164

Police shut more than 14,000 accounts on Mega, Tutanota and Protonmail (therecord.media)

submitted 8 months ago by ray@lemmy.ml to c/privacy@lemmy.ml

26 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[-] bartolomeo@suppo.fi 7 points 8 months ago

states the LockBit .onion site, now controlled by British officials.

How does one hijack a .onion site?

[-] catalog3115@lemmy.world 13 points 8 months ago

You don't hijack a .onion site. You pwn the server which hosts .onion site. Give you full access to site. You hijack .onion because its very secure

[-] bartolomeo@suppo.fi 3 points 8 months ago

I see. How do you trace a .onion site back to it's server?

[-] catnip@lemmy.zip 7 points 8 months ago

By pwning it. You dont have to find it to pwn it. You just have to be able to send data to it, which everyone can do because whats the point of having a server if noone can interact with it. The attacker just interacts with it in a way that manipulates it to execution attacker controlled code. So for a .onion website for example you find a vulnerability in the websites code and exploit it to make the server the website is running on do what you want.

[-] pineapplelover@lemm.ee 5 points 8 months ago

Bad osint practices?

[-] bartolomeo@suppo.fi 2 points 8 months ago

Can you elaborate? Is the server address stored in some open source?

[-] pineapplelover@lemm.ee 4 points 8 months ago

Nah nothing like that. I mean that they're sharing info to friends willy nilly and some cops got wind of it. That's kinda what happens to some of the dark web guys who get caught. It's very rarely something very technical it's just their own idiocy for reusing emails, transferring funds incorrectly making it traceable, Delivering sus packages all at once to usps

[-] bartolomeo@suppo.fi 1 points 8 months ago

Oooh, right.

[-] catalog3115@lemmy.world 4 points 8 months ago

In simple terms you can't trace back the server useless the webadmin did some stupidity or vulnerability

[-] BaumGeist@lemmy.ml 2 points 8 months ago

Outside of controlling and rewriting the protocol: steal the keys used to generate the route or take over control of the server that hosts it

this post was submitted on 26 Feb 2024

164 points (98.8% liked)

Privacy

31978 readers

244 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

Chat rooms

[Matrix/Element]Dead
Discord

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago

MODERATORS