Connect with us

Technology

Breaking the law: How 8chan (or “8kun”) got (briefly) back online

https://arstechnica.com/?p=1597257

Published

on

A snake eats makes a figure-8 and eats its own tail.
Enlarge
/ Snek goes dark.

The successor to 8chan, 8kun, made a somewhat brief appearance on the public Internet thanks to what amounts to an attack on the Internet’s routing infrastructure. The site’s domain name server, hosted by a service called VanwaNet, offered up an Internet address for the site that was from an unallocated set of addresses belonging to the RIPE Network Coordinating Centre, the regional Internet registry authority for Europe and the Middle East. And the host for the new site, the Russian hosting company Media Land LLC, advertised a route to that address to the rest of the Internet, allowing visitors to reach the site for a while.

The advertisement of the address, made with the Border Gateway Protocol (BGP), is what is referred to in the routing world as a “bogon” or “martian.” Usually these happen when private network addresses mistakenly are sent out, or “advertised,” from a network to the rest of the Internet because of a router misconfiguration.

But sometimes, they hijack existing addresses either accidentally or maliciously. A BGP “leak” in November 2018 caused Google and Spotify service outages. In 2015, for example, Hacking Team used a BGP bogon advertisement to help Italian police regain control of infrastructure used to monitor hacked targets. And a Russian network provider made BGP advertisements that hijacked traffic to financial services sites in 2017.

While 8kun.net was registered in September through Tucows, the actual process was handled by a company called N.T. Technology Inc., a hosting company and registration services provider that appears to have gone dark in August, around the same time 8Chan went offline. The domain for N.T. Technology was registered by Jim Watkins—the “owner” of 8chan. And several hosts associated with 8chan, on the 8ch.net domain, were hosted by N.T. Technology.

None of N.T. Technology’s servers appears to be reachable. The Twitter account associated with the company (which gives the location as Carson City, Nevada) has been inactive since 2014. The address given for the company on its now-dead website was a Digital Real Estate data center in San Francisco, and its corporate office address was that of a corporation registration and virtual home office company in Reno, Nevada. The phone number associated with the Reno address in domain registration data was disconnected; a second number (a Comcast VoIP number) went unanswered. But the company’s network is still active, based on data from Hurricane Electric’s BGP tools.

Trying to go “Bulletproof”

After 8chan lost its hosting in August in the wake of the El Paso mass shooting, much of 8chan’s content—especially the “pol” channel—had shifted to the social media platform Telegram  (known for its anti-censorship policies, which have made it a haven for all flavors of extremism). Telegrampol, for instance, was set up in July. But the fragmented nature of the Telegram channels (and the Telegram architecture) likely kept away many 8chan users; Telegrampol has a total of 633 subscribers.

8kun was an effort to restore a central location for all of 8chan’s communities, but it faced the same challenges in hosting that brought down 8chan in the first place—its radioactivity to hosting providers and domain registrars. This is what apparently drove Watkins and company to a rather unusual hosting option: a Russian company known mostly for hosting crimeware.

Media Land is operated by Alexander Volosovyk, known as “Yahlishanda” on criminal underground Internet marketplaces. According to a report by Brian Krebs, Volosovyk is the world’s biggest “bulletproof” hosting operator. He has, according to Krebs, avoided takedowns and prosecution by operating carefully within the lines of the law in Russia and other former Soviet states.

Servers hosted by Media Land infrastructure have been tied to the Dridex and Zeus banking trojans in the past, as well as to the command and control networks for other sophisticated malware. Media Land-hosted virtual private servers using legitimately assigned IP addresses have been repeatedly reported for malicious traffic, including hundreds of brute-force Remote Desktop Protocol login attacks.

Media Land used the fake BGP advertisements for more than just 8kun. According to historical DNS records from SecurityTrails, Media Land had been maintaining an advertisement for a block of addresses starting at 185.254.121.200 for over a month, with the records for 8kun.net addresses popping up about two days ago. The hosts tied to the address block hosted a variety of short-lived malware, phishing, and online pharmacy scam sites, among others, with some dating back to September—all of them hosted by Media Land.

Using this sort of fishy routing advertisement is not an uncommon tactic when trying to prevent potential attackers from gathering intelligence on a site’s or network’s infrastructure. It means that Whois requests and other network tools return no useful information to casual inquiries. That makes targeting the hosting provider somewhat more difficult. Other blocks of unassigned addresses have been used by Media Land repeatedly over the past three years.

Going dim

The Media Land hosting may have been a temporary move by the operators of 8chan/8kun. The site remains live on Tor as a “hidden service.” And the site’s domain name service provider VanwaNet has advertised itself in the past as a Cloudflare alternative—giving customers the capability (at some point in the future) to create their own content-delivery networks to fight DDoS attacks.

Ron Watkins, the administrator for 8kun, said in a Twitter post that VanwaTech “has built a fantastic new deepnet CDN that can deliver Tor hidden services at nearly clearnet speed.” In addition, the 8kun team has apparently been looking at another Tor-like service called Lokinet, an onion-routing based anonymizing network that is still in development.

Those services may be crucial for the continued operation of the site, considering that the open Internet version of the site was under attack from almost the instant it went live. “We have been under sustained attacks the past few days and doing everything we can to get things stable again,” Ron Watkins reported on Twitter earlier today. “The site is still online—albeit limping along—as we reorganize and restructure to deflect attacks coming from many angles.”

Click to comment

You must be logged in to post a comment Login

Leave a Reply

Technology

These ten enterprise M&A deals totaled over $40B in 2019

It would be hard to top the 2018 enterprise M&A total of a whopping $87 billion, and predictably this year didn’t come close. In fact, the top 10 enterprise M&A deals in 2019 were less than half last year’s, totaling $40.6 billion. This year’s biggest purchase was Salesforce buying Tableau for $15.7 billion, which would…

Published

on

These ten enterprise M&A deals totaled over $40B in 2019

It would be hard to top the 2018 enterprise M&A total of a whopping $87 billion, and predictably this year didn’t come close. In fact, the top 10 enterprise M&A deals in 2019 were less than half last year’s, totaling $40.6 billion.

This year’s biggest purchase was Salesforce buying Tableau for $15.7 billion, which would have been good for third place last year behind IBM’s mega deal plucking Red Hat for $34 billion and Broadcom grabbing CA Technologies for $18.8 billion.

Contributing to this year’s quieter activity was the fact that several typically acquisitive companies — Adobe, Oracle and IBM — stayed mostly on the sidelines after big investments last year. It’s not unusual for companies to take a go-slow approach after a big expenditure year. Adobe and Oracle bought just two companies each with neither revealing the prices. IBM didn’t buy any.

Microsoft didn’t show up on this year’s list either, but still managed to pick up eight new companies. It was just that none was large enough to make the list (or even for them to publicly reveal the prices). When a publicly traded company doesn’t reveal the price, it usually means that it didn’t reach the threshold of being material to the company’s results.

As always, just because you buy it doesn’t mean it’s always going to integrate smoothly or well, and we won’t know about the success or failure of these transactions for some years to come. For now, we can only look at the deals themselves.

Continue Reading

Technology

Jumia, DHL, and Alibaba will face off in African ecommerce 2.0

The business of selling consumer goods and services online is a relatively young endeavor across Africa, but ecommerce is set to boom. Over the last eight years, the sector has seen its first phase of big VC fundings, startup duels and attrition. To date, scaling e-commerce in Africa has straddled the line of challenge and…

Published

on

Jumia, DHL, and Alibaba will face off in African ecommerce 2.0

The business of selling consumer goods and services online is a relatively young endeavor across Africa, but ecommerce is set to boom.

Over the last eight years, the sector has seen its first phase of big VC fundings, startup duels and attrition.

To date, scaling e-commerce in Africa has straddled the line of challenge and opportunity, perhaps more than any other market in the world. Across major African economies, many of the requisites for online retail — internet access, digital payment adoption, and 3PL delivery options — have been severely lacking.

Still, startups jumped into this market for the chance to digitize a share of Africa’s fast growing consumer spending, expected to top $2 billion by 2025.

African e-commerce 2.0 will include some old and new players, play out across more countries, place more priority on internet services, and see the entry of China.

But before highlighting several things to look out for in the future of digital-retail on the continent, a look back is beneficial.

Jumia vs. Konga

The early years for development of African online shopping largely played out in Nigeria (and to some extent South Africa). Anyone who visited Nigeria from 2012 to 2016 likely saw evidence of one of the continent’s early e-commerce showdowns. Nigeria had its own Coke vs. Pepsi-like duel — a race between ventures Konga and Jumia to out-advertise and out-discount each other in a quest to scale online shopping in Africa’s largest economy and most populous nation.

Traveling in Lagos traffic, large billboards for each startup faced off across the skyline, as their delivery motorcycles buzzed between stopped cars.

Covering each company early on, it appeared a battle of VC attrition. The challenge: who could continue to raise enough capital to absorb the losses of simultaneously capturing and creating an e-commerce market in notoriously difficult conditions.

In addition to the aforementioned challenges, Nigeria also had (and continues to have) shoddy electricity.

Both Konga — founded by Nigerian Sim Shagaya — and Jumia — originally founded by two Nigerians and two Frenchman — were forced to burn capital building fulfillment operations most e-commerce startups source to third parties.

That included their own delivery and payment services (KongaPay and JumiaPay). In addition to sales of goods from mobile-phones to diapers, both startups also began experimenting with verticals for internet based services, such as food-delivery and classifieds.

While Jumia and Konga were competing in Nigeria, there was another VC driven race for e-commerce playing out in South Africa — the continent’s second largest and most advanced economy.

E-tailers Takealot and Kalahari had been jockeying for market share since 2011 after raising capital in the hundreds of millions of dollars from investors Naspers and U.S. fund Tiger Global Management.

So how did things turn out in West and Southern Africa? In 2014, the lead investor of a flailing Kalahari — Naspers — facilitated a merger with Takealot (that was more of an acquisition). They nixed the Kalahari brand in 2016 and bought out Takelot’s largest investor, Tiger Global, in 2018. Takealot is now South Africa’s leading e-commerce site by market share, but only operates in one country.

In Nigeria, by 2016 Jumia had outpaced its rival Konga in Alexa ratings (6 vs 14), while out-raising Konga (with backing of Goldman Sachs) to become Africa’s first VC backed, startup unicorn. By early 2018, Konga was purchased in a distressed acquisition and faded away as a competitor to Jumia.

Jumia went on to expand online goods and services verticals into 14 Africa countries (though it recently exited a few) and in April 2019 raised over $200 million in an NYSE IPO — the first on a major exchange for a VC-backed startup operating in Africa.

Jumia’s had bumpy road since going public — losing significant share-value after a short-sell attack earlier in 2019 — but the continent’s leading e-commerce company still has heap of capital and generates $100 million in revenues (even with losses).

Continue Reading

Technology

Airbnb’s New Year’s Eve guest volume shows its falling growth rate

Hello and welcome back to our regular morning look at private companies, public markets and the gray space in between. It’s finally 2020, the year that should bring us a direct listing from home-sharing giant Airbnb, a technology company valued at tens of billions of dollars. The company’s flotation will be a key event in…

Published

on

Airbnb’s New Year’s Eve guest volume shows its falling growth rate

Hello and welcome back to our regular morning look at private companies, public markets and the gray space in between.

It’s finally 2020, the year that should bring us a direct listing from home-sharing giant Airbnb, a technology company valued at tens of billions of dollars. The company’s flotation will be a key event in this coming year’s technology exit market. Expect the NYSE and Nasdaq to compete for the listing, bankers to queue to take part, and endless media coverage.

Given that that’s ahead, we’re going to take periodic looks at Airbnb as we tick closer to its eventual public market debut. And that means that this morning we’re looking back through time to see how fast the company has grown by using a quirky data point.

Airbnb releases a regular tally of its expected “guest stays” for New Year’s Eve each year, including 2019. We can therefore look back in time, tracking how quickly (or not) Airbnb’s New Year Eve guest tally has risen. This exercise will provide a loose, but fun proxy for the company’s growth as a whole.

The numbers

Before we look into the figures themselves, keep in mind that we are looking at a guest figure which is at best a proxy for revenue. We don’t know the revenue mix of the guest stays, for example, meaning that Airbnb could have seen a 10% drop in per-guest revenue this New Year’s Eve — even with more guest stays — and we’d have no idea.

So, the cliche about grains of salt and taking, please.

But as more guests tends to mean more rentals which points towards more revenue, the New Year’s Eve figures are useful as we work to understand how quickly Airbnb is growing now compared to how fast it grew in the past. The faster the company is expanding today, the more it’s worth. And given recent news that the company has ditched profitability in favor of boosting its sales and marketing spend (leading to sharp, regular deficits in its quarterly results), how fast Airbnb can grow through higher spend is a key question for the highly-backed, San Francisco-based private company.

Here’s the tally of guest stays in Airbnb’s during New Years Eve (data via CNBC, Jon Erlichman, Airbnb), and their resulting year-over-year growth rates:

  • 2009: 1,400
  • 2010: 6,000 (+329%)
  • 2011: 3,1000 (+417%)
  • 2012: 108,000 (248%)
  • 2013: 250,000 (+131%)
  • 2014: 540,000 (+116%)
  • 2015: 1,100,000 (+104%)
  • 2016: 2,000,000 (+82%)
  • 2017: 3,000,000 (+50%)
  • 2018: 3,700,000 (+23%)
  • 2019: 4,500,000 (+22%)

In chart form, that looks like this:

Let’s talk about a few things that stand out. First is that the company’s growth rate managed to stay over 100% for as long as it did. In case you’re a SaaS fan, what Airbnb pulled off in its early years (again, using this fun proxy for revenue growth) was far better than a triple-triple-double-double-double.

Next, the company’s growth rate in percentage terms has slowed dramatically, including in 2019. At the same time the firm managed to re-accelerate its gross guest growth in 2019. In numerical terms, Airbnb added 1,000,000 New Year’s Eve guest stays in 2017, 700,000 in 2018, and 800,000 in 2019. So 2019’s gross adds was not a record, but it was a better result than its year-ago tally.

Continue Reading

Recent Posts