Type of site | Webmail, E-Mail service |
---|---|
Available in | English |
URL | sigaint.org, sigaintevyh2rzvw.onion (defunct)[1] |
Commercial | No |
Registration | Required |
Users | about 370,000[2] |
Current status | Offline |
SIGAINT was a Tor hidden service offering secure email services. According to its FAQ page, its web interface used SquirrelMail which does not rely on JavaScript. Passwords couldn't be recovered. Users received two addresses per inbox: one at sigaint.org for receiving clearnet emails and the other at its .onion address only for receiving emails sent from other Tor-enabled email services. Free accounts had 50 MB of storage space and expired after one year of inactivity. Upgraded accounts had access to POP3, IMAP, SMTP, larger size limits, full disk encryption, and never expired.
The service was recommended by various security specialists as a highly secure email service.[3][4][1]
In April 2015, a number of user accounts were compromised in what was speculated at the time to be a government-sponsored de-anonymization attack from 70 different exit nodes.[5][6] A SIGAINT administrator said that the hidden service was not hacked but malicious exit nodes had modified their clearnet page so that its link to the hidden service pointed to an imposter hidden service, effectively tricking users with a phishing attack that harvested login credentials.[2] SIGAINT has since added SSL to their gateway to protect against such attacks.[7]
The service is currently down. Both its ".org" website and its onion link return error code 500.[8]
See also
References
- 1 2 "Interview With "Sigaint DarkNet Email" Admin". DeepDotWeb. 2015-02-16. Archived from the original on 2015-03-23.
- 1 2 SIGAINT Admin (23 April 2015). "SIGAINT email service targeted by 70 bad exit nodes". tor-talk. Tor Project. Archived from the original on 2016-03-04. Retrieved 2016-08-31.
- ↑ Pauli, Darren (4 May 2016). "How to evade the NSA: OpSec guide for journalists also used by terrorists". Archived from the original on 31 May 2016. Retrieved 26 May 2016.
- ↑ Maria, Korolov (13 May 2016). "Terrorists opt for consumer tools". Archived from the original on 14 October 2016. Retrieved 26 May 2016.
- ↑ Paganini, Pierluigi (26 April 2015). "Dark Web Email Service SIGAINT hacked by the Intelligence". Archived from the original on 10 September 2016. Retrieved 26 May 2016.
- ↑ Franceschi-Bicchierai, Lorenzo (24 April 2015). "After Hacks, A Dark Web Email Provider Says a Government Spied on Its Users". Archived from the original on 21 October 2016. Retrieved 25 September 2016.
- ↑ SIGAINT. "SIGAINT Incidents Report". Archived from the original on 27 September 2016. Retrieved 25 September 2016.
- ↑ Leyden, John. "Dark net webmail provider Sigaint still in the, er, dark". The Register. Archived from the original on 18 July 2017. Retrieved 6 March 2017.