• 1 Post
  • 7 Comments
Joined 4 months ago
cake
Cake day: July 25th, 2024

help-circle

  • Should you look for impressive perhaps look at fashion shows? What you see is a mini side quest as we said. The big time will come from other ways.

    Their main clearnet gateway advertised everywhere has been shut down. They can replace it but at cost of exposing their incompetency lack of understanding of hosting and their childish responses by their admin. There isn’t a funnier thing to see than admins hide behind Cloudflare because they can’t protect their Tor infrastructure in any other way.





  • antidarknettoMoneroMonero black marble 0day attack guide? Real or nah?
    link
    fedilink
    English
    arrow-up
    3
    arrow-down
    4
    ·
    4 months ago
    The attacker;
    
    doesn’t know;
            DoS’ing isn’t 0day and bug -- **There is indeed a bug and it has been classified as such by the monero dev team. I'm talking about the fee selection bug that was fixed in the last wallet release. Whether it's 0day or not that's semantics. As it was pointed out on another board this same type of attack was first spotted in 2020 and as I explained there example PDF rendering vulnerabilities exist so when a new vulnerability is found and not reported it is a 0day. Same analogy. Whether you believe it is "0day" or not is irrelevant. No where does it describe how to do the "Black Marble" attack, we described it first.**
            Dynamic block size -- **Do your own research before talking? No? Read the comments here https://www.reddit.com/r/Monero/comments/1ebshvh/we_now_know_who_was_behind_the_recent_spam_attack/ then look at the analysis of the attack. There are ways to bypass it we're not as ignorant as yourself. **
            CIA drug trafficking allegations (which is different from drug selling) -- **Okay? They sell drugs so we selling drugs is okay they kill we kill no problem logic? Hello 14th century.**
            Corrupt government structures (such as fiat money and others) -- **Relevancy? Trash talk.**
            Pharmacies also sell hard drugs -- **More nonsense non-related trash talk.**
        calls “donation” to collateral damage -- **Who was the collateral damage? Darknet market admins? Poor them they only got away with hundreds of thousands when they exited and left their customers and vendors out to dry.**
        thinks they’re “saving” our children -- **Better than doing nothing? What are YOU doing for that then?**
        complains official wallet is so slow when 200k sub-accounts used -- **Using the RPC it is slow and it shouldn't be. Imagine, I know imagination in your simpleton mind not possible but try hard for us here, you run an exchange. You have 10,000 making exchanges every day. 1000 of them use Monero in either direction. 1000 x 30 days that's 30,000 subaccounts for a month. In 3-4 months that wallet will be clogged up and won't be working correctly. And then you cry when shops or other places don't accept Monero. If it can't deal with high volume is it enterprise-ready? Basic logic says no.**
        didn’t prove they really made the attack -- **Take a look at the post once again. Try it out yourself. Post back the results. Really simple for the smoothest of brains to understand.**
    

    Now that I’ve proven you’ve got no idea what you’re talking about, try again and this time try to use the thing between your ears.

    This settles my limit for answering questions with hardened stupidity level for today.


  • antidarknettoMoneroMonero black marble 0day attack guide? Real or nah?
    link
    fedilink
    English
    arrow-up
    2
    arrow-down
    3
    ·
    4 months ago

    Unless you’re criminal you shouldn’t be worried in any way. We support privacy (disclosure of bug) and agree darknet communities should exist but not when they break the law. No sane person can argue selling h**oin or someones bank account details is something noble and we should all be very upset about it when its disrupted. Unless you are one of them.


  • antidarknettoMoneroMonero black marble 0day attack guide? Real or nah?
    link
    fedilink
    English
    arrow-up
    4
    arrow-down
    1
    ·
    edit-2
    4 months ago

    Official antidarknet admin here.

    You seem very certain the attack has been “patched” and we made money from “extortion”? Where are you getting your information from while answering with such certainty? Really curious. I’m not being offensive here but is really not good especially for a website admin to make high speculation when they don’t know the facts.

    Let me tell you how it really is and then you and everyone else can draw own conclusions.

    Fact #1

    Although the bug was patched officially it’s still possible to do what we described in the post on our forum. Try it out and see for yourself. Automatically setting the fee doesn’t make the problem go away if you’re 300 blocks or more backlog. As an attacker setting high fees and spamming it DOES create backlog too albeit slower. We do agree it could’ve been the case of the market wallets not being updated hence not being able to send transactions and falling under our exploit scope. Some of our attacks were after the patch was deployed evident by the timeline of certain darknet marketplaces collapsing.

    Fact #2

    We never extorted nobody we simply took it from criminals extortion means something else. You say we “extorted” but in the next sentance you say “they somehow broke their payment systems”? You’re absolutely correct we did break their payment systems but not because they didn’t account for long delays or because we “extorted” them (we never communicated we just did our exploit). But reason being when markets were executing sending payments functions (withdraw for clients) they hadn’t accounted for the sending itself to fail due to the huge backlog we were creating with the spam. Creating an account and depositing then withdrawing while spamming Monero network resulted in getting multiple times the same amount over and over. Simple and honestly newbie programmer mistake not to cover use cases that cost them in total 300k+ and lead to several of them shutting down.

    Fact #3

    Our mission statement is crystal clear. We never took any profit from these attacks. All money were and are being put back into our new projects and operations which are ongoing targetting darknet markets, forums, fraud shops and so on.

    We appreciate the discussion and do hope sincerely the monero devs to be notified, do simulation tests on that stressnet that was build specifically due the attack and see what we’re talking about is not theory in any way and still possible today with enough resources (not talking crazy amounts here less than 100k).

    As a bonus to the developers if you’re reading this is the official wallets are extremely unstable at 200,000 subaccounts if each has had at least one transaction in and one out. Try generating more subaccounts after 200k it takes many times longer to generate rather than when first initializing a wallet. The more accounts you add the slower it gets. Should probably fix that too. Don’t take our word for it but test it yourselves.

    We fight the illegal use and not against privacy featured coins like Monero that’s why we’re sharing all of it. We did indeed use it and possibly cost inconvenience to users however taking down illegal markets where hardcore substances are sold is a priority over making a payment now rather than in half a day.

    Antinet, AntiDarkNet admin

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA256
    
    Official antidarknet admin here.
    
    You seem very certain the attack has been "patched" and we made money from "extortion"? Where are you getting your information from while answering with such certainty? Really curious. I'm not being offensive here but is really not good especially for a website admin to make high speculation when they don't know the facts.
    
    Let me tell you how it really is and then you and everyone else can draw own conclusions.
    
    
    Fact #1
    
    Although the bug was patched officially it's still possible to do what we described in the post on our forum. Try it out and see for yourself. Automatically setting the fee doesn't make the problem go away if you're 300 blocks or more backlog. As an attacker setting high fees and spamming it DOES create backlog too albeit slower. We do agree it could've been the case of the market wallets not being updated hence not being able to send transactions and falling under our exploit scope. Some of our attacks were after the patch was deployed evident by the timeline of certain darknet marketplaces collapsing. 
    
    
    Fact #2
    
    We never extorted nobody we simply took it from criminals extortion means something else. You say we "extorted" but in the next sentance you say "they somehow broke their payment systems"? You're absolutely correct we did break their payment systems but not because they didn't account for long delays or because we "extorted" them (we never communicated we just did our exploit). But reason being when markets were executing sending payments functions (withdraw for clients) they hadn't accounted for the sending itself to fail due to the huge backlog we were creating with the spam. Creating an account and depositing then withdrawing while spamming Monero network resulted in getting multiple times the same amount over and over. Simple and honestly newbie programmer mistake not to cover use cases that cost them in total 300k+ and lead to several of them shutting down.
    
    
    Fact #3
    
    Our mission statement is crystal clear. We never took any profit from these attacks. All money were and are being put back into our new projects and operations which are ongoing targetting darknet markets, forums, fraud shops and so on.
    
    
    We appreciate the discussion and do hope sincerely the monero devs to be notified, do simulation tests on that stressnet that was build specifically due the attack and see what we're talking about is not theory in any way and still possible today with enough resources (not talking crazy amounts here less than 100k).
    
    As a bonus to the developers if you're reading this is the official wallets are extremely unstable at 200,000 subaccounts if each has had at least one transaction in and one out. Try generating more subaccounts after 200k it takes many times longer to generate rather than when first initializing a wallet. The more accounts you add the slower it gets. Should probably fix that too. Don't take our word for it but test it yourselves.
    
    We fight the illegal use and not against privacy featured coins like Monero that's why we're sharing all of it. We did indeed use it and possibly cost inconvenience to users however taking down illegal markets where hardcore substances are sold is a priority over making a payment now rather than in half a day.
    
    
    Antinet,
    AntiDarkNet admin
    -----BEGIN PGP SIGNATURE-----
    
    iHUEARYIAB0WIQR/iAQxtllG0fCl//MAuh7Std/C3gUCZqJrvgAKCRAAuh7Std/C
    3h8SAQDInTE6L6bmaVEzikzWM/9KwDkWspo0KLAwjQNlDyIQUAD/VkM/wHhEL3Sk
    Tzt/c/UW1pQdONhXT5JI2wkFd4FkjA8=
    =vFU7
    -----END PGP SIGNATURE-----