Our dataset continues to grow significantly: 17,660,962,195 selectors
In the past few months, we have invested in 200+ TB of enterprise storage which allows us to scale up data collection even more. As for the public web, we are currently crawling these TLDs: DE, AT, LU, CH, UA, KZ, RU
Later this week we will increase our coverage of TLDs and include major ones like .com, .org, .net, and many others.
This new dorks page provides simple links to “find something interesting”.
✅ Discover invite URLs for popular communication apps
✅ Lookup of deleted pastes
✅ Find historical website copies
Last month, we took a close look on Tor. We investigated spam websites run as Tor hidden services and published a blog post here.
tl;dr we removed from our Tor index:
We looked into Tor vanity domains which are .onion domains that include human recognizable text usually in the beginning. An example is “silkroad7rn2puhj.onion”. Read all details in this blog post. tl;dr: Only 11 out of 16 characters of onion addresses can be cracked using a used $300 GPU. 12 out of 16 will cost you at least $12k and cracking a full onion domain about $13 billion.
Lastly, we want to push the message that Tor hidden services are a failed technology doing “much more harm than good in practice”. We reposted an important blog post from the Lawfare Institute here.
Yesterday we tried to self-ddos ourselves by using a shady DDoS-attacks-as-a-service provider. We documented it here with screenshots of the attack, statistics, and graphs showing the amount of IPs, bandwidth and packets per seconds used in the attacks. tl;dr:
Europol issued a press release stating: “Polish and Swiss law enforcement authorities, supported by Europol and Eurojust, dismantled InfinityBlack, a hacking group involved in distributing stolen user credentials, creating and distributing malware and hacking tools, and fraud.”
This takedown included the website datasense[.]pw, which, according to its own description, is a “combo cloud service that let’s you access thousands of databases, in a matter of seconds”. It is said that the hacking group was responsible for the massive Collection #1 data leak from January 2019.
This new development follows the seizure of WeLeakInfo in January 2020 by the FBI and European authorities.
Follow us on Twitter for the latest updates: https://twitter.com/_IntelligenceX
Kleissner Investments s.r.o., Na Strzi 1702/65, 14000 Prague, Czech Republic
If you don’t wish to receive this newsletter anymore, please click here to unsubscribe.
On Sunday, May 10, 2020, we will DDoS our own website, intelx.io. We will live tweet and update this blog post with any developments and the outcome. The attack will be executed in the same fashion as an actual attack: we’ll do some research, then pay a shady DDoS provider in Bitcoin (and hope they
Tor .onion domains are the hashes of public keys. Generally, they look random, but it is possible for am Tor hidden service operator to generate onion domains that start with a human readable part such as “silkroad7rn2puhj.onion”. Those are called “vanity onion addresses” and there are tools like Shallot and Eschalot that will create the
Certain actors spam Tor by creating many duplicate websites under different .onion domains and then linking them to each other. The cost of doing that is pretty low, considering that all you need is creating a new public key pair (the onion domain is the hash of the public key). In theory anyone can create