Doxbin (darknet)

Doxbin

Type of site	Pastebin
Available in	English
Registration	Optional
Users	50,000
Launched	May 30, 2011; 13 years ago (2011-05-30)
Written in	PHP

Doxbin is a far-right^[1][2][3] pastebin primarily used by people posting personal data of any person of interest. This act is referred to as doxing. It was run as a hidden service on the Tor network.^[4]

Due to the illegal nature of much of the information it published (such as social security numbers, bank routing information, and credit card information, all in plain-text), it was one of many sites seized during Operation Onymous, a multinational police initiative, in November 2014.^[5]

Legality

Although morally and ethically questionable, Doxbin has seemed to avoid any heavy attention from law enforcement due to their rules and regulations for using/uploading to the website.

Doxbin does not allow any minor, illegally obtained or harassing/threatening info. Using Section 230 of the Communications Decency Act to be immune to liability of cyberstalking laws globally.^[6]

The privacy policy mentions that they do not allow illegally obtained material and instigates by saying "Can anybody prove it? Not unless you brag about it". It also states that "Doxbin was not made for harassment, intimidation or to cause nuisance", but also mentions that "It is impossible for some php code to harass somebody."

"Any pastes directly threatening and/or attempt to injure or hurt any particular individuals will be swiftly removed."

Doxbin vs Lapsus$

"White" was a founding leader of a ransomware group named Lapsus$ which had a list of notable data leaks, such as ones from Nvidia, T-Mobile, and Rockstar Games.

The feud between the Doxbin owner "kt" and "White" had been ongoing since he leaked the Doxbin database.^[7]

"kt" had eventually doxed "White" on January 8th 2022, and published his personal details onto Doxbin.^[8]

White's house was raided on the morning of April 1st 2022 and earlier in December 2021, both in relation to Lapsus$.^[9]

He was charged with:^[10]

• Three counts of unauthorized access to a computer with intent to impair the reliability of data.
• One count of fraud by false representation.
• One count of unauthorized access to a computer with intent to hinder access to data.
• One count of causing a computer to perform a function to secure unauthorized access to a program.

History

Doxbin was established to act as a secure, anonymous venue for the publication of dox, first established by an individual known as nachash. Dox being a term in Internet culture which refers to personally identifiable information about individuals, including social security numbers, street addresses, usernames, emails, and passwords, obtained through a variety of legal and illegal means.^[11]

In November 2012, Doxbin's Twitter handle @Doxbin was attributed to an attack on Symantec, coordinated with Anonymous' Operation Vendetta.^[5]

It first attracted attention in March 2014 when its then-owner hijacked a popular Tor hidden service, The Hidden Wiki, pointing its visitors to Doxbin instead as a response to the maintenance of pages dedicated to child pornography links.^[12][13][14] In June 2014, their Twitter account was suspended, prompting the site to start listing the personal information of the Twitter founders and CEO.^[15] In October 2014, Doxbin hosted personal information about Katherine Forrest, a federal judge responsible for court rulings against the owner of Tor-based black market Silk Road, leading to death threats and harassment.^[11][16]

Doxbin and several other hidden services were seized in November 2014 as part of the multinational police initiative Operation Onymous.^[17][18][19] Shortly thereafter, one of the site's operators who avoided arrest shared the site's logs and information about how it was compromised with the Tor developers email list, suggesting it could have either been the result of a specialized distributed denial of service attack (DDoS) or exploited mistakes in its PHP code.^{[17][18][20][21]} However, the site could still be restored easily by setting up a new domain.^[22]

In July 2020, John William Kirby Kelly, who was involved in a neo-Nazi swatting conspiracy and loosely linked to the neo-Nazi terrorist network Atomwaffen Division, admitted helping maintain Doxbin.^{[2][23][24][25]}

See also

• Cyberstalking legislation
• Internet privacy
• Privacy law

References

1. "Neo-Nazi SWATters Target Dozens of Journalists – Krebs on Security". Retrieved 2022-10-02.
2. "Teen charged in online SWATing ring feds link to neo-Nazis". www.cbsnews.com. Retrieved 2022-10-03.
3. "Neo-Nazi SWATters Target Dozens of Journalists". Homland Security Today. July 25, 2019. Retrieved October 23, 2022.
4. Keller, Kevin. "The Tor browser: A forensic investigation study". The Tor Browser: A Forensic Investigation Study.
5. Fox-Brewster, Tom (2014-12-09). "The darkweb's nihilistic vigilante sees the light". The Guardian. ISSN 0261-3077. Archived from the original on 2021-03-23. Retrieved 2020-11-06.
6. "DEPARTMENT OF JUSTICE'S REVIEW OF SECTION 230 OF THE COMMUNICATIONS DECENCY ACT OF 1996". www.justice.gov. 2020-06-03. Retrieved 2022-10-02.
7. "A Closer Look at the LAPSUS$ Data Extortion Group – Krebs on Security". Retrieved 2022-06-17.
8. Peters, Jay (2022-03-23). "A teen is reportedly the mastermind behind the Lapsus$ hacking group". The Verge. Retrieved 2022-06-17.
9. "Lapsus$: Oxford teen accused of being multi-millionaire cyber-criminal". BBC News. 2022-03-24. Retrieved 2022-06-17.
10. Page, Carly (April 2, 2022). "UK police charge 2 teenagers in connection with Lapsus$ hacks". TechCrunch. Retrieved 20 July 2022.
11. Howell O'Neill, Patrick (10 November 2014). "Dark Net hackers steal seized site back from the FBI". Daily Dot. Archived from the original on 17 November 2014. Retrieved 25 January 2015.
12. Howell O'Neill, Patrick (12 March 2014). "Deep Web hub hacked and shut down over child porn links". Daily Dot. Archived from the original on 2015-04-02. Retrieved 2015-01-25.
13. Mead, Derek (13 March 2014). "A Hacker Scrubbed Child-Porn Links from the Dark Web's Most Popular Site". Vice. Archived from the original on 11 October 2016. Retrieved 26 August 2017.
14. "Twitter Founders' Personal Information Released on Doxbin". Darkweb News. 12 June 2014. Archived from the original on 27 January 2015. Retrieved 27 January 2015.
15. Tarquin (June 12, 2014). "Twitter Founders' Personal Information Released on DOXBIN". Archived from the original on 27 January 2015. Retrieved 20 August 2015.
16. "Site Doxx'es Judge of Silk Road Case – Calls To "Swat" Her". DeepDotWeb. 13 October 2014. Archived from the original on 24 March 2015. Retrieved 25 January 2015.
17. Rauhauser, Neal (11 November 2014). "Doxbin's Nachash On Operation Onymous (P.1)". DeepDotWeb. Archived from the original on 28 January 2015. Retrieved 25 January 2015.
18. Gallagher, Sean (9 November 2014). "Silk Road, other Tor "darknet" sites may have been "decloaked" through DDoS". Ars Technica. Archived from the original on 22 April 2017. Retrieved 14 June 2017.
19. O'Neill, Patrick Howell (17 November 2014). "Tor eyes crowdfunding campaign to upgrade its hidden services". Daily Dot. Archived from the original on 12 February 2015. Retrieved 25 January 2015.
20. Muadh, Zubair (12 November 2014). "Doxbin's Nachash On Operation Onymous (P.2)". Deepdotweb. Archived from the original on 28 January 2015. Retrieved 25 January 2015.
21. nachash [handle]. "[tor-dev] yes hello, internet supervillain here". [tor-dev] mailing list archive. Archived from the original on 2015-02-04. Retrieved 2015-01-25.
22. "The darkweb's nihilistic vigilante sees the light". the Guardian. 2014-12-09. Archived from the original on 2021-03-23. Retrieved 2021-04-28.
23. "White supremacist used "swatting" to target journalists, people of color". Newsweek. 2020-07-22. Retrieved 2022-10-02.
24. "Man admits involvement in neo-Nazi swatting conspiracy". Washington Post. ISSN 0190-8286. Retrieved 2022-10-02.
25. Robertson, Adi (2020-01-13). "FBI arrests alleged member of prolific neo-Nazi swatting ring". The Verge. Retrieved 2022-10-02.