Cyber Defense Advisors

Incognito Market: The not-so-secure dark web drug marketplace

Incognito Market: The not-so-secure dark web drug marketplace

Well, here’s a shocker. Incognito Market, a darknet platform connecting sellers of narcotics to potential buyers, has turned out to be not entirely trustworthy.

Drug vendors and buyers alike are being extorted. They are being threatened that their supposedly secure (and in some cases supposedly deleted) private chats will be made public unless they give in to their blackmailer’s demands.

Whoever is behind the scam posted a gleeful message on Incognito Market.

Expecting to hear the last of us yet?

We got one final little nasty suprise for y’all.

We have accumulated a list of private messages, transaction info and order details over the years. You’ll be surprised at the number of people that relied on our “auto-encrypt” functionality. And by the way, your messages and transaction IDs were never actually deleted after the “expiry”…

SURPRISE SURPRISE !!!

Anyway, if anything were to leak to law enforcement, I guess nobody never slipped up. We’ll be publishing the entire dump of 557k orders and 862k crypto transaction IDs at the end of May, whether or not you and your customers’ info is on that list is totally up to you. And yes…

YES, THIS IS AN EXTORTION !!!

As for the buyers, we’ll be opening up a whitelist portal for them to remove their records as well in a few weeks.

Thank you all for doing business with Incognito Market

For a mere $100 to $20,000 fee (depending on how big a player you were), Incognito Market claims it will shield your information from the prying eyes of law enforcement for a mere $100 to $20,000 fee (depending on how big a player you were).

Clearly, if you sell illegal drugs online, you are going to care about your reputation and not want to embarrass your clients by having any awkward chat logs shared with the world. But can you trust the extortionists not to request an even larger additional ransom payment if you do give in to their demands?

What a pickle.

Incognito Market has helpfully published a list which purports to detail who has and who hasn’t already paid the blackmail fee – which may prompt faster payments.

The attempted extortion happened just days after millions of Bitcoin and Monero were reportedly “exit scammed” from users who suddenly found themselves unable to access their cryptocurrency funds.

It’s almost as though a darknet drugs marketplace couldn’t be trusted. If it’s not bad enough that a law enforcement agency might have managed to infiltrate a criminal darknet site to spy upon communications, it may be that the site itself is out to scam you.

For more information, check out this Krebs on Security report.