On Monday, independent security analyst Nik Cubrilovic announced that half of the sites seized were either clone or scam sites of the original version.
Earlier this month, Versus reported on the joint effort made by international law enforcement agencies to raid a part of the Dark Web known as Tor. Tor is an acronym for The Onion Router, which is a free network that is designed to ensure anonymity by routing your actual IP address through multiple and curricular (like an onion) servers also on the Tor network. Tor, a part of the internet known as the Dark Web, has been used for legal and illegal purposes. On Monday, independent security analyst Nik Cubrilovic released findings in his blog that announced that half of the sites seized were either clone or scam sites of the original version.
The raid, termed Operation Onymous took place on the 5 and 6 of November, and the FBI first reported it seized 414 websites, while Europol reported that they had sized 410 websites and made 17 arrests.
The operation included the rest of a 26 year-old software developer, Black Benthall that has been accused of operating Silk Road 2.0, the largest online drug market. Additionally, $1 million in Bitcoin has been seized, along with € 180,000 in cash, drugs, gold, and silver. The raid was widely publicized by the media and all law enforcements party to the operation have been quoted celebrating their success, including the UK National Agency which sent out a tweet to mock Tor users.
Still think you’re anonymous on the Dark Web? #Onymous— NationalCrimeAgency (@NCA_UK) November 7, 2014
However, the situation has since been investigated by independent sources. Only several hours after Silk Road 2.0 had been seized, Silk Road 3.0 was up and running, anonymously. Additionally, it is thought that Benthall was only arrested because of a series of careless mistakes. What was initially reported as 414 websites, Cubrilovic has reported as a mere 276. Furthermore, of the 276 onion sites, 153 were scam or clone websites. Many of the websites the FBI listed as part of their raid have remained operational, while the clone and scam websites have been seized.
What was initially reported as 414 websites, Cubrilovic has reported as a mere 276. Furthermore, of the 276 onion sites, 153 were scam or clone websites.
133 of the sites seized were clone sites, which according to Motherboard, is “any site where the content returned is the same as another Tor hidden service, but we know it was a clone because it appeared after the original hidden service”. Some of the clones seized include Silk Road 2.0, as well as a jihadist kickstarter site, “Fund the Islamic Struggle without leaving a trace”.
The idea of a scam website is that the website appears to be a marketplace but without any intention of selling. The person buying unwittingly gives their login details, and the scammer then logs into the account, and drains the bitcoins. 20 of the websites seized were scams.
The biggest issue for many people when Operation Onymous was originally leaked, was exactly how did the law enforcement agencies discovered the locations and identities of the people using the Tor network, and perhaps more importantly, was all of the Tor network compromised?
Cubrilovic has concluded that it’s not compromised. “That the FBI seized so many clone and fake websites suggests a broad, untargeted sweep of hidden services rather than a targeted campaign. The slapshot nature of how sites were seized suggests that rather than starting with an onion address and then discovering the host server to seize, this campaign simply vacuumed up a large number of onion websites by targeting specific hosting companies”, he said. Having teamed up with several other security analysts, Cubrilovic’s goal is to discover just how the host server was seized. He therefore is also requesting for those that hosted the websites seized contact him and his team, anonymously, so as to find the missing link between them all.