TL;DR
- Cortex is owner of Tor botnet called Gopnik
- only has basic botnet commands, such as download/execute, and innovative DDoS methods
- can be hosted anywhere that allows hidden services, unlike most botnets.
--------------------------------------------------------------------------------------------------------------------------
Original
Interview with Gopnik Tor botnet Programmer
Disclaimer: We do not support the use of such tools and the below info is for informational / technical purposes only, exactly as it was provided to us by our reporter “Chris Hansen”
Tor is full of people who wish to sell things. Some things good and some things bad. Usually these things tend to be related to drugs, but there are the few people who wish to sell a different set of items. Cortex is one of these few people. He programs, owns, and sells his own custom HTTP botnet software along with his team of anonymous members.A botnet is software installed on either a webserver or a persons personal computer, which holds zombie computers. People obtain these zombie computers, or what they are commonly called “bots”, through many different means such as an infected webserver with a virus embedded into it, spreading via fake programs on YouTube to generate codes for iTunes or Minecraft, or sending traffic to websites that automatically download an run the virus on the persons computer.
Technical info from sale thread
Technical info from sale thread
Listing on the hidden wiki
Once the computer is infected with the virus, the computer is at the mercy of the person who controls the botnet from there website or PC. They are able to do things such as force you to visit a website without your knowledge or permission, download your files directly to there computer from your computer, shutdown/log out/hibernate your computer, and even completely wipe your entire hard drive. And you wouldn’t even know that you have it on your computer until it is too late.
But what is it that makes Cortex’s botnet so unique and robust? It runs entirely through the Tor network. At first, this may sound like a large disadvantage, but really… it might just be the biggest advantage you could have. Hundreds of PC’s and websites running this botnet software get taken offline each day by law enforcement by using simple tools to locate the server and the owner of the server. But with this software, the network traffic is fully encrypted via Tor from end to end with no interruptions, strongly limiting the botnet owners risk of being found and taken offline.
And with the growing number of markets on Tor, this also opens up the perfect place to sell this type of software directly to the people who would be interested in obtaining this type of software… without ever leaving a trace of anything about themselves. Currently, they do have a listing on The Hidden Wiki advertising there service and software, and have said to me that they are in the process of expanding to marketplaces across Tor and the clearnet.
So, with the overview of the interview out of the way, I now present an exclusive for DeepDotWeb… an interview with one of the worlds first entirely Tor encrypted botnets called Gopnik, Cortex.
Chris: First off, thanks a lot for allowing me to do this interview with you. Can you start by telling me a bit about yourself? Nothing more than what you would like to tell me.
Cortex: Well, why? I’m just another guy. I’m not even the important one in this project. I’m a guy with an idea.
Cortex: Well, why? I’m just another guy. I’m not even the important one in this project. I’m a guy with an idea.
Chris: Fair enough. Why don’t we get right to the meat of the subject. Your Tor botnet, Gopnik. Could you give me a fairly brief overview of what it is, its features, uses, etc?
Cortex: Well, its use is that of a regular botnet, take that how you will. As for a brief overview, it’s similar to many botnets, comparable to Atrax, but mine is on a better path. Anything I can’t do proficiently and in a small amount of time, my partner can. As for features, it currently only has basic botnet commands, such as download/execute, and innovative DDoS methods, ones that are very powerful and take very little CPU usage, and a stealer compatible with all browsers. The future is the more important aspect here, as right now we are paving out the issues of tor, and adding many addons.. Anything you could need in a botnet, for any purpose. In fact, I daresay this botnet will become one of, if not, the best.
Cortex: Well, its use is that of a regular botnet, take that how you will. As for a brief overview, it’s similar to many botnets, comparable to Atrax, but mine is on a better path. Anything I can’t do proficiently and in a small amount of time, my partner can. As for features, it currently only has basic botnet commands, such as download/execute, and innovative DDoS methods, ones that are very powerful and take very little CPU usage, and a stealer compatible with all browsers. The future is the more important aspect here, as right now we are paving out the issues of tor, and adding many addons.. Anything you could need in a botnet, for any purpose. In fact, I daresay this botnet will become one of, if not, the best.
Chris: All right. Sounds like something that many people of many other botnets would be very interested in. Tell me a bit more about the Tor aspect of your botnet software. How does it work and what are some of its benefits?
Cortex: It works exactly like a regular http bot, in technical terms of connections and such, yet it works through the tor network, which makes the connections very secure. Commonly advertised benefits of it are “host anywhere”, which means that it can be hosted anywhere that allows hidden services, unlike most botnets. This removes those needs for excruciatingly expensive “bulletproof” servers. The tor feature makes it fully bulletproof, allows for more uses for many things, such as a stressing method that will be coming out soon and many monetizing methods. Though the tor network is slow, this bot will speed it up later on, if I decide. Upon the next update, it will also be faster than am http bot.
Cortex: It works exactly like a regular http bot, in technical terms of connections and such, yet it works through the tor network, which makes the connections very secure. Commonly advertised benefits of it are “host anywhere”, which means that it can be hosted anywhere that allows hidden services, unlike most botnets. This removes those needs for excruciatingly expensive “bulletproof” servers. The tor feature makes it fully bulletproof, allows for more uses for many things, such as a stressing method that will be coming out soon and many monetizing methods. Though the tor network is slow, this bot will speed it up later on, if I decide. Upon the next update, it will also be faster than am http bot.
Chris: This is very exciting. It opens up an entirely new portal for HTTP botnets and how they are run. If this is such a revolutionary product, why such a cheap $100.00 BTC pricetag?
Cortex: Well, I was talking with the team. I figured, “Why doesn’t everyone with ideas have a botnet?” Its because they’re so pricy. For example, a good loader costs about $500. A bulletproof server costs $200. Other tools? You’re looking to spend $100+ more. This bot? $100 for the bot, $30 for a good server, and at most $20 for anything else. Sure, the price tag may rise in the future, but it’ll never be an overly expensive bot. If you think it’s revolutionary now, wait for this update.. We have a surprise that’s going to innovate botnets.
Cortex: Well, I was talking with the team. I figured, “Why doesn’t everyone with ideas have a botnet?” Its because they’re so pricy. For example, a good loader costs about $500. A bulletproof server costs $200. Other tools? You’re looking to spend $100+ more. This bot? $100 for the bot, $30 for a good server, and at most $20 for anything else. Sure, the price tag may rise in the future, but it’ll never be an overly expensive bot. If you think it’s revolutionary now, wait for this update.. We have a surprise that’s going to innovate botnets.
Chris: Why must you tease me like this?! All this talk of new ways to innovate the botnet and all other botnets! It’s making me super excited!!! Can you give me a bit of an idea of what this new feature is without completely giving it away?
Cortex: Haha, nothing more than a step forward for botnets. Considering Atrax is another tor bot, we had to have something to further how unique Gopnik is. It shouldn’t be too much longer til its out. If I were to say it, it’d be completely given away.
Cortex: Haha, nothing more than a step forward for botnets. Considering Atrax is another tor bot, we had to have something to further how unique Gopnik is. It shouldn’t be too much longer til its out. If I were to say it, it’d be completely given away.
Chris: I guess I will just have to wait and see then… :(. Anyway, for the more technically driven people, can you give us more of a peak behind the curtain of your botnet? What it is coded in, its bin size, and its detection rate possibly?
Cortex: Coded in primarily C#, yet many modules are and will be coded in C. The .NET dependency isn’t so bad, especially considering Microsoft is coming out with a native compiler. Its bin size is rather large, at a small bit over 1mb, considering how large tor is. We are recoding tor as we speak.. The predicted size upon completion is 200kb. It’s got a great execution rate, averaging over 80%. To accommodate for the size, we may make a downloader that works primarily with the bot, which should increase the execution rate even more.
Cortex: Coded in primarily C#, yet many modules are and will be coded in C. The .NET dependency isn’t so bad, especially considering Microsoft is coming out with a native compiler. Its bin size is rather large, at a small bit over 1mb, considering how large tor is. We are recoding tor as we speak.. The predicted size upon completion is 200kb. It’s got a great execution rate, averaging over 80%. To accommodate for the size, we may make a downloader that works primarily with the bot, which should increase the execution rate even more.
Chris: Any possibility that some kind of document or directory will be provided for people who wish to write there own “add-ons” to accommodate what the user requires?
Cortex: Oh yes, we are incorporating a full fledged SDK to go along with the bot. Our priorities are stability, safety, and user satisfaction. Many people complain that a bot doesn’t have a feature they need, or an idea that bots don’t have yet, so we are incorporating an SDK.
Cortex: Oh yes, we are incorporating a full fledged SDK to go along with the bot. Our priorities are stability, safety, and user satisfaction. Many people complain that a bot doesn’t have a feature they need, or an idea that bots don’t have yet, so we are incorporating an SDK.
Chris: Being blunt, that kicks ass. Seriously. That is amazing. Are you in the works for any other projects?
Cortex: Not as of now. I’ve had many offers, but this bot is my main priority. Even now, with its few downsides, these perks are, as bluntly as you put it, pretty kick ass. And the downsides are being smoothed out too, so it’s going to be revolutionary.
Cortex: Not as of now. I’ve had many offers, but this bot is my main priority. Even now, with its few downsides, these perks are, as bluntly as you put it, pretty kick ass. And the downsides are being smoothed out too, so it’s going to be revolutionary.
Chris: Any plans to expand sales to other websites? Or are you already expanded and I just missed it?
Cortex: I’ve posted on regular public “hacking” forums. I’m slowly bringing it into the deepweb, with a posting on TheHiddenWiki, soon to be a site for it as well, along with possibly on other deepweb marketplaces. Once it has all the downsides, I plan to bring it to more advanced hacking forums.
Cortex: I’ve posted on regular public “hacking” forums. I’m slowly bringing it into the deepweb, with a posting on TheHiddenWiki, soon to be a site for it as well, along with possibly on other deepweb marketplaces. Once it has all the downsides, I plan to bring it to more advanced hacking forums.
Chris: What about expanding payment methods? Grated, only using BitCoin and LiteCoin is super secure… but it run the risk of shrinking your selling possibility’s.
Cortex: That is true. I don’t plan on accepting payment processors such as PayPal, but PerfectMoney and WebMoney are in the future. I may accept MoneyPak or gift cards if I can get dedicated exchangers to provide more options for the customer.
Cortex: That is true. I don’t plan on accepting payment processors such as PayPal, but PerfectMoney and WebMoney are in the future. I may accept MoneyPak or gift cards if I can get dedicated exchangers to provide more options for the customer.
Chris: Very true. Any idea of how often you would like to push these updates? Every week? Every two weeks?
Cortex: Well, larger updates such as this one and the size reduction take more time. Updates will be pushed out weekly or bimonthly, if all goes to plan.
Cortex: Well, larger updates such as this one and the size reduction take more time. Updates will be pushed out weekly or bimonthly, if all goes to plan.
Chris: Awesome. Winding down the interview process, I have to ask… anyone you want to thank or give a shoutout too?
Cortex: None that I can publicly thank or shutout to.
Cortex: None that I can publicly thank or shutout to.
Chris: Any final words on your end? Anything at all?
Cortex: None that I can think of off the top of my head, besides the marketer in me saying “To purchase or for inquiries, contact me at cortex@exploit.im”
Cortex: None that I can think of off the top of my head, besides the marketer in me saying “To purchase or for inquiries, contact me at cortex@exploit.im”
Chris: Perfect. Thank you very much for your time! 
Cortex: No problem.
Cortex: No problem.
