239
submitted 7 months ago* (last edited 7 months ago) by CoolerOpposide@hexbear.net to c/news@hexbear.net

On March 10th, several days after Incognito Market was assumed to be shut down or no longer be processing transactions, the site posted a message to its homepage that reads as follows:

”Expecting to hear the last of us yet? We got one final little nasty suprise for y'all. We have accumulated a list of private messages, transaction info and order details over the years. You'll be surprised at the number of people that relied on our "auto-encrypt" functionality. And by the way, your messages and transaction IDs were never actually deleted after the "expiry"...”

”SURPRISE SURPRISE !!! Anyway, if anything were to leak to law enforcement, I guess nobody never slipped up. We'll be publishing the entire dump of 557k orders and 862k crypto transaction IDs at the end of May, whether or not you and your customers' info is on that list is totally up to you. And yes... YES, THIS IS AN EXTORTION !!! As for the buyers, we'll be opening up a whitelist portal for them to remove their records as well in a few weeks.”

”Thank you all for doing business with Incognito Market”

Exit scams are not uncommon on dark web markets, but this one is particularly large and openly threatening compared to most. Incognito Market requires the loading of cryptocurrency to a site-based wallet, which can then be used for in-house transactions only. All cryptocurrency on the site was seized from user’s wallets, estimated to be anywhere from $10 million to $75 million. After seizing the cryptocurrency wallets of all of the marketplace’s users, the site now openly explains that it will publish transactions and chat logs of users who refuse to pay an extortion fee. The fee ranges from $100 to $20,000, a volume based 5 tier buyer/seller classification.

Incognito Market also now has a Payment Status tab, which states ”you can see which vendors care about their customers below.” and lists the some of the market’s largest sellers. Sellers which have allegedly paid the extortion fee to not have their transaction records released are displayed in green, while those who have not yet paid are displayed in red.

Additionally, in a few weeks the site claims it will have a “whitelist portal” which would allow buyers to wipe their transactions and re-encrypt chat records.

Whoever is behind the website must be extremely, extremely confident in their anonymity, already working with government agencies, or both, because a bounty on this person is likely worth millions.

you are viewing a single comment's thread
view the rest of the comments
[-] Nationalgoatism@hexbear.net 48 points 7 months ago

For christs sake:

Only ever explicitly discuss serious illegal activities in person, preferably outdoors and without any technology on you

Only coordinate meetings to discuss the above over an encrypted messaging method such as signal, and in this avoid specifics and keep this to an absolute minimum (metadata can also be incriminating, and phones out computers can be compromised)

If significant payment is involved, cash, barter or work trade are the only acceptable forms. Ever.

Don't be a fucking sucker

Any questions?

[-] macerated_baby_presidents@hexbear.net 30 points 7 months ago* (last edited 7 months ago)

you are supposed to PGP encrypt all comms with the seller's public key. The only Incognito customers who will be affected are ones who are stupid and trusted the "auto-encrypt" functionality of a site whose CSS and little fake crypto punks told you it was built by not just ordinary criminals but techbros.

RIP vendors though

[-] InternetLefty@hexbear.net 16 points 7 months ago

You'd use the vendors public key actually, no? Then they would decrypt with the private key? That way they could pass around a key that is not secret

[-] QuillcrestFalconer@hexbear.net 12 points 7 months ago

Yes that's correct

[-] macerated_baby_presidents@hexbear.net 3 points 7 months ago* (last edited 7 months ago)

ope accidentally a word. Fixed

[-] LaughingLion@hexbear.net 7 points 7 months ago

wouldnt it not even matter due to the blockchain ledger showing transactions?

even if 90% of vendors paid up the last who didnt would have their clients info published and those wallets/transactions will reveal what was bought by those users from other vendors. even just a small fragment opens up a ton of other vendors and users from being exposed

also, lol

[-] LainTrain@lemmy.dbzer0.com 10 points 7 months ago

Not with monero, the txes aren't traceable down to specific ppl

[-] LaughingLion@hexbear.net 3 points 7 months ago
[-] InappropriateEmote@hexbear.net 29 points 7 months ago

Buying drugs in person puts someone at risk of violence and death. Buying drugs on a DNM (assuming you use a very basic amount of opsec) the biggest risk is losing a little bit of crypto.

Don't be a fucking sucker Any questions?

Such an ignorant and privileged thing to say.

[-] cosecantphi@hexbear.net 19 points 7 months ago* (last edited 7 months ago)

And most importantly, buying on the DNM allows you to actually read reviews from other people who purchased from the same vendor. Not on the market itself, but on some of the onion drug forums set up for reviews and discussion. You have the opportunity to check if some vendor's "Heroin" is actually just fentalogues and xylazine. There is no chance to do that IRL unless you're friends with your dealer or something.

This shit is literally life and death for a lot of opioid addicts, and I'm kind of disappointed in Hexbear for this thread labeling everyone caught up in this as just another cryptobro to make fun of. In my experience, neither the vendors nor the customers are using the crypto for any reason other than to facilitate the sales without exposing anything about their identities.

[-] InappropriateEmote@hexbear.net 8 points 7 months ago

I couldn't agree more. About the importance of being able to read reviews of the vendors made by the community and how much of a boon that is for buyers and their well being, something that simply doesn't exist when it comes to buying from irl dealers. But also about how disappointing it is that so many hexbears not only don't understand this but are being really demeaning towards people who don't deserve it.

The whole "no investigation, no right to speak" thing doesn't just apply to the discussion of politics. And some of the attitudes here about people who use DNMs are almost bordering on victim-blaming. You're right, the ubiquitous use of cryptocurrency on the DNMs is not because the people who use them are the cryptobros we all know and hate, it's because that's literally the only safe way for any of this to work. Most people using the DNMs would rather not have to go through the hassle of having to learn to use crypto in the first place, or deal with the small loss of funds every time they convert their real money into it, or risk losing it because they messed up somehow with their wallet address or something. The use of crypto in this case is an unfortunate necessity most would avoid if they could.

[-] CoolerOpposide@hexbear.net 6 points 7 months ago

I agree with what you are saying regarding buying drugs online being objectively safer but come on now regarding calling somebody privileged for not wanting to take the other risks associated with buying drugs a different way

[-] InappropriateEmote@hexbear.net 16 points 7 months ago

"Don't be a fucking sucker. Any questions?" is what the other person said about people who choose to/have to buy their drugs online. I am calling that statement privileged. That person is the one singling out a specific way of getting drugs and demeaning it, not me. Not sure why you'd get on me about something that I'm not only not doing, but actually calling out someone else for doing.

[-] CoolerOpposide@hexbear.net 4 points 7 months ago

Oh I’m sorry I think I was just tired and misinterpreted the conversation

[-] xj9@hexbear.net 5 points 7 months ago

Lmao You're automatically risking violence with the police by trying to buy illegal drugs. Using cryptography as cover doesn't change that

[-] InappropriateEmote@hexbear.net 17 points 7 months ago

If you're buying drugs period "you're automatically risking violence with the police." Full stop. Hell, you're automatically risking violence with the police by existing as a person of color. None of that changes the fact that in-person drug deals are inherently more risky than DNM deals. "lmao"

[-] QuietCupcake@hexbear.net 11 points 7 months ago

Also, using encryption "as cover" makes all the difference here. It's massively consequential as this news story makes obvious. The person you're responding to is just being obtuse.

[-] Nationalgoatism@hexbear.net 5 points 7 months ago

The risk I'm more concerned about is the risk of cops accessing info and of felony charges.

[-] InappropriateEmote@hexbear.net 10 points 7 months ago

The risk of cops busting a buyer (of personal use amounts, or even enough for a couple friends) is almost nil for the DNMs because of the amount of work necessary, but a buyer's odds of getting caught during an in-person deal go up drastically because even if they're just after the dealer, the buyer usually gets fucked too since they're right there and part of the bust. The risk of cops busting a dealer/vendor depends a lot on the volume they move, whether it's online or in person. With good opsec the risk is still much lower for vendors than it is for dealers in person. There's also no risk of getting jumped and beaten/killed while you're making a transaction.

[-] macerated_baby_presidents@hexbear.net 5 points 7 months ago* (last edited 7 months ago)

Unfortunately, nearly all sellers keep records of their customers and there isn't anything you can do about it. Your number is in your IRL plug's phone and the cops will seize it. The cops may raid your DNM vendor's house while he's using the computer and has everything decrypted. With thoughtful market design you can ensure that only the seller has your info, so that this risk is no higher than for IRL transactions with no third party. But it'll never be 0

[-] notthenameiwant@hexbear.net 12 points 7 months ago

Signal is not secure, nor is Tor. Read "Surveillance Valley". That being said, you probably won't be visited by the cops over a buying a gram of something online.

[-] ComradeEd@lemmygrad.ml 9 points 7 months ago

I'm reading Surveillance Valley, and I'm not sure what you mean by "not secure"

[-] AssortedBiscuits@hexbear.net 6 points 7 months ago

The book states that Signal and Tor were developed by feds, meaning they're completely compromised. It's in the latter chapters.

[-] TheCaconym@hexbear.net 9 points 7 months ago* (last edited 7 months ago)

The fact that tor was developed by feds (CIA agents actually use it in the field, too, IIRC) does not mean it's compromised. Its source code might be among the most audited ones around, including by well-known cryptographers. When the NSA put a backdoor in Dual_EC_DRBG, it was identified quickly and outside of shitty security appliances from RSA in corporate environments, very few projects actually ended up using it. I suspect such a thing would happen with tor.

SELinux is similar: developed by the NSA, but also audited to shit by countless security researcher eager to put their names on the map.

Also, the fact that all tor services that were taken down by LE thus far we know of were taken down through human error on the operator's side or active exploitation of software flaws in the service itself, combined with the Snowden leaks describing tor as a constant pain in their backside, also point towards the same conclusion.

[-] brainw0rms@hexbear.net 4 points 7 months ago

While I don't think Tor is innately insecure or cryptographically compromised, it has been known for many years that a lot of its network nodes are operated by feds. Just due to the way Tor works, if you happen to control every node being used in a session, then you have full control and can de-anonymize users. Anyone can volunteer to act as a bridge/relay/exit node, and the feds obviously have the resources to pull off targeted attacks this way if they wanted to.

Any specific evidence of compromise? Governments have been known to fund and even directly develop tools later used against them.

[-] notthenameiwant@hexbear.net 4 points 7 months ago

I don't have the book checked out anymore, but once you get to the part about Ross ulbrecht, it's right around there. At bare minimum, you can force someone's identity. 0day exploits have also been given to the intelligence services first.

[-] Nationalgoatism@hexbear.net 3 points 7 months ago

Thanks for the recommendation, I'll read that when I get a chance

[-] disposable_cracker@hexbear.net 1 points 7 months ago

What are better alternatives?

[-] notthenameiwant@hexbear.net 1 points 7 months ago

I have doubts about there being any.

this post was submitted on 20 Mar 2024
239 points (100.0% liked)

news

23532 readers
628 users here now

Welcome to c/news! Please read the Hexbear Code of Conduct and remember... we're all comrades here.

Rules:

-- PLEASE KEEP POST TITLES INFORMATIVE --

-- Overly editorialized titles, particularly if they link to opinion pieces, may get your post removed. --

-- All posts must include a link to their source. Screenshots are fine IF you include the link in the post body. --

-- If you are citing a twitter post as news please include not just the twitter.com in your links but also nitter.net (or another Nitter instance). There is also a Firefox extension that can redirect Twitter links to a Nitter instance: https://addons.mozilla.org/en-US/firefox/addon/libredirect/ or archive them as you would any other reactionary source using e.g. https://archive.today . Twitter screenshots still need to be sourced or they will be removed --

-- Mass tagging comm moderators across multiple posts like a broken markov chain bot will result in a comm ban--

-- Repeated consecutive posting of reactionary sources, fake news, misleading / outdated news, false alarms over ghoul deaths, and/or shitposts will result in a comm ban.--

-- Neglecting to use content warnings or NSFW when dealing with disturbing content will be removed until in compliance. Users who are consecutively reported due to failing to use content warnings or NSFW tags when commenting on or posting disturbing content will result in the user being banned. --

-- Using April 1st as an excuse to post fake headlines, like the resurrection of Kissinger while he is still fortunately dead, will result in the poster being thrown in the gamer gulag and be sentenced to play and beat trashy mobile games like 'Raid: Shadow Legends' in order to be rehabilitated back into general society. --

founded 4 years ago
MODERATORS