How is IRC so secure/untraceable that hackers and pirates use it to communicate?

  • What is so special about IRC that hackers use it to do online meetings, ignoring every other option, like messengers or social media?

    It seems to be very secure that it gets used to send commands to victim's computers instead of just sending them directly (called a "botnet", right?)

    Do actual hackers really use IRC to communicate?

  • In addition to Rory's points...

    Internet Relay Chat is actually incredibly insecure

    I don't think IRC is in any way secure by default. Almost all servers utilize communication through plaintext. Your ISP can snoop on the contents easily. All of your messages, in general, are unencrypted. You have to install addons to enable encrypted communications, if they're even done right.

    Even if the server itself encrypted the messages/uses SSL, it's a moot point: everyone can connect and read what you're saying unless you encrypted it on your end. IRC admins can read your private messages as well.

    The vast majority of servers I've visited also expose your IP Address to everyone unless you're behind a proxy or VPN, so there's no real anonymity. Even the ones that partially mask your IP will show part of where you are. For example: While other servers will block everything, all IRCops/admins know the real IP you're connecting from. What's to stop them from cooperating with law enforcement?

    Your IRC client could also be vulnerable to buffer overflow attacks / string formatting vulnerabilities / etc. Or maybe you'll just click on a drive-by-download link...

    Does true anonymity exist on IRC?

    Some people have a different definition of anonymity than me. Rory's definition is correct in the context of being anonymous to most people, but that's not the definition I subscribe to. For me, anonymity is being anonymous to everyone, no matter what.

    How do you think people keep getting busted even though they're "behind 7 proxies"? If you're behind a proxy/vpn, you're still communicating with the IRC server. Your proxy/VPN is connected to that IRC server, and you are connected to that proxy/vpn server at a specific time.

    Once you send text, whether it's encrypted or not, all law enforcement really needs to do is line up timestamps, even if it's encrypted. Lag delay? Yeah, that's very easy to account for. Soon, a very clear pattern will emerge, and your entire proxy/VPN chain will be quickly unraveled to the source.

    How can they do that? XKeyscore, Prism.

    Right now, true anonymity doesn't really exist on IRC.

    But Mark Buffalo, I've never been caught!

    They either don't care about you because you're a small fry who doesn't matter, or they're slowly building up a case to get you on maximum charges. Or you're simply out of their jurisdiction, but they're still ready to pounce.

    Maybe this "security" is actually a jurisdiction issue?

    I think part of the confusion here is jurisdiction. Jurisdiction can offer tremendous security if there's a refusal to co-operate. This is why many criminals may still be around after "getting caught."

    If you're in another country which refuses to cooperate with the law enforcement of another country, you might be safe from prosecution, but you'll probably still be indicted on charges. So as long as you never enter that country...

    Well, to be fair, true anonymity doesn't exist period.

License under CC-BY-SA with attribution

Content dated before 7/24/2021 11:53 AM

Tags used