Pedophiles are Upgrading their OPSEC Guides on Darkweb Forums

~4 min read | Published on 2019-10-30, tagged DarkWebForumsOPSECPedophile using 757 words.

Security guides from various Internet criminal communities aren’t all that uncommon. Over the years we have seen such guides posted onto drug forums, hacking forums, extremism forums, and well child abuse forums. Two weeks ago on one of the larger forums an account posted a security guide that is catered towards Internet child abuse offenders. This one specifically is an iteration to an older guide and is provided as HTML pages that the user is able to navigate offline.
Overall it contains what you would expect out of any other Whonix guide you would find on the Internet. Being that Whonix is at it’s core a security focused operating system, any introduction to it is going to inherently be very security focused. Many will say that using Tor is super easy, just download the software and you’re off to the races. While that is true, where do you go next, where do you find websites to visit? The point being anyone who actually wants to use Tor is most likely going to Google it and stumble upon similar guides.

A Screenshot of a Guide Introducing Whonix

But regardless of it’s content not being anything special, it is significant because it’s another glimpse into the determined effort made by this group to stay secure. For far to long many experts haven’t taken these higher level organized Internet child abuse groups seriously, and we have seen it show by the gargantuan amount of child abuse imagery being discovered by law enforcement around the world currently. While it is accurate that the majority of child abuse content is hosted on clearnet servers, for download speed purposes, the aggregation and curation of all of that happens within these darknet abuse forums. Which has taken us to a point where we are essentially playing whack-a-mole chasing clearnet criminals while the main culprits of the problem continue to operate on the darknet.
The number from NCMEC that 90% of the reports it received in 2018 were from Facebook was one hell of a revelation. But it’s not all that surprising, at the moment Facebook out of all social media websites probably has the most advanced technology in production to detect such content. They also probably have the most global user base out of all the social media companies, the Coke-A-Cola of technology. These reports would have come from all over the world, not just the United States. Also, Facebook being an American company, all of it’s reports go to NCMEC essentially by default. This is relevant to understand because it would be wrong to conclude that because Facebook reports the most, it actually contains the most as well. Surely the simplest conclusion is that it only contains the most out of those who have reported to NCMEC for that year. While they did mention uniqueness which could point to Facebook being the first place of upload for that content, that is very unlikely. It is out of the scope of this piece but they’re various factors that could point to why that number was discovered. I don’t distribute the number, I believe it’s accurate, but again remember that aren’t scanning everything on the Internet.

A Screenshot of a Guide Explaining PGP Signatures

Understanding how these communities exist and operate is essential in preventing it from making its way to the clearnet level on a widely available platform like Facebook. I’d even argue that it’s somewhat from lack of pressure, take down, and action against these darknet communities that has allowed for the increase of availability found on the clearnet currently. And it will be crucial in the coming years for law enforcement to approach this problem with an understanding of it’s organized nature.
Obviously, in this context playing whack-a-mole is very much worth it in an effort at saving children from the hands of abusers. But at the same time, we need to give sufficient attention to the so called head of this monster that is child abuse imagery online so that we can work to lower the amount of availability of it on the Internet. Part of that work is understanding the operation and sophistication that is used by the main group of distributors and organizers. Thus an understanding of the kinds of software tools used by such actors can only help to further that endeavor.
Note: I have redacted parts from the screenshots that might assist someone attempting to find this through searches. I sought to locate this guide via searches on the clearnet and was unsuccessful. If I had been successful I would have withheld from publishing this.

Comments (5)


It conflicts the DNM community and indeed the Tor, and internet-privacy advocates as a whole that every step we take in securing our own communications is being utilized by these sick fucks to secure theirs.


Joe. There are no conflicts. Not to promote paedophilia (obviously). No rules exist for what goes on or stays on the network which is kinda the whole point of the tor network nowadays; circumvent clear net rules and regs. By regulating the network you will inevitably regulate the "good" communities as well as the "bad" ones and cause there is no centralised authority - who makes the rules? Answer: no-one. If you don't like that truth you shouldn't be using the dark Web. It is used by pedos spies terrorists political dissidents etc who is right and wrong for using it? The answer is down to differing opinion. Can't have it both ways. You either have an network like tor that allows the bad guys to use it as well as the good or you take away the power of tor and start restricting its use like the government and world superpowers do. You have to reach that compromise

Reply to bobscope2019-11-02

Yeah ur right but bruh if you agree with pedophilia and stuff like that ur dumb af. Ofc its sadly part of tor and that probably wont change cuz of the reasons u mentioned but yet still we should look with shame on such things. One thing is buying drugs for yourself and not affecting a single other person on this world and another thing is rape/pedophilia etc. Ofc there is both in life and on Tor especially but I mean if u cant see the big diference and think both is okay and equally bad then well Im outta here not wasting my time w sick guy. You seem like you genuinely dont care and is ok with it happening, I dont feel that way tho. Crack down those shit ass sites you have my full support LE.


The only way Christopher found this guide was by accessing and looking at children. You have to love these closet pedos. Fake news.


It's sad that #Oxbows finest #Pay Check Sodomizer #Bridget Sodom Sodomizes her employees every #PayCheck and violates there precious little asses Daily.