In early October, a three-judge panel in Greece approved the United States extradition request for Alexander Vinnik, a suspected operator of the BTC-e bitcoin exchange. The United States accused Vinnik of orchestrating a $4bn bitcoin laundering operation, along with several related charges in a 21-count indictment. Vinnik, a Russian national, opposed his extradition to the United States. He appealed to the Russian government and the Russian Interior Ministry mirrored his stance. “I am a Russian citizen and will let the court in Russia deal with it,” he said.
Later in October, according to Russian media outlets, another panel of judges met in Thessaloniki and approved the Russian extradition request. Vinnik, who claimed BTC-e hired him as a contractor and that he had no involvement in any illegal activity, faces fraud charges over $11,500 in Russia. “Vinnik has agreed to be handed over to Russia and there’s no reason not to do so,” a Greek prosecutor reportedly concluded. DeepDotWeb
Take It from An Expert – The Top 10 Things You Should Never Do on Darknet Markets
Although the markets changed dramatically over the past five years, many of the rules, guidelines, and basic community standards remain the same. As the author of the article pointed out, Jolly Roger’s Security Guide for Beginners is a good starting point for learning basic OPSEC. But the guide—not by flaw—does not cover topics that might keep some darknet market beginners from unknowingly making fools of themselves when interacting with other members of the community.
Also See: Get Scammed Once: Simple Guide to Keeping Your Pockets Safe on the Dark Net Markets
The author began his list with an excellent example: “stop messaging vendors about delivery times when you haven’t even read their profile.” Many of the pointers in the article reflect complaints that vendors often discuss on Reddit. Which, incidentally, vendors often mirror in their darknet marketplace profile – the same one ignored by worked customers. DeepDotWeb
On the Topic of Vendors: Some Are Not Without Blame
Vendors are far from blameless, though. Reddit users, this week, reported receiving unexpected letters in the mail from a TradeRoute vendor. The vendor had saved addresses and, after TradeRoute went down, sent letters to his (now former) customers. The letter contained a contact email and Wickr username, along with the vendor’s PGP key.
The Reddit poster said they had not ordered from the vendor in almost two months. “[The letter] was unsettling as fuck to receive today. I knew I had no packs coming, yet here we have it.” One user added that the same vendor had sent letters to pay customers after Hansa went down.
Deputy Attorney General Calls for Government Backdoors
During a speech at the Naval Academy in Annapolis, Deputy Attorney General Rod Rosenstein informed the audience that encryption threatens both law enforcement’s ability to fight crime and public safety in general. He gave very few (real) examples of this so-called “warrant proof encryption.” In one example, the Deputy Attorney General explained how Apple intentionally impeded the FBI’s investigation by refusing to exploit the San Bernardino shooter’s iPhone. (Why is this always the example?)
“There is no constitutional right to sell warrant-proof encryption,” he explained.
Rosenstein, a somewhat more intelligent version of Attorney General Jeff Sessions, proposed his solution: “responsible encryption.” He made sure the audience knew that his idea was “not a backdoor” before proceeding. He then explained that responsible encryption would be encryption that the government could access with a court order or warrant. But only the government. He explained that technology companies needed to work with the government to create the “not backdoors” in their phones and software. DeepDotWeb
Jeff Sessions is “Very Concerned” About the Darknet and Bitcoin
Before a Senate Committee regarding oversight and the Justice Department, Attorney General Jeff Sessions announced that the federal government was very concerned about darknet markets. Dianne Feinstein, a senior Senator from California, asked Sessions if he planned to take action against “the dark web.” He confirmed that he would, in fact, be pleased to do something.
“The FBI is very concerned about that,” Sessions said. “They did take down, I think, the two biggest, dark web sites.” Given that the FBI historically involved themselves only with the biggest markets, Sessions could have been referring to Alphabay and [insert a market taken down by the FBI]. Similarly, he could have been assuming credit for the recent Alphabay and Hansa takedown that involved Europol; the Dutch National Police; Bundeskriminalamt; Lietuvos Policija; the Royal Canadian Mounted Police; AG’s office of the Federal State of Hessia; and the FBI.
“[Alphabay] had 240,000 sites where individuals were selling, for the most part, illegal substances or guns on that site, including Fentanyl. And, they use bitcoins and other untraceable financial capabilities, and it is a big problem,” the Attorney General explained. YouTube
Darknet Market DDoS and Downtime Notice
Yes, most markets are still under a heavy DDoS attack. Or claiming to be under one. These attacks cause, at a minimum, market downtime. And downtime has a way of leading to phishing links. One Twitter user joked (accurately) that “one man’s DDoS is another man’s phish.” More phishing links for any given marketplace have been posted than official mirror links belonging to all markets – combined.
When a market goes down, something pushes the human brain to find working links in places would ordinarily get ignored. Phishers take advantage of the market downtime by creating cloned login pages at an increased rate. Shills spam these links online, on darknet forums, and even somewhat authoritative subreddits.
Official mirrors exist. But they come from signed messages from verified marketplace staff or mods. Watch out for these phishing links. Avoid keeping money in any market. Many doubted TradeRoute had planned to exit scam, but they certainly vanished in a hurry. IP addresses that point directly to a live or working version of a marketplace have been popping up throughout the last month.
Wall Street Market recently had several. Tochka 2.0 did as well. Verified IP leaks? Not yet. Note that several credible sources tested both market leaks IPs. (I personally verified that one of the WSM IPs worked as if I had logged in through the onion address. Not a good sign but not proof the market owned the IPs. I did not test Tochka 2.0.) One user pointed out that the WSM IPs, if they were simply proxies, somehow repeatedly bypassed the DDoS protection. Not long after discovery and public disclosure, the IPs started throwing 404s and 403s.