Newsletter 2020-05-11

Published on May 11, 2020 by

May 2020: New dorks website, Tor, DDoS test and a Europol takedown

Our dataset continues to grow significantly: 17,660,962,195 selectors

In the past few months, we have invested in 200+ TB of enterprise storage which allows us to scale up data collection even more. As for the public web, we are currently crawling these TLDs: DE, AT, LU, CH, UA, KZ, RU

Later this week we will increase our coverage of TLDs and include major ones like .com, .org, .net, and many others.

🕵🏻 New Dorks website

👉🏼 https://intelx.io/dorks

This new dorks page provides simple links to “find something interesting”.

✅ Discover invite URLs for popular communication apps
✅ Lookup of deleted pastes
✅ Find historical website copies

Tor

Last month, we took a close look on Tor. We investigated spam websites run as Tor hidden services and published a blog post here.

tl;dr we removed from our Tor index:

  • 209,081 unique onion domains detected as spam
  • 34 million website files
  • 500 GB of data
  • 28% of our Tor index

We looked into Tor vanity domains which are .onion domains that include human recognizable text usually in the beginning. An example is “silkroad7rn2puhj.onion”. Read all details in this blog post. tl;dr: Only 11 out of 16 characters of onion addresses can be cracked using a used $300 GPU. 12 out of 16 will cost you at least $12k and cracking a full onion domain about $13 billion.

Lastly, we want to push the message that Tor hidden services are a failed technology doing “much more harm than good in practice”. We reposted an important blog post from the Lawfare Institute here.

Self-ddosing test

Yesterday we tried to self-ddos ourselves by using a shady DDoS-attacks-as-a-service provider. We documented it here with screenshots of the attack, statistics, and graphs showing the amount of IPs, bandwidth and packets per seconds used in the attacks. tl;dr:

  • Some attacks have no impact at all
  • Network level attacks (TCP SYN, NTP, DNS) can often be filtered and mitigated via simple firewall rules
  • Some of the attacks are successful in slowing down the responsiveness of the website
  • No attack had any permanent effect.

Takedown supported by Europol

Europol issued a press release stating: “Polish and Swiss law enforcement authorities, supported by Europol and Eurojust, dismantled InfinityBlack, a hacking group involved in distributing stolen user credentials, creating and distributing malware and hacking tools, and fraud.”

This takedown included the website datasense[.]pw, which, according to its own description, is a “combo cloud service that let’s you access thousands of databases, in a matter of seconds”. It is said that the hacking group was responsible for the massive Collection #1 data leak from January 2019.

This new development follows the seizure of WeLeakInfo in January 2020 by the FBI and European authorities.

Follow us on Twitter for the latest updates: https://twitter.com/_IntelligenceX


Kleissner Investments s.r.o., Na Strzi 1702/65, 14000 Prague, Czech Republic

If you don’t wish to receive this newsletter anymore, please click here to unsubscribe.

Related articles

Newsletter 2021-01-23

Published on January 23, 2021 by

January 2021: Capitol Hill Riots Archive, New Features Our dataset contains now 30 billion records and grows by +3 billion every month. Last year has been incredible for us. We are growing by any metric – all organically. Searches are up 113% Q-on-Q and our user base is growing sustainably at 18% month-on-month. Capitol Hill


Archiving Capitol Hill riots’ media

Published on January 7, 2021 by

We are archiving media from todays Capitol Hill riots. Follow our Twitter account for updates. We have archived the Capitol Hill riots media here: https://intelx.io/?did=814b39fe-ad98-45a1-9f44-0346bc9f9b94 Use the “Tree View” tab to see all pictures and videos. The FTP server stores now 200 GB (about 4000 files). Note: Some files contain graphic content.


Newsletter 2020-12-22

Published on December 22, 2020 by

December 2020: Telegram channel Subscribe to our new Telegram channel at: https://t.me/intelxio New Telegram subscribers receive a free 3-day Professional license code! We will post frequent updates and technical background info to this channel. 🏛 Open Government We are archiving all .GOV and .MIL websites. Any changes will be preserved, any alterations detected! Read the


Search the blog: