Illicit Middle Earth Marketplace Possibly Exploited, IP Discovered

0

For any unknown terms or phrases, please look at our “dark net market” terminology guide.

Reddit user “haxforcrack” posted today on “/r/DarkNetMarkets,” to inform the community of exploits for black Tor market “Middle Earth.” The user’s discoveries include the server’s IP address and “stack,” or configuration. The user claims to have reached out to site administrators, deciding to go public when no response was received.

For a hidden black market, having a server expose it’s IP address is one of the greatest fears an operator may face. A Tor hidden service hides IP addresses, and it is up the service’s operator to secure the service properly to hide the IP address from potential exploits. The address may allow law enforcement to discover the server’s location, and even copy all data from the server during it’s operation.

According to “haxforcrack,” the server is an Ubuntu Linux system running Nginx, MySQL, and Django. A “cross-site request forgery” error page printed an insecure Django version, which was then exploited using a well known and currently fixed exploit to print the IP address. When “haxforcrack” defended the exploit’s release, he said, “…trust me if I found it as quickly as I did LE already knows about it.” To clarify the exploit’s simplicity, he said, “It wasn’t rocket science.”

Coinbuzz

CoinBuzz provides news and analysis on Bitcoin and other digital currencies. Founded in 2014, the site has quickly become a leading source of information on digital currency technologies, businesses, markets, and regulation.

Leave a Reply

Be the First to Comment!

Notify of
avatar
 
smilegrinwinkmrgreenneutraltwistedarrowshockunamusedcooleviloopsrazzrollcryeeklolmadsadexclamationquestionideahmmbegwhewchucklesillyenvyshutmouth
 
wpDiscuz
X