More than $1 million USD worth of digital currencies were stolen by a darknet phisher.
An anonymous user that went by the name of "Phishkingz" recently bragged how he stole over $1 million dollars worth of Bitcoin from accounts on AlphaBay within the last year.
As you may recall, AlphaBay has been in the news a lot lately for being shut down recently by authorities and was reported as being the largest darknet market place at the time.
It was ten times the size of Silk Road and had achieved a reputation for excellent service by it's users.
How did he do it?
Phishkingz said that he decided to start phishing AlphaBay accounts following his discovery of a flaw on the site's forums that allowed him to monitor new members the moment they joined the site.
He would then send them a verification process which would redirect them to his link. From there, he was able to get the new member's login details, PGP private keys, passwords, pin codes, mnemonic phrases etc. At that point, their money was as good as his.
He would then periodically check their accounts for new deposits from which to transfer to his own accounts.
Increasing profitability?
As he was able to steal more and more funds, he decided it was in his best interest to expand his phishing empire.
He went on to employ 27 people to help him steal from the newly registered accounts. According to Phishkingz, one of the major reasons for his success was the total lack of support given by the AlphaBay moderators.
Specifically he had this to say about them:
"The admins didn't really care about their customers, and it only took opening a support ticket with a problem to learn this. BM (Big Muscles, an AlphaBay moderator) especially is a stupid one. He would let me into accounts for 50 percent if I provided mnemonic phrases knowing I had phished the account in the first place."
If you are not familiar, a mnemonic is a tool to help you remember facts or a large amount of information. It can be a song, rhyme, acronym, image, or a phrase to help remember a list of facts in a certain order.
For example, in order to remember Kingdom, Phylum, Class, Order, Family, Genus, Species one might come up with:
"Kyle pees clear only from good spirits"
Or something along those lines...
It was frighteningly easy.
It is pretty scary to hear how easy it was to take advantage of new users and how little was done to protect them.
My first thought was that most of the users using that market place were likely selling or buying some kind of illegal service or stolen good and that is what they get for dealing in those kinds of goods and services.
However, the total lack of regard from the moderators and admins is something that I have seen quite often on many of the crypto exchanges as well.
Hopefully that isn't something that can be exploited by bad actors like Phishkingz. If it is, hopefully as cryptos start to hit mainstream that all starts to change...
As more people come, hopefully a better infrastructure does as well.
Stay safe friends!
Sources:
https://en.wikipedia.org/wiki/AlphaBay
http://examples.yourdictionary.com/examples-of-mnemonics.html
Image Sources:
https://bestsecuritysearch.com/alphabay-dark-web-marketplace-exposes-private-messages/
https://www.hackread.com/dark-webs-largest-trading-platform-alphabay-hacked-200000-messages-leaked/
Follow me: @jrcornel
Just crazy to read this and I'm really glad they got shut down. Some sites/ICOs are nothing more than money grabs and hurt the long term viability of cryptos. I hate to say this, but some form of regulation may indeed be needed and I think it's only inevitable at this point if crypto is to go mainstream.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Gotta keep my cryptos safe 🏃🏃🏃🏃 🏃🏃🏃🏃
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Whats even scarier is how it happened on the TOR network which is suppose to be secure. But nothing is really secure! I wonder if other hackers will try to get retribution for the money they have lost. Like doxing and people some of the peoples info out there that ran some of the shops on Alpha. Thanks for sharing great post.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
The problem is that it doesn't matter how safe a network is, if the human beings are the one, who make the mistake.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Exactly, human error (AKA stupidity) is the number one reason for darknet busts, Check my analysis of Alphabay and Hansa busts
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Thank you for the information, you always look amazing with good postings ...
Thank for sharing! @jrcornel :)
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Nothing is ever secure, that's why everyone should diversify investments and holding centers too.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
I though the FBI seized Alpha bay on the 4th?
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Authorities did shut it down, this guy scammed over the course of the previous year... you should try reading the post next time ;)
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
What are the current marketplaces to use right now?
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Everyday in crypto...
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Different day, different hack...
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Thanks for the lesson
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Its really scary how easy its done. Thank u for taking time to share information like this.
A great heads up.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Even if he access the info of the users how was he able to crack the 2FA authentication required by most wallets to transfer funds? Did he have their mobiles phones cloned as with the email addresses linked to the wallets?
I know cryptos aren't fool proof but this guys got me thinking..... .......
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
wauw this was one of the best articles ive ever read thnx for the information man and keep it up that way you deff get my upvote
greetings from belgium ;)
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
WOW
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
A fine read, upovted. Here's my fresh take on police busts of AB and Hansa.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
wow.. a master mind.. luckily i do not have much digital currency.. but those how have must be careful..
thanks for the update..
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Thats why SYS BM is going to shine ! Buy & Sell goods from your virtual store from your local wallet ! end of all dramas !
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Thanks for your sharing
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
nice post good info
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
there should be a leniency for government people so they are protected from gangsters once everything falls apart. How can one sleep at night when doing a job where good people kill themselves and others go forecer to jail. Maybe they are aliens who control the planet
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
sir i have bitcoin i don't know how to cash out any one help me @farhannaqvi7
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Sneaky weasel
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Its not good for us..
Thats our money.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
great post thank you so much for sharing
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Scammers gonna scam and losers gonna lose
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Great post. Please read my biggest danger in crypto, would love your feedback -
https://steemit.com/cryptocurrency/@cryptocoinclub/blockfolio-addiction-help-group
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
They deserved it! If you signup @ an illegal website you should know that there are consequences. And besides no body signed to buy legal stuff that is available on Amazon.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Seems like crazy stuff but I shouldn't be surprised. Still no surprise. The web, darknet especially, is like the Wild West. Only person who can keep you safe is yourself.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
No its daily routen every day some one hacked
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit