Hey! You must login or signup first!

Op-darknet

Confirmed   230,743

Part of a series on Anonymous. [View Related Entries]


OPERATION DARKNET

Overview

Operation Darknet (also known as #OpDarknet) is the codename for a series of distributed denial-of-service (DDoS) attacks carried out by Anonymous on Lolita City, a child pornography sharing website that is accessible in anonymity via The Tor Project's encrypted service. This campaign is not to be confused with two earlier Anonymous operations that have shared the same name, one from January 2010[19] to provide a solution to the censorship threatened by the ACTA (Anti-Counterfeit Trade Agreement) and another initiative from April 2011[1] to inform Anonymous members to start using I2P to protect their anonymity.[2]

Background

The operation began in early October 2011 with a mission to expose the underground pedophile community known as "Lolita City." The website was built via Tor[3], a software that allows users to host and browse websites anonymously. Built to protect the anonymity of Internet users under regimes that do not allow free internet access, the program has seen its use in least four other forum communities accused of hosting child porn, as well as a drug marketplace known as "Silk Road" where users could buy illegal drugs with Bitcoins.[4]

Notable Developments

October 14th – 15th: PasteBin Release

The major events of the Operation took place between October 14th and 15th, as archived in a Pastebin[5] document. On October 14th, Anonymous hackers began their mission by removing links to pornographic images and videos on the Hidden Wiki, located on Tor's Hidden Service Protocol.[6] Shortly after the links returned online, the site became inaccessible in its entirety, presumably as a result of DDoS attack initiated by the group.

8. #OpDarknet Press Release- 10/15/2011 Timeline of Events 13. At apprx 8:30 CST while browsing the Hidden Wiki we noticed a section called Hard Candy which was dedicated to links to ohild p----------. We then removed all links on the website, within 5 minutes the links were edited back in by an admin. For this reason, we will continue to make the Hidden Wiki unavailable 15 16. At apprx 8:45 CST we noticed 95% of the child p---------- listed on the Hidden Wiki shared a digital fingerprint with the shared hosting server at Freedom Hosting 19. At apprx 9:00pm CST on 0ctober 14, 2011 We identified Freedom Hosting as the host of the largest collection of child p---------- on the internet. We then issued a warning to remove the illegal content from their server, hich they refused to do 21 22. At apprx 11:30pm CST on October 14, 2011 We infiltrated the shared hosting server of Freedom Hosting and shutdown services to all clients due to their lack of action to remove child p---------- from their server 24 25. At apprx 5: 00pm CST on October 15, 2011 Freedom Hosting installed their backups and restored services to their child p---------- olients. We then issued multiple warnings to remove all child p---------- from their servers, which Freedom Hosting refused to do 27 28. At apprx 8:00pm CST on October 15, 2011 despite new security features, we once again infiltrated the shared hosting server at Freedom Hosting and stopped service to all clients

October 15th: Target Freedom Hosting

Following the initial attack, Anonymous members found out nearly all of the pornography had the Freedom Hosting digital fingerprint and thus issued the host a warning to remove the content from its server at 9 p.m. (CST) on October 14th. Freedom Hosting refused to comply and two and a half hours later, Anonymous completely shut down Freedom's services with DDoS attacks that created a 1GB SQL and 100,000 ASCII files of Guy Fawkes masks every five minutes.[7]

Freedom Hosting Anonymous Hosting Service with PHP/MySQL ister Login onta Register Login Contact FTP Howl0 Privacy Hosting Features Here you can get free hosting with PHP and MySQL Unlimited Space Unlimited Bandwidth Unlimited MySQL Databases Your own onion domain (xxxxx.onion) Fast Network with 24/7 Uptime No javascript or cookies required to login Upload a zip with your files and extract on server FTP Access Daily Backups What's Allowed We do not give permission for upload of any illegal files If you chose to do so anyway, we are not responsible for your actions I've not got a infinite hard drive and the server cpu is limited so please don't upload too much or use resource intensive scripts Need Help? When installing some php scripts it might complain about chmod, disabled functions or safe mode, just ignore the warning and continue anyway If the php warnings display on your site, edit the php file and find the line it complains about and put an @ before the function it complains about. eg. change chmod to @chmod etc... If it still wont work then use the Contact link above or reply to our thread on onionforum 15th October 2011 Denial of Service Attacks Today and several times this week FH was the victim of DoS attacks which resulted in unavailability of php or mysql on hosted sites A user registered an account and used it to run extremely slow mysql queries among other things to purposely harm the server For this reason creating new accounts will be disabled until further notice I would also like to announce that the snapshot based backup system is up and running backups are made daily and kept for upto 1 month, this will protect against any future data loss due to accounts being hacked Home. Privacy Policy Terms of Use 2008 Freedom Hosting. All Rights Reserved.

Around 5 p.m. (CST) the next day, Freedom was able to restore service completely via backup servers. Anonymous issued several additional warnings to the company, giving them 3 hours before taking down the server again, this time using an attack codenamed "Chris Hanson," which uploaded episodes of "To Catch a Predator" labeled as "CP" on to the site.

Why don't you have a seat right over there... 11 1:49 4:26 CC 480p

October 17th: Anonymous Releases Communique

On October 17th, YouTuber BecomeAnonymous[8] uploaded a video with the Anonymous manifesto, explaining the motivations behind Operation Darknet and its future plans.

October 18th: Userbase Exposed

On October 18th, Anonymous released the names of the 1589 users of Lolita City via PasteBin[9], including their username, volume of images uploaded, and age of the account. They invited Interpol and the FBI to investigate the records further.

October 20th – 24th: News Media Coverage

News of the operation spread quickly, with the earliest news story appearing on the Examiner[10] on October 20th, Gawker[4] on the 21st, the Huffington Post[11] and PC World[12] on the 22nd, and Geekosystem[13] on the 23rd. The Examiner story was shared on Reddit[18] on October 22nd, where it received 2475 points in two days.

By October 24th, the news had reached the Wall Street Journal[14], Information Week[15], and the BBC.[16] Techie Buzz[17] also published an interview with a user named "arson" in the #OpDarknet IRC channel. Arson stated that their mission was only to take down illegal materials and the operation was not triggered by any particular event:

We vowed to fight for the defenseless, there is none more defenseless than innocent children being exploited.

November 2nd: Final Release

The last official PasteBin[20] communique from #OpDarknet was uploaded on November 2nd, 2011. They stated that the whole plan behind the operation was not to take down Tor or the darknet in general, but specifically to attack the CP sharing occurring on these sites. It revealed "The Honey Pawt," a modified TorButton for Firefox, which, when used, would log users information if they tried to access the Hard Candy wiki or Lolita City.

On October 27th, Operation Paw Printing went into effect for 24 hours, marking the end of the DDoS attacks on The Hidden Wiki and implementation of the modified TorButton, which was only available on the Hard Candy page. When a user of HC updated the button, their IP information was logged. Over the course of the day, 190 unique users and IP addresses were logged, mapped out below.

eder Map Satellite Hybrid Icelan Russia No Canada Kit nd kraine Kazakhstan France Mongolia Spain Italy Sta North China South Korea Afghanistan rag Ocean Iran Pakistan bya Egypt Saudi Arabia México India Mauritania Mall Nige hailand Sudan Chad igeria Ethiopia Kenya DR Congo Tanzania Brazil Perú Bolivia Namibla Indian Ocean Madagascar Botswaia Austra South Atlantic Ocean Chile ific South Africa Argentina Southern Ocean POWERED BY Google Imagery G2011 NASA, TerraMetrics, Map data 2011 Geocentre Consulting, MapLink, TeleAtlas Terms of use

The PasteBin document noted that November 5th, 2011, Guy Fawkes Day, would mark the end of the Operation and Anonymous would be "sailing away for another Lulz."

February 2017: Freedom Hosting II Hacked

On February 3rd, 2017, an Anonymous-affiliated hacker infiltrated the servers of Freedom Hosting II, a controversial web hosting service that reportedly hosts 20% of sites on the Dark Web, and claimed to have shut down 10,613 child pornography and online scam websites in a message posted on some of the compromised websites. Featuring the signature tagline "we are Anonymous / we do not forgive / we do not forget," the message also revealed that all of the hosted files have been copied and the database has been wiped, while offering to sell the data back to Freedom Hosting II in exchange for 0.1 bitcoin (appx. $100).

Hello Freedom Hosting II, you have been hacked We are disappointed. This is an excerpt from your front page we have a zero tolerance policy to child p---------- but what we found while searching through your server is more Moreover you host many scam sites, some of which are evidently run by yourself to cover hosting expenses All your files have been copied and your database has been dumped. (74GB of files and 2.3GB of database) Up to January 31st you were hosting 10613 sites. Private keys are included in the dump. Show full list We are Anonymous. We do not forgive. We do not forget. You should have expected us. Thanks for your patience, you don't have to buy data :) we made a torrent of the database dump download here Here another torrernt with all system files (excluding user data) download You may still donate BTC to 14iCDyeCSp12AmhVJGxtrzxDabFop4QtU and support us If you need to get in contact with us, our mail is fhosting@sigaint.org We repeatedly get asked how we got into the system. It was surprisingly easy. Here is how we did it: HOW TO HACK FH2 Edit: couldn't reply to clearnet-new mail Edit2: database dump added Edit3: added instructions on how we got into the system Edit4: system files added an 5 % child p---

click through for the transcript

On February 4th, VICE Motherboard[24] ran an interview with one of the hackers behind the Dark Web crackdown, who told the reporter that it was their "first hack ever" and they intend to hand over the user data to a security researcher for further investigation by law enforcement.

Search Interest

Though Lolita City has had consistent search hits, there is a huge spike in October 2011, coinciding with the Operation.

External References

[1] PasteHTML – #OpDarknet

[2] CyberGuerrilla – Anonymous – Press Release 4/26/2011 – OPERATION DARKNET #OpDarknet

[3] Tor – Home

[4] Gawker – https://gawker.com/5851459/vigilante-hackers-wage-war-on-underground-kiddie-porn

[5] PasteBin – #OpDarknet Major Release & Timeline

[6] Ars Technica – Anonymous takes down darknet child porn site on Tor network

[7] PasteBin – #OpDarknet – To Catch A Predator

[8] YouTube – Become Anonymous

[9] PasteBin – #OpDarknet – Lolita City user dump

[10] Examiner (via Wayback Machine) – Anonymous exposes pedophile ring – hacks Lolita City

[11] Huffington Post – Anonymous Hacks Lolita City Alleged Porn Ring

[12] PC World – Hacker Collective Anonymous Strikes at Child Porn Sites

[13] Geekosystem – Anonymous Takes Down Massive Child Pornography Server, Leaks Usernames

[14] The Wall Street Journal – Anonymous Hacktivists Target Child Pornography Sites

[15] Information Week (via Wayback Machine) – Anonymous Attacks Child Pornography Websites

[16] BBC – Hackers take down child pornography sites

[17] Techie Buzz – An Interview with an OpDarknet Anon

[18] Reddit – Anonymous exposes pedophile ring

[19] Anonymous Hamburg – AnonyNEWS – KW4

[20] PasteBin – #OpDarknet – Paws Up: A Sticky Situation

[21] The Verge – An Anonymous group just took down a fifth of the dark web

[22] Twitter – @SarahJamieLewis' Tweet

[23] Telegraph – Anonymous hacker knocks 20pc of dark web offline in campaign against child pornography

[24] VICE – We Talked to the Hacker Who Took Down a Fifth of the Dark Web



Share Pin

Related Entries 29 total

Rules_of_the_internet_banner
Rules of the Internet
Poolsclosed
Pool's Closed
The_battle
Operation Payback
Internethate
Internet Hate Machine


Recent Images 9 total


Recent Videos 3 total




Load 114 Comments
Operation Darknet

Operation Darknet

Part of a series on Anonymous. [View Related Entries]

PROTIP: Press 'i' to view the image gallery, 'v' to view the video gallery, or 'r' to view a random entry.


OPERATION DARKNET

Overview

Operation Darknet (also known as #OpDarknet) is the codename for a series of distributed denial-of-service (DDoS) attacks carried out by Anonymous on Lolita City, a child pornography sharing website that is accessible in anonymity via The Tor Project's encrypted service. This campaign is not to be confused with two earlier Anonymous operations that have shared the same name, one from January 2010[19] to provide a solution to the censorship threatened by the ACTA (Anti-Counterfeit Trade Agreement) and another initiative from April 2011[1] to inform Anonymous members to start using I2P to protect their anonymity.[2]

Background

The operation began in early October 2011 with a mission to expose the underground pedophile community known as "Lolita City." The website was built via Tor[3], a software that allows users to host and browse websites anonymously. Built to protect the anonymity of Internet users under regimes that do not allow free internet access, the program has seen its use in least four other forum communities accused of hosting child porn, as well as a drug marketplace known as "Silk Road" where users could buy illegal drugs with Bitcoins.[4]

Notable Developments

October 14th – 15th: PasteBin Release

The major events of the Operation took place between October 14th and 15th, as archived in a Pastebin[5] document. On October 14th, Anonymous hackers began their mission by removing links to pornographic images and videos on the Hidden Wiki, located on Tor's Hidden Service Protocol.[6] Shortly after the links returned online, the site became inaccessible in its entirety, presumably as a result of DDoS attack initiated by the group.


8. #OpDarknet Press Release- 10/15/2011 Timeline of Events 13. At apprx 8:30 CST while browsing the Hidden Wiki we noticed a section called Hard Candy which was dedicated to links to ohild p----------. We then removed all links on the website, within 5 minutes the links were edited back in by an admin. For this reason, we will continue to make the Hidden Wiki unavailable 15 16. At apprx 8:45 CST we noticed 95% of the child p---------- listed on the Hidden Wiki shared a digital fingerprint with the shared hosting server at Freedom Hosting 19. At apprx 9:00pm CST on 0ctober 14, 2011 We identified Freedom Hosting as the host of the largest collection of child p---------- on the internet. We then issued a warning to remove the illegal content from their server, hich they refused to do 21 22. At apprx 11:30pm CST on October 14, 2011 We infiltrated the shared hosting server of Freedom Hosting and shutdown services to all clients due to their lack of action to remove child p---------- from their server 24 25. At apprx 5: 00pm CST on October 15, 2011 Freedom Hosting installed their backups and restored services to their child p---------- olients. We then issued multiple warnings to remove all child p---------- from their servers, which Freedom Hosting refused to do 27 28. At apprx 8:00pm CST on October 15, 2011 despite new security features, we once again infiltrated the shared hosting server at Freedom Hosting and stopped service to all clients

October 15th: Target Freedom Hosting

Following the initial attack, Anonymous members found out nearly all of the pornography had the Freedom Hosting digital fingerprint and thus issued the host a warning to remove the content from its server at 9 p.m. (CST) on October 14th. Freedom Hosting refused to comply and two and a half hours later, Anonymous completely shut down Freedom's services with DDoS attacks that created a 1GB SQL and 100,000 ASCII files of Guy Fawkes masks every five minutes.[7]


Freedom Hosting Anonymous Hosting Service with PHP/MySQL ister Login onta Register Login Contact FTP Howl0 Privacy Hosting Features Here you can get free hosting with PHP and MySQL Unlimited Space Unlimited Bandwidth Unlimited MySQL Databases Your own onion domain (xxxxx.onion) Fast Network with 24/7 Uptime No javascript or cookies required to login Upload a zip with your files and extract on server FTP Access Daily Backups What's Allowed We do not give permission for upload of any illegal files If you chose to do so anyway, we are not responsible for your actions I've not got a infinite hard drive and the server cpu is limited so please don't upload too much or use resource intensive scripts Need Help? When installing some php scripts it might complain about chmod, disabled functions or safe mode, just ignore the warning and continue anyway If the php warnings display on your site, edit the php file and find the line it complains about and put an @ before the function it complains about. eg. change chmod to @chmod etc... If it still wont work then use the Contact link above or reply to our thread on onionforum 15th October 2011 Denial of Service Attacks Today and several times this week FH was the victim of DoS attacks which resulted in unavailability of php or mysql on hosted sites A user registered an account and used it to run extremely slow mysql queries among other things to purposely harm the server For this reason creating new accounts will be disabled until further notice I would also like to announce that the snapshot based backup system is up and running backups are made daily and kept for upto 1 month, this will protect against any future data loss due to accounts being hacked Home. Privacy Policy Terms of Use 2008 Freedom Hosting. All Rights Reserved.

Around 5 p.m. (CST) the next day, Freedom was able to restore service completely via backup servers. Anonymous issued several additional warnings to the company, giving them 3 hours before taking down the server again, this time using an attack codenamed "Chris Hanson," which uploaded episodes of "To Catch a Predator" labeled as "CP" on to the site.


Why don't you have a seat right over there... 11 1:49 4:26 CC 480p

October 17th: Anonymous Releases Communique

On October 17th, YouTuber BecomeAnonymous[8] uploaded a video with the Anonymous manifesto, explaining the motivations behind Operation Darknet and its future plans.



October 18th: Userbase Exposed

On October 18th, Anonymous released the names of the 1589 users of Lolita City via PasteBin[9], including their username, volume of images uploaded, and age of the account. They invited Interpol and the FBI to investigate the records further.

October 20th – 24th: News Media Coverage

News of the operation spread quickly, with the earliest news story appearing on the Examiner[10] on October 20th, Gawker[4] on the 21st, the Huffington Post[11] and PC World[12] on the 22nd, and Geekosystem[13] on the 23rd. The Examiner story was shared on Reddit[18] on October 22nd, where it received 2475 points in two days.

By October 24th, the news had reached the Wall Street Journal[14], Information Week[15], and the BBC.[16] Techie Buzz[17] also published an interview with a user named "arson" in the #OpDarknet IRC channel. Arson stated that their mission was only to take down illegal materials and the operation was not triggered by any particular event:


We vowed to fight for the defenseless, there is none more defenseless than innocent children being exploited.

November 2nd: Final Release

The last official PasteBin[20] communique from #OpDarknet was uploaded on November 2nd, 2011. They stated that the whole plan behind the operation was not to take down Tor or the darknet in general, but specifically to attack the CP sharing occurring on these sites. It revealed "The Honey Pawt," a modified TorButton for Firefox, which, when used, would log users information if they tried to access the Hard Candy wiki or Lolita City.

On October 27th, Operation Paw Printing went into effect for 24 hours, marking the end of the DDoS attacks on The Hidden Wiki and implementation of the modified TorButton, which was only available on the Hard Candy page. When a user of HC updated the button, their IP information was logged. Over the course of the day, 190 unique users and IP addresses were logged, mapped out below.

eder Map Satellite Hybrid Icelan Russia No Canada Kit nd kraine Kazakhstan France Mongolia Spain Italy Sta North China South Korea Afghanistan rag Ocean Iran Pakistan bya Egypt Saudi Arabia México India Mauritania Mall Nige hailand Sudan Chad igeria Ethiopia Kenya DR Congo Tanzania Brazil Perú Bolivia Namibla Indian Ocean Madagascar Botswaia Austra South Atlantic Ocean Chile ific South Africa Argentina Southern Ocean POWERED BY Google Imagery G2011 NASA, TerraMetrics, Map data 2011 Geocentre Consulting, MapLink, TeleAtlas Terms of use

The PasteBin document noted that November 5th, 2011, Guy Fawkes Day, would mark the end of the Operation and Anonymous would be "sailing away for another Lulz."

February 2017: Freedom Hosting II Hacked

On February 3rd, 2017, an Anonymous-affiliated hacker infiltrated the servers of Freedom Hosting II, a controversial web hosting service that reportedly hosts 20% of sites on the Dark Web, and claimed to have shut down 10,613 child pornography and online scam websites in a message posted on some of the compromised websites. Featuring the signature tagline "we are Anonymous / we do not forgive / we do not forget," the message also revealed that all of the hosted files have been copied and the database has been wiped, while offering to sell the data back to Freedom Hosting II in exchange for 0.1 bitcoin (appx. $100).


Hello Freedom Hosting II, you have been hacked We are disappointed. This is an excerpt from your front page we have a zero tolerance policy to child p---------- but what we found while searching through your server is more Moreover you host many scam sites, some of which are evidently run by yourself to cover hosting expenses All your files have been copied and your database has been dumped. (74GB of files and 2.3GB of database) Up to January 31st you were hosting 10613 sites. Private keys are included in the dump. Show full list We are Anonymous. We do not forgive. We do not forget. You should have expected us. Thanks for your patience, you don't have to buy data :) we made a torrent of the database dump download here Here another torrernt with all system files (excluding user data) download You may still donate BTC to 14iCDyeCSp12AmhVJGxtrzxDabFop4QtU and support us If you need to get in contact with us, our mail is fhosting@sigaint.org We repeatedly get asked how we got into the system. It was surprisingly easy. Here is how we did it: HOW TO HACK FH2 Edit: couldn't reply to clearnet-new mail Edit2: database dump added Edit3: added instructions on how we got into the system Edit4: system files added an 5 % child p---
click through for the transcript

On February 4th, VICE Motherboard[24] ran an interview with one of the hackers behind the Dark Web crackdown, who told the reporter that it was their "first hack ever" and they intend to hand over the user data to a security researcher for further investigation by law enforcement.

Search Interest

Though Lolita City has had consistent search hits, there is a huge spike in October 2011, coinciding with the Operation.

External References

[1] PasteHTML – #OpDarknet

[2] CyberGuerrilla – Anonymous – Press Release 4/26/2011 – OPERATION DARKNET #OpDarknet

[3] Tor – Home

[4] Gawker – https://gawker.com/5851459/vigilante-hackers-wage-war-on-underground-kiddie-porn

[5] PasteBin – #OpDarknet Major Release & Timeline

[6] Ars Technica – Anonymous takes down darknet child porn site on Tor network

[7] PasteBin – #OpDarknet – To Catch A Predator

[8] YouTube – Become Anonymous

[9] PasteBin – #OpDarknet – Lolita City user dump

[10] Examiner (via Wayback Machine) – Anonymous exposes pedophile ring – hacks Lolita City

[11] Huffington Post – Anonymous Hacks Lolita City Alleged Porn Ring

[12] PC World – Hacker Collective Anonymous Strikes at Child Porn Sites

[13] Geekosystem – Anonymous Takes Down Massive Child Pornography Server, Leaks Usernames

[14] The Wall Street Journal – Anonymous Hacktivists Target Child Pornography Sites

[15] Information Week (via Wayback Machine) – Anonymous Attacks Child Pornography Websites

[16] BBC – Hackers take down child pornography sites

[17] Techie Buzz – An Interview with an OpDarknet Anon

[18] Reddit – Anonymous exposes pedophile ring

[19] Anonymous Hamburg – AnonyNEWS – KW4

[20] PasteBin – #OpDarknet – Paws Up: A Sticky Situation

[21] The Verge – An Anonymous group just took down a fifth of the dark web

[22] Twitter – @SarahJamieLewis' Tweet

[23] Telegraph – Anonymous hacker knocks 20pc of dark web offline in campaign against child pornography

[24] VICE – We Talked to the Hacker Who Took Down a Fifth of the Dark Web

Recent Videos 3 total

Recent Images 9 total



+ Add a Comment

Comments (114)


Display Comments

Add a Comment