income. After DeepDotWeb was shut down, quite a few sites that had made money on such links had to stop their operations as well.
According to one of the most popular versions, the DNStats administrator might have known or guessed what would happen to DeepDotWeb. He or she realized that DNStats would face the same fate. It was rather obvious that the DNStats administrator relied on affiliate links.Data from the blockchaincan easily prove that.
In October 2018, the site announced thelaunch of Masterlist. During that troublesome transition period, no other relevant pieces of news went live. Some suspicious individuals might think that DNStats and Masterlist were somehow connected — but there is no evidence for this conjecture.
So we can just take it for granted that the initial administrator left DNStats. He or she might have sold the domain deliberately. Otherwise, a third party might have seized the domain. No one seems to know for sure what happened exactly.
The last solid fact we know is that the original DNStats admin kept on tweeting systematically until July 2018. Then, the only thing we can do is to ask questions.
What happened between that last tweet and the day when they used their BTC wallet for the last time?
Why didn’t the admin delete their Reddit account immediately but waited for months to do it? That account contained his or her private data.
Can some of our readers shed light on these mysterious events? If yes, feel free to get in touch with us! We’ll be glad to listen to your version.
Shiny_Flakes the Teenage Drug Lord” is the name of the new documentary by Eva Müller. This freshly released movie is bound to become a massive hit. It is based on the true story of a German teen whose real name is Maximilian Schmidt. However, he is better known on a global scale thanks to his Shiny Flakes alias. Previously, Netflix has already launched a drama series called “How to Sell Drugs Online Fast” — but that was a fictionalized version of Shiny Flakes the teenage drug lord. Now, it’s time to watch a film about real-life events.
Who Is Shiny Flakes?
This guy was doing shady business from his childhood bedroom. He packed up the drugs right from the home that he shared with his mother. His ShinyFlakes.com website existed for 14 months and enabled the young entrepreneur to make serious money — 4.1 million euros, to be precise. In February 2015, the German police arrested the juvenile drug lord. He was just 19 years old.
How Did Shiny Flakes Sell Drugs Online?
The Shiny Flakes drug empire operated very differently from an average online store on the dark web. In his own words, Schmidt wanted the process of purchasing drugs to be just as quick and simple as buying shoes online.
Using his online connections, he established a collaboration with a reliable supplier. The shop’s assortment included cocaine, meth, LSD, marijuana, prescription drugs and many other items. Consumers would add the desired items to their carts in a couple of clicks, just as in a regular online store. They paid upfront with Bitcoin and received their orders through the traditional postal service. The drugs would arrive at your doorstep faster than Amazon Prime orders.
It took this business only a couple of months to properly take off.
Two Mistakes That the Drug Lord Made
When developing his business, Schmid hit a few bumps. For instance, he kept visiting the same postage station for his deliveries, located not far from his house and in view of CCTV cameras.
Plus, once he put an incorrect address on one of the packages. When the parcel was returned, it was opened and drugs were found inside.
These occasional blunders made it easier for the police to identify the offender.
The Fateful Interview to Vice
In 2014, Shiny Flakes the teenage drug lord gave an interview to Vice magazine. He was reckless enough to confirm that he lived in Germany. He boasted he was selling an “exclusive selection of pills” from his childhood bedroom. Also, he confessed that he relied on the statistical analysis of consumers and their purchasing habits to maximize sales.
This interview gave clear hints to law enforcement agencies on where to look for the young criminal.
What Happened After the Police Arrested Maximilian Schmidt?
Law enforcement officers logged into Schmidt’s computer that he used to sell drugs online. They got hold of a database with thousands of customers and opened more than 4,000 criminal proceedings. Maximilian underwent hundreds of trials as a witness for those who had allegedly bought drugs from his site.
The court treated Schmidt as a minor because of his “emotional immaturity”. He got a seven year sentence and was sent to a juvenile prison. However, he was released from prison in June 2019 after serving just over half of these seven years.
What Happened to His Drug Empire After His Arrest?
Maximilian Schmidt claims he doesn’t have a single cent of the $4.1-million-euro fortune. No one knows whether it’s true or not. Reportedly, the police have not been able to access two Bitcoin wallets that belonged to the offender.
The Netflix Series
The first installment of the “How to Sell Drugs Online Fast” Netflix series saw light in 2019. It consists of three episodes, the last of which was released in summer 2021. Two best teenage friends, Moritz Zimmermann (Maximilian Mundt) and Lenny Sander (Danilo Kamperidis), try their hand at selling drugs to impress Moritz’s ex-girlfriend. That’s not a documentary but a fictionalized version of Schmidt’s story.
Director Eva Müller thought it might be interesting to show a bigger picture and created the “Shiny_Flakes the Teenage Drug Lord” documentary. The 96-minutes-long film was first streamed on Netflix in the United States on August 3, 2021. This version is based on real facts. You can see and listen to Maximilian Schmidt himself speaking about his business.
Feel free to start the video play in a modal window! If you wish, you can do it with default values. To see dialog captions, you can open the modal dialog. You’ll be able to close modal dialog end at any moment (to close modal dialog, you should push the escape key). Also, you’ll be able to check the full audio track fullscreen or the selected audio track fullscreen.
The Appeal of the Main Protagonist
The baby faced drug lord used to be unpopular at school — but he found a way to improve his social status. The young man has no remorse for what he did. At first, he might seem like a romantic figure, a teen idol. The beginning of his success story might impress thousands of lonely, antisocial teenagers. But in the end, who would like to find themselves behind the bars?
What’s Going On with the Teenage Drug Lord Right Now?
The final moments of the documentary show the arrest of several individuals in August 2020 in relation to a drugs bust in Leipzig. Maximilian Schmidt aka Shiny Flakes was one of them. By 2021, he was placed under a fresh investigation for a new alleged offense. Soon, he might face another prison sentence — yet until the end of the trial, he is presumed innocent.
“Shiny_Flakes the Teenage Drug Lord” is an informative and exciting movie. It brilliantly showcases the potential of digital technologies and the risks connected with running illegal businesses. Hopefully, the true story of a teenage drug lord won’t inspire other young people to follow his suit.
Attention, Tor users! On October 15th, 2021, this browser will deactivate its onion service v2. After this deadline, all v2 onion addresses will become invalid. The new v3 standard will be introduced to ensure better security. Read this article till the end to get to know about the reasons and the potential consequences of the changes.
A Brief Background
In July 2020, the Tor Project shared a timeline for the deprecation of Tor V2 Onion support and services (The Onion Router Version 3 services). The team behind the browser did so in order to integrate the more secure Version 3 or V3 of the onion services. Back then, the developers announced that the V2 services (that is, Tor’s brief encrypted services), will no longer be functional by the 16th of October 2021.
The subscribers of the Tor mailing list received a statement from David Goulet, one of the developers. David reminded them of the fact that the onion service v2 used RSA1024 and 80 bit SHA1 (truncated) addresses. Plus, it relied on the TAP handshake which had been entirely removed from the browser for many years — except v2 services. The outdated TAP handshake made Tor prone to enumeration and location-prediction attacks due to its simplistic directory system. HSDir relays could get enough power to enumerate or even block v2 services. As David said, v2 services will not be developed nor maintained anymore to address the most severe Tor security issues.
What to Do and What to Beware of
The essence of the innovation consists in the following: the v3 standard will replace SHA1/DH/RSA1024 with SHA3/ed25519/curve25519, providing better cryptographic algorithms.
Tor users will need to make sure that they use v3 onion addresses for all the sites that they visit. You’ll effortlessly spot the difference even if you lack profound technical knowledge. The new v3 onion domains will have 56 characters while their outdated v2 counterparts consist of only 16.
Most likely, hackers will try to fool users by creating phishing links for new domains. For this reason, you should get the new v3 addresses for the sites that you use only from trusted sources – preferably, directly from the administrations of these sites.
To stay up to date with the news, keep checking the official blog of the Tor project and their mailing list. Don’t wait until the deadline! Feel free to start using the v3 addresses right now!
Dealers had 48 hours to remove the listings. The community’s reaction to the ban was controversial.
Many people imagine the darknet as an entirely uncontrolled area. This stereotype has little in common with reality. Market owners go to great lengths to make the dark web a safer and more transparent place. They do it because this raises their brand awareness and people start to trust them more. This is just one example of what the darknet can do to self-regulate.
Deathly Fentanyl Banned from Sale
According to the information provided by Deep Dot Web, one dark web marketplace banned sales of fentanyl. This powerful drug has caused a wave of deaths, so the community decided to take measures to prevent further fatalities.
The administrator of the Darknet Heroes League (DHL) marketplace shared an announcement saying that neither fentanyl nor its analogs will be available on sale. They emphasized that the market made this step to protect its customers’ lives and wellbeing.
The Darknet Heroes League gave all vendors who offered fentanyl 48 hours to remove this product from their listings. Those who disobeyed or were too slow to respond would lose their ability to vend. The marketplace expressed its gratitude to its audience and apologized for the inconvenience.
The administration was satisfied with the vendors’ reaction. A representative of the DHL team, who goes by the moniker “SeriousSam”, said that fentanyl was not present on the marketplace anymore — at least to their knowledge.
The Hazards of Fentanyl
This is a synthetic opioid much more powerful than morphine. It will hardly kill a person if they consciously consume it in small doses. Most fatalities happen for the following two reasons.
Dealers sell fentanyl saying that this is some other substance
The customer exceeds the reasonable dosage
Only in late 2013 and 2014, the drug allegedly caused over 700 fatal overdoses. This information comes from the Drug Enforcement Administration (DEA). Many more people have passed away because of fentanyl and other synthetic opioids since then.
Once, Connecticut authorities seized 2.5 kg of fentanyl. It was manufactured in China and then distributed internationally. VICE News calculated that one well-known dark web dealer had made a minimum of $500,000 from that drug alone.
One of the biggest and the most popular darknet markets is AlphaBay. There, consumers can discover plenty of fentanyl listings. Some orders come with a pleasant “bonus”: the vendor adds extra 50 milligrams with every purchase.
Consumers’ Reaction to the Fentanyl Ban
People’s opinions were split about this DHS decision. Some genuinely welcomed this news. Others were straightforwardly skeptical about the efficiency of the ban.
Users said that banning pure fentanyl did not make sense. First, it is often mislabeled and sold as heroin or some other opiates. Second, many vendors cut other opioids with small amounts of fentanyl, which makes them more powerful and more dangerous.
The fentanyl ban at the Darknet Heroes League was not the first case when a market prohibited selling a certain product. Many bans are connected with selling firearms. Plus, some markets specialize only in particular listings, such as cannabis.
They smuggled guns to criminal groups overseas, using darknet markets. The investigation is still going on.
Two metro-Atlanta men allegedly smuggled illegal firearms internationally through darknet markets. Now, they are facing federal charges.
These men are William Jackson (29 years old, of East Point, Ga.) and Gerren Johnson (28 years old, of Austell, Ga.). Authorities suspect that they used the underground part of the Internet to smuggle weapons to customers from over a dozen foreign states.
U.S. Attorney John Horn says that Jackson and Johnson misused the anonymity of the Internet. The defendants violated federal firearms laws many times.
How Did It All Start
The above-mentioned individuals were known on the dark web as WorldWide Arms and CherryFlavor, respectively. These two users were active on the darknet website called Blackmarket Reloaded (BMR). According to the court records, the Bureau of Alcohol, Tobacco, Firearms and Explosives (ATF) and other agencies started to investigate the alleged firearms trafficking scheme on that market in June 2013. The defendants were accused of posting guns for sale and sending them to buyers outside the US.
To ship the orders to Australia, Canada and the UK, the vendors hid them inside electronic devices. Initially, they legally bought the firearms through the OutDoorTraders website — but they had no right to resell these items to third parties or export them. Apart from the BMR, the offenders searched for potential clients on some other dark web projects, such as Agora Market and Utopia.
Wayne Dixie, Special Agent in Charge of the ATF field division, commented on this case. He said that the market for illegal firearms is thriving on a global scale. The constant demand for guns comes from organized criminal groups who need them for their daily illicit activities.
How Did the Investigation Unfold
The authorities carried out multiple interviews with suspects and witnesses. They used federal search warrants to trace the arms. Finally, the law enforcement representatives found out how the guns traveled from their original owners in the Atlanta area to Jackson and Johnson.
Authorities managed to uncover shipping details for over 50 suspected parcels. They shared their knowledge with their Austrian, Australian, Belgian, British, Canadian, Danish, Dutch, French, German, Irish and Swedish colleagues.
But that was not the end. It turned out that Jackson and Johnson relied on a network of accomplices. Brendan Person and Sherman Jackson from Atlanta were identified and arrested. Probably, the police will be able to bring to justice other members of the CherryFlavor group soon.
A dangerous bug was detected in the browser that used to have a reputation of privacy-focused software. For now, you should stop using old version of Brave for onion services.
This is unpleasant news for people who normally use Brave to access onion services. A dangerous bug was detected in this browser that sends queries for onion addresses to public DNS resolvers.
Recently, the developers added to Brave the Private Window with Tor feature. It allows users to conveniently open onion services in a Tor-enabled tab. First, this feature seemed to be very opportune. But now, it turns out that the DNS data is leaking through it.
What Is the Mechanism of the Leak?
The leaks are caused by the browser’s in-built capabilities to block advertising. Their functionality is more or less the same as that of PiHole or ad blockers built by third parties. So why should they leak the DNS data? The experts of the TheHackerNews.com site came up with a comprehensive explanation of the problem.
The ad-blocking feature of the Brave browser is known as CNAME. It blocks third-party tracking scripts that employ CNAME DNS data to impersonate the first-party script when it is not and prevent detection by content blockers. According to TheHackerNews.com, an online resource can conceal third-party scripts with the help of the subdomains of the main domain. Then, an automatic redirection to a tracking domain will take place.
Anyone who checked DNS query logs or used a local DNS sinkhole could notice this feature right away. Users who run their server and have the unpatched version of Brave could easily test the bug.
To make sure that the bug really exists, follow these simple steps:
If your logs were temporarily disabled, enable them.
Check your DNS query logs.
Right-click a link in the Brave browser and choose to Open Link in Private Window with Tor.
After that, the query for an onion service will be picked up by the DNS server.
Did the Developer Take Any Measures?
The first notification about this issue appeared on January 13, 2020, on HackerOne. Hackers and security experts launched this platform to share information about bugs with the ultimate goal of making the Internet a safer place. People who report about bugs there can expect to get a bounty.
A nightly release of the Brave browser allegedly featured a patch to fix the bug. After the developers got to know about this problem, they promised to update their product. The Brave 1.21.x version was supposed to include a patch for the DNS leak. But in fact, users have received only an update to the public version of the browser so far.
So How Should I Access Onion Services Now?
Until the issue is entirely fixed, please do not try to access onion services through Brave. You will not be able to remain anonymous. Instead, you might want to use Tor, which is the default browser for sites of such type. Tor was built on the basis of the Firefox browser — while Brave is based on Chromium.
XMR.to, the famous crypto exchange service, is closing down. It used to be a trusted brand and it had a large loyal following. It offered its clients a highly intuitive interface where they could rapidly swap XMR for BTC. But now, the time has come to call it a day.
XMR.to had to stop operating because of legislative restrictions. The regulation of the crypto sphere becomes consistently tougher both on the national and international levels. Governments make considerable efforts to combat money laundering and other crimes that might involve cryptocurrency. They do not ban crypto transactions in general but force the owners of the exchanges to change their rules. Unfortunately, not everyone can afford it.
The Essence of the Problem
That was not a momentary decision for the exchange. Earlier, XMR.to had to stop serving customers from the US and some other areas where new draconian laws came into force. The problem with the new legislation is that it mandates invasive policies, which completely contradicts the fundamental principles of Monero. In the US, these policies were imposed in accordance with the Patriot Act and the Bank Secrecy Act. Australia, the UK and other countries have identical laws too.
Those who have used XMR.to before should remember the mission statement of the project. In this document, the founders explicitly emphasized that they had no intentions of identifying the users. Anonymity was one of the primary merits of cryptocurrency at the early stages of its existence. Now, the sphere is rapidly losing this advantage — at least in that part that strives to play fair.
First, XMR.to shut down their onion service. Tor browser enabled its users to obfuscate their real geographical whereabouts, thus bypassing numerous restrictions imposed by national governments. Unfortunately, this measure did not save the exchange because it still failed to comply with numerous laws.
Where Can You Exchange Monero Now
In their official announcement about the closure, the founders of XMR.to stated that they are predictably sad. Yet at the same time, they are happier to shut the service down now and not a few years ago. XMR.to started to operate 6 years ago, which is an “eternity” for the crypto industry. Back then, very few projects could compete with it and offer similar services to customers in case of its premature closure. But now, clients can choose between diverse exchange platforms. It is good both for crypto holders and the market in general, the XMR.to team points out.
These are safe and reliable projects that you might want to try as an alternative:
KSwap. This service is largely similar to XMR.to and seems to be completely trustworthy. It was created by the same person who launched the Kilos search platform.
Xchange.me. It is also a renowned and credible service, familiar to many Darknet users.
Monero remains a convenient, reliable and popular means of payment. It is hard to imagine that people would stop using this coin for their financial transactions. Yet because of the regulations, more and more crypto exchange services have to either shut down or migrate to the onion sphere. There, their founders can remain anonymous so that no governmental authorities can impose sanctions on them. Today, it seems to be the only solution to guarantee confidentiality to the clients of the service.
The Dubious Consequences of the Law Reinforcement
While the authorities seem to act in good faith, they are achieving the reverse of the desired result. While some people will be ready to sacrifice their anonymity, others will join the dark side. From the customer’s viewpoint, that might not be a big deal. Darknet has its own reputation institute, so experienced users know which projects they can trust. For newbies, it might be a bit stressful to try Darknet services for the first time. Yet when they realize that confidentiality is their priority, they will make their first-ever Darknet transaction. Very soon, they will get used to onion services. Maybe, they will go on exploring further Darknet capabilities. So the owners of Darknet sites seem to be the unevident beneficiaries of the new laws. It might seem absurd but this is true.