DNM Recap: State of the Union June 17th

4 minute read

Posted by: Christian

June 17, 2015

It has been an exceptionally eventful week for the darknet markets as we conclude this one with yet another exit scam and additional DoS attacks on hidden services.

A few days ago, it was noticed that BlackBank had emptied its hot wallet of 1,186 bitcoins—or roughly US$284,000—over the two-day period of June 9 and 10. And yes, you read that correctly: Nigh on a third of a million dollars was stolen six days ago and went unnoticed until Monday, though this appears to have been by design; withdrawals seem to have been disabled on or around May 17, with only deposits being credited over the next several weeks until the dreaded 9th, when withdrawals of 2 BTC (made four at a time) began to drain the wallet for the next thirty-five hours. It has been bled dry, currently sitting at a modest balance of 0.25 BTC.

But the drama doesn’t end there. The same day, a user named lukeskywalkr made a post to the Reddit board /r/DarknetMarkets entitled “BlackBank hacked proof,” wherein the poster supplied three hashed passwords of prominent community members—gwern, gramsadmin, and GrandWizardsLair (a vendor)—in order to verify that he had access to the BlackBank database. These users computed the hash of their actual passwords in order to compare them to the supplied hashes; the hashes matched, confirming that either BlackBank was hacked, BB admin MDparity attempting to create a distraction / coverup, or a combination of both (e.g., MDparity stole the market funds, and the database was hacked after the fact). Posts later made to Reddit by users claiming to have hacked the AlphaBay market timed up in conjunction with the website’s reports of DoS attacks; shill accounts on the website claimed to have received free bitcoins on accident—these same accounts confirmed later that they were attempting to get AlphaBay users to log on in an effort to steal their passwords, which would suggest that AlphaBay may have been compromised—or at least someone wishes to make it appear that way. In any event, even potential database breaches are enough to warrant the changing of passwords across marketplaces if they are the same, or even similar.

In light of the BlackBank fiasco, the administrator of Nucleus, vrc, returned yesterday after a week-long hiatus that caused many community members and one Nucleus forum moderator to speak out in concern. The same day, a popular cannabis vendor named Canna-Juice publicly accused the market of burying their listings, though this cannot be verified with certainty.

On Wednesday, the still-in-development ShadowMarket published a Q&A regarding their software, which would take the form of a decentralized escrow market with TOR and I2P support. The development team, which has been working on the project for six months, claims to have transformed the pseudoanonymous currency we know as bitcoin into the first, completely anonymous decentralized cryptocurrency called ShadowCash. According to their mission statement, the ShadowMarket staff intends to

“[build] anonymous systems and [defend] our privacy with cryptography, with anonymous mail forwarding systems, with digital signatures, and with electronic money. [Build] a decentralized anonymous communication, commerce and currency platform available for all desktop and mobile operating systems.”

From their introduction:

ShadowSend‘s unique zero-knowledge, dual-key stealth address and ring signature protocol enables near-instant, untraceable, unlinkable and trustless transactions. In addition, Shadow offers an entire privacy based platform which aims to establish an anonymous economy, with multiple features that give people all the financial freedom and privacy they should have.

Their project is open-source and available for development and testing on Github as newer and more advanced decentralized markets gain speed this year. This past Thursday, OpenBazaar announced that it had raised US$1 million in seed funding, while its creators insist on clarifying that this will simply be a market without a central server to seize, and that it is not meant to be a darknet market (or Silk Road) clone. Furthermore, some members of the DNM community remain skeptical of the project’s ability to facilitate illegal transactions as Brian Hoffman, who worked previously as a cybersecurity and IT consultant at Booz Allen Hamilton (one of the US government’s largest contractors) has been head of OpenBazaar development since its creation.

Today, ACE of TheScurvyCrew—an established vending organization since the original Silk Road—announced their retirement from the darknet after several years of service, with ACE himself planning to trade bitcoin and continue to advocate a free global market economy and bitcoin cash machines across Europe. He speaks of TheScurvyCrew’s banishment from Agora for allegedly “doxxing” a customer, and the compassion of the original Silk Road community; advising the community to love each other, ACE clarifies that the organization will be unloading its remaining stock—with some giveaways for old customers—before leaving the deep web for good. So long, TSC; it is always a shame to see a vendor retire, be it SunWu or TheScurvyCrew, but it reminds us that some people do play this game the right way and get out while the going is good. You know what they say: If you love something, let it free to trade bitcoin. We wish all members of TheScurvyCrew good fortune in their future endeavors, and thank them once again for their service.

Additionally, SIGAINT, the darknet email service (sigaintevyh2rzvw.onion), announced the release of its own bitcoin-tumbling service called PayShield, which can be found at http://payshld6oxbu5eft.onion. As an introductory discount, the mixing service is offering a rate of 1% for all transactions; proof of URL and ownership can be found on the PayShield website (http://payshld6oxbu5eft.onion/payshield-declaration.txt).

Updated: 2015-06-17