Infostealer data can include passwords, email and billing addresses, and the embarrassing websites you use. Farnsworth Intelligence is selling to to divorce lawyers and other industries.#News #OSINT
A Startup is Selling Data Hacked from Peoples’ Computers to Debt Collectors
When your laptop is infected with infostealing malware, it’s not just hackers that might get your passwords, billing and email addresses, and a list of sites or services you’ve created accounts on, potentially including some embarrassing ones. A private intelligence company run by a young founder is now taking that hacked data from what it says are more than 50 million computers, and reselling it for profit to a wide range of different industries, including debt collectors; couples in divorce proceedings; and even companies looking to poach their rivals’ customers. Essentially, the company is presenting itself as a legitimate, legal business, but is selling the same sort of data that was previously typically sold by anonymous criminals on shady forums or underground channels.Multiple experts 404 Media spoke to called the practice deeply unethical, and in some cases the use of that data probably illegal. The company is also selling access to a subset of the data to anyone for as little as $50, and 404 Media used it to uncover unsuspecting victims’ addresses.
The activities of the company, called Farnsworth Intelligence, show a dramatic shift in the bevvy of companies that collect and sell access to so-called open source intelligence, or OSINT. Historically, OSINT has included things like public social media profiles or flight data. Now, companies increasingly see data extracted from peoples’ personal or corporate machines and then posted online as fair game not just to use in their own investigations, but to repackage and sell too.
“To put it plainly this company is profiting off of selling stolen data, re-victimizing people who have already had their personal devices compromised and their data stolen,” Cooper Quintin, senior public interest technologist at the Electronic Frontier Foundation (EFF), told 404 Media. “This data will likely be used to further harm people by police using it for surveillance without a warrant, stalkers using it to gather information on their targets, high level scams, and other damaging motives.”
💡
Do you know anything else about people selling data to debt collectors or these other industries? I would love to hear from you. Using a non-work device, you can message me securely on Signal at joseph.404 or send me an email at joseph@404media.co.Infostealers are pieces of malware, often stealthily bundled in a piece of pirated software, that steal a victim’s cookies, login credentials, and often more information stored in their browser too. On its website, Farnsworth lays out several potential uses for that stolen data. This includes “skip tacing,” presumably a typo of skip tracing, which is where a private individual or company tracks someone down who owes a debt. The website says users can “find debtors up-to-date addresses.” Another use case is to “Find high impact evidence that can make/break the case of million dollar lawsuits, high value divorce cases, etc.” A third is to “generate lead lists of customers/users from competitors [sic] companies,” because the data could show which competing products they have login credentials for, and, presumably, use.
Calli Schroeder, senior counsel at the Electronic Privacy Information Center (EPIC), told 404 Media that the use cases Farnsworth offers are “not only morally questionable [...] but may not be legal or usable in some cases.” For the litigation one, courts are split on using stolen information as evidence in legal proceedings. When hackers targeted the dating site Ashley Madison, for example, a judge ruled that despite the data being publicly published it was still confidential and stolen and couldn’t be used. Most judges will not allow illegally obtained evidence in divorce proceedings either, Schroeder said.
Then for using the data to build a list of customers of competitors, Schroeder said that “may very well fall under corporate espionage and trade secrets violations, depending on what information is taken.”
“This is so gross and predatory. They are facilitating and enabling further exploitation of victims of a crime and bragging about how multiple criminal acts make their business better. Moral bankruptcy is common in this industry, but I rarely see a company so proud of it,” Schroeder added.
playlist.megaphone.fm?p=TBIEA2…
Farnsworth did not respond to multiple requests for comment. Aidan Raney, the company’s 23 year-old founder, did not respond to multiple Signal messages sent to an account he has previously used to communicate with 404 Media.Farnsworth offers two infostealer related products. The first is Farnsworth’s “Infostealer Data Platform,” which lists those above use cases. This can display hacking victims’ full text passwords, and requires potential users to contact Farnsworth for access. The company asks applicants to explain their use case, and can include “private investigations, intelligence, journalism, law enforcement, cyber security, compliance, IP/brand protection,” and several others, according to its website.
The second product is infostealers.info, a publicly available service that requires no due diligence to enter. It only asks for a minimum of $50 to search through the results. These don’t include victims’ full passwords, but the platform still includes a wide range of sensitive information. Recently infostealers.info introduced the ability to search for data stored in a hacking victim’s autofill. That is, data stored in the browser for convenience that can automatically populate when filling out a form, such as a billing address. Using this tool, 404 Media was able to extract multiple peoples’ billing addresses. One was in Staten Island, New York, which appeared to be someone’s private residence. Another address was in India.
Inside the Massive Crime Industry That is Hacking Billion Dollar Companies
When you download that piece of pirated software, you might be also getting a piece of infostealer malware, and entering a highly complex hacking ecosystem that is fueling some of the biggest breaches on the planet.404 MediaJoseph Cox
In other words, these people had been hacked, and now anyone with $50 was able to search through data stolen from their computer.“This should also be an example of how once your data is lost in a breach you can't control what will happen to it. It can be used by law enforcement, stalkers, scammers, advertisers, or anyone with access to it. It's a stark reminder of why digital security is important even if you think you have nothing to hide,” Quintin from the EFF added.
Hackers running infostealer operations often create Telegram channels where they upload personal data their malware has stolen. Other criminals can then pay to access this stolen data. The administrator of one prolific infostealer campaign previously told 404 Media “this brings us good income, but I am not ready to disclose specific amounts.” Infostealers operators often then publish stolen credentials on Telegram for free, likely as a way to advertise their paid offerings. Farnsworth did not respond when asked if it is buying this stolen data from hackers to then put into its product.
Cybersecurity researchers have used infostealer data to unmask criminals. Hudson Rock, another company that sells infostealer-related services, used it to uncover information on two alleged fraudsters on the FBI’s Most Wanted List. Last year cybersecurity firm RecordedFuture said it found 3,334 unique credentials used to access child abuse imagery websites. It says it used that data to identify two individuals. In a LinkedIn post on Tuesday, Raney said the company has explored its own dataset in a similar way.
But those are different use cases to selling infostealer data on the open market or for potentially illegal use cases.
Quintin said “It would be illegal and unethical to sell stolen cell phones even if you didn't steal them yourself, and I don't see how this is any different.”
Infostealer data can unmask Tor users and attribute the users/admins of CSAM distribution forums...
Infostealer data can unmask Tor users and attribute the users/admins of CSAM distribution forums... After exploring our infostealer data at Farnsworth Intelligence we learned that the users and admins of countless dark web forums, such as those dist…Aidan Raney (www.linkedin.com)
John Adams says "facts do not care about our feelings" in one of the AI-generated videos in PragerU's series partnership with White House.
John Adams says "facts do not care about our feelings" in one of the AI-generated videos in PragerUx27;s series partnership with White House.#AI
White House Partners With PragerU to Make AI-Slopified Founding Fathers
John Adams says "facts do not care about our feelings" in one of the AI-generated videos in PragerU's series partnership with White House.Samantha Cole (404 Media)
There is a massive exodus happening in the AI world; the 'Save Our Signs' campaign, and why AI won't save the media industry.
There is a massive exodus happening in the AI world; the x27;Save Our Signsx27; campaign, and why AI wonx27;t save the media industry.#Podcast
Podcast: The AI Exodus Begins
There is a massive exodus happening in the AI world; the 'Save Our Signs' campaign, and why AI won't save the media industry.Joseph Cox (404 Media)
Nearly two minutes of Mark Zuckerberg's thoughts about AI have been lost to the sands of time. Can Meta's all-powerful AI recover this artifact?
Nearly two minutes of Mark Zuckerbergx27;s thoughts about AI have been lost to the sands of time. Can Metax27;s all-powerful AI recover this artifact?#AI #MarkZuckerberg
Saving the Lost Silent Zuckerberg Interview With the Amazing Power of AI
Nearly two minutes of Mark Zuckerberg's thoughts about AI have been lost to the sands of time. Can Meta's all-powerful AI recover this artifact?Jason Koebler (404 Media)
Sweden's Moderate party allowed users to make the PM hold a sign bearing any name they wanted. You know what happened next.
Swedenx27;s Moderate party allowed users to make the PM hold a sign bearing any name they wanted. You know what happened next.#News
Swedish Prime Minister Pulls AI Campaign Tool After It Was Used to Ask Hitler for Support
Sweden's Moderate party allowed users to make the PM hold a sign bearing any name they wanted. You know what happened next.Matthew Gault (404 Media)
Getting a Job in Tech in Italy in 2025: The Complete Guide
Italy's tech market is booming in 2025, with the ICT sector hitting €91.7 billion and over 70,000 annual job openings. Entry-level software developers earn €35,000+, while experienced roles top €60,000. Key hubs like Milan, Rome, and Turin offer competitive salaries (€40K–€70K+) amid growing demand for AI, cybersecurity, and cloud skills.
@Jobs
nucamp.co/blog/coding-bootcamp…
Getting a Job in Tech in Italy in 2025: The Complete Guide
Discover Italy's tech job market in 2025 with insights on salaries, living costs, visa options, and jobs in cities like Milan and Rome.Ludo Fourrage (Nucamp Bootcamp)
The rise of Anubis; ICE's new facial recognition app; and a bunch of articles about LLMs.
The rise of Anubis; ICEx27;s new facial recognition app; and a bunch of articles about LLMs.#Podcast
Podcast: How to Fight Back Against AI Bot Scrapers
The rise of Anubis; ICE's new facial recognition app; and a bunch of articles about LLMs.Joseph Cox (404 Media)
More than $160 million in crypto is riding on the definition of 'suit.'
More than $160 million in crypto is riding on the definition of x27;suit.x27;#News
Polymarket Gamblers Go to War Over Whether Zelenskyy Wore a Suit
Polymarket, an online betting marketplace that bills itself as the future of news, can’t decide whether or not Ukrainian president Volodomyr Zelenskyy wore a suit during a recent appearance in Europe. The gambling site is set to make a final judgement about the question in a few hours and more than $160 million in crypto is riding on it.Polymarket is a gambling website where users predict the outcome of binary events. It gained prominence in the runup to the 2024 election, signed an exclusivity deal with X in June, and sees itself not just as an online betting parlor, but as an arbiter of truth. Its founder, Shayne Coplan, thinks that the future of media belongs to a website made for degenerate gamblers to make silly bets.
playlist.megaphone.fm?p=TBIEA2…
And yet this arbiter of truth had trouble figuring out if Zelenskyy wore a suit at the end of June during a NATO summit. The bet, started on May 22, is simple: “Will Zelenskyy wear a suit before July?” The answer, it turns out, is pretty hard. When Zelenskyy showed up at a NATO summit wearing a tailored jacket and a button up shirt, a stark contrast to his more casual military style garb, a community-run Polymarket account posted, “President Zelenskyy in a suit last night.”President Zelenskyy in a suit last night pic.twitter.com/Uo3Rhuzkq1
— Polymarket Intel (@PolymarketIntel) June 25, 2025
But people who bet “no” cried foul, complaining that he wasn’t actually wearing a suit on social media and in Polymarket hosted chat rooms. Zelenskyy’s “suit” was an all black get-up with no tie and four cargo-style pockets, some pointed out. The jacket was suit shaped, but it didn’t quite fit everyone’s definition of formal dress. And, perhaps most telling on the side of “not an actual suit,” he was wearing tennis shoes.According to the “rules” underneath the bet, the market would resolve as a “yes” if the Ukrainian president is photographed or videotaped wearing a suit. “The resolution will be the consensus of credible reporting.”
All the credible reporting around the scene described Zelenskyy’s outfit as a suit. He’s known for wearing military style outfits so the sudden formal outfit generated a lot of headlines. Reuters said the outfit was “suit-style,” a Fox News pundit joked that Trump won’t recognize Zelenskyy because he’s wearing a suit, and the NY Post said that he ditched a “T-shirt for a suit.” There were many more media outlets that noted the fashion upgrade.
At first, the betting market agreed with them. It resolved the bet as a “yes,” but the site’s “no” holders flagged the issue for a disputed resolution. Polymarket kicked the question to a third party, which considered the issue and changed the outcome to a “no.”
Some disputes on Polymarket, like this one, are resolved through a blockchain based third party system called UMA. In this system, the question of how to resolve a disputed market gets thrown to people who hold UMA tokens and who are, in theory, impartial. Holding a UMA token buys you a voice in the debate, which plays out in Discord servers and can be watched by the public.
On social media and in Discord, people are accusing UMA token holders of placing side bets on the suit question and attempting to manipulate the market so one side wins. The Discord conversation is full of people claiming UMA has failed and that Polymarket’s administrators are manipulating it directly.
“At the time of this clarification, 09:33am ET July 01, a consensus of credible reporting has not confirmed that Zelenskyy has worn a suit,” Polymarket administrators wrote below the bet. It did not elaborate on what amounted to a “consensus of credible reporting” and it didn’t return 404 Media’s request for a comment on the issue.
Unhappy “yes” betters disputed this resolution and it’s still in review at the time of publication. According to a timer on the bet, Polymarket will issue a final answer to the question by the end of the day.
So. Is it a suit or isn’t it? According to menswear expert and prolific fashion poster Derek Guy, it’s both. “If I were writing an article about Zelenskyy's dress, I would call it a suit because it's the shortest, easiest way to describe his outfit without getting into the history of men's tailoring. But I would also recognize this is not what most people recognize as a suit,” Guy said in a thread about the controversy on X.
The suit, then, is in the eye of the beholder. The problem is that people have bet more than $160 million on the outcome of the question.
Zelensky ditches T-shirt for a suit for sit-down meeting with President Trump
“I thank Mr President, I thank the United States,” Zelensky said.Anthony Blair (New York Post)
Anubis, which block AI scrapers from scraping websites to death, has been downloaded almost 200,000 times.#News
The Open-Source Software Saving the Internet From AI Bot Scrapers
For someone who says she is fighting AI bot scrapers just in her free time, Xe Iaso seems to be putting up an impressive fight. Since she launched it in January, Anubis, a “program is designed to help protect the small internet from the endless storm of requests that flood in from AI companies,” has been downloaded nearly 200,000 times, and is being used by notable organizations including GNOME, the popular open-source desktop environment for Linux, FFmpeg, the open-source software project for handling video and other media, and UNESCO, the United Nations organization for educations, science, and culture.Iaso decided to develop Anubis after discovering that her own Git server was struggling with AI scrapers, bots that crawl the web hoovering up anything that can be used for the training data that power AI models. Like many libraries, archives, and other small organizations, Iaso discovered her Git server was getting slammed only when it stopped working.
“I wasn't able to load it in my browser. I thought, huh, that's strange,” Iaso told me on a call. “So I looked at the logs and I figured out that it's restarted about 500 times in the last two days. So I looked in the access logs and I saw that [an] Amazon [bot] was clicking on every single link.”
Iaso knew it was an Amazon bot because it self identified as such. She said she considered withdrawing the Git server from the open web but that because she wants to keep some of the source code hosted there open to the public, she tried to stop the Amazon bot instead.
“I tried some things that I can’t admit in a recorded environment. None of them worked. So I had a bad idea,” she said. “I implemented some code. I put it up on GitHub in an experimental project dumping ground, and then the GNOME desktop environment started using it as a Hail Mary. And that's about when I knew that I had something on my hands.”
There are several ways people and organizations are trying to stop bots at the moment. Historically, robots.txt, a file sites could use to tell automated tools not to scrape, was a respected and sufficient norm for this purpose, but since the generative AI boom, major AI companies as well as less established companies and even individuals, often ignored it. CAPTCHAs, the little tests users take to prove they’re not a robot, aren’t great, Iaso said, because some AI bot scrapers have CAPTCHA solvers built in. Some developers have created “infinite mazes” that send AI bot scrapers from useless link to useless link, diverting them from the actual sites humans use and wasting their time. Cloudflare, the ubiquitous internet infrastructure company, has created a similar “AI labyrinth” feature to trap bots.
Iaso, who said she deals with some generative AI at her day job, told me that “from what I have learned, poisoning datasets doesn't work. It makes you feel good, but it ends up using more compute than you end up saving. I don't know the polite way to say this, but if you piss in an ocean, the ocean does not turn into piss.”
In other words, Iaso thinks that it might be fun to mess with the AI bots that are trying to mess with the internet, but in many cases it’s not practical to send them on these wild goose chases because it requires resources Cloudflare might have, but small organizations and individuals don’t.
“Anubis is an uncaptcha,” Iaso explains on her site. “It uses features of your browser to automate a lot of the work that a CAPTCHA would, and right now the main implementation is by having it run a bunch of cryptographic math with JavaScript to prove that you can run JavaScript in a way that can be validated on the server.”
Essentially, Anubis verifies that any visitor to a site is a human using a browser as opposed to a bot. One of the ways it does this is by making the browser do a type of cryptographic math with JavaScript or other subtle checks that browsers do by default but bots have to be explicitly programmed to do. This check is invisible to the user, and most browsers since 2022 are able to complete this test. In theory, bot scrapers could pretend to be users with browsers as well, but the additional computational cost of doing so on the scale of scraping the entire internet would be huge. This way, Anubis creates a computational cost that is prohibitively expensive for AI scrapers that are hitting millions and millions of sites, but marginal for an individual user who is just using the internet like a human.
Anubis is free, open source, lightweight, can be self-hosted, and can be implemented almost anywhere. It also appears to be a pretty good solution for what we’ve repeatedly reported is a widespread problem across the internet, which helps explain its popularity. But Iaso is still putting a lot of work into improving it and adding features. She told me she’s working on a non cryptographic challenge so it taxes users’ CPUs less, and also thinking about a version that doesn’t require JavaScript, which some privacy-minded disable in their browsers.
The biggest challenge in developing Anubis, Iaso said, is finding the balance.
“The balance between figuring out how to block things without people being blocked, without affecting too many people with false positives,” she said. “And also making sure that the people running the bots can't figure out what pattern they're hitting, while also letting people that are caught in the web be able to figure out what pattern they're hitting, so that they can contact the organization and get help. So that's like, you know, the standard, impossible scenario.”
Iaso has a Patreon and is also supported by sponsors on Github who use Anubis, but she said she still doesn’t have enough financial support to develop it full time. She said that if she had the funding, she’d also hire one of the main contributors to the project. Ultimately, Anubis will always need more work because it is a never ending cat and mouse game between AI bot scrapers and the people trying to stop them.
Iaso said she thinks AI companies follow her work, and that if they really want to stop her and Anubis they just need to distract her.
“If you are working at an AI company, here's how you can sabotage Anubis development as easily and quickly as possible,” she wrote on her site. “So first is quit your job, second is work for Square Enix, and third is make absolute banger stuff for Final Fantasy XIV. That’s how you can sabotage this the best.”
Developer Creates Infinite Maze That Traps AI Training Bots
"Nepenthes generates random links that always point back to itself - the crawler downloads those new links. Nepenthes happily just returns more and more lists of links pointing back to itself."Jason Koebler (404 Media)
404 Media is closed this week. School's out.
404 Media is closed this week. Schoolx27;s out.#PSA
Gone Fishin': 404 Media Summer Break 2025
404 Media is closed this week. School's out.Jason Koebler (404 Media)
Researchers took inspiration from r/AmITheAsshole to find out if chatbots are likely to demonstrate an exaggerated version of human beings’ “bias for inaction.”
Researchers took inspiration from r/AmITheAsshole to find out if chatbots are likely to demonstrate an exaggerated version of human beings’ “bias for inaction.”#llms #chatbots #psychology
