AlphaBay users scammed out of more than $1 million USD
More than $1 million USD worth of digital currencies were stolen by a darknet phisher.
An anonymous user that went by the name of "Phishkingz" recently bragged how he stole over $1 million dollars worth of Bitcoin from accounts on AlphaBay within the last year.
As you may recall, AlphaBay has been in the news a lot lately for being shut down recently by authorities and was reported as being the largest darknet market place at the time.
It was ten times the size of Silk Road and had achieved a reputation for excellent service by it's users.
How did he do it?
Phishkingz said that he decided to start phishing AlphaBay accounts following his discovery of a flaw on the site's forums that allowed him to monitor new members the moment they joined the site.
He would then send them a verification process which would redirect them to his link. From there, he was able to get the new member's login details, PGP private keys, passwords, pin codes, mnemonic phrases etc. At that point, their money was as good as his.
He would then periodically check their accounts for new deposits from which to transfer to his own accounts.
Increasing profitability?
As he was able to steal more and more funds, he decided it was in his best interest to expand his phishing empire.
He went on to employ 27 people to help him steal from the newly registered accounts. According to Phishkingz, one of the major reasons for his success was the total lack of support given by the AlphaBay moderators.
Specifically he had this to say about them:
"The admins didn't really care about their customers, and it only took opening a support ticket with a problem to learn this. BM (Big Muscles, an AlphaBay moderator) especially is a stupid one. He would let me into accounts for 50 percent if I provided mnemonic phrases knowing I had phished the account in the first place."
If you are not familiar, a mnemonic is a tool to help you remember facts or a large amount of information. It can be a song, rhyme, acronym, image, or a phrase to help remember a list of facts in a certain order.
For example, in order to remember Kingdom, Phylum, Class, Order, Family, Genus, Species one might come up with:
"Kyle pees clear only from good spirits"
Or something along those lines...
It was frighteningly easy.
It is pretty scary to hear how easy it was to take advantage of new users and how little was done to protect them.
My first thought was that most of the users using that market place were likely selling or buying some kind of illegal service or stolen good and that is what they get for dealing in those kinds of goods and services.
However, the total lack of regard from the moderators and admins is something that I have seen quite often on many of the crypto exchanges as well.
Hopefully that isn't something that can be exploited by bad actors like Phishkingz. If it is, hopefully as cryptos start to hit mainstream that all starts to change...
As more people come, hopefully a better infrastructure does as well.
Stay safe friends!
Sources:
https://en.wikipedia.org/wiki/AlphaBay
http://examples.yourdictionary.com/examples-of-mnemonics.html
Image Sources:
https://bestsecuritysearch.com/alphabay-dark-web-marketplace-exposes-private-messages/
https://www.hackread.com/dark-webs-largest-trading-platform-alphabay-hacked-200000-messages-leaked/
Follow me: @jrcornel
Just crazy to read this and I'm really glad they got shut down. Some sites/ICOs are nothing more than money grabs and hurt the long term viability of cryptos. I hate to say this, but some form of regulation may indeed be needed and I think it's only inevitable at this point if crypto is to go mainstream.
Gotta keep my cryptos safe 🏃🏃🏃🏃 🏃🏃🏃🏃
Whats even scarier is how it happened on the TOR network which is suppose to be secure. But nothing is really secure! I wonder if other hackers will try to get retribution for the money they have lost. Like doxing and people some of the peoples info out there that ran some of the shops on Alpha. Thanks for sharing great post.
The problem is that it doesn't matter how safe a network is, if the human beings are the one, who make the mistake.
Exactly, human error (AKA stupidity) is the number one reason for darknet busts, Check my analysis of Alphabay and Hansa busts
Thank you for the information, you always look amazing with good postings ...
Thank for sharing! @jrcornel :)
Nothing is ever secure, that's why everyone should diversify investments and holding centers too.
I though the FBI seized Alpha bay on the 4th?
Authorities did shut it down, this guy scammed over the course of the previous year... you should try reading the post next time ;)
What are the current marketplaces to use right now?
Everyday in crypto...
Different day, different hack...
Thanks for the lesson
Its really scary how easy its done. Thank u for taking time to share information like this.
A great heads up.