when researchers analyze the 400 downed TORsites, it seems a small operation

only a few like silk Road really matter, all the rest are scam sites or criminal clones

but that is understandable as the operation didn't really take down tor sites, it took down servers in Bulgary hosting tor sites (9 in total was mentioned somewhere)


  • Out of a total of 276 seized onion addresses found, we identified 153 of the addresses as belonging to either clone, scam or phishing sites.

  • Of the 153 clone or scam sites, 133 were clones and 20 were scam or phishing sites.
  • In a number of cases the FBI has seized the clone or scam version of a site while leaving up the real site.
  • In May of 2014 a bot known as the “Onion Cloner” was discovered and became known to Tor hidden service operators. This bot would find Tor hidden sites and clone them on its own address in an effort to steal passwords or intercept Bitcoin transactions. Of the 133 clone sites that the FBI seized, a large number of them were clone sites produced by the Onion Cloner that were mistaken for the real copy.
  • Of the 32 onion addresses mentioned in the DOJ seizure notice filed in US court, 3 are scam sites and 9 are clone websites.
  • Of the 8 websites mentioned in the FBI press release, 2 are clones and 1 is a scam site.
  • As far as our survey has revealed and based on prior data about the Onion Cloner, every single Onion Cloner clone site has been seized.
  • Pink Meth, a revenge porn site and one of the most popular Tor hidden services was seized and not mentioned in any seizure notice.
  • There are almost 200 sites that have been seized that are not mentioned in any seizure notice or press release.
  • A number of websites were taken down with little or no legal justification, including personal websites and community forums.
  • Scam or phishing versions of Silk Road 2.0, Agora, Real Cards Team, Evolution and many other sites were seized.
  • For some of the onion addresses, being mentioned in the FBI press release or the seizure notice is the first and only ever public web mention of the address
  • The seized website “GreenPaper Counterfeiters”, cited in the seizure notice as “Super Notes”, is a scam website.
  • The website “Executive Outcomes”, which the FBI claims in seizure notices and press releases was a retailer of firearms was a well known scam site – it never shipped any weapons but took users funds.
  • The website “Fake ID” is mentioned in the FBI seizure notice and press release as a shop that sold high quality passports and identifications. The FBI seized a clone copy of this website, not the real website.

The comments are closed.