Tech

Dark Net hackers steal seized site back from the FBI

That’s not going to sit well in Washington.

Photo of Patrick Howell O'Neill

Patrick Howell O'Neill

Article Lead Image

There’s a tug of war at play on the Dark Net.

Featured Video

Last week, American and European law enforcement triumphantly took control of 27 Dark Net websites in the highly publicized Operation Onymous, a campaign against a wide variety of Tor hidden services and their operators, including so-called Silk Road 2.0 and its alleged boss, 26-year-old Blake Benthall.

Now, the new owners of one seized hidden website have taken their website back from police. The re-seized hidden service, Doxbin, is fully operational as of 1pm ET.

Doxbin is a website dedicated to hosting tens of thousands of records containing sensitive information about private individuals, such as addresses, phone numbers, and Social Security Numbers. It’s made headlines numerous times, most notably when the judge in the trial of the original Silk Road, which was shuttered by the FBI last year, was threatened on the site, and her address, phone number, and personal details made public.

Advertisement

The loss of Doxbin last week was mourned by the site’s fans.

RIP doxbin pic.twitter.com/nFbrHoyVil

— Anonymous (@blackplans) November 8, 2014

RIP Silk Road 2.0, doxbin, along with many other sites. Your legacy remains. pic.twitter.com/joT8aYyDad

— john (@Anxieties) November 7, 2014

Advertisement

While police took control of the sites, the actual owners remain free and are speaking out in public.

Earlier this weekend, they released aggregate log reports to the public in hopes that observers could identify the weakness that police used to seize the hidden service.

Now, Doxbin’s previous owners have handed off control of their website to an “interested party” who has re-seized the website and at least three .onion addresses that direct to it, according to records at the hidden service search engine ahmia.fi. Moreover, the new owners have created a brand new.onion address in order to prevent police from re-seizing Doxbin. Anyone can currently access the two previously seized addreses, and a third .onion site has been added. 

While the backbone required to take a website back from the police has been applauded by some observers, re-seizing the website isn’t necessarily challenging from a technical perspective. An .onion address is simply a hash of a private key used to control the domain. The previous owners handed the private key off, and so now both police and the new owners of Doxbin possess the private key. That means that each can seize the domain at will, hence the game of tug of war.

Advertisement

.@chobopeon The private_keys were handed to an interested party, who is playing tug of war with ICE/Eurolol. We’re not involved

— nachash (@loldoxbin) November 10, 2014

While the re-seizure is likely temporary, the website is now able to advertise a new and not-yet seized address to its old users.

Last week, the website looked like this after police action:

RIP DOXBIN pic.twitter.com/DW43ex4CCn

— Jeb Boone (@JebBoone) November 7, 2014

Advertisement

Now, a mirror of the site called “THE INDESTRUCTIBLE SKY CASTLE,” revives the old Doxbin:

Update 7:49pm ET, Nov. 10: The new owner of Doxbin says the site has seen about 25,000 hits in the last 24 hours. 

Advertisement

Editor’s note: This article has been updated with new language to clarify ownership of the new Doxbin sites.

Photo by David Goehring (CC BY 2.0)

 
The Daily Dot