Log-less network service targeted in wake of global bomb threats.
French police have arrested the operator of a log-free Extensible Messaging and Presence Protocol (XMPP) service allegedly used by a hacking gang responsible for making dozens of fake bomb threats to schools around the world.
Les Gendarmes say they’ve cuffed Vincent Lauton, 18, allegedly operator of runs darkness.su which positions itself firmly a service for those seeking high anonymity.
The outfit promises customers it does not store user logs “in any manner” other than for debugging, and does not require customer information to setup accounts.
The site sports an advertisement for carding website ValidShop.
Le Monde reports Lauton is being investigated for possible links to the group calling itself Ev4cuati0nSquad, which over the last month has phoned in dozens of fake bomb threats to schools in countries including the UK, the US, and Australia causing closures and widespread panic.
It is alleged Ev4cuati0nSquad placed its bomb threat voice-over-internet-protocol (VoIP) calls using the Darkness.su service.
Lauton was reportedly taken via armed convoy to a Paris police station, and is being held in extended custody under France’s emergency powers.
Le Monde reports Lauton refused to hand over decryption keys for his computer resulting in his indictment for the non-cooperation.
Merci à tous pour votre soutien!
Thank you all for your support!
— Darkness (@Darkness_su) February 12, 2016
At least six schools in Paris and a dozen each in Britain and Australia were closed after receiving credible threats.
The group placed the calls for free using VoIP to warn of planned shootings and bombings.
Each instance linked to the group has been shown as a fake threat with no bombs found. ®
Building secure multi-factor authentication