news

24635 readers

541 users here now

Welcome to c/news! We aim to foster a book-club type environment for discussion and critical analysis of the news. Our policy objectives are:

To learn about and discuss meaningful news, analysis and perspectives from around the world, with a focus on news outside the Anglosphere and beyond what is normally seen in corporate media (e.g. anti-imperialist, anti-Zionist, Marxist, Indigenous, LGBTQ, people of colour).
To encourage community members to contribute commentary and for others to thoughtfully engage with this material.
To support healthy and good faith discussion as comrades, sharpening our analytical skills and helping one another better understand geopolitics.

We ask community members to appreciate the uncertainty inherent in critical analysis of current events, the need to constantly learn, and take part in the community with humility. None of us are the One True Leftist, not even you, the reader.

Newcomm and Newsmega Rules:

The Hexbear Code of Conduct and Terms of Service apply here.

Link titles: Please use informative link titles. Overly editorialized titles, particularly if they link to opinion pieces, may get your post removed.
Content warnings: Posts on the newscomm and top-level replies on the newsmega should use content warnings appropriately. Please be thoughtful about wording and triggers when describing awful things in post titles.
Fake news: No fake news posts ever, including April 1st. Deliberate fake news posting is a bannable offense. If you mistakenly post fake news the mod team may ask you to delete/modify the post or we may delete it ourselves.
Link sources: All posts must include a link to their source. Screenshots are fine IF you include the link in the post body. If you are citing a Twitter post as news, please include the Xcancel.com (or another Nitter instance) or at least strip out identifier information from the twitter link. There is also a Firefox extension that can redirect Twitter links to a Nitter instance, such as Libredirect or archive them as you would any other reactionary source.
Archive sites: We highly encourage use of non-paywalled archive sites (i.e. archive.is, web.archive.org, ghostarchive.org) so that links are widely accessible to the community and so that reactionary sources don’t derive data/ad revenue from Hexbear users. If you see a link without an archive link, please archive it yourself and add it to the thread, ask the OP to fix it, or report to mods. Including text of articles in threads is welcome.
Low effort material: Avoid memes/jokes/shitposts in newscomm posts and top-level replies to the newsmega. This kind of content is OK in post replies and in newsmega sub-threads. We encourage the community to balance their contribution of low effort material with effort posts, links to real news/analysis, and meaningful engagement with material posted in the community.
American politics: Discussion and effort posts on the (potential) material impacts of American electoral politics is welcome, but the never-ending circus of American Politics© Brought to You by Mountain Dew™ is not welcome. This refers to polling, pundit reactions, electoral horse races, rumors of who might run, etc.
Electoralism: Please try to avoid struggle sessions about the value of voting/taking part in the electoral system in the West. c/electoralism is right over there.
AI Slop: Don't post AI generated content. Posts about AI race/chip wars/data centers are fine.

founded 5 years ago

MODERATORS

Alaskaball@hexbear.net

carpoftruth@hexbear.net

Breath_Of_The_Snake@hexbear.net

Infamousblt@hexbear.net

Redcuban1959@hexbear.net

239

News that won’t make the news: One of the largest illicit marketplaces on the dark web, Incognito Market, has begun a mass exit scam/extortion campaign, seizing 10s of millions of $ in cryptocurrency (hexbear.net)

submitted 2 years ago* (last edited 2 years ago) by CoolerOpposide@hexbear.net to c/news@hexbear.net

141 comments fedilink hide all child comments

On March 10th, several days after Incognito Market was assumed to be shut down or no longer be processing transactions, the site posted a message to its homepage that reads as follows:

”Expecting to hear the last of us yet? We got one final little nasty suprise for y'all. We have accumulated a list of private messages, transaction info and order details over the years. You'll be surprised at the number of people that relied on our "auto-encrypt" functionality. And by the way, your messages and transaction IDs were never actually deleted after the "expiry"...”

”SURPRISE SURPRISE !!! Anyway, if anything were to leak to law enforcement, I guess nobody never slipped up. We'll be publishing the entire dump of 557k orders and 862k crypto transaction IDs at the end of May, whether or not you and your customers' info is on that list is totally up to you. And yes... YES, THIS IS AN EXTORTION !!! As for the buyers, we'll be opening up a whitelist portal for them to remove their records as well in a few weeks.”

”Thank you all for doing business with Incognito Market”

Exit scams are not uncommon on dark web markets, but this one is particularly large and openly threatening compared to most. Incognito Market requires the loading of cryptocurrency to a site-based wallet, which can then be used for in-house transactions only. All cryptocurrency on the site was seized from user’s wallets, estimated to be anywhere from $10 million to $75 million. After seizing the cryptocurrency wallets of all of the marketplace’s users, the site now openly explains that it will publish transactions and chat logs of users who refuse to pay an extortion fee. The fee ranges from $100 to $20,000, a volume based 5 tier buyer/seller classification.

Incognito Market also now has a Payment Status tab, which states ”you can see which vendors care about their customers below.” and lists the some of the market’s largest sellers. Sellers which have allegedly paid the extortion fee to not have their transaction records released are displayed in green, while those who have not yet paid are displayed in red.

Additionally, in a few weeks the site claims it will have a “whitelist portal” which would allow buyers to wipe their transactions and re-encrypt chat records.

Whoever is behind the website must be extremely, extremely confident in their anonymity, already working with government agencies, or both, because a bounty on this person is likely worth millions.

you are viewing a single comment's thread
view the rest of the comments

[–] InappropriateEmote@hexbear.net 15 points 2 years ago (1 children)

Vendors I think have the ability to deny customers for whatever reason they want and vice versa. If you're a buyer and your vendor refuses to use PGP, you should find another vendor. If you're a vendor and your buyer refuses to use PGP you should simply block them and not vend to them. I'm also getting the impression that this wasn't common practice on Incognito, but years ago back when I, um, read about this stuff, it was never a majority but it wasn't uncommon for vendors to state up front they only vend to people who will use PGP. Sometimes vendors would give a discount to people who did. I'm sure a lot of vendors right now are wishing they had followed that very common sense policy.

[+] SubstantialNothingness@hexbear.net 10 points 2 years ago* (last edited 2 years ago) (1 children)

[deleted]

[–] InappropriateEmote@hexbear.net 5 points 2 years ago* (last edited 2 years ago) (1 children)

I edited this comment for clarity and because I accidentally said something backwards initially:

Hmm, it should be plainly obvious if someone is encrypting their messages to you. Like, what I think you're describing couldn't even work by accident. Other people's keys can't be used. If someone wants to communicate with you, they need your public key to encrypt their message to you and only you can then decrypt that message with your private key. If you then want to respond, you need their public key to encrypt your response, which only they can decrypt.

Example: if a buyer contacts a vendor, the buyer is not using their (the buyer's) own key. The buyer must use the vendor's public key to encrypt a message that the vendor then decrypts locally (which only the vendor can do with their private key). If the buyer used any other key, the vendor couldn't decrypt the message and no transaction could proceed. If the vendor wants to then send a message to the buyer, that's when the vendor uses the buyer's public key to encrypt that message. If the buyer gave the vendor any public key that is not their own, that buyer then couldn't decrypt the message the vendor sent them. There's really no place in this process where the vendor wouldn't know if the buyer was using their own PGP key.

In my past experience, people would put their public keys in their profile. The auto-encryption doesn't even look like encryption, it just looks like sending messages normally, the same way it looks using any encrypted messenger service: you just accept and trust that the service really is encrypting and decrypting at both ends and all you see is the text that someone sends you. There are steps both you and the person you're talking to have to take when doing your own encryption. Even when you're using PGP, you're still sending text over the market messaging system, and the market is encrypting that, but the text you're sending will look like total gibberish to everyone. Not just to the market, but it will look like total gibberish even to you after you encrypted the text locally on your own device, and of course it will also look like total gibberish to the person you're sending it to until they decrypt it locally on their end. There really should be no room for confusing who's public key is being used, not even mistakenly because the decryption wouldn't work. Unless I'm still misunderstanding you, or unless communication methods on the DNMs have so drastically changed in recent years that they're incomparable, but I know that's not the case.