Ashley Madison Latest Updates

Latest

Quantum Magazine Dark Net Onion Links

1 Sept 2015, 12:00

New article. Manhunts, Mutiny, and the US Marines

28 Aug 2015, 17:00 – Tango Down

Biderman resigned.

28 Aug 2015, 12:00 – Raising the Notch Count

Notch-Count Noob Noel makes it into double-figures reports of his alleged ten extra-martial affairs and one-night stands suggest. The serial use of over-priced escort agencies strongly suggesting poor under-developed game is in play.

We cannot know how many more, if any, he may, or may not, have notched-up by word-of-mouth, telephone, sms, or the old-fashioned methods of hanging around clip-joints or cruising the back streets kerb-crawling. Unless they come forward. But with Buzzfeed, the Daily Mail, and the New York Post all reporting on this, we’re not expecting them to come forward to us. Pity.

If there’s ten new nothces in his email alone, it could be argued, maybe he isn’t quite the noob he appears. To which we retort that he has spent the last 15 years telling his customers how secure his firm’s Internet communications are, so maybe he believed it himself all along.

Maybe his missus will believe that stuff in his emaill is all made up. It hasn’t been authenticated against the Impact Team’s public key, so maybe Chinese hackers put it there. Or North Koreans.

Or just maybe, they had enough time after all, The Impact Team put them there themselves. Injecting a few hundred juicy emails, liberally disributing them over the timeline, and creating fake female profiles on escort sites around the world to link them to. Wouldn’t that be ironic?

We’re right back where we started over a week ago, with our pondering at the very bottom of this page.

28 Aug 2015, 02:00 – ghosts, shadows, and shades

Ghosts – get into the machine.
Shadows – provide them with cover
Shades – add the colour

27 Aug 2015, 16:15 – CEO Affairs and a Krebsean Anti-dox

Beyond the mainstream, the site we’ve referenced for the last week has found what they believe to be evidence of nine extra-maritial affairs in Biderman’s email. They are posting snapshots, including the names of the Hotels where the alleged encounters took place, along with Noel’s tweets about what he said he was doing at the time.

am.peen.es

Meanwhile self-discredited security ‘resercher’ Krebs has caused a storm with this bizarre annoucement more worthy of a bellingcat or wiesburd:

I know who it was” and then following-up with “whoever and wherever he is in real life“. This doesn’t make sense. Either you know who somebody is, or you do not know who somebody is. What we in the computer business call an eXclusive-OR (XOR). One or the other. It can’t be both.

Kreb’s article, written in the wildly-speculative manner of Google’s Chief Operating Lunatic Ray Kurzweil, has sold well amongst second-tier publishers targetting the technology fringe and the Neo-end of the hacker niche, in spite of its internal contradictions. It also contradicts the facts and makes refernces to clear net distribution of the torrent, which initially appeared on a Dark Net pastebin.

The accusations Kreb’s made inevitably revolve around the ever-present “deleted tweets”. He says he’s found over a 100,000 of them. Good for him. While he’s counting deleted tweets, we’re counting something entirely different, soon to be splashed across more headlines than his wildest dreams.

Nevertheless Krebs has entirely ruined the day for one anonymous tweeter who is now seeing enourmous volumes of traffic on his TL and wondering when somebody is going to come kick his door down to claim the half-million reward attached to “his” ass.

We recommend you follow @amlolzz and @deuszu

27 Aug 2015, 10:15 – BREAKING: Ashley Madison a ‘sausage-fest’. Official.

It’s taken the press a week to figure out that Ashley Madison dating site is a sausage-fest. They had to research this. We could have told them for free. But, having discovered this remarkable fact they will dutifully spam the whole Internet with it, in case we didn’t know.

The sleazy online dating-site was all men they’re telling us. Whatever would Dr Johnson say?

By media logic then, all the men on the site could never have cheated on their wives because there were no women there and they just paid to chat with each other. So it follows that those men are both the victims of being cheated by Ashley Madison, and the victims of privacy violation in the hack. Continuing with the media logic the victims are to be both blamed and mocked.

25 Aug 2015, 13:55 Ashley Madison Hack Goes From Bad To Worse

The situation for Avid Media, owners of the hacked Ashley Madison web-site, has just gotten substantially worse. The CEO’s leaked email archive, noel.biderman.mail.7z has been cracked and can be readily loaded into Linux mail progams with all mails up until 7th of July 2015.

This is the most complete archive we are aware of, containing almost 200,000 emails. There may be more still to come. However, the website making the claims (see links, screenshots, below) acknowledges that these mails are recovered from a partially downloaded file.

If they are from a partial file then their authenticity remains in doubt. Partial files cannot be verified with the Impact Team’s public key.

It is only a short matter of time, however, before other websites start posting these emails.

One thing is certain about the contents. It will contains tens of thousands more private email addresses, telephone numbers, bank account details, skype addresses, thousands of useless business powerpoint-presentations, and perhaps even recorded voice mails. From business partners, affiliates, suppliers, customers, counsel, advisors, family, friends old and new, members of the public, and even email spammers all of whom who were never users of the company’s sleazy web-site.

Now their email addresses, along with the contents of their emails, are leaked as well. They will probably be filing their own class-action suit.

Some of the emails from outraged customers, consultants, and suppliers would likely make entertaining reading, but we’ve a feeling Biderman would have fired any postmaster who failed to screen his Inbox for negative comments about himself or his company.

The embattled CEO’s proposal’s for propaganda campaigns to deal with negative publicity for the firm, authored by him in happier times and allegedly discussed at length in the emails, can now be considered to have been blown out of the water. The ideas he had in the past will likely be used against him in the future, in the form of quoting his own words back at him and wishing him bon appetit.

Hence the hurried nature of his recent reconstruction of the narrative, revealingly now being framed in terms of suicide.

So expect to see even more sensationalism in the press as Pandora’s Box keeps on giving.

We at the skankwors.net would have rather the ‘abuse’ and ‘complaints’ inboxes had been leaked. Trolls and angry customers are, after all, of far more interest to us than the daily goings-on of a corporate office captured for posterity in the form of emails. We see that kind of thing every damn day.

Links
The Strange Inner-World of Bidercorp
Ashley Madison Dump
User Profile Captions
Ashley Madison Charts and Analytics
Latest Updates
Technical Analysis

25 Aug 2016, 12:00

For those who insist on shedding crocodile tears over the suicide propaganda (for that is what it is) we are going to literally take a leaf out of Noel Biderman’s book and suggest you read this:

Sugary drinks linked to 1,600 Canadian deaths a year: Study

24 Aug 2016, 01:00

Biderman emails are in the field and the first leaks are dripping out. The torrent remains unavailable with several hundred chunks missing. However, leaks are occuring. Including a 100-page script for what appears to be a soft-core version of The Social Network.

Note: We have seen no confirmation that the alleged email file was signed by the Impact Team, and its authenticity remains controversial.

am.peen.es

24 Aug 2015, 21:00

A 100% complete copy of Dump #3 has been spotted in the field. On an intermittently active source from an IP in Argentina. It’s thus likely only a matter of time before the contents of the file make splashdown.

The cop who topped himself in Texas was, we understand, about to be disciplined for using police IT systems to access the dating-website. So it seems the out-raged SJWs, seething that other people just might be out having more fun than they are, first demand that public officials on the list are shamed and punished. Then when one such official is overcome and commits suicide, the pressure of him being targetted by an SJW lynch-mob not being a factor, blame the hackers. Win a reward.

24 Aug 2015, 17:00

Damage Control Dial Turned Up

Corporate, government, and media trolls close ranks with the simultaneous announcements of reward money and death. Aware of how much he has to lose, Biderman pulls out a half-million reward-fund, while the presss search the leaked database for the names of any recent male suicides in order to make a connection.

The first story in this genre, published on Sunday 23rd, flopped after it was shortly revealed that the ‘Ashley Madison Suicide Man’ was divorced months ago, had lost his home, his job, and was about to be charged with corruption.

None of this counts of course because he once had an account on a sleazy dating site.

We’re supposed to believe that he would have rather faced up to those charges, had his day in court, and then spent the rest of his life in prison, if only it hadn’t been for his data leaking.

The idea is that every time you see the name of a male suicide you immediately check it against the leaked database and draw your own conclusions from that and that alone. The name only needs to be a close match.

Then you can blame the hackers. Win a reward.

The existance of the reward, in spite of the suicidal spin-doctoring that surrounds it, does seem to imply that the Dutch cops haven’t found shit on that server yet.

If the bogus suicide stories, currently being spammed like a divorce lawyer all over the Internet, don’t hold they’ll be telling us ISIS are using the database to plan terror attacks.

23 Aug 2015, 20:00

Two Failed Leaks and a Breach in OPSEC

Dump 3 has also failed. With one or perhaps two exceptions.

We have learned that the large dumpfiles were being uploaded by The Impact Team to an anonymous torrent server on the open Internet located in the Netherlands. The much smaller torrent file, required for users’ computers to be able to locate and download the dumpfiles, was then seeded on the Dark Net on an onion hosted by the under-rated text-only ‘Quantum Magazine’:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Authorized Sites


Servers/Mirrors:
mywuwj5f76usg7eo.onion (Stable Mirror)
yuc3i3hat65rpl7t.onion (Primary Server - Most up to date but very unstable)


Other sites that carry copies:
None at this time



-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJVx8h2AAoJEFRuWrsetuPslKQP/i6iIAdg62IYVxTB4UBsuRIS
RRXO7sQk1y2sHjzPs0X/N+Sy0HIcUASpJaCGv9GokWQN35iouvLHDAI9iYiaADl+
aGnev5No0M5qY9HZFLnnmhNiQ09qYBphOnZDdAk0lDIGl46cUmnAhpj4Te1aSiOq
TUnX3vL7MzI9eBJL3TEbunmoM8B6eh6ur5HqmytR12IZtnOj0niVx1U4w/DP9dnC
skel68JYknu1vj96q/I2NM8brexYE4NRmoEqu9xKLaxwh97kectcOKqGkm8clnIa
IiMo/F3epcxSBODaWptuxttQvFPJxHcfAgxUvsjjgtztBnhMAzr1bDkCpOJ5tJR+
owMZEIO6oqSChV+0dDE+P1WdlvSJhMW9wAjEJvV8xQ/PYEOIS0T2j62uQPQO7D+n
q6cnQAvJus8otvAFaeJR/UdURkl384BHILELczf5kwgV9qiHjYpYYjTKR+vd8GDI
jUE2lYIf390WCmps3QvXYNJlEY1LCXt7j/0V2O/zVNpAfFsf0qVuEJgj5YCd6sLE
sX50EJgZZsuOpHWBYt8SDooCDlcIpgTQtm7Rsck5fBqRqUgBCD67QM0IPfqoyDbp
nZC/iMXC8IClo62hrkDWaLU1S+sup+18RtdcRnjhiZLr3rBdkseZ/pJz6MWYT/pa
UOzJNn+jhBLRmTeiFIed
=yRBW
-----END PGP SIGNATURE-----

Last week the attempted leak of dump #2 failed to download fully, the biderman email archive was truncated at 13GB, when the file should have been 18GB. Consequently the archive could not be opened.

We now know why.

One of the downloaders of dump #2, a Mr Green of twitter, launched his own independent investigation of the torrent while it was active by inspecting the various sources. While checking the server in the Netherlands Green discovered that it had a completely open admin interface, into which he logged.

Green then tampered with the server’s settings and managed to break the torrent. Only 13GB had gone wild and the rest was lost. That was the root cause of the first failed leak.

The Impact Team knew none of this, except that their leak of dump #2 had failed. The next day they tried again with dump #3, releasing it in the same way. By this time though the story about the compromised seeding server in the Netherlands was spreading, and the server soon went offline.

Falling, apparantly, into the welcoming hands of the Dutch police. However according to Green’s screenshots it had IP 94.102.63.121 which is still pingable.

police 404

The torrent went off-line before the full file had got into the wild. We believe that at least one copy of this file has fallen into the possession of an unknown user, possibly more. However, any users that have successfully downloaded dump #3 have also deleted their copies from the pool.

Downloads of dump #3 that may still be in progress are likely to fail around the 17GB mark in our estimation.

For the Impact Team this leaves them with two consecutive failed attempts to leak the biderman emails, a breach of operational security with the loss of the seeding server, and a smoking-gun secret-key in their hands that’s getting hotter by the day.

Links
The Strange Inner-World of Bidercorp
Ashley Madison Dump
User Profile Captions
Ashley Madison Charts and Analytics
Latest Updates
Technical Analysis

22 Aug 2015, 17:06

Websites are reporting that the dump #3 is ‘in the wild’. Unconfirmed reports that the archive is extractable and contains email. Signature verification status: Unknown.

22 Aug 2015, 11:00

More than 12 hours have elapsed since the modified Biderman mail archive was released by the Impact Team but no completed downloads have been announced. There are aggressive attempts being made to identify uploader sources for the torrent

At peak the number of people downloading the torrent went into the mid-hundreds, then dropped off to three or four, with bandwidth dropping to 5k per second. Currently the only sources of the torrent reliably active are either those in the Ashley Madison corporate HQ, or those that resolve to “dubious” addresses.

Ars Technica has found where the cock-up occured.

To clear up a few misconceptions that are being misreported:

The “moral” issue that is being largely under-reported is not just adultery, it is about a corporation that is alleged to have knowingly defrauded it’s customers by charging them money to try to date profiles that the company knew to be fake. The data in the DB does appear to support this allegation. Strongly support it, some may argue.

There have been three leaks of data since Aug 18th. The latest is the Biderman CEO email archive, which is proving to be ‘difficult‘ for the impact team to get out.

The impact team have said they will not release nude pictures or the employee’s email archives (apart from company executives).

The first two leaks contain more information than is being reported. What you are not hearing about is information that isn’t in the public interest (source code, HR, and some other stuff).

Many of the websites offering to “check if your address is on the list” are not querying the database correctly and are giving false positives for guest accounts that were almost certainly created by spam-bots.

The cops are not sitting around scratching their arses while all this is going on. They want to catch whoever it is that has the smoking-gun secret-key on their USB stick.

The Strange Inner-World of Bidercorp
Ashley Madison Dump
User Profile Captions
Ashley Madison Charts and Analytics
Latest Updates
22 Aug 2015, 05:00

Sources for the biderman torrent suddenly dropped-off about an hour before the file was expected to be first announced. Thus far we’ve seen no sites claiming to have downloaded the file.

One of the few sources that is still actively sharing the latest Ashley Madison torrent geo-locates to Washington D.C.

Another source of the leaked files is the hacked company itself. This has caused some amusement among the uninitiated who don’t seem to realise that this is how the company will try to track who is sharing the torrent.

Good OPSEC demands that you block the IP, not tweet jokes about it. Or go dark.

Links
The Strange Inner-World of Bidercorp
Ashley Madison Dump
User Profile Captions
Ashley Madison Charts and Analytics
Latest Updates
Technical Analysis

21 Aug 2015, 22:15
The schmuck CEO’s email file, found to be corrupted in dump 2, has been re-released by the Impact Team on the same darknet onion as before.

There is no message accompanying the release.

The torrent contains just one file – noel.biderman.mail.7z.

This possibly indicates the first visual evidence of a cock-up by the Impact Team. The need to repost a file – which may also require a fourth “leak” to provide a signature file for authentication.

The secret-key that matches-up with these leaks, the digital-equivalent of a smoking gun, is getting hot.

Note on dump 2: The dump contains intellectual property in the form of source code. As we at the skankworks.net are software developers, in addition to journalists, we will not be looking at the source due to ethical concerns over conflict-of-interest.

Links
Ashley Madison Dump
User Profile Captions
Ashley Madison Charts and Analytics
Latest Updates
Technical Analysis

21 Aug 2015, 12:00

The second dump is confirmed to contain mainly source code, and the schmuck CEO’s email archive cannot be opened. At 13GB compressed, that’s a lot of mail. No reason has been given for the “corruption”, yet.

Some websites are casting doubt on the authenticity of the second link, some even wildly claiming that it “might have a virus in it“. However they neglect to mention if they have checked the PGP signatures on the messages, so their comments, or rather their attempts at damage-control, are worthless.

We did verify the signatures.

The first leak contains a public key to verify the signature with this fingerprint:

Any data not signed with key 
6E50 3F39 BA6A EAAD D81D  ECFF 2437 3CD5 74AB AA38 
is fake.

The “Hey Noel” message on the second leak, shown in screen-shot form below, is verified to be signed with the same key:

gpg: Signature made Thu 20 Aug 2015 06:15:27 CEST using RSA key ID 74ABAA38
gpg: Good signature from "Impact Team "
Primary key fingerprint: 6E50 3F39 BA6A EAAD D81D  ECFF 2437 3CD5 74AB AA38

Conclusion: The second leak is from the same source as the first.

20 Aug 2015, 22:00CET
A second, larger, dump is confirmed. Containing what at a glance appears to be only internal corporate information, such as source code, design documents, and the schmuck CEO’s email archive. It is unlikely that there will be as much public interest justifying it’s publication, the content’s of the said schmuck’s email excepted.

It’s the kind of information, with the exception of email archives, that will mainly be of value to AVM’s competitors. As if this second leak is intended to do more direct harm to the company.

ashley madison hey noel taunt

It is looking increasingly likely that the purported “customer private images file” does indeed exist, and we conclude the blackmailer(s), if indeed that is what they are, are holding this back until last. To give this Noel prick one last chance to do the business, or they are going to get in close and badda-bing they’re going to blow his customers’ naked asses all over the nice clean family Internet.

This is strictly business, and this guy is taking it very, very personal.

The whole hacking affair, if you’ll pardon the pun, has an air of professionalism to it that makes one ponder just what kind of profession is at work here.

Links
Ashley Madison Dump
User Profile Captions
Ashley Madison Charts and Analytics
Latest Updates
Technical Analysis

This entry was posted in General IT and tagged , , , , , , . Bookmark the permalink.