The Wiretap brings you the latest insights into cybersecurity, internet privacy, and surveillance. Subscribe to receive our weekly digest directly in your inbox.

Darknet Email Service DNMX Seized by Dutch Authorities

As a long-time refuge for individuals wishing to keep their correspondence out of government scrutiny, the dark web has offered various services aimed at enhancing privacy. One such service was the Darknet Mail Exchange (DNMX), which promoted itself as a secure alternative to conventional email platforms, stating, “We don’t care who you are and will never ask for your information or reveal your identity; this is the dark net after all.”

However, in October 2023, the facade of anonymity provided by DNMX was shattered when Dutch police confiscated its servers. Authorities indicated that DNMX had been facilitating illegal activities, including the distribution of child sexual abuse material (CSAM), terrorist communications, and drug trafficking. While the Dutch police have remained tight-lipped regarding the ongoing investigation, they confirmed to Forbes that inquiries are underway. “We will do no further notices about the investigation,” remarked Thérèse Ariaans, spokesperson for the Netherlands Police.

Ongoing Investigations and Criminal Activity

Speculations have arisen regarding whether police allowed DNMX to operate longer to ensnare more criminals, but the legal status of this service is now clear: it has been taken offline. Archives, such as the Wayback Machine, show that the DNMX clearweb site existed as recently as last year. Alarmingly, some reports indicate that illicit users continued to utilize the platform as recently as summer 2024.

In recent years, law enforcement agencies have increasingly targeted communication channels utilized by criminals, with notable cases including the FBI’s infiltration of the encrypted app Anom. Most recently, they seized control of an online profile belonging to a money launderer going by the handle ElonMuskWHM.

Users on darknet forums were already expressing concerns about a potential police raid affecting DNMX in 2023. A notice from the DNMX administrator further confirmed these anxieties, stating that the email accounts were “no longer in our control.”

Collaborative Efforts in Investigation

Following the seizure, Dutch investigators began sharing their findings with various law enforcement entities, ranging from Europol to U.S. federal agencies. Through this collaboration, they uncovered a child exploitation network operating with DNMX, which offered substantial payments for the production of illicit content. A user, identified in court documents as Newstarz, reportedly incentivized the creation of graphic materials by offering contracts upwards of $500,000 for a year or as much as $50,000 for specific image series. It was noted that an “Elite Membership Level” would grant access to “sexual access to all models and families at meets.”

Legal Actions Underway

The Department of Justice (DOJ) is currently prosecuting Jonathan Laroche, a former U.S. Marine Corps officer, for allegedly manufacturing and selling CSAM. Laroche’s alleged connection to the Newstarz user remains unidentified. Previously, Laroche was sentenced in another case earlier this year after being convicted of assaulting a detained sailor at the San Diego Naval Base. At the time of publication, Laroche had not yet entered a plea concerning the new charges.

The Future of Darknet Communication

Despite the closure of DNMX, its creator suggested in 2023 that he would introduce a new email service, asserting, “The darknet needs a good email provider and I will bring a new one online soon.” As of now, the status of this anticipated service remains uncertain.

Additional Developments in Cybersecurity

White House Actions

In another significant development, the White House has rescinded security clearance for Chris Krebs, the former director of the Cybersecurity and Infrastructure Security Agency (CISA) and currently employed at SentinelOne. Trump had previously dismissed Krebs in 2020, blaming him for dismissing baseless claims about vote malpractices. The White House release, however, cited Krebs as having misused his government authority.

Noteworthy Incidents

Several noteworthy incidents have emerged in the field of cybersecurity recently:

• A widespread issue on 4Chan saw the platform temporarily inaccessible amid allegations of a data breach, resulting in the exposure of user information.
• Senator Ron Wyden announced plans to block the nominating process for the next CISA director, Sean Plankey, until a report addressing security lapses at U.S. telecom companies is released.
• Chinese officials allegedly acknowledged their country’s involvement in cyberattacks against U.S. infrastructure during a summit last December, as reported by the Wall Street Journal.
• Innovative hackers in Silicon Valley manipulated traffic control systems to replicate the voices of public figures like Zuckerberg and Musk, leading to some unsettling street interactions.

Recognition and Regret

This week’s highlight in cybersecurity includes Tailscale, a company that provides a secure peer-to-peer virtual private network, which has successfully secured $160 million in Series C funding to bolster its offerings.

Conversely, a breach at the U.S. Office of the Comptroller of the Currency has compromised sensitive information concerning over 100 bank regulators, which may affect data sharing with institutions like JPMorgan and BNY.