Newsletter 2020-05-11

Published on May 11, 2020 by

May 2020: New dorks website, Tor, DDoS test and a Europol takedown

Our dataset continues to grow significantly: 17,660,962,195 selectors

In the past few months, we have invested in 200+ TB of enterprise storage which allows us to scale up data collection even more. As for the public web, we are currently crawling these TLDs: DE, AT, LU, CH, UA, KZ, RU

Later this week we will increase our coverage of TLDs and include major ones like .com, .org, .net, and many others.

🕵🏻 New Dorks website

👉🏼 https://intelx.io/dorks

This new dorks page provides simple links to “find something interesting”.

✅ Discover invite URLs for popular communication apps
✅ Lookup of deleted pastes
✅ Find historical website copies

Tor

Last month, we took a close look on Tor. We investigated spam websites run as Tor hidden services and published a blog post here.

tl;dr we removed from our Tor index:

  • 209,081 unique onion domains detected as spam
  • 34 million website files
  • 500 GB of data
  • 28% of our Tor index

We looked into Tor vanity domains which are .onion domains that include human recognizable text usually in the beginning. An example is “silkroad7rn2puhj.onion”. Read all details in this blog post. tl;dr: Only 11 out of 16 characters of onion addresses can be cracked using a used $300 GPU. 12 out of 16 will cost you at least $12k and cracking a full onion domain about $13 billion.

Lastly, we want to push the message that Tor hidden services are a failed technology doing “much more harm than good in practice”. We reposted an important blog post from the Lawfare Institute here.

Self-ddosing test

Yesterday we tried to self-ddos ourselves by using a shady DDoS-attacks-as-a-service provider. We documented it here with screenshots of the attack, statistics, and graphs showing the amount of IPs, bandwidth and packets per seconds used in the attacks. tl;dr:

  • Some attacks have no impact at all
  • Network level attacks (TCP SYN, NTP, DNS) can often be filtered and mitigated via simple firewall rules
  • Some of the attacks are successful in slowing down the responsiveness of the website
  • No attack had any permanent effect.

Takedown supported by Europol

Europol issued a press release stating: “Polish and Swiss law enforcement authorities, supported by Europol and Eurojust, dismantled InfinityBlack, a hacking group involved in distributing stolen user credentials, creating and distributing malware and hacking tools, and fraud.”

This takedown included the website datasense[.]pw, which, according to its own description, is a “combo cloud service that let’s you access thousands of databases, in a matter of seconds”. It is said that the hacking group was responsible for the massive Collection #1 data leak from January 2019.

This new development follows the seizure of WeLeakInfo in January 2020 by the FBI and European authorities.

Follow us on Twitter for the latest updates: https://twitter.com/_IntelligenceX


Kleissner Investments s.r.o., Na Strzi 1702/65, 14000 Prague, Czech Republic

If you don’t wish to receive this newsletter anymore, please click here to unsubscribe.

Related articles

Newsletter 2020-08-03

Published on August 3, 2020 by

August 2020: Recap of 3rd-party OSINT tools and integrations We are listing all approved 3rd-party integrations here: https://intelx.io/integrations h8mail: “an email OSINT and breach hunting tool using different breach and reconnaissance services” Maltego Transform subfinder: “subdomain discovery tool that discovers valid subdomains for websites by using passive online sources” theHarvester: “The tool gathers emails, names,


Why we are going to block Tor IPs

Published on July 5, 2020 by

tl;dr: Nothing ever good comes out of Tor. We are going to block Tor IP addresses from signup, login, and search starting on July 5, 2020. Our reasons are rooted in: Tor Hidden Services Are a Failed Technology, Harming Children, Dissidents and Journalists. Read this blog post by lawfare. According to our own investigation, Tor


Maltego Transform released

Published on July 4, 2020 by

We just released a Maltego Transform for Intelligence X. The installation instructions are here: https://github.com/IntelligenceX/SDK/tree/master/Maltego%20Transform Maltego is “software used for open-source intelligence and forensics, developed by Maltego Technologies”. It can visualize information in a graph format.


Search the blog: