In 2017 the largest darknet market was seized, Alphabay - leading to the tragic suicide of its alleged admin Alex Cazes.
Recently its co-admin/fugitive DeSnake returned, relaunching the site in Alex's honor. With World's demise, Alphabay is close to reclaiming its throne as
#1
.
Extortion is the new exit scam. The
#1
darknet drug market took all of its users' money days ago. Now its admin Pharoah is demanding that each seller pay a ransom or he will turn their data over to the police.
We'll see how this plays out for him.
World Market: "Lovelace took bitcoind offline March 16 and ran with >100BTC scammed his partners too" according to an anonymous source within WM. I'm diving in to the blockchain analysis.
I am a journalist covering an area few cover: the "darknet." If you agree that I am a journalist stand by me, agree loudly. If my research is useful to you, speak up.
I am careful to not break the law. A nation is trying to take me down. Please voice your support for my work.
"We leave law enforcement to the experts and will not stop service to any of our clients unless by final court order." -
@bitmitigate
in their sparse TOS, 8chan's replacement for Cloudflare
Empire, the largest darknet cryptomarket is gone. With no explanation from its admins and no announcement from law enforcement, this looks like a devastating exit scam.
The darknet was in a golden age of trust. Expect a rough year of exit scams ahead as trust is rediscovered.
For the first time on the darknet, the most active market does not accept Bitcoin. White House Market uses Monero, a cryptocurrency designed to safeguard the privacy of its previous owners, like cash.
Warning Monero users: If you downloaded Monero in the past 24 hours you may have installed malware. Monero's official website served compromised binaries for at least 30 minutes during the past 24 hours. Investigations are ongoing.
The darknet is tiny. Market revenue is an insignificant rounding error in the global drug economy. Why do governments invest so much energy in hunting Tor users?
Darknet arrests are not a war on drugs. This is the war on anonymity. Learn to hunt criminals, then hunt activists.
We got our domain back!! Massive THANK YOU to
@njal_la
,
@brokep
, and all who supported us over the past four days while a phisher hijacked and operated our clearnet site. Rebuilding carefully.
An end to the hidden service DDOS era?
@torproject
just released Tor 0.4.8.1-alpha, the first to include their new proof of work DDOS mitigation features.
Shoutout to Micah Elizabeth Scott for your hard work on this, and to Tor donors for enabling!
Blockchain surveillance is the next ad tech. Think Facebook ads are creepy? Wait til merchants know your net worth and shopping history because you aren't using a privacy coin like Monero.
My domain dark[.]fail was hijacked 12hr ago. I am not in control of it. DarknetLive's domain was also stolen.
We are not the same person. Our registrar Njalla is the common denominator between both attacks. My 2FA was on. I received no emails from Njalla. Something is broken.
Incognito darknet market is exit scamming. Users can deposit Bitcoin and Monero, cannot withdraw. Huge admin BTC outflows yesterday. Staff has not logged in.
They purchased the news site Darknetlive before the scam, do not trust it right now. Bitcoin ATH, darknet ATL.
AlphaBay, a
#1
darknet market seized by law enforcement four years ago, recently returned. DeSnake proved their control of old PGP key, an original site admin.
Many naive people are trusting it. We'll see how this plays out. LE can seize PGP private keys just like anything else.
Using Monero still requires good OPSEC. Keep track of what sites you paste addresses into. Never reuse an address. Treat Monero like it will some day be traceable. Blockchain is not post-quantum anonymity, activists.
White House Market is offline. It was the
#1
market for over a year, the most secure darknet market to date. It mandated rigorous PGP encryption, only supported Monero.
Mr_white announced their impending retirement weeks ago. There is no indication of compromise.
Just in case your donation to a journalist is not something you want publicly visible in a blockchain: we have removed Bitcoin as a donation option.
is now Monero-only to protect our donors from blockchain misinterpretation/pseudo-analysis.
WARNING: Two of my donors report that their exchanges blocked their accounts after they donated Bitcoin to me. I am a journalist! I do not commit crimes.
Last year I voiced strong opposition to blockchain analysis. My donation address was flagged in return. This is pure evil.
Should cash be permanently marked if it has EVER passed through a criminal's hands?
This is happening to thousands of cryptocurrency users.
@Chainalysis
KYT flags a Bitcoin deposit as suspicious, provides no evidence or appeal, then the exchange steals the funds.
Namecheap is still allowing a phishing site to be hosted on my hijacked domain "dark[.]fail". They will not remove the nameservers. This negligence is costing people hundreds of thousands per day. Ticket PVZ-490-11596 do the right thing.
@Namecheap
Thank you Binance for the
#Monero
sale. Some panic, others stack. Monero is about to release its most major upgrade to their privacy chain, great timing.
Remember that post-DOJ-settlement Binance is essentially a servant of the US Government.
ALERT: "dark[.]fail" is still hijacked by a phisher. Each link appears to be a real site, but MITM proxies your browsing, allowing the attacker to steal your cryptocurrency and passwords. I estimate people are losing least 250k Euro per day. Only trust my .onion, PGP verify.
ALERT: DarkMarket seized by German authorities. It was the largest darknet drug marketplace for 3 months.
Empire and Dream Market admins are still at large. Dream was online for seven years.
It's my 4th year here, providing original reporting on privacy and cyber matters. Thank you readers.
This Monday I launch my independent news website, years in the making. Want a free one year subscription? DM or email me your Protonmail within the next 24 hours. Hiring writers.
Thousands of malicious Tor exit nodes stole cryptocurrency with phishing, SSL stripping. Tor is broken. Anyone can anonymously launch a node with no accountability.
@campuscodi
Donating to Ukraine's crypto addresses? Might want to use a privacy coin if you at any point in your life intend to travel through Russia-friendly territory.
Blockchain (over)analysis will get people hurt.
ALERT: White House Market is retiring. New orders and registrations are disabled. The site remains online. There is no indication of an exit scam or compromise.
ALERT: All v3 .onion addresses on the Tor network are offline. "It appears that somebody made their own Tor implementation that fetches directory info in a very rude way." ... a custom DDoS tool?
The est. $30m of Bitcoin stolen by Empire Market four months ago is now worth over $100m USD. It was darknet's largest drug marketplace. Empire's admin is still at large.
Dream Market fentanyl vendor Chems_USA sentenced to 17 years in prison, ordered to forfeit $4,156,198.18. They ordered gold bullion in their real name, using a Bitcoin wallet associated with their Dream vendor account.
Do not assume that the internet we know today will remain open across borders during wartime.
Consider installing mesh P2P messaging apps ahead of time in case of outages/censorship, including Briar and Bridgefy.
Reddit is down. Dread is online, an alternative built by a redditor frustrated with the company's policies.
It's moderated, focused on freedom of speech, and is only accessible on Tor so that its admins never know your IP. Worth researching:
ALERT: Darknetlive sold their site. Do not trust darknetlive[.]com until further notice. Their personal PGP key was not sold.
This is a great loss. For years DNL was one of the few credible news sources for "darknet" happenings. Have information? tips at darkdot dot com
Dread is now using
@torproject
's new proof of work anti-DDOS features. Users must run the latest Tor Browser in order to access it.
Dread is the largest forum exclusively available as a Tor hidden service, hiding user and server IP addresses.
Alert: NordVPN confirms that it was hacked. The attacker accessed their infrastructure through a management interface, presumably an KVM/IPMI/iLO solution left unsecured by their hosting provider.
Adjust your OPSEC if you have ever used
@NordVPN
. Emails and BTC txids may leak.
I do not endorse crime. I search out signs that anonymous free speech is still possible in this age of chilling surveillance.
All activists should pay attention to methods used by cybercriminals to avoid capture. Be a student of methods used in cyber investigations. You're next.
is offline because Cloudflare's nameservers are suddenly not responding for our domain. Happy paying CF customers for years.
@Cloudflare
Our .onion site is fine as always. DNS is a terrible centralised system. Thank you
@torproject
ALERT: Monopoly Market's servers were seized by their host, very likely law enforcement action. This was one of the largest cryptomarkets on the darknet.
If you conducted blockchain/cyber research on this platform be aware that your transaction history may be in unknown hands.
Ban blockchain analysis. It is inherently "guilty until proven innocent" pseudoscience. Show me the code that discriminates against me.
Trading someone your crypto keys should not make you responsible for their further transactions. This is an assumption these tools make.
I am an anonymous journalist who researches the "dark web". Why do I bother with anonymity, OPSEC? I want to focus on my work. I don't want to waste time and money on a legal battle. I am operating legally. Anonymity lets me focus as a uniquely free person.
If you're an official with words of consequence, PGP sign your messages. Drug users can figure it out, you can too.
Darknet market users verify, sign, and encrypt PGP messages all day long. Most markets use PGP even as a 2FA mechanism. PGP was invented in 1991.
WARNING: Incognito's Monero withdraws are failing according to multiple Darkdot sources.
The market is the largest drug marketplace on the darknet and has a track record of honesty so far, I suspect the admin is on a holiday break.
Anyone who gives a damn about privacy should scrutinize "darknet" investigations. I believe the ethics-bending methods used by some LE are the tip of an iceberg that will soon threaten all online freedoms.
Activists, journalists, researchers: learn OPSEC. Learn from the darknet.
Privacy coins still have no DEX worth using.
Obtaining untraceable money like Monero or Zcash Orchard requires leaving a trace on logged centralized exchanges and swap sites, today's biggest risk factor for surveilled crypto users.
Fact check: 8chan was offline the entire day that
@nytimes
falsely claims a Norwegian shooter posted on 8chan before shooting in a mosque. How does one post on an offline site?
@verge
redacted their similar false story. Who was their common source?
WARNING: Incognito Market's cryptocurrency withdrawals and deposits are not working, confirmed by dozens of users on the darknet forum Dread.
It is by far the largest cryptomarket, today's Silk Road. The site went offline briefly around 12 hours ago then the problems began.
Dark[.]fail is no longer a trusted mirror of Dark[.]fail. Never expected this strange day when writing the mirrors.txt spec. I am fighting to get my domain back from phishers.
The DDoS on the Tor network began on Jan 6, the same day as the USA capitol riots. Hidden services are extremely hard to deplatform. Coincidence or a preventative measure?
ASAP market is retiring after a long, honest run. Drug markets on Tor have experienced an unusually long period of stability during this crypto winter.
Two months ago, $1bil of Bitcoin was seized by the US Government from someone who hacked Silk Road 1. That 69,370 BTC is now worth over $2.6 billion. USA hodls.
179 darknet vendors and buyers were recently arrested. Europol's self-congratulation: "The golden age of the dark web marketplace is over.”
Meanwhile on the darknet: more markets are online than ever before. Each bust inspires a new generation of admins.
EMERGENCY: DO NOT TRUST THE DOMAIN '' RIGHT NOW! Only trust .
My domain name was hijacked by a phisher. Darknetlive was also hijacked. Our registrar was - help
@Njal_la
@namecheap
Don't stake your freedom on a single privacy technology. Assume Tor is broken. Assume Monero will be cracked.
Layer multiple approaches so one can fail. like XMR to ZEC, VPN to Tor. (controversial but my informed opinion)
DarkMarket was seized today, briefly the darknet's largest.
Did Yellow Brick really exit scam or were they arrested? Why are the Tor network's consensus servers under a coordinated attack at the same time?
PGP encrypt all the things. Private messages on any site can be read by admins, and sometimes by their moderators. Don't trust a site to encrypt for you.
I believe that Icaraus Market will scam. Naive darknet users are rushing into new, unproven sites that are shilling forums like mad.
I consider DarkMarket, Monopoly, White House, CanadaHQ, ToRReZ, and DeepSea the most notable to research.
Six new darknet markets have already launched in the past five days according to my inbox. Expect a lot of scams.
Empire refugees are flocking to Monopoly and White House markets. ToRReZ looks interesting, Yellow Brick is trusted by some but has scammed before.
News flash: MITM proxying my site allows me to claim your domain in Google's Search Console and delete your phishing site from their search index.
#friedPhish
Resolving technical difficulties with my site that are entirely my fault, human error. There are no signs of compromise. I will update my canary when back online within 24 hours.
Chainalysis claims $600mil passed through darknet markets in the past 3mo. TXIDs or it didn't happen. My research shows ~$100mil.
@Chainalysis
profits from fear. Their pricey black box product is not sold to individuals. Its accuracy cannot be reviewed.
It is vital for the world to scrutinize darknet investigations. The investigative methods practiced here will soon be used on everyone who has something unpopular to say.
I chose to publish under a pseudonym. Why? I knew that journalists critical of law enforcement are the most likely to be harassed by them. Those critical of USA prosecutions are the most at risk.
I now sadly know that my choice to publish anonymously was prudent.
Not in their graphic: the cost to investigate, arrest, prosecute 179 people. $6.5 million seized, it's unlikely this operation broke even. This is not a war on drugs, this is the war on anonymity.
International Law Enforcement Operation Targeting Opioid Traffickers on the Darknet Results in over 170 Arrests Worldwide & the Seizure of Weapons, Drugs & over $6.5 Million
"Democracy dies in darkness." It's long been my belief that the most ethics-violating investigations are those against users of the Tor network.
I believe journalists, activists, researchers should all closely scrutinize darknet investigations and learn from Tor OPSEC practices.