Treat everyone like a FED

Props to Deleverything

Firstly Id like to say that the idea of the lesson is not to to dissuade you from the dangers the FBI pose.

It is to educate you that they only pose dangers so long as you perform actions or retain aspects that make you the lowest hanging fruit or if you let their mind games get to you and make you do something stupid.

For anyone here who is unaware the "lowest hanging fruit" Is, it's a term thats assigned to those who are the easiest for the FBI or the NSA or anyone to catch.

Basically if you pull a stupid thing and think "Oh theres no way the FBI will pay attention to me" Or you pull off a stupid thing and don't cover your ass?

Guess what you're the lowest hanging fruit.

You're the type of person the FBI chew up and show off as examples to the rest of the world that you should keep employing them because they're "doing good in the world by arresting people like you"

Now I'm going to be showing you a lot of things in this class that will make you think that the FBI are worthless.

Which they are.

But never underestimate a criminal organization that has the power to put you in a cell for 20+ years for breaking what they deem as the law or because they want to.

We are going to be observing 3 case studies on the matter and I'll leave about 5-6 minutes of questions between each case and will answer all that I can.

If I don't answer your question try asking again during the next break or wait until the end where I'll keep online to answer everything.

In addition please note that these are just three cases out of hundreds, each pulling the same theme which I will show to you in these few.

The first of our case studies is on what's known as the Blackshades takedown.

Blackshades for anyone unfamiliar was a rootkit that was operated and dispensed just like a business on clearnet.

They provided updates, had a team for handling purchases, tech support even. The problem is when you're peddling a product that can land you 20 something years in jail or longer someone in your team is probably going to be a fed. More on that later though.

Roughly a week before the infamous blackshades takedown this was posted and spread throughout the community:

http://www.reuters.com/article/us-cyber ... UP20140514

I want you all to give it a quick glance over while I continue talking and laugh at the ridiculousness of some of their quotes.

My favorite ones include "There is a philosophy change. If you are going to attack Americans, we are going to hold you accountable,"

And "If we can reach out and touch you, we are going to reach out and touch you."

Gotta love that pure unadulterated level of self importance.

mmmmm love that shit.

10/10 would have it for breakfast every morning before my daily bowl of cereal.

So a week after that goldmine of an article was put out the FBI sacked the fuck up and busted the writer of the blackshades malware as well as his team.

Surprise surprise one of the people on this massive team were a federal agent who had personal information revealed to him because a Trust model on the Darknet is TOTALLY something you want to do when you're distributing a piece of code that can land you 20+ years in jail.

(rolls eyes)

Please keep in mind if you ever tend to play the Darknet game for money, for secrets/information, or just straight power.

Please fucking remember that 1 in 3 people on the Darknet are confirmed feds.

But that shouldn't concern you so long as you trust everyone equally and treat everyone like a fed, because if you can pull that off nobody will be able to touch you.

And really that goes for anywhere. If you go into a place and complain "oh oo its infested with feds" then that means you've already failed at your fucking opsec.

Because the fact that you're worried a few people might be fed means that you don't treat everyone like feds already.

Which means you give out special trust and permissions to certain people or users who you think "Aren't feds"

This is the shit that gets you arrested people.

Learn it.

If you're under a name that has done confirmed illegal shit then you should treat everyone like a fed, snitch, or someone who will rat you out for their own gain.

But if you come on twitter or wherever for the sake of fun and friends then dont do anything illegal.

This is compartmentalization 101.

Also there's a common rule when it comes to either hacking or fraud, and I think it's a pretty good rule to follow when doing anything cyber-related thats illegal.

Assume that every tool of anonymity is broken. Every layer is traceable. And that the FBI can break any level of encryption you have. Now ask yourself, what's your setup?

And that's how you should think, that's how you stay two steps ahead of these games the fed try to play on everyone and that's how you avoid being the lowest hanging fruit.

Aka the key to living a long and happy Darknet career.

But enough on that back to the lesson.

I want you all to go and take a look at the press release they put out here:

https://www.fbi.gov/news/stories/2014/m ... e-takedown

I want you to take a look at the wording of a certain section, preferably the second paragraph.

Also charged and arrested in the US were an individual who helped market and sell the the malware + two blackshades users in the usa who bought the malware.

That paired with the "Oh we arrested 90+ people" stated in the press release would make you think that they caught more people than just the users and the devs/team that peddled it.

Wrong.

About 3 weeks later it was found via a magical group of rednecks who will not be named that the only people arrested were (get this) and I quote:

"Users who bought the malware on hackforums using a paypal tied to their real names."

I want you to let that shit sink in for a moment, that is literally the most un-technically impressive takedown in the fucking world.

Really?

Hackforum users who bought fucking MALWARE with their REAL paypals?

You may as well have walked up to the FBI headquarters and shouted "HELLO YES I AM CRIMINAL PLS ARREST".

Good fucking job FBI, we should all give them a round of applause for that ultra sack of fucking bravery and skill.

Point is this is a re-occuring theme you're going to see in eh roughly 90% of any Cyber op the FBI take hold of.

A) Do something unimpressive as fucking hell.

B) Try to word it in a way on the shiny press release that you did a lot of work.

C) Exploit the fearing fuck out of it and make your target paranoid as all hell if they took part of it or plan to.

In this case the target audience being current tor/Darknet users, and new people thinking about getting into the game.

As it is with just about every "takedown".

It should be noted though that they didn't lie in the press release though, two USA people were arrested for buying it.

Because the others who used their real paypals were foreign.

So basically just came down to clever wording.

It should also be noted that the article was released the week before the blackshades takedown on rueters on how "If we can reach out and touch you, we will reach out and touch you."

Was this intentionally spread throughout the script kid level community by the FBI though? I'll leave that to your own rationale to decide.

Now then.

I'd like to bring you to our second case study.

Operation Onymous.

I wrote up a satirical piece on the analysis I'm about to give you via https://encyclopediadramatica.se/Operation_Onymous

Here's the rundown however.

On November 5th, 2014 the FBI had announced the takedown of 414 .onion Darknet services.

When it first happened, everyone FREAKED out.

Can't even tell you how many fucking people came up to us asking "Is TOR Broken!!?!?" and we had to respond with "We don't know at this point", which I'm sure didn't inspire new users or normies to get into the trade and deterred normie Darknet users like kingpins from continuing business on the tor network.

We were in the dark for about 2+ weeks before we knew what happened.

Anyways.

On their press release they mentioned the takedown of things like Doxbin, Silk Road 2, and an ISIS funding website that accepted anonymous Bitcoin donations.

Now for anyone unfamiliar about how Darknet culture sites n stuff is, there is no Google overlords to protect you against spam sites.

Meaning if you make a marketplace, someone could just download the source code and put it up under another .onion and basically try to pawn it off as the real thing.

Essentially it's a way of scamming, it's really popular on DN.

SO IT TURNS OUT RIGHT.

That about only 27 Darknet sites which were raided in that 414 website count were real.

Which means that the FBI literally seized 387 other sites which turned out to be SCAM WEBSITE CLONES.

Which also means that the ISIS funding site they had listed on their page under "Things we took down" was also a scam onion.

Meaning the real .onion for that ISIS site is still up.

Good job, feds.

Which leads to the question of....why?

Why would the feds take down so many clone websites?

Was it on accident?

On purpose?

The answer is that it wasn't a targeted takedown of .onion services.

The answer was revealed that all they did was go up to a hosting website which I will not mention here, and then shut them down because they were hosting ALLLLLLLLLLL these services.

And then they made it SEEM like it was a targeted attack.

It was only thanks to our researchers that we found out so many were clone / scam sites.

Of course you can IMAGINE how fucking terrified everyone was for those 2+ weeks of being in the dark about the details.

"Is Tor broken?"

"Is our crypto broken?"

Etc etc.

I hope by now you're seeing the pattern I mentioned in Law Enforcements "Takedowns"

Do something technically unimpressive

Pawn it off like it is impressive

Exploit the fear generated by keeping people in the dark about the details.

Last case study, this one is on Silk Road 2 afterwhich my man rackham will give some details on a new "Takdown" of a pedo site that the Feds recently did that I myself have not researched yet.

This is still within Operation Onymous as it happened at the same time but it was not taken down in the same manner as the other .onion's.

This was actually the one targeted .onion in the entire operation.

So this last one is going to be relatively brief because it's more or less a repetition of all the shit I've pointed out before in terms of the pattern the FBI so dearly cling to.

The too long didn't read version of Silk Road 2 is that a few autistic motherfuckers who had no idea what the hell they were doing much like Dread Pirate Roberts the owner of the first one, decided "Hey we should totally cash in on this Silk Road name thing and put up a clone".

A few hours of shite code edits and changes later you have the most scammy deplorable market on the Darknet.

The owner of this travesty known as Defcon was probably the most useless fuck imaginable who got Doxed (Dox confirmed when he was taken to jail for what will probably be life) within I think it was the first 4 months of operating his market?

Yea GG.

ThisIsHowYouDarknet

So anyway this is more of a hilarious point that the FBI handled, but when asked how they managed to get the .onion's server IP location they said and I quote:

"We managed to get the IP of the server by fiddling around with the login screen for about an hour"

Rightttttttttttttttttttttttttttttttt.

Personally I think they just had a fed somewhere on the inner circle and didn't want to rouse suspicion so they lied through their fuckin teeth cause they still want the fucker undercover.

But what the fuck ever we could speculate all day.

Now the FBI knew for a fact that nobody fucking liked or cared for Silk Road 2 because the staff kept scamming the users and vendors and the market itself was unreliable and scam centraly as fuck.

Which is why they included it within Operation Onymous.

For what reason?

To spread the fear and worry that Operation Onymous was a targetted attack.

Think about it, if you got something like a Darknet Market alongside other services like Doxbin the first thing that would come to your mind is that the attack is targeted in terms of they exploited some massive flaw or something within TOR or Relay servers or whatever.

And that was how they used the OP to scare as many people as possible.

And guess what.

It worked for the most part.

Which brings me to my final point.

The reason that the FBI keep resorting to fear and lack of basic fucking understanding of the inner workings and layers of the Darknet is because fear and social engineering is all they know, and it's all they have in this battlefield.

Their organization for decades has been dedicated to hunting Physical crime, which they are good at and I'll give them props for that.

The problem is that on the internet it is much MUCH easier to be an attacker than a defender.

Fear is all they fucking know to do, because it's the only real tool they have in this unwinnable war against all crime ever.

True story, the FBI have actually put up ads stating "You can now smoke weed and work for us in the cyber division!".

You know what I call that? Desperate. The FBI know they're fighting a war that can't be fucking won.

Because they need us.

They want us so bad.

And they know that the whitehats they have employed don't half even half the skill that the Blackhats of the net have, much less the common fraudster.

That's why they're attempting to backdoor and censor our internets so they might gain a fighting chance.

But so long as you stay two steps ahead of whatever game they try to play, they will never beat you.

Now my man rackham wanted to share some stats for the playpen fiasco since a few of you asked about that.

yeah before the flood of questions come and because this is in the news a lot recently the vulnerability that they utilized and everybody is so spun up about was PATCHED in the Tor browser. before the FBI is thought to have used it, it is suspected to be a variant of Rapid 7's decloak (google it if you don't know) so tl;dr. patch your shit and disable javascript. number love numbers someone get a calculator out for me so we all know the story. FBI seizes server and hosts CP for like 2 months or something and they're talking about how big this site is and over 200k users, right. they deanonymized 1300 IPs, can i get a percentage quick? you guys are too slow its .0065% POINT lol 0 0 6 5 ,okay lets go further, now this was quick google. numbers may have changed but as of April 14 can anybody guess how many of the 1300/200K+ were actually arrested? 135. add another 0 in there .000675 percent. throw a tee-ball player in the MLB and they'll bat a better percentage. also, the way they found the server? an unnamed foreign country found it on the clearweb admin SSH to the server from his home IP RIP GG. at the end of the day, one thing we can see in all of this is; 1) encryption DOES work when used correctly 2) the infosec community is not the only ones selling FUD the FBI will use fear, uncertainty, and doubt, that is their only weapon. that is not to say they are not a danger, but don't get it twisted, they're not fuckin skilled in the least. so to break it down playpen had 200,000 users, they hacked 8000 computers out of those 8000, they identifed 1300 suspected pedophiles of those 1300, they charged 137 and now we learn in the most recent update to this case that they aren't actually able to even charge that 137. great.

The parting lesson to take home is, stay two steps ahead in whatever you do.

And if you're in the game for anything illegal, treat everyone like a fed.

Making friends is not your priority, and trust is the last thing you want.

Can be found here http://onionlandbakyt3j.onion/thread.php?id=5


Comments


[72 Points] None:

Ahh. The sweet smell of meth In the winter morning.


[29 Points] xanax_xombie:

Wow. I will never read any of that.


[14 Points] None:

Am i fucked? Is my life over? My dick is about 5 inches and smooth as silk.


[10 Points] OpOnymousSurvivor:

Is this wall of text A preview of the new wall on the southern border? That thing is fucking YUGE


[9 Points] Thoughtsofamaniac:

Don't listen to this person guys, he is clearly a fed.


[5 Points] ForLol_Serious:

You said 1 in 3 people on the darknet are feds, does that count for vendors too?


[2 Points] None:

I actually think that was a good read.


[3 Points] comeplaydead:

This is the type of post we need more of, entertaining and reasonable +1


[3 Points] shillface:

I start reading a post, around 10 lines in I think "this isn't going anywhere... lemme scroll to the bottom real quick". I scroll to the bottom and... "yeah, meth rant".


[3 Points] motorbooks:

This was a great read, thank you.


[2 Points] AutoModerator:

Please always verify e-mails via Grams InfoDesk and also always encrypt your info with the vendors PGP-key.

I am a bot, and this action was performed automatically. Please contact the moderators of this subreddit if you have any questions or concerns.


[1 Points] Trumps_DNM_Account:

I would just like to let the mods here know that I really appreciate the flair on like 95% of the posts here, this one included.


[2 Points] onionland_star:

This wasn't even a meth rant although it does look like one in this context.

It was originally posted as a "lesson" on Onionland and reposted here.

The formatting did get ruined by reddit though...


[1 Points] None:

He went to home


[1 Points] ButyrFentReviewaway:

I'm pretty sure there's a longgggggg multiple part article which details how they acquired the server IP for SR, but I do take their side with a grain of salt.


[1 Points] None:

I actually didn't wana count dots on a ceiling while reading someone's post on here. Elite_Labs - taught me a lil sum w/ 'Operation Onymous.' For Silkroad2, not completely sure BUT, I don't think anything after the OG takedown was anywhere near as serious as you think. OG takedown of Silkroad took years of 'feds' crawling the site, on the inside & out. The server was hacked - right. But it was done illegally - right. Not only were feds closely linked w/ buyers, but also made vendor acc's and scaled their way up to large vendors + admins of the site. Journalists even, had done online-interviews with DPR; as you said, lets not take anonymity for granted. To add onto the lil adderall rush - check out Rule41 and the (off the top of my head) 5 million google accs that were hacked the day after? http://r.search.yahoo.com/_ylt=A0LEViTv3rlYzHIAV6InnIlQ;_ylu=X3oDMTEydmxpaG5lBGNvbG8DYmYxBHBvcwM1BHZ0aWQDQjM0NDdfMQRzZWMDc3I-/RV=2/RE=1488605040/RO=10/RU=http%3a%2f%2fnocamels.com%2f2016%2f12%2fcheck-point-google-hack-gooligan%2f/RK=0/RS=i3426z2NZ.cRDaQukwVXQ61blZQ-

But another thing - common knowledge of one, but not of another, is that of a personally-linked concept. So don't put ya own opinion out there, even if you don't wana be friends. If you do wana be friends, hmu on any COD you want to get smacked ya lil bk randy throwin it back to 2013 w/ ya "GG I'm done" ass. -Nice post tho


[1 Points] delevrything:

I find it ironic that all the people calling it a meth rant admit to not reading the full article.

Was showed that this was here, thanks @Elite_Labs for the post.

Only complaint is that it turned really badly formatted cause reddit but yea.


[1 Points] RSlashMason:

If you treat everyone like a FED you're gonna have hard time disputing shit. You can't be a dick to everybody bro


[1 Points] stacyblended:

You're posting good content EL, your last post is just was informative. ty ty :)


[1 Points] Amanda-Binds:

Somebody put on they're tinfoil thinking cap this morning.