Dark Web Drug Marketplace Fueled by Crypto Goes Offline
Dark Web Drug Marketplace Fueled by Crypto Goes Offline
A popular dark net marketplace for buying and selling drugs has been offline for three days, fueling speculation about its fate and despair among some users.
Empire Market, similar to the infamous Silk Road site shut down by law enforcement in October 2013, had become of the most trafficked illicit online marketplaces in recent years, following the demise of other sites such as AlphaBay and Hansa. In addition to selling drugs, Empire Market offered fake documentation like passports and drivers’ licenses and off-the-shelf malware.
Now, experts who follow the dark web — and some of Empire Market’s users — are wondering about what became of the site’s administrators, who aren’t known.
“Running a criminal forum or marketplace typically leads the administrators to one of two most likely outcomes,” said Mark Arena, chief executive officer of Intel 471 Inc. , a cybersecurity firm that tracks dark net marketplaces. They are either arrested by law enforcement, or participate in an “exit scam” in which they steal deposits from users, he said.
“On Empire Market itself, it hasn’t been accessible for the last couple of days which naturally leads to speculations in the underground that this might be an exit scam,” Arena said, adding that Empire was one of the biggest English-speaking dark net markets.
A variety of illegal goods and services are bought and sold on the dark web with cryptocurrency, including drugs and malware that can be used in cyber scams. Such underground websites sometimes require that vendors make deposits in order to sell their wares on the marketplace. That digital currency is held in escrow as an added layer of privacy, using the marketplace as an intermediary to transfer payment for illicit goods. But that also gives administrators control over the money, allowing them to shut down the site without warning and take off off with all of the digital money, according to the dark web experts.
“As vendors often use these marketplaces for their day-to-day business, they usually have large amounts of money stored in these accounts due to their large volume of transactions,” said Kacey Clark, a threat researcher at cybersecurity company Digital Shadows Ltd. “If the platform is long-standing and established, like Empire was, they will likely leave funds in their accounts for a more extended period due to a lack of fear of them not being able to access them at any given point, as a form of trust has been built.”
While it is difficult to estimate how much was held in escrow by Empire Market, it was “likely was high, single-digit millions at least,” Arena said.
Such exit scams have been persistent in the dark web underworld for years, and one of Empire Market’s moderators, who essentially perform customer service, suggested that happened this time too.
“I am crushed and ashamed by my admin’s apparent decision to disappear with your funds,” the moderator wrote Wednesday. “It’s hard to grasp that this is really happening. I am in shock.” A few days earlier, the same anonymous moderator said the site was offline due to a denial-of-service attack.
The Federal Bureau of Investigation declined to comment. Typically dark net sites seized by law enforcement will display a notice from the relevant agencies. The Empire Market site is simply no longer online.
Users of the dark net marketplace are mourning its loss, and their missing cryptocurrency, on online forums. They said there is no trace of the administrators and that they can no longer access their accounts.
A sampling of Empire Market’s offerings.
“If you guys took off then you have more than enough coin for the rest of your lives,” one anonymous user wrote. “So I respectfully make the request that you donate the 16k of mine you took to a children’s charity.
One vendor said that the loss of Empire Market left them unsure what to do next. “I basically lost my living existence. My main income source. I was so committed since Empire had so much traffic, it just worked,” they wrote, claiming to have lost 5,000 euros ($5,915).
Another Empire Market vendor claimed their cryptocurrency wallet was the target of a so-called “dust attack,” where someone attempts to de-anonymize the owner by sending them a small amount of virtual currency. Vendors of the largest darknet market, Empire Market are reporting being victims of a Dusting Attack receiving small amounts of BTC in an attempt to deanonymize their Bitcoin earnings. pic.twitter.com/K318ZWaE1Q — Onion.Live (@OnionDotLive) August 26, 2020
In some instances, dark net markets can be the targets of days-long denial-of-service attacks, where the site is flooded with traffic and taken offline. Typically the person operating the denial-of-service attack will attempt to extort the marketplace administrator in return for standing down.
But a lack of updates from Empire Market’s administrators is making users believe the site is gone for good.
In the wake of Empire’s apparent closing, there will be distrust among the community, according to Ian Gray, director of intelligence at cybersecurity company Flashpoint .
“Since the creation of the Silk Road, we are continuing to observe a cycle of marketplaces that either shut down, exit or are taken down by law enforcement,” Gray said. “Other dark web marketplaces remain, such as ‘White House’ and ‘DarkMarket’, which may see a large influx of dark web marketplace users and vendors. Both vendors and customers will be concerned about exposure to law enforcement.” ( Updates with additional details in the last two paragraphs. ) Published on