Privacy @lemmy.ml ray @lemmy.ml 9 mo. ago

Police shut more than 14,000 accounts on Mega, Tutanota and Protonmail

therecord.media LockBit takedown: Police shut more than 14,000 accounts on Mega, Tutanota and Protonmail

Accounts with third-party service providers were used “for exfiltration or infrastructure,” according to a post by law enforcement on LockBit’s seized darkweb domain.

Technology @lemmy.world ray @lemmy.ml 9 mo. ago

therecord.media /lockbit-ransomware-takedown-mega-tutanota-protonmail

26 comments

Ah shoot, it'll take them a whole month to recreate replacement accounts
Interesting piece. It's a bit weirdly worded in that it suggests that the police shut the accounts when really it's Mega, Proton, Tuta who are closing the accounts. Presumably the police tell those companies which accounts are being used for illegal purposes and then those companies then close the accounts. I was a bit alarmed at first because it sounded like the authorities were closing the accounts when that's not really the case.
- Since this year, Apple allows sideloading.
  
  Apple adopted USBC
  
  Apple allows other browsers
  
  Edit: the amount of apple fanboys is too damn high
  
  Me trying to comprehend what the actual fuck this man is talking about
  
  I think you responded to the wrong comment.
  
  Hey uhh, please pass me some of that good stuff. You seem lost.
  
  no one here brought up apple
So the police provide the companies with addresses associated with illegal activities and the companies disable those accounts?

EDIT: This was a genuine question :p
- Essentially. Police or anyone could report an account for illegal activity which is against ToS for all three of the services. From there the service would need to be able to substantiate the claim and then shut down the account. I've seen a few cases of proton accounts getting shut down. Proton can't read emails but they can read headers and if you've posted illegal activity in public using your proton email address or if law enforcement/ someone reports you for using proton for illegal activity then proton will be able to review headers to determine if you're violating ToS. Like a few years ago i think someone was using proton for ransomware, and proton was able to match the headers with emails that had been posted in public, and acct got shut down.
  
  Unfortunately can't find that specific case but that was one example I've seen
  
  That sounds reasonable. Thanks for the explanation.
Tldr you aren't recovering your data
states the LockBit .onion site, now controlled by British officials.

How does one hijack a .onion site?
- You don't hijack a .onion site. You pwn the server which hosts .onion site. Give you full access to site. You hijack .onion because its very secure
  
  I see. How do you trace a .onion site back to it's server?
- Outside of controlling and rewriting the protocol: steal the keys used to generate the route or take over control of the server that hosts it
Is threcord.media down? Showing host issues on cloud fare for me.
- Seems like it. You can try https://web.archive.org/web/20240222164851/https://therecord.media/lockbit-ransomware-takedown-mega-tutanota-protonmail
  
  or
  
  https://archive.ph/?run=1&url=https%3A%2F%2Ftherecord.media%2Flockbit-ransomware-takedown-mega-tutanota-protonmail
  
  Nice. Would this work for any website? Can I just archive any webpage I can't see on my end?

You've viewed 26 comments.