security - Page 111

  • some botnets finding their way again and again in ?

  • 90% of all tested belgian webshops aren't respecting the law

    it is an online jungle on there

    but the Economic Inspection of the Administration for the Economy in Belgium has done its yearly Sweep

    the report this year says that nearly 90% of all Belgian webshops don't respect the law that says that clients have for example to be informed of all the costs before the buy something (including shipping costs) and that they may return the product at no cost during two weeks

    the report didn't mention that many of them use no ssl encryption and probably don't encrypt the data in the database either..... and maybe some other security obligations

    maybe next year ?

  • we repeat : if you are chatting with anonymous someone will be recording everything

    we have said this time and time again

    logs of chatsessions are popping up from time to time

    and the chatchannels themselves from anonymous ops and lulzsec and antisec are more crowded by lurkers and paid watchmen than activists themselves, who are going to more secretive chatrooms

    so if you think that your chat online is private or that online you can say whatever you want and that nobody or no software is keeping everything you type in these chatrooms - especially in these chatrooms - think again

    and they will get published - and in the best case it will be online - in the worst case in court

    I only say it because too many teenagers are getting caught thinking to do the good thing but because keeping all the things in mind that the elders have learnt or remember from 'the good old days' whatever these were ....

    and everything you have said 'may be used against you'

    and you will feel so ...... stupid

    I think I can't count on my two hands all the softwares and private and public agents who are now keeping a watch on Lulzsec for legal reasons or just to be able to alert their commercial clients that the community is going to move against them

    you are not alone.... someone is watching it..... You are everything except...Anonymous

  • #deepweb what do hackers do with rdp accounts ? (stop using that)

    remote desktop service from Microsoft let admins take the desktop over from a distance

    bunch of crap because there are better technologies for this than this very old technology

    from time to time there are exploits coming out and people get 'owned'

    so what do they do with it

    this is one example from an underground hackersforum

    What do do with hundreds of windows remote desktop accounts


    by modeno » Tue Jul 17, 2012 11:43 pm


    i have credentials for a few hundred employee windows remote desktop accounts. the accounts are all non privileged and as far as i see for now the system is locked down nice.

    was thinking of turning them into exit nodes for further venture because all outgoing ports are open. with these privileges i cannot install software. any ideas? any ways to tunnel traffic without installing software?




    Re: What do do with hundreds of windows remote desktop accou

    by acidpois0n » Wed Jul 18, 2012 12:30 am

    Well, if they use XP, you can use the privilege escalation exploit.
    If you can't/they don't use XP, scan the OS and search for exploits. Don't forget to bind netcat to some port, you may need it.
    Just do it.
  • #deepweb botnet being used to crack stolen hashed passwords ?

    from a hackersforum on Tor

    Re: Best IRC/HTTP Botnet

    by Guest » Thu Jul 12, 2012 8:30 am

    im using andromeda atm, its pretty good.

    Re: Best IRC/HTTP Botnet

    by yomama » Sat Jul 14, 2012 1:44 am

    That would be the infamous marijuana botnet.

    Currently being used to host password cracking software targeting the like of yahoo voices and the chinese government.
  • #deepweb what is the price for full personal (US) information ?

    Large dump of personal info

    by tortorrot » Sat Jul 21, 2012 8:59 pm

    I have a large dump of information containing the personal information for between 500,000 and 1,000,000 people. This includes things like Name, DOB, SSN, Address (current and past), and additional information. Some of these may be deceased, but there is a field in the file to let you know if they are or not. I was wondering what, if anything, could I do with this? Would it be possible to sell, and if so what would be a good rate?

    Re: Large dump of personal info

    by meta777 » Mon Jul 23, 2012 10:18 am

    0.5 - 1 btc per record
    so you have an idea why there is now a commercialisation again of the antisec hackers, knowing they can get money instead of just fame that ends them up in fail after a while (although selling it can even be punished harder)
  • 500 new free books and documents on (also ITsecurity)

    I didn't place them

    I give no guarantee that these will stay online

    so the list is just as good as it takes

    meanwhile you will find books and documents about a bit of everything from food  to art to ITsecurity to programming to history to politics to science to whatever that catched my eye

    have fun

    more documents and books at (but no guarantee that the links are still valid)

  • 21.000 .be adresses in list of gamingo compromised accounts

    this is why we do it

    this is what Belsec is all about

    when we read that about 8 to 12 million gamingo accounts have been decyphered and published online

    we have contacted and asked if the .be addresses could be sent to the belgian cert

    they have received them meanwhile

    we think that now can filter the list for each mailprovider who can so inform their clients that they should change their password if they use it also for other services because their password has been decrypted

    using md5 is not a protection, it is just pretending to safeguard something

    all other members of gamingo should check on

  • #antipedo international list of sites where you can dump childporn information for police services

    Members of  INHOPE

    Bosnia & Herzegovina
    Czech Republic
    France         http://www.pointdecontact,net
    Lithuana         http://:
    South Africa
    United Kingdom
    United States

    If you use it and you want really to stay anonymous, please use tor before or 'a proxy because nearly none of them use encryption (https)

  • some Anonymous faction placed IT-timebombs in international funds transfer firm Dahabshiil against terrorism







    Mogadishu, Somalia — A group claiming to be the cyber hacker or hacktivist group Anonymous has threatened Dahabshiil an international funds transfer company and the leading bank in Somalia, Garowe Online reports. The group alleged it was the hacktivist group Anonymous, and threatened to destroy Dahabshiil within two months if the company did not stop what the group alleged as supporting terrorist organizations and terrorists in Somalia and across the world. The group, who printed out thousands of account details, alleges that Dahabshiil supports terrorism through dealing directly and indirectly with terrorists. In the statement the Anonymous group released, the group alleged that it was investigating the bank’s accounts for months after easily bypassing firewalls. “After months and months of fun against these guys who support Terror on earth, we just decided that it was time to destroy them,” read the statement. The group said it had planted “cyber bombs” and warned Dahabshiil if they consulted IT experts that the group would detonate those bombs destroying the company. Dahabshiil while speaking to downplayed the cyber attack of its stations and said that the threat was “exaggerated”

    an IT timebomb is a software code that can be triggered by a specific action (like going through logs or the code) or by a specific time that was programmed to launch different programmed actions like transfering money, destroying code, text or backups or encrypting it so it becomes inaccessable.

    seondly it would be surprising that this could have been done in an international funds transfer firm of that size but if it would be the case, than their problems would be bigger than that.

    the terrorist claim is not that extraordinary, there are american antiterrorist factions in Anonymous (not every american patrotic hacker is with the counterclans and some are flipping sides depending on the operations)  and somalia is for the biggest part occupied by military factions linked to Al Qaida (the government has only a hold on some parts of the capital) and at the coast there are the pirates who have to channel hundreds of millions of dollars earch year and which is rumored to be used by Al Qaida and others (asking yourself why we don't send in more troops to kill this cashmachine for AlQaida groups around the world because how can you kill a terrorist group if it receives hundreds of millions each year from its pirate business ?)

    or it is an undercover operation by agencies using the cover of Anonymous to get political pressure on Dahabshiil to participate in the international controls on cutting the funds to the terrorists

  • hacked by net-bashers

    those guys don't think that a simple defacement is enough

    the site is back online again and has login for clients in CLEARTEXT without ssl

    but they have also made it their pride to bring the site inside out public

    this means that they had access to all their data and it means also that

    * they may have more data than they publish

    * they may have placed new backdoors (so a simple correction is not enough)

    and they have a shop, so the data they may have may be quite interesting

    so you will probably have to inform the victims

    but I don't think their 170.000 clients did receive a notification :)

  • #antipedo #deepweb why Tor and Freenet should close down Childporn sites

    First the operators or community members - developers of those two communities can't say that they didn't know because those sites are also indexed in the official and non-official indexes of the sites and content on their network. You don't really have to search and it isn't even closed off to others by asking for registration before you can see anything.

    Secondly the defenders of these networks as environments of freedom of expression should take into consideration the following 5 good reasons

    * we all defend the freedom of expression, the freedom of normal sexual preferences by adults without the fear of prosecution or whatever harm or discrimination and on the real web we try to stop as much as possible the attacks by governments and corporate interests against that freedom of expression (and some of it use the presence of childporn as an excuse to do other things)

    * we are all great believers of democracy and human rights of every individual but also of the rights of children and there is no reason that the rights of children should be less than the rights of humans - even if some bastards think otherwise. If is the same as if you would say that you are for women rights and against slavery but would let propagate market sites where you could buy women from Russia for example. It is not what you say that is important but what you do.

    * even if we say that these networks have some illegal activity we must remember that even illegal activities are most of the time not crossing certain borders. If childporn would be normal you would find it quite easily in the redlights districts - which apart from some countries where it is abused by rich westerners  is not the case. It means that even if you say that some illegal activity will always be present in these anonymous networks, there is some illegal activity that can't be accepted under any circumstance not because it is illegal but because it so inhuman that even for bandits and crooks it is most of the time unacceptable.

    * these networks were build for freedom of expression and to help the dissidents all over the world to publish their beliefs or their research that wouldn't be possible on the normal web. Both of the networks were NOT built to host Childporn and pedostuff, that was not their goal and I believe will never be their goal. At the other side as a dissident I would find myself not really 'at my place' in directories and on hosters that are also hosting 'childporn and pedostuff. Instead of being the first place to look for protection you would be the last place where I would look, because I would feel myself as going through the gutter with people I would like to bang up for life whenever I could.

    * it makes your networks very vulnerable and for different reasons. First the police and governments have a good reason with this presence to increase the pressure to break the anonimity of your networks, to confiscate your servers or to block the access to your networks whatever way they can. The other criminal activity is also a important but it doesn't have the same 'shocking value'. If I would publish the pictures of the pedofora on your networks, there would be a public outcry and people would ask police actions NOW. And I understand that you would stand your position for real dissidents and revolutionaries over the world, but for pedophiles ? No, I don't think somebody would stand beside you and say that you were right, that there isn't any and that it is only some discussion and no exchange of pics and so on because that ain't true.

    What you can do ?

    1. close down the real only Pedofora and exchanges

    2. Obligate all pornforums to have registration before viewing things - knowing that you will never clean out the galleries fully all the time

    3. ask all the site-owners to close down the pedocategorie in their porngalleries

    4. Evaluate the effects of this and adapt your reglementation

    5 Do more to attract and mirror the real political stuff and dissidents because for the moment it doesn't impress me much

    and what if you don't

    than you will die down slowly because you become irrelevant except for criminals and pedo's and weirdo's

    and really, was that the ideal for which you have given all these years of efforts as a volunteer

    becoming a safe haven for ...... pedophiles who exchange pics and experiences


    What if Tor and Freenet don't act ?

    * than it is time for Anonymous antipedo to bring down those sites or ddos the servers

    * than we should call for a boycot of this wild wild west and start a campaign for a real political safenet where there is no place for such bastards. They should not be protected by our technology.

    * build on the normal web encrypted protected hosters and services that are independent of these networks and can give the real political dissidents a real safe encrypted environment for filesharing, messaging, planning and publishing with servers in a country that will never intercept what is happening on and to these servers

  • #deepweb botnet for sale (so what do they put up for sale ?)

    Dark Heart botnet— for sale
    Run on windows clients - I need 3 C&C server IP addresses to hardcode and obfuscate  
    bot coded in assembly no dependencies
    Each build has maximum of 10k bots to ovoid widespread av detection.
    Basic bot uses socks5.
    built in ssh client
    Bot is built with 30k pre generated 256 bit AES keys. 
    1 256 bit AES key for logs
    1 256 bit AES key ssh
    1 256 bit AES key socks 5
    hwid it selects a pre-generated key 256 bit AES key.
    Bot writes encrypted data into common file using stenography process injection
    Download/Upload Socks5
    Bot sends data to a collector bot via socks5 through ipv6 which makes NAT traversal a trivial matter. 
    Using ipv6 in ipv4 tunnel.
    Collector bot assembly /tor and i2p Plug-ins C++ /Assuming 10k bots
    Bots will be assigned into small groups of 25. 
    And are assigned 400 collectors bots which is evenly 200 tor and 200 i2p. Collector packages the encrypted logs and imports them into a .zip or rar archive and uses sftp
     to upload through tor to a bullet proof server Note the Ukraine is best know. (Domain-flux .onion panel can be easily moved) Using a Ubuntu Server on bullet proof server. / Using tor and Privoxy.
    Panel can be routed through multiple cracked computers using proxychains and ssh. /
    Server uses a simple .onion panel with php5 and apache2 and mysql.
    You might ask what happens if bullet proof server is down.
     The collector bots can be loaded with 5 .onion panels.
     If panel fails for 24 hours its removed from all Collectors and bot will go to the next one and so forth.
     A python Daemon runs and unzip the data and Imports it into a mysql database were it remains encrypted. The bot master uses my Dark panel to connect to the remote Bullet Proof server
    through a vpn and then through tor using ssh
    to run remote commands on server and sftp to upload and download.
     Running tor through a log less vpn through with a trusted exit node
    on the tor network. .net panel connects to mysql database database is decrypted on .NET panel
    (Note must real Bullet Proof hosting is not trust worthy this solves that issue)
    and imported into a local .mdb database.
    Then later the bot Master should encrypt database folder on true crypt.
     Commands are sent to bots individually rather then corporately like most bot nets.
    This allows for greater anonymity It will be possible to send commands corporately but strongly discouraged.
     Collector bots download and upload large files through i2p. 1.Connects remotely to rpc daemon through backconect and simplifying metasploit (Working) 2.Social network cracker. (Beta) 3.Statics. (Working) 4.Anonymity status. (Working) 5.Decrypt-er. Decryption codes in highly limiting each build to 10k bots. (Working) 6.Daemon status (Working) 7.logs (Working) 8.Metasploit connects via rpc. (working) 9. GPS tracked Assets by Google maps and using net-book with a high powered external usb wifi attenas. Starts an automatic attack if wep if wpa2 grabes handshake. If open starts basic arp spoofing attack.
    Common browser exploits. (alpha) 10.Teensy spread. (in development) 11.vnc back connect. (working) 12. Advanced Persistent threat. Fake Firefox, Fake Internet Explorer, Fake Chrome.
    Fake Windows Security Essentials.
    (in development allows for excellent custom Bot-master defined keyloging) 13. Dark search bot index file is downloaded allowing easy searching of hard drives. (Working) 14. voip logic bomb. bot computer is sent via a voip call file once played through voip
    the microphone hears mp3 file
     and the dormant payload is activated in bot that is the logic bomb. (Extra- Alpha) Each Panel is hwid 1 unique build per Copy embedded into panel. Everything is provided in English only manuals for setup:
    you need 3 servers for C&C and // one- BULLET proof server collector for -/
    everything is working and can be setup within hours:
    Only serious players - for sale $8000 -bitcoin - 1PGBziMK2WZr12NGuC9o2FngN5Ac645Qff

  • #deepweb why fraudulent bank traders love blackberry

    this is from the deepweb

    the website itself has been defunct now but had all kinds of tips (that must have worked as it has been taken off air)

    Disclaimer: This article is for entertainment purposes only.  We accept no responsibility and do not encourage illegal activity.  Laws are different in every country and what may be legal in one country may be illegal in another.  We are not American and are not based out of the United States and everything that we discuss is legal in our jurisdiction.  Please consult a lawyer before taking any action.
     So you finance professionals, listen closely!  Obviously you are very smart if you are in the position that you are in as finance is a very tough field to break into and one with many prestigious positions.
     First thing, if you are going to do insider trading then you are risking a lot and many times it is not worth it but some people are stubborn.  You will first need to find a person that cannot be connected to you and that has absolutely no relation to you since that way this person could not possibly have access to proprietary information.  After that you need the right technology set up in order to make this happen.
     Warning: With insider trading, if the other person gets caught they may have a motive to snitch on you as prosecutors are always very lenient with people who are willing to cooperate.  There is no protection against that but these are steps that can be taken to prevent it ever going that far.  However, if someone does get caught then never ever say anything or admit to anything.  Plea the fifth as if no one switches sides there will be no way to trace this as that person would not have access to this type of information since you two have no relation to them if you are the one with access to proprietary information.  Then if they search your phones or computers, they cannot prove anything if you take the correct precautionary measures but there is always that risk.  You just want to minimize it which unfortunately people do not do.
     The best is if insider trading is done outside of the US since the US does not have jurisdiction there even if you are trading US stocks.  If you trade US stocks then have the person putting in the actual trades be located outside of the country using a bank and brokerage also outside of the country.  If it is done on non-US stocks then many countries do not even have rules about insider trading.  Check your local jurisdiction.
     If you want to communicate proprietary information via phone then buy a few prepaid phones.  DO NOT BUY THEM WITH A CREDIT CARD TIED TO YOUR NAME.  Some of the smartest people sometimes have no common sense.  Buy it with cash.  We recommend buying a BlackBerry since they have strong encryption.  Encrypt your BlackBerry with a long password.  Use this phone to only communicate with the person that is passing you tips.  Be strict.  One fuck up and you are done.  You will want to make phone calls rather than text messages as text messages stay in the other person’s phone in case they decide to give you up.
     Next you must encrypt all computers.  This is a must.  Please refer to our book, Get Out of Jail Free Card here, which talks about computer encryption and how to make sure authorities cannot access your computer if they ever get a hold of it or contact us for tailored services here.
     Then it is necessary to use a Tor browser and Tor e-mail.  This will ensure no one can ever trace your IP address and your e-mails are encrypted plus set to a setting where every e-mail must be opened using a password.  These e-mails do not exist and are not saved on any server unlike Gmail and other services which would give these e-mail accounts up if they were subpoenaed.  You have no privacy with your Gmail or other e-mail accounts as these companies always respond to subpoenas even if there is no proof.  These Tor accounts are a little tough to set up but they provide the most protection.  Please refer to our book also for this and possibly utilize our consultation services so that you can have the right set up.
     The person should probably have a few brokerage accounts possibly in different names.  The money should then be transferred periodically to another bank account also in a different name or in the name of a company.  The best is if this is in a country where no one is able to freeze the assets as your assets will be frozen in the case that authorities suspect insider trading, especially if there are trades in large volumes prior to announcement dates.
     And there you have it.  This technology set up will provide you with the most secure way to communicate safely.  Set these up before it is too late and you will be thankful.  If only Rajat Gupta and Raj Rajaratham had this information then they might have avoided years in prison!  Well Rajat can still refer to our articles about fleeing…
    See more articles at  (is closed down now)
  • #deepnet the HBgary files available again

    The hack of the digital advanced security agency was for the securitycommunity a real interesting database with a lot of files and analyses that made technological sense and that made public that there were some really deep penetrated attacks and infections in a lot of networks of banks and for example NATO that were held secret but are troubling.

    On the deepnet you can find a copy of the attachments

    http://xqz3u5drneuzhaeo.onion/users/hbgary/  HB gary dump

    http://xqz3u5drneuzhaeo.onion/users/hbgary/file_list.txt  list of all the attachments that are found in his dump, some is for securityresearcher really amazing and interesting

    you can download the full collection here

    http://xqz3u5drneuzhaeo.onion/users/hbgary/ (but you have to keep in mind that you are going through a relay which makes downloading slower)

  • #deepnet Polish hackers building stolen logindatabase for sale

    openid project goal is to create an extensive database containing stolen email credentials to which any person may purchase access.
    it offers basic search functionality - you can check, whether the email you are looking for is included in the database.
    in case of a positive match it returns data of the seller, together with contact information.
    the price is negotiable, but of course, depends on whether the password is in plaintext or hashed.
    currently the database contains about 800 000 addresses and grows daily. the hit counter shows almost 11 000 visits since 10th june 2012.
    if you want to put your own email credentials database on the market, contact me at (pgp key).
    once approved you will receive a custom personal page in the system with statistics and contact info.
    openid is a sub-project of a much bigger venture called phz (polish hackers zone), so access to the database is available from this site.
    interested? join now. best regards, never_mind_23.
    # Polish Hackers Zone [2012-07-07]  http://clsvtzwzdgzkjda7.onion/viewtopic.php?f=34&t=4204 and http://62lpxb2lt3yt6vgr.onion

    you could extend a database with cvv, real addresses, social information (names parents and so), other logins, ebayprofiles and so on.....

  • #deepnet why mactintosh-apple users are becoming premium targets for hackers


    Apple has understood that it needs to be pro-active but it is still not very interested in a more public approach and learning their users a more secure attitude (and preventing a lot of infections this way)

    on the tor on the biggest hacker forum hackbb there is one interesting discussion about the new botnetgoals and technology and mac (or cross-Os infection) is a real cornerstone of it

    why - simple - follow the money

    "I think we all may be overlooking an important point here, a good deal of this hacking and infecting has to do with money, right? So why are most viruses getting created for windows? Mac users have the money"

    with the new tools several ecommerce sites like amazon are taking all kind of data from your profile and connections (mac or ipad or old xp) to decide if they will offer only the more expensive products, being a mac user on the web is not only becoming more expensive (than it already is paying apple all the time for everything you do) but also more dangerous

    if Apple can target you to rip you off, why shouldn't they ..... if you pay that easy something more without thinking why shouldn't they pick some percentage of every payment you do while they infected your mac (of which you thought that they couldn't do that with macs)


  • #deepnet series - look out what we will be publishing here

    we are surfing the deepnet for the moment just to be sure that we are still uptodate and we still know what we are talking about

    so we are deep and gone

    but trying to stay on the right side of the law

    and we will also publish it without

    * the mysticism or adorism some geeks have

    * the alarmism some antiliberty-professionals have

    because facts are facts, there are bad things happening down there and it is not a place to go

    if you are fainthearted or easily shocked because you have on the web never been confronted with this

    but at the other side there aren't that much of these sites and they go off and on and it is not as if the whole undernet is one big enormous web with an army of active hackers who are like a big family battling together and setting up big businesses (although some are)

    so concentrate and eliminate the real dirty scum (pedo) and the real gangsters

    and leave the activists, so-called revolutionaries and all the weirdo's their space of freedom, as limited and difficult to get as it is (on tor) because whatever they try to tell you, Tor is not the web, tor is not userfriendly and tor is not for the simple user and for the real activists it is just one of many things to do because an sich it is not sufficient to protect yourself when your life depends on it

    so the deepwebseries during the summer will give you links, series and quotes and for the pedohunters and uploads of interesting files

  • why the Skype software has been republished by Anonymous and why Skype is not anonymous anymore

    Anonymous leaked some days ago the full code for skype - and some claimed that on the basis of their analysis there are backboors now in the code of Skype (so you can expect to see secure versions of Skype coming out - and also trojaned and botnetted ones)

    1. Skype1.4_binaries
    4. skypekit binaries for Windows and x86_Linux + SDK
    6. skype55_59_deobfuscated_binaries (Windows)
    9. #Anonymous #Antisec #PoliceState #SecurityState #OpenSource

    The real discussion here is not how those coders could reverse engineer the code (not enough protection of the code that is) and than could adapt those lines of code again so it could be repackaged into installable packages that could be used for redistribution afterwards. It is like taking all the different parts of a car and putting it together again but in such a way that you can change the car (for example add some more lights or make the motor more powerful)

    the real question is about the fact that skype has changed now totally from the perspective of Privacy.

    Before skype - just as RIM blackberry still is now - was a darling of the privacylovers and was used by opposition leaders and criminals alike to keep their conversations private - if no other tools were installed. For the police services Skype has been a subject of high frustration but that was to no avail because one could not use Skype evidence without any doubt in court because of its P2P infrastructure that made sure that it was very hard to be absolutely sure that the communications and or packages were coming from the IP address you were seeing and not from one relay that was sending the packages and connections forward from another relay and so on. A bit like Tor and the new P2P networks who want to protect their users.

    So when Microsoft bought Skype it had a big problem because of all the products and networks it had, they now had one where they couldn't answer to any of the legit demands of police services for logs and proof. They could give the information but everybody around the table knew that the information was useless in court, it could only be used as indications during the investigations in the hope of finding other ways of getting enough proof to get the person to confess more or to have more search warrants for other information they could use. 

    To do this Microsoft had to do two things. First it had to be sure that the original IP address of the sender of the packages or connections was always incorporated into the package. THe second thing it had to do was to make sure that the relayers and the servers didn't change that package but like in email were just added so you could traceroute the package or connection and in fact have more proof and less doubt.

    So users of skype who want to use it anonymously are back to square one - they have to get first their IP address changed or redirected or blurred or whatever before they connect to skype.

    If now blackberry goes down the drain also, than there will be no big international commmercial communication network left that is built on the standards of privacy instead of the technical obligations of interception.

  • loses again 4000 accounts

    there is not so much information

    but the information about 4000 clients would have been stolen


    yeah, they said last time that they were safe