dark.fail @darkdotfail@mastodon.social

@el_shinobi hop on jabber if it's really you

Shout out to Dread for still being the most valuable resource around. Thank you to all admins, mods for quickly warning people about Darknetlive and http://dark.fail's domain takeovers the past four days. Long live Dread!

We got our domain http://dark.fail back!! Massive THANK YOU to Njalla, Peter Sunde, and all who supported us over the past four days while a phisher hijacked and operated our clearnet site. Rebuilding carefully. Signed proof https://raw.githubusercontent.com/DarkDotFail/pgp/master/recovery-2021-05-04.txt

Namecheap finally disabled the phishing site hosted on my hijacked domain dark[.]fail.

Their brain-dead response: ""Please be informed that the dark[.]fail domain was disabled. We would like to note that the website could not be treated as a phishing one because it did not contain fields to enter sensitive data.""

Namecheap isn't hosting a simple 'phishing site' on my stolen domain. They're hosting a list of 68 phishing sites.

Go read this excellent update from Peter Sunde on the battle to get my domain back. https://twitter.com/brokep/status/1389314362561777665

Njalla's blog post about my stolen domain dark[.]fail. The hijacker allegedly faked a court order and gag order. https://njal.la/blog/hijack/

My domain name is still hosting phishing links. It was stolen. I am waiting on Namecheap, Tucows, Njalla to do the right thing and return it to me. Researchers, only trust my .onion.

My domain is still hijacked. Stlil waiting on Tucows, Namecheap and Njalla to sort this out. Meanwhile a phisher is still stealing people's cryptocurrency by controlling my site. How many more days will this take?

The domain name system is antiquated and dead. Moving decentralized after this.

I have lost access to my Twitter and Reddit accounts. Temporarily? Time will tell.

Njalla and Namecheap are working to get my domain back. There's no indication that Njalla was compromised. Thank you for friendly service Njalla please publish an incident report after. Your users should be informed of this attack vector since you are a reseller.

It is proven! I am darkdotfail on Keybase: https://keybase.io/darkdotfail/sigchain#0eaadb3198bab01e77731e0fd8ca21538f829e1bfe9db4a05507807a11f2b51a0f

ALERT: "dark[.]fail" is still hijacked by a phisher. Each link appears to be a real site, but MITM proxies your browsing, allowing the attacker to steal your cryptocurrency and passwords. I estimate people are losing least 250k Euro per day. Only trust my .onion, PGP verify.

Darknetlive has regained ownership and control of their domain. We will see if it is transferred again, it is at the same registrar as when the attack happened.

"Dread Marketplace by HugBunter" is NOT real, it is a phishing trap. The attacker who hijacked my domain name dark[.]fail has listed this fake market on it and is stealing people's cryptocurrency without /u/HugBunter's permission.

Namecheap expedite ticket ID PVZ-490-11596. Anyone have a contact there?

DO NOT TRUST THE DOMAIN 'dark.fail' RIGHT NOW! http://darkfailllnkf4vf.onion/ is the only site I am in control of. (use Tor Browser)

Statement: https://github.com/DarkDotFail/pgp/blob/master/emergency-2021-04-29.txt

EMERGENCY: DO NOT USE LINKS ON https://dark.fail RIGHT NOW. I am not in control of it!

My domain and Darknetlive were bothtaken over. Transferred to Namecheap without our permission, from Njal.la. I had 2FA enabled on Nja.la. Investigating.

Resolving technical difficulties with my site that are entirely my fault, human error. There are no signs of compromise. I will update my canary when back online within 24 hours.

MLK Jr.'s Bitcoin activity would have been surveilled. First they hunt criminals, then they hunt activists.