SIGAINT explained

SIGAINT
Url:sigaint.org, [1]
Commercial:No
Type:Webmail, E-Mail service
Registration:Required
Language:English
Num Users:about 370,000[2]
Current Status:Offline

SIGAINT was a Tor hidden service offering secure email services. According to its FAQ page, its web interface used SquirrelMail which does not rely on JavaScript. Passwords couldn't be recovered. Users received two addresses per inbox: one at sigaint.org for receiving clearnet emails and the other at its .onion address only for receiving emails sent from other Tor-enabled email services. Free accounts had 50 MB of storage space and expired after one year of inactivity. Upgraded accounts had access to POP3, IMAP, SMTP, larger size limits, full disk encryption, and never expired.

The service was recommended by various security specialists as a highly secure email service.[3] [4] [1]

In April 2015, a number of user accounts were compromised in what was speculated at the time to be a government-sponsored de-anonymization attack from 70 different exit nodes.[5] [6] A SIGAINT administrator said that the hidden service was not hacked but malicious exit nodes had modified their clearnet page so that its link to the hidden service pointed to an imposter hidden service, effectively tricking users with a phishing attack that harvested login credentials. SIGAINT has since added SSL to their gateway to protect against such attacks.[7]

The service is currently down. Both its ".org" website and its onion link return error code 500.[8]

See also

Notes and References

  1. Web site: Interview With "Sigaint DarkNet Email" Admin. DeepDotWeb. https://archive.today/20150323092534/http://www.deepdotweb.com/2015/02/16/interview-sigaint-darknet-email-admin/. 2015-03-23. dead. 2015-02-16.
  2. Web site: SIGAINT Admin. SIGAINT email service targeted by 70 bad exit nodes. tor-talk. 23 April 2015. Tor Project. 2016-08-31. 2016-03-04. https://web.archive.org/web/20160304012144/https://lists.torproject.org/pipermail/tor-talk/2015-April/037549.html. live.
  3. News: Pauli. Darren. How to evade the NSA: OpSec guide for journalists also used by terrorists. 26 May 2016. 4 May 2016. 31 May 2016. https://web.archive.org/web/20160531114016/http://www.theregister.co.uk/2016/05/04/opsec_guide_for_hacks_now_terrorist_fodder. live.
  4. News: Maria. Korolov. Terrorists opt for consumer tools. 26 May 2016. 13 May 2016. 14 October 2016. https://web.archive.org/web/20161014021123/http://www.csoonline.com/article/3069977/cyber-attacks-espionage/terrorists-opt-for-consumer-tools.html. live.
  5. News: Paganini. Pierluigi. Dark Web Email Service SIGAINT hacked by the Intelligence. 26 May 2016. 26 April 2015. 10 September 2016. https://web.archive.org/web/20160910020716/http://securityaffairs.co/wordpress/36292/hacking/sigaint-hacked-by-intelligence.html. live.
  6. News: Franceschi-Bicchierai. Lorenzo. After Hacks, A Dark Web Email Provider Says a Government Spied on Its Users. 25 September 2016. 24 April 2015. 21 October 2016. https://web.archive.org/web/20161021141941/http://motherboard.vice.com/en_uk/read/after-hacks-a-dark-web-email-provider-says-a-government-spied-on-its-users. live.
  7. Web site: SIGAINT. SIGAINT Incidents Report. 25 September 2016. 27 September 2016. https://web.archive.org/web/20160927165758/https://www.sigaint.org/incidents.html. dead.
  8. Web site: Leyden. John. Dark net webmail provider Sigaint still in the, er, dark. The Register. 6 March 2017. 18 July 2017. https://web.archive.org/web/20170718134114/http://www.theregister.co.uk/2017/03/02/sigaint_goes_dark/. live.