Phytoplankton

@hoek

0ut3r.space

2yScammers have channeled their fraudulent tactics to dark web services with impersonation difficult to detect. According to multiple reports and complaints, scammers have made the various dark web news and review platforms their new targets, impersonating them to request money from advertisers for no work done. This fraudulent technique has been around for some time as most websites have had their reputations soiled and scammers made thousands of Euros in their name. The recent reports explain why emails from untrusted sources with monetary requests or referral links must be verified before taking actions. Recently, Dark.fail, a dark web service provider posted on Twitter about having received an email supposedly from Onion.live. According to the Tweet and the attached screenshot, Onion.live requested them to make a payment of 0.17 BTC for being listed on their site. Onion.live, however, has no involvement in the email and can state emphatically that scammers impersonated them to get some bucks from Dark.fail. In the email, the impersonators forged an advertising contract containing next renewal, status online, payment amount, and even added a wallet address and made it looked like it was being sent from the official email of the site administrator. The email states that: “We Onion.live promoting a number of onion sites giving minutes to minutes live status and Trust score have given 100% trust score as per visitors opinion. We request you to pay and support us for this promotion”. This is difficult to suspect as impersonated email addresses need critical recheck to establish how different it is from the official email. Critical scrutiny revealed that scammers used “[email protected]” instead of the “[email protected]”. Dark.fail obviously knew it was a scam but did not suspect it had come from scammers. Instead, they believed it came from Onion.live and questioned the credibility of the Onion.live reviews and ratings. This explains how dangerous and advanced scammers can be. Scammers also used the name and email of onion.live to request money from another advertising company. This led to a dispute as the advertiser felt he was being scammed whiles Onion.live knew nothing about what was going on. It is important to note that the challenge websites face are not just from hackers with sophisticated tools using phishing links as a gateway to illegally access an account, but also, the constant impersonation of scammers using deception to steal and soil hard-earned reputations. Scammers did not only impersonate onion.live, but also used the name of darknetLLve.com to scam advertisers in a similar fashion. According to a post Tweeted by DarknetLive, a scammer hid behind [email protected] to deceive and stole thousands of Euros from an advertiser. They mentioned that the scammer used Namecheap, and protonmail to gain trust to stage the fraudulent activity. This is very scary as scammers are more likely to impersonate other services in the future to not only steal from advertisers but to also cause disputes between review platforms and advertisers. Onion.live is strictly focused on offering services within the framework of the law. The website strictly prohibits illegal advertisements or services. All displayed advertisements are scrutinized and deemed legal. In this case, any illicit activity or illegal calls for promotional funds after being listed is nothing but a scammer spoofing domain. Email Spoofing and How to Avoid It From the above report, it is clear that Email Spoofing is actively being used by scammers for their fraudulent gain. Email Spoofing is the forgery of an email header to impersonate someone or to make it look like it is being sent from the original sender. The whole idea of Email Spoofing is to get targets to respond to the solicitation. To avoid being a victim to email spoofing, keep antimalware software updated to the latest release. Also, think twice when clicking on any suspicious link in an email. Another preventive measure is to set spam filters to the strongest priority. In addition, do not enter any financial information into an insecure link. It is important to understand that Email Spoofing can go undetected if not suspected in the first place. Once suspected, the target can check the email source code to find the original IP address and trace it to the sender. Scammers have over the years evolved and come out with a more advanced technique to win the trust of targets once their old technique is exposed. It is, therefore, important to be careful with the kind of emails you open and the attachments you download.

2yThe Invisible Internet Project (I2P) is known to be an anonymous internet layer designed to resist censorship, and peer to peer communication. It encrypts user's traffic through end-to-end encryption, and they channel it through over 55,000 computers worldwide in a volunteer-run network. Similar to the Tor network, I2P was built using Java, and it is effectively classified as an internet within the internet. Once this anonymous network is connected, users can take advantage of the decentralized file storage, engage in an anonymous chat, send emails, access and use blogging and forum software, browse websites, and also host websites. Using the I2P network, individuals can surf the surface web anonymously. How I2P Works Unlike some of the anonymous networks that provide anonymity to just one end of a communication network. For example, keeping the sender anonymous and not the recipient and vice versa. The I2P keeps both the sender and recipient anonymous. It has no central network of which mounted pressures can manage to compromise the security and the integrity of the network. As pointed earlier, I2P runs on tens of thousands of computers across the globe, and each computer runs an I2P router which ensures that one-way connections and encryption are established for communications sent and received from its other users. All messages passing through the network are meant for cryptographic keys, and can sometimes be larger than IP packets. Messages being sent passes through outbound tunnels and make their way to other tunnels. Similarly, messages are received through inbound tunnels of other routers, making it very secure. Each user has absolute control over the length of their inbound and outbound tunnel. In this case, users can take advantage of reliability, throughput, latent, and balance anonymity. Interestingly, once I2P is connected, users can access eepsites using a standard web browser. Users can create and host an anonymous eepsite as the I2P tunnel service allows users to do that. The I2P service also allows users to access streaming apps. A video streaming application like I2PSnark allows users to access and stream videos as well as other resources making use of the BitTorrent protocols via the I2P network. Can I2P provide a Complete Anonymity There is nothing like complete anonymity or perfect anonymity as the whole idea of the anonymous software is to assist in hiding some information you do not want to appear online. Every software can be compromised, and the strength depends on a number of factors. The level of anonymity provided by the I2P network depends on the strength of encryption, the number of concurrent users, the size of the network, and the internal architecture of the system. The possibility of Breaching the anonymity also depends on the kind of actor and the resources at his disposal. Defeating any of the above factors can put users at risk. Regardless of the weakness, the I2P network has its strength. I2P provides protection against external tagging attacks, brute force attacks, timing attacks, traffic analysis attacks, partitioning attacks, and central resource attacks. A Brief Introduction to Tor Tor uses a network of volunteer-run servers to channel messages from user computers to the content on the internet. With millions of users across the globe, it is one of the most used networks to access the dark web. Messages sent over the network are encrypted and goes through three random layers of encryption. Tor is designed in a way that third parties or ISP and any other person monitoring your connection will not be able to read messages. However, they will be able to see that the user is using Tor. A number of users are configured to follow the same path via the network. Every 10 minutes, the route that all data follows via the network is changed. How I2P Compares with Tor Generally There are a number of differences between I2P and Tor. Firstly, I2P makes use of a one-way connection between servers in its tunnel. This is different from Tor which uses two-way encrypted connections between Relays. This means for any third party to obtain the same amount of information from both I2P and Tor, he may need to work extra hard by compromising twice as many nodes compared to the Tor. In terms of addressing scalability issues, Tor has an edge over I2P as it has much funding. In addition, it is far larger and mature compared to I2P. I2P also relies on a distributed network database which makes it more secure as it has no fixed point to attack. This is more different compared to Tor which relies on a set of trusted directory servers. They are in charge of maintaining the list of available relays. In addition, accessing the Tor’s Onion Hidden sites is much slower than the I2P despite hidden services. Also, the I2P has an edge over Tor as peers are chosen through continuous profiling and ranking performance. It is small enough compared to Tor that it has benefited with its size considering the fact that it has not been blocked or Dosed. I2P is much preferred as it encourages protection against the browsing activities of the client. Attackers have no chance even when they are participating in the same tunnel. Another advantage of I2P over Tor is how its tunnel is short-lived. This ensures that the number of samples an attacker can use to stage activity is decreased. Tor on the other side has a circuit that is long-lived. Benefits of Tor over I2P Tor has better documentation, better websites, more translation, formal research, and specification compared to I2P. It is also optimized for exit traffic and has a large number of exit nodes compared to the I2P. Tor is more efficient when it comes to memory usage, and also, its client node has low bandwidth overhead. The size of Tor has given it the advantage to adapt to blocking and DDoS attempts. How to Use I2P First, download and install Java. It is important to note that I2P has a Java programming language, so its important to first have the Java. Download, install and Run I2P After running it, a console window will open, and a browser window will open as well at the I2P router console. This will indicate that you have connected to the network. The router Console will show that you are connected. To be able to browse through eepsites in the I2P network, you need to configure your browser. The I2p website has an extensive guide on how to go about this.

2yhttps://cdn.onion.live/public/upload/logo/8df9c5eeeb2485c7ce74c17a43cfcfbd.png A total of 26,372,781 users’ credentials of Livejournal has been discovered for sale on the dark web. This has raised a serious concern as well as a confirmation as the authenticity of the data breach was earlier dismissed by the parent company, the Rambler. According to a data breach indexing service, Have I Been Pwned (HIBP), a copy of the database containing millions of Livejournal users' credentials was indexed on its website, establishing an undeniable confirmation of a data breach that was launched in 6 years ago. As claimed by researchers, Livejournal was hacked in 2014, and hackers made away with sensitive information of users including the usernames, emails, and plaintext passwords of their accounts. This was unknown by the site until a number of users started complaining of being targets of sextortion email spam campaigns with their old unique Livejournal passwords. These appeared online in as early as October 2018. However, it was treated as nothing other than a rumor. Interestingly, vendors on the dark web have been actively trading and selling the obtained credentials in the midst of all the “so-called” rumors. DreamWidth, another blogging platform that shares the same codebase and users with Livejournal, and was established from the latter has confirmed in a number of posts that hackers have attempted to get access to their account using the password combination and usernames of the Livejournal account. The credential stuffing attacks on DreamWidth was supposed to be enough evidence of a data breach on its related website. However, the Rambler Group denied the confirmation by the DreamWidth administrators concerning any form of a data breach on their website. The reason is unclear, but this was possibly done to save the company's reputation. In a bid to investigate the claims, ZDNet partnered a Threat Intelligence firm, Kela, to substantiate the existence of the database containing credentials of Livejournal users on the dark web. In their search, they discovered Livejournal users’ data on multiple locations on the dark web. The combined effort of ZDNET researchers and Kela led to the discovery of multiple Ads displayed by various vendors, and the willingness of both buyers and sellers to trade the Livejournal users data. The researchers also discovered that the threat actors might have traded the stolen database in private immediately after the 2014 data breach. This explains why affected users received spam emails as the data probably fell in the hands of brute-forcing botnets and spam groups. After some period of private trading, the data leaked online. In fact, WeLeakInfo, the defunct data breach indexing service claimed in July 2019 that they had obtained a copy of the Livejournal database. The database became commonly available as time went by, and some marketplaces even offered them as low as $35 as claimed by the researchers. The database was also shared on a popular hacking forum, file sharing portals, and various telegram channels for free downloads. The Rambler has however dismissed the announcement of (HIBP) on obtaining a copy of the Livejournal database. According to them, hackers have not accessed their system in any way, claiming that the circulating data were compiled over the years from different sources through malware infections and brute-force attacks. However, the fact that some users have been victims of scam campaigns call for the need for users to take the necessary step to halt any future impact. Users who use the same Livejournal account passwords on multiple platforms are highly at risk and must find it necessary to change them as soon as possible. Users who changed their passwords after the alleged breach are safe. DreamWidth has been battling a serious frequency credential stuffing attacks with the old Livejournal credentials. Hackers certainly use the same technique on different platforms. However, DreamWidth case is said to be visible due to the shared history with Livejournal. Credential stuffing attack is very common and has been used by hackers over the years to obtain the credentials of users. It is the automated injection of stolen usernames and passwords for fraudulent gain. Breached credentials are entered on a website until a match is found and uploaded on the dark web. It is a very effective account protection strategy to have the habit of frequently changing passwords to prevent third parties from accessing accounts with stolen passwords.