Everything you need to know about IRC
IRC follows a standard server/client networking model consisting of a collection of servers hosting multiple channels where multiple users can connect via a standalone chat application or web interface client. There are a number of Windows, Mac, and Linux based IRC clients available to dive into the hidden social network of IRC; however, because most clients are supported by academic or recreational open source software developers, continued support and up to date IRC client applications can be challenging if not impossible to find. Another downside to IRC is that all IRC servers send and receive messages via plaintext making IRC one of the most insecure protocols used in the internet. For this reason, many IRC servers recommend users use a Virtual Private Network (VPN) in addition to a Tor proxy to guarantee anonymity prior to connecting to certain channels or discussing sensitive subjects. Some servers also provide additional support with IP/host cloaking to protect users’ IP addresses from disclosure to the rest of the users connected.
The people behind an IRC server are as diverse as the topics available for discussion. Individuals and groups of individuals across the world host IRC servers creating a decentralized network of endless chat possibilities. The “channels” available to connect to on an IRC server are akin to “rooms” within a building where people gather to discuss the channel’s subject of interest or topic. Some IRC servers will have hundreds of channels to choose from, such as Freenode, which publically lists over 52,000 unique channels across their servers. The exact number of live IRC servers is unknown. Even so, irc.netsplit.de lists over 500 publically advertised IRC servers, but there are many Tor-based IRC servers not advertised.
Specific channels on an IRC server are preceded by a hastag “#” and vary across a broad set of discussion topics. As one would expect, many of the topics are specific to computing such as #linux, #python, or #networking, but others range from sports to special interests or even religious beliefs. IRC can be an excellent resource for troubleshooting software or asking technical questions, as many program developers, like those contributing to Linux distributions or mobile applications, (e.g. #iPhonedev), are active on IRC and eager to answer questions and help beginners. On the other hand, some IRC conversations are extremely general and an overly complicated form of social interaction for those who choose to connect virtually with others instead of in person.
Once a user successfully connects to a given IRC server, the command /join #<channel name> allows the user to enter the room of their choice, unless the room is set to private requiring an invitation and a password or the room has been locked by a moderator who wants to ban abusive users from entering the channel. In some special instances, the user might strongly believe they deserve access to a locked or private channel and have been unfairly denied access. If that is the case, the user can type /knock <message>, where message is the user’s custom message sent only to the channel admins. Similar to real life, if one knocks insistently on the door, it might not get one access but instead annoy the admins and get the user banned from the server entirely.
Most IRC users avoid using their real names on the servers and instead connect using a “nickname” or alias for the chat. Frequent visitors to IRC channels register their “nick” with nickserv to prevent other users from using their name. Using the command /nickserv register password e-mail in the main server window (not the unique channel) associates the email to the user and prevents the user’s nickname from being used by any other guests on the server. Users concerned with anonymity or connecting from the darknet would register a nick with an anonymous email address such as secMail or TorBox and not a Clearnet (e.g. gMail or Yahoo) address that is associated with their personal identity or could be used in any way to identify them.
Popular uses of IRC Channels
Over recent years of darknet intelligence collection and interacting in the grey world of computer security, our analysts have found wide-spread use of IRC-based coordination, collaboration and communication across darknet and deepweb regulars on everything from hacking to carding. Anonops and other cyber offensive collectives, offer Tor-hosted IRC servers and channels covering topics such as #hackers, #hardchats, #tor, #ddos, and numerous “#op”-prefixed chaannels for specific operations targeting everything from the NSA to Russia.
User submitted posts on Verified Carder, a popular Deep Web carding forum, explain how IRC can be used to verify stolen or hacked credit card numbers and the benefit of connecting with “cashiers” who can help make money from the stolen credit card.