Many DarkNet Sites Compromised At Once Via Domains/DNS January 23, 2022, 12:21:45 am Many DarkNet Sites Compromised At Once Via Domains/DNSDark.FailDarkNetLive.comOnion.LiveAll 3 Reported Being Compromised Within last 48 hours. They all claim the attackers are redirecting users to fake/false TOR pages to phish them and steal money.https://twitter.com/notdan/status/1388142289952800769https://twitter.com/5auth/status/1388134943629402116https://twitter.com/DarkDotFailhttps://raw.githubusercontent.com/DarkDotFail/archive/f75a3336529314609251694fd2bb44f05a369e79/announcements/darknetlive/2021-04-30_domain_hijacked.txthttps://darknetlive.com/emergency-update.txthttps://twitter.com/brokep/status/1388075234507493376https://twitter.com/DarkDotFail/status/1388199606668902408Currently seems like the most likely thing that happened was Tucows was somehow hacked/compromised. That's the entity that all 3 domains had in common. Thoughts?
Re: Many DarkNet Sites Compromised At Once Via Domains/DNS Reply #1 – January 23, 2022, 12:21:57 am Tucows (One of Njalla's partners) said they were served an order by law enforcement but it seems to be fake. They say they have "improved".Epik quickly returned darknetlive.com to the owner after the scammer transferred it there.Namecheap allowed dark.fail to stay up for a few days probably costing many users that were not careful, a lot of money.Njalla did an explanation from their side - https://njal.la/blog/hijack/ / http://njallalafimoej5i4eg7vlnqjvmb6zhdh27qxcatdn647jtwwwui3nad.onion/blog/hijack/Darknetlive also posted an article mostly commenting on the one from Njalla - https://darknetlive.com/post/here-is-njallas-take-on-the-domain-hijack/ / http://darkzzx4avcsuofgfez5zq75cqc4mprjvfqywo45dfcaxrwqg6qrlfid.onion/post/here-is-njallas-take-on-the-domain-hijack/Tucows was socially engineered and Namecheap is slow.
Re: Many DarkNet Sites Compromised At Once Via Domains/DNS Reply #2 – January 23, 2022, 12:22:10 am Seems like EPIK and Njalla did good while Tucows and NameCheap show how terrible and incompetent they are.
Re: Many DarkNet Sites Compromised At Once Via Domains/DNS Reply #3 – January 23, 2022, 12:22:22 am https://www.vice.com/en/article/qj8833/dark-fail-fake-court-order-dark-web-markets