this post was submitted on 14 Aug 2025
49 points (100.0% liked)

Pulse of Truth

1475 readers
74 users here now

Cyber Security news and links to cyber security stories that could make you go hmmm. The content is exactly as it is consumed through RSS feeds and wont be edited (except for the occasional encoding errors).

This community is automagically fed by an instance of Dittybopper.

founded 2 years ago
MODERATORS
krogoth@infosec.pub
49
For $40, you can buy stolen police and government email accounts (www.helpnetsecurity.com)
submitted 1 day ago by lemmydev2@infosec.pub to c/pulse_of_truth@infosec.pub
12 comments fedilink hide all child comments
 

Active police and government email accounts are being sold on the dark web for as little as $40, giving cybercriminals a direct line into systems and services that rely on institutional trust. According to new research from Abnormal AI, the accounts come from agencies in the United States, United Kingdom, Germany, India, and Brazil, and are being traded on underground forums. Source: Abnormal AI Unlike spoofed or dormant addresses, these accounts are functional and still … More → The post For $40, you can buy stolen police and government email accounts appeared first on Help Net Security.

you are viewing a single comment's thread
view the rest of the comments
[–] IllNess@infosec.pub 2 points 1 day ago (5 children)

https://www.forbes.com/sites/kashmirhill/2014/11/07/how-did-law-enforcement-break-tor/

FBI kept information to themselves of how they did it and this isn't the first time.

Also I wouldn't trust accessing a site administered by the government on Tor if onion sites can't keep me anonymous.

[–] PhilipTheBucket@piefed.social 1 points 1 day ago* (last edited 1 day ago) (4 children)

I dunno dude. I'll take "there are some research papers about theoretical attacks, speculation that similar techniques were used by law enforcement when after great effort they were able to take down a bunch of sites that were literally some of their highest priorities at the time because they were openly and flagrantly committing felonies in the open for years, and some vulnerabilities fixed in 2014 that might have been related" over "they would have to send a subpoena" any day.

[–] IllNess@infosec.pub 1 points 18 hours ago (3 children)

Several VPNs claim they don't keep logs. I trust Mullvad. Mullvad got raided. The police found nothing.

I trust a trusted VPN over a technology created by the government and that has frequently been broken by them.

Compare the amount of arrest of Mullvad users versus Tor users, logically for me at least, I found my answer. If you trust Tor to access government websites illegally, I say go ahead. I wouldn't.

[–] PhilipTheBucket@piefed.social 1 points 18 hours ago (1 children)

Compare the amount of arrest of Mullvad users versus Tor users

Okay. There are half a million total account numbers on Mullvad over the entire lifetime of the service. Tor has about 1.8 million daily users. That's part of why I trust Tor a lot more, is that it's been actively used for flagrantly illegal activities for long enough and by enough people to have developed an understanding of what the risks are (and it becomes news if someone gets busted.) Ring me up the next time a major drug ring is keeping its whole operation secure behind Mullvad, and the cops are helpless because they raided it and found no logs and so they had to pursue some other kind of operation to take down the ring.

[–] IllNess@infosec.pub 1 points 17 hours ago (1 children)

So your logic for using Tor is because you can hide a server behind one and people understand the risk. And the only thing that prevents the government from busting people from illegally accessing their own servers is effort.

Why would you suggest using anything that you yourself considers a risk?

But this post is about accessing government servers, which aren't onion servers. Creating servers is irrelevant in this discussion. I'd rather use a service that hasn't failed it's users, which hides IP addresses. When Mullvad got raided, the police couldn't do anything. It was a dead end for them. With Tor, that has been far from the case over and over again.

[–] PhilipTheBucket@piefed.social 1 points 17 hours ago

I get what you're saying, people have been arrested after using Tor when that's not true of Mullvad. My point is that the domains are just not the same. It's like saying "body armor isn't as good as just wearing a baseball hat" because a higher percentage of people get shot wearing body armor than while wearing a baseball hat.

load more comments (1 replies)
load more comments (1 replies)
load more comments (1 replies)