Anonymous journalist researching Tor: the uncensored internet. Privacy is a human right. torproject.org

darkfailllnkf4vf.onion
Joined October 2018
We got our domain dark.fail back!! Massive THANK YOU to @njal_la, @brokep, and all who supported us over the past four days while a phisher hijacked and operated our clearnet site. Rebuilding carefully.
15
53
5
431
Using Monero still requires good OPSEC. Keep track of what sites you paste addresses into. Never reuse an address. Treat Monero like it will some day be traceable. Blockchain is not post-quantum anonymity, activists.
3
44
5
294
dark.fail retweeted
"as of May 5, 2021, the attacker is still controlling between 4% and 6% of the entire Tor network’s exit capacity, with SSL stripping attacks still ongoing" Use ONLY .onion addresses with @torproject browser or get rekt. Promote best practice, tell friends, add it to guides!
Thousands of malicious Tor exit nodes stole cryptocurrency with phishing, SSL stripping. Tor is broken. Anyone can anonymously launch a node with no accountability. @campuscodi therecord.media/thousands-of…
2
37
1
119
dark.fail retweeted
Apple can decrypt everything except for iCloud Keychain and a few end-to-end encrypted services.
35
600
57
2,274
dark.fail retweeted
received a few minutes ago to my GMail. at first I thought it was a spam and was about to delete the email, but it turned out to be about FBI requesting my data from Apple
264
2,912
737
14,696
dark.fail retweeted
Please note: @brokep was especially correct on this matter. Without all of the public pressure, its likely nothing would have been fixed, IMO. Pressure works.
Replying to @brokep
Now, the phishing attack is still ongoing, and if enough people would push @Namecheap and their @NamecheapCEO on social media, maybe they will help @DarkDotFail out and get their domain back. Thanks.
Show this thread
1
9
0
46
Victims of my domain hijacking: Don't fret, @Namecheap did not consider it a phishing attack because it did not use HTML input fields. So they hosted a phishing site on my domain for four days.
FINALLY!! From @Namecheap: "Please be informed that the dark.fail domain was disabled. We would like to note that the website could not be treated as a phishing one because it did not contain fields to enter sensitive data." Now we just need them to send it back.
7
10
1
78
dark.fail retweeted
In an interesting attack, scammer was able to take over domains by presenting a registrar w/ fake court order. Used same language as a real court order. Scammer then used that control to push dark web market phishing sites, stealing BTC vice.com/en/article/qj8833/d…
9
107
15
198
Show this thread
Who are the victims in a well-moderated marketplace?
13
2
1
70
At what point does a marketplace operator become complicit in forgeries, unsafe items? Are Craigslist, Amazon, Alibaba well-moderated?
6
1
0
38
dark.fail retweeted
Maybe you heard that the domain dark.fail (@DarkDotFail ) got hijacked. Here's the story on how it happened. A thread! (I've pieced together the data I have so I might have some small errors in this thread, FYI.)
15
331
82
688
Show this thread
ALERT: Aurora Market exit scammed.
13
34
5
299
Shout out to Dread for still being the most valuable resource around. Thank you to all admins, mods for quickly warning people about Darknetlive and dark.fail's domain takeovers the past four days. Long live Dread!
2
5
0
82
Signed proof that I have regained access to this Twitter following a domain hijack that allowed an attacker to receive emails to "hello@dark.fail" but not to bypass 2FA. raw.githubusercontent.com/Da…
3
11
2
90