Nytro Posted November 18, 2014 Report Posted November 18, 2014 Many Tor-anonymized domains seized by police belonged to imposter sitesResults of darkweb crawl may come as good news to Tor supporters. by Dan Goodin - Nov 18 2014, 2:40am GTBST A large number of the Tor-anonymized domains recently seized in a crackdown on illegal darknet services were clones or imposter sites, according to an analysis published Monday. That conclusion is based on an indexing of .onion sites available through the Tor privacy service that cloaks the location where online services are hosted. Australia-based blogger Nik Cubrilovic said a Web crawl he performed on the darknet revealed just 276 seized addresses, many fewer than the 414 domains police claimed they confiscated last week. Of the 276 domains Cubrilovic identified, 153 pointed to clones, phishing, or scam sites impersonating one of the hidden services targeted by law enforcement, he said. If corroborated by others, the findings may be viewed as good news for privacy advocates who look to Tor to help preserve their anonymity. Last week's reports that law enforcement agencies tracked down more than 400 hidden services touched off speculation that police identified and were exploiting a vulnerability in Tor itself that allowed them to surreptitiously decloak hidden services. The revelation that many of the seized sites were imposters may help to tamp down such suspicions. Cubrilovic wrote:That the FBI seized so many clone and fake websites suggests a broad, untargeted sweep of hidden services rather than a targeted campaign. The slapshot nature of how sites were seized suggests that rather than starting with an onion address and then discovering the host server to seize, this campaign simply vacuumed up a large number of onion websites by targeting specific hosting companies. We have tracked down the hosting companies affected and the details will be published in a follow-up.Officials with the Tor Project continue to say they have no evidence the mass seizures are the result of a technical exploit. In a blog post published Friday, they wrote: "So far, all indications are that those arrests are best explained by bad opsec for a few of them, and then those few pointed to the others when they were questioned."Sursa: Many Tor-anonymized domains seized by police belonged to imposter sites | Ars Technica Quote
