Revenge porn, where people share intimate images of others in order to intimidate, harass, or embarrass, is rampant. Now, data obtained by a security analyst and shared with The Daily Beast reveals the behind-the-scenes of the epicenter of revenge porn: a notorious image board called Anon-IB, where users constantly upload non-consensual imagery, comment on it, and trade nudes like baseball cards.
The data shows Anon-IB users connecting from U.S. Senate, Navy, and other government computers, including the Executive Office of the President, even as senators push for a bill that would further combat the practice, and after the military’s own recent revenge-porn crisis.
“Wow tig ol bitties. You have any nudes to share?” someone wrote in November, underneath a photo of a woman who apparently works in D.C., while connecting from an IP address registered to the U.S. Senate.
Anon-IB is a free-to-use message board where users post images, typically of women, and which is split into various genre or location sections. Some parts are focused on countries, while U.S. sections may narrow down to a state. Many users pursue so-called wins, which are nude or explicit photos, and may egg each other on to share more images. Anon-IB was also intertwined with a 2014 breach of celebrity nudes referred to as The Fappening.
“Looking for wins of [redacted]. She used to send nudes to my friend all of the time. Would love to see some more,” someone connecting from the U.S. Senate IP address wrote last August.
Whoever is connecting from the Senate appears to have a particular focus on Anon-IB’s so-called Xray section, where users post photos so others can alter the image to make the women appear naked or wearing more revealing clothes, with several Xray posts linked to the Senate. Other posts asked for help from other Anon-IB members editing a photo in this way, including one of a girl the poster says they went to college with. In another message, someone connecting from the Senate shared an image of a model, and identified where they allegedly went to college, likely in the hope that others could dig up more images of the woman.
“Girl I know from [location redacted]. She was a [college redacted] and has the best tits I’ve ever seen,” another message from the Senate IP address reads. “I would love to find some wins.”
Startlingly, at least one post is linked to the Executive Office of the President, according to the data cache.
“I have wins if anyone is ready to post. First one is free,” the Anon-IB member writes, after naming a woman and sharing an image. To be clear, the Executive Office of the President includes a wide range of agencies, such as the National Security Council, the Office of Science and Technology Policy, and the Office of the President.
It is not totally clear which specific organization the poster may be based in, but online records suggest it could be the Office of Administration or the Office of Management and Budget. Sarah Huckabee Sanders, the spokesperson for the White House, did not respond to a request for comment.
The Data
Typically, Anon-IB’s users operate anonymously, as the site’s name suggests. Those who share images or post comments are simply referred to as “Anonymous,” followed by a string of characters. Victims may have a hard time identifying who leaked their images based on the website alone, and law enforcement would be hard-pressed to find any identifying information on Anon-IB.
But Einar Otto Stangvik, a security analyst at Norwegian newspaper VG, provided The Daily Beast with a large cache of hundreds of thousands of Anon-IB users’ IP addresses—numerical codes that can show where a user is posting from. A source showed Stangvik a trick for pulling IP addresses from Anon-IB, and Stangvik subsequently wrote a series of scripts to optimize the process and successfully grab the data. Stangvik said the data was obtained legally, and he also helped The Daily Beast analyze the results.
“The data we’re currently working with was obtained and analyzed to better understand who spreads the abusive imagery, and to show that abusers should have no greater hopes of invisibility than their victims,” Stangvik told The Daily Beast. Stangvik also made an archive of the text of Anon-IB posts, making cross-referencing site content with IP addresses that much easier; typically, the site only keeps around 15 pages of posts online for each section at a time.
It is not immediately possible to tell who specifically is connecting to Anon-IB based solely on the IP addresses. An IP address does not necessarily refer to an individual, and it’s not possible to know whether a guest or other visitor on a government network is responsible for the posts. There is also a chance that a hacker may be routing their traffic through government computers, but the Senate and Executive Office of the President IP addresses do not appear in lists of known, previously compromised machines, according to online records.
An administrator of Anon-IB replied to a request for comment, and asked for the list of IPs, but did not provide a statement or response. Seemingly in an attempt to verify the data leak, an administrator of Anon-IB sent The Daily Beast a specific IP address, to check whether it was in the data: The IP, along with a linked post, was included in the cache.
When asked if they had an idea of how much of Anon-IB’s user base was government employees, the administrator wrote in an email, “We do not really check who uses the image board, so I wouldn’t be able to truthfully claim anything.”
The Navy Goes On
Last year, the U.S. Marines faced a revenge-porn crisis in which servicemen nonconsensually shared intimate videos and photos of partners on secret Facebook groups.
Despite an official, wide-spanning investigation into the incident, and the Navy and Marines making posting nude photos of personnel online a criminal offense, people using U.S. Navy computers have continued to post on Anon-IB as recently as late last year, according to the data obtained by The Daily Beast.
“A lot more where that came from!” someone wrote in November 2017, along with a photo of a woman’s exposed breasts while connecting from an IP address registered to the U.S. Navy.
Other Navy-linked posts include one sharing a specific victim’s name so they can be identified on social media, another apparently trying to download a cache of images, and several asking other users for images of specific servicewomen.
“Anyone have [redacted]? She left her husband for another dude while he was deployed. Heard there is win and she is a sex crazed freak,” another Navy-linked post reads.
A U.S. Navy official told The Daily Beast that “In order to have access to a Navy IT system, a user must sign a user agreement which stipulates not to use Navy IT resources in such a way that would be considered incompatible with public service, including pornography,” and that any employees found to have violated the Uniform Code of Military Justice (UCMJ) or applicable laws will be held accountable.
“The Navy holds all our employees—military and civilian—to the highest standards of personal conduct, expecting everyone to treat each other with dignity and respect. Those who conduct themselves contrary to our core values of honor, courage and commitment will be held accountable,” the official added.
After the publication of this piece, U.S. Navy spokesman Lt. Cmdr. Ryan de Vera said in a statement that the IP addresses do not belong to the Department of Defense Information Network, but "appear to be registered to civilian internet service providers that hosts open internet access to base facilities. The U.S. Navy will continue to investigate this matter." (Other IP addresses in the data obtained by The Daily Beast are marked as belonging to the "DoD Network Information Center.")
Using the collection of posts it’s also easier to see the activity of a particular user over time. One prolific commenter, who seems to post frequently about Fort Meade, recently asked other users to share images of women who work at the NSA, and named several alleged employees.
An IP address for the Department of Energy, and a selection of other government agencies were also present in the data.
“Goes by [redacted] on facebook.. Used to work at mcdonalds,” the person connecting from the DOE wrote in response to a photo of a young woman, apparently sharing personal details about the woman’s identity. The Department of Energy did not respond to multiple requests for comment.
Stangvik, the analyst who provided the data, said, “Stolen, revenge motivated and otherwise abusive imagery posted online has become a very real issue over the last years. I fear that failure to deal with the problem will normalize online abusive behavior and sexual harassment, and that this will further nourish victim blaming and dismissal of the abuse as ‘to be expected.’”
Update: This piece has been updated to clarify the limitations of knowing who exactly is responsible for the posts.