On March 10th, several days after Incognito Market was assumed to be shut down or no longer be processing transactions, the site posted a message to its homepage that reads as follows:

”Expecting to hear the last of us yet? We got one final little nasty suprise for y'all. We have accumulated a list of private messages, transaction info and order details over the years. You'll be surprised at the number of people that relied on our "auto-encrypt" functionality. And by the way, your messages and transaction IDs were never actually deleted after the "expiry"...”

”SURPRISE SURPRISE !!! Anyway, if anything were to leak to law enforcement, I guess nobody never slipped up. We'll be publishing the entire dump of 557k orders and 862k crypto transaction IDs at the end of May, whether or not you and your customers' info is on that list is totally up to you. And yes... YES, THIS IS AN EXTORTION !!! As for the buyers, we'll be opening up a whitelist portal for them to remove their records as well in a few weeks.”

”Thank you all for doing business with Incognito Market”

Exit scams are not uncommon on dark web markets, but this one is particularly large and openly threatening compared to most. Incognito Market requires the loading of cryptocurrency to a site-based wallet, which can then be used for in-house transactions only. All cryptocurrency on the site was seized from user’s wallets, estimated to be anywhere from $10 million to $75 million. After seizing the cryptocurrency wallets of all of the marketplace’s users, the site now openly explains that it will publish transactions and chat logs of users who refuse to pay an extortion fee. The fee ranges from $100 to $20,000, a volume based 5 tier buyer/seller classification.

Incognito Market also now has a Payment Status tab, which states ”you can see which vendors care about their customers below.” and lists the some of the market’s largest sellers. Sellers which have allegedly paid the extortion fee to not have their transaction records released are displayed in green, while those who have not yet paid are displayed in red.

Additionally, in a few weeks the site claims it will have a “whitelist portal” which would allow buyers to wipe their transactions and re-encrypt chat records.

Whoever is behind the website must be extremely, extremely confident in their anonymity, already working with government agencies, or both, because a bounty on this person is likely worth millions.

  • kristina [she/her]
    ·
    edit-2
    8 months ago

    I would simply not use the Internet for anything illegal enough that this is a concern

    • ReadFanon [any, any]
      ·
      8 months ago

      I person I used to know, who turned out to be a real piece of human garbage, told me that they were using the internet to connect with dealers for irl small time consumption purchases.

      Yikes

      I learn a little bit more about it. It's done through Discord.

      Bruh

      I don't even trust Signal or Telegram that much that I'd be comfortable connecting with new people and arranging specifics relating to criminal activity. But Discord!?

      Smh

      And it gets worse. It's a Discord group and the mods facilitated a verification process - you would literally upload a photo of your purchased goods to the moderators.

      Holy fucking shit

      By this stage I'm like "Nope, I don't want to hear anything more about this" because this was either a massive honeypot or as soon as a moderator got flipped by the feds or had their account hacked by them, it was going to turn into one. The less I know about that shit, the better. There's just no way that this server doesn't end badly and it's only a matter of time.

      • Tabitha ☢️[she/her]
        ·
        8 months ago

        or as soon as a moderator got flipped by the feds or had their account hacked by them

        not even necessary, why wouldn't Discord give the feds some kind of full-record transcript file or a ghost guest account on the server? Discord doesn't make any extreme privacy claims AFAIK.

        • ReadFanon [any, any]
          ·
          edit-2
          8 months ago

          Fascists often refer to Discord disdainfully as Doxcord because they believe that it leaks their details to the feds.

          I'm not one to take the fash at their word but in this case I'd be inclined to agree. There's nothing about Discord that indicates to me that it's anything but a typical leaky platform which collaborates closely with government like WhatsApp or any other typical service like that.

          • hello_hello [comrade/them]
            ·
            edit-2
            8 months ago

            You don't have to, Discord doesn't have end-to-end encryption at all. It's as secure as an IRC channel on a public network. While good IRC networks are moderated and everyone understands that their chats are logged, Discord has been able to sell its software to millions of users who have no digital consciousness to realize that none of their messages are private. Discord has ingrained itself into the digital psyche of society perfectly even though it is no less hazardous than any PRISM/Silicon Valley product.

            I've had people tell me they feel secure using Discord because there's millions of people using it and they are more secure "in the pack." Like no, you're not more powerful than a HashMap, the entire fucking IT industry is built on chewing data.

            Good friends don't let their friends use Discord. Matrix (though it used to be funded by an Israeli tech firm and generates a ton of metadata) in comparison is leagues better in basic decorum (no more gamer slop) + actually being a federated platform.

            If you want something that actually checks the boxes for security than you can look at GNU Jami.

        • Owl [he/him]
          ·
          8 months ago

          Flipping a moderator would let them use the moderator's account to encourage people to leak more details or do more crimes they can be prosecuted for, on top of whatever logs Discord will give them for a warrant (if Discord even requires warrants).

      • space_comrade [he/him]
        ·
        8 months ago

        I mean how the fuck else do I reach my plug but with encrypted messaging of some sort?

        Drug dealing Discord server is definitely just a terrible idea tho.

        • ReadFanon [any, any]
          ·
          8 months ago

          Idk about you but it's a bit far for my tastes on a few counts:

          • Finding new dealers online to meet them in person

          • Using Discord to coordinate

          • Using language that is completely unambiguous when communicating with a dealer through a service like Discord

          • Being in a Discord server that's specifically for arranging deals

          • Sending some anonymous third party team admissible evidence verification images to confirm that you made a purchase of illegal substances from the other party

          I'd only be using personal, encrypted communication for this. I would have an agreed upon code with them that provides me with plausible deniability, something simple like asking if they're free soon and using the length of time to refer to different quantities (swinging past to say hi/catching up/hanging out for the day). I would communicate the rest in person.

          Maybe I'm overly security conscious with this sort of stuff but a little bit of preventative effort goes a long way.

          Am I putting my phone in their fridge when I get to their place? Lol nah. But if it isn't just a friend who happens to be slinging some merch on the side but they're an actual dealer then I'm turning my phone off before I get there, and a few other things.

          Ultimately if the cops really want to get you then they'll probably find a way eventually but that doesn't mean you should make it easy for them.

          • glans [it/its]
            ·
            8 months ago

            Do you really think these little "codes" offer any real deniability? Like a dealer would have to be using the same codes for everyone otherwise there would be no way for them to keep track. So their communications if compromised would be easy enough to decypher. I guess it depends on the local jurisprudence but I feel like after many years of cat n mouse this one is probably covered most places. The more despised a person already is due to race, class, etc, the moreso that it's the case.

            The dealers I had that I trusted the most took the initiative for security rather than letting customers dictate it. First of all, they never did any business at their homes. But for business, they would only go to yours. Only took customers by referral which was done in person with prior agreement and only after you'd been a customer for a while. Never answered an unknown number. If they found out you gave their number to someone, they'd take you off their list. They had a business phone which was separate from their personal phones and changed the number periodically. They kept scheduled hours when they'd answer the phone, shared between the 3 of them, and turned it off the rest of the time. And they instructed their customers how to talk on the phone, what to say. Nothing about quantities. You invite them over, they already know who you are and where you are, they agree to come and you do all business in person, in your home. No strangers present for the transaction.

            Kind of lacked the.... charm of going to the living room where you just show up any time you can hear the music from the street but also you never heard about such n such getting busted. I think if the customer is setting the security protocols you are in trouble because they are probably just humouring you and doing everything sloppy when out of sight. You want to be cagey you gotta find a cagey dealer.

            • ReadFanon [any, any]
              ·
              8 months ago

              I think it depends a lot on the country you're in, especially the laws, and the size of your city and who you're buying from and what they sell but personally, in the days when I used to do this stuff, it would always be through a friend, and associate, or a friend of one of those. Some of the people were selling to make ends meet but even they were still small-time and so they were definitely more amateurish than someone who is effectively operating a business and it showed in how they managed their affairs.

              Do you really think these little "codes" offer any real deniability? Like a dealer would have to be using the same codes for everyone otherwise there would be no way for them to keep track. So their communications if compromised would be easy enough to decypher. I guess it depends on the local jurisprudence but I feel like after many years of cat n mouse this one is probably covered most places.

              If you are busted, it isn't going to save you.

              But if they're doing dragnet surveillance of the communication that the dealer is engaged in, they might not be assigning a whole lot of resources to the task - it might just be a matter of getting names and identifying the candidates who are the obvious ones but the other minutiae gets overlooked because it isn't considered worth the cops' time investigating every single contact. (This is where the benefit of small-time dealers comes in - they are almost always going to be sloppier with everything they do but if they aren't moving tons of product then the cops are less likely to treat it like they're busting a ring and more likely they're going to take down a couple of people who are the easiest targets before moving on the supplier. In this situation it's a bit like that adage - you don't have to be the fastest runner to get away from a bear, you just have to be faster than the guy next to you.)

              Or if it's something where they need to get a judge's signature before they can target you for surveillance or searches then they likely need to at least have a semblance of cause before they will get the go-ahead and simply messaging to ask if someone is free to catch up isn't likely to meet that standard. If it does happen to get the sign off, there's a chance that you'd be able to contest shit in a courtroom if you did get busted but that all depends on your local laws, how corrupt the judiciary is, how much the police think they can get away with when they lie in their testimony and all of that. But cases do get thrown out due to failure to adhere to the correct process often enough that it can be worth taking a shot at it.

              Look, I'm no sovereign citizen and I'm not under the impression that you can just utter the correct magical phrase which was taught to you by a more senior constitutional wizard SovCit and that will dispell any charges against you but at the same time maintaining plausible deniability and covering your tracks is always the best practice. Even if it doesn't prevent you from getting charged, depriving the prosecution of evidence and especially the stuff that clearly implicates you will make their job harder and it can lead to reduced charges, lighter sentencing, and better chances at a suspended sentence or getting parole earlier and stuff like that.

              If there was one simple trick to this either everyone would know about it or they'd ban it. But most of the time people come unstuck because of the cumulative effect of a series of bad choices and if you can minimise the bad choices then you mitigate the consequences.

              (It just occurred to me since I was typing out this comment and thinking about this Discord server - does discord automatically strip metadata from images? Because if not, goddamn that's another massive risk to go exposung yourself to.)

    • IzyaKatzmann [he/him]
      ·
      8 months ago

      hmm what about trans cde living in a reactionary place that need their meds? maybe there's a better option, you think? i don't know too much outside of diy stuff outside the imperial core so feel free to correct me

      • lapis [fae/faer, comrade/them]
        ·
        edit-2
        8 months ago

        in the US at least, getting hormones through the internet is grey market, not actually illegal / black market like most recreational drugs.

        EDIT: I have been corrected, buying estradiol and progesterone on the grey market is technically not legal, and buying testosterone is actually illegal, which is especially sad for the transmasc bros. but it's still not enforced very strongly, afaik.

          • lapis [fae/faer, comrade/them]
            ·
            8 months ago

            I haven't looked into specific state laws, I just know it's not federally illegal – but considering some states are looking to make mail-order contraceptives illegal, I wouldn't be surprised to see HRT on the chopping block next.

      • What_Religion_R_They [none/use name]
        ·
        8 months ago

        hmm what about trans cde living in a reactionary place that need their meds

        we're small fry. I make some efforts to hide things but at its absolute worst its in the plausible deniability zone

      • kristina [she/her]
        ·
        edit-2
        8 months ago

        Ethinyl estradiol is OTC pretty much globally

        Regardless I'd hook in with local dealers before the Internet. It's pretty easy to walk around, smell weed, and ask for a plug

        • InappropriateEmote [comrade/them, undecided]
          cake
          ·
          8 months ago

          Regardless I'd hook in with local dealers before the Internet. It's pretty easy to walk around, smell weed, and ask for a plug

          It's great if that's possible for you, but for lots of people it's not. There are so many circumstances where DNMs are the only real option.

        • glans [it/its]
          ·
          8 months ago

          You ask random stoners for HRT hookups?

          • kristina [she/her]
            ·
            edit-2
            8 months ago

            No lmao I may have worded that wrong. I was referring only to a way to get a plug, and implying that if femme hrt became illegal drug dealers would probably push it around just like some do testosterone and PEDs

            • glans [it/its]
              ·
              8 months ago

              I really feel the market is a bit more segmented than that. Everyone I know who was getting extra legal T (etc) got connected at a gym. It's too niche for the average weed guy to keep on hand or even get it special order because their source also unlikely has it.

              • kristina [she/her]
                ·
                edit-2
                8 months ago

                Maybe it's a smallish town thing? Our guy has basically everything

          • kristina [she/her]
            ·
            edit-2
            8 months ago

            You do, but if you actually read the research and ask doctors, it's a good last resort alternative. If your options are no estrogen or ethinyl estradiol, ethinyl is the way to go

            BC pills should not be confused with pure ethinyl estradiol post menopausal pills

            • LainTrain@lemmy.dbzer0.com
              ·
              8 months ago

              Yes that's fair enough. I did a brief stint on Ethinyl when I was totally broke and had fuck all and a Romanian lady was nice to me at a bootleg cigarette kiosk in South London

      • TheDeed [he/him, comrade/them]
        ·
        edit-2
        8 months ago

        Due to steroids being more and more popular, there's a lot of info about how to get black market testosterone these days.

        edit: also you honestly don't even have to go online, just go into a gym (or have a masc presenting buddy go into the gym for you if nervous) and you'll find T

        • IzyaKatzmann [he/him]
          ·
          8 months ago

          pardon my ignorance, when you say 'these days' does that kinda mean like post 2000s? i imagine testosterone or other compounds weren't always all that easy to get, and is that mostly due to the ease of purchasing online?

          • TheDeed [he/him, comrade/them]
            ·
            edit-2
            8 months ago

            It wasn't as easy to get, less people were using it outside of very serious bodybuilders, and yeah online sourcing has made it even easier.

            And yeah, I'd say in addition to the internet in general, around late aughts/early 2010s started a rise in social media and accompanying body dysmophria skyrocketing in men and boys due to it.

            This was also followed by a shift in body ideals for men. You can see this reflected in our celebrities; take the physique of an 80s action guy like Jean Claude Van Damme for instance vs Chris Hemsworth's Thor.

            It followed that guys wanted to look even beefier with physiques that are largely unattainable through natural means, cue rising anabolic steroid usage.

            There's also the rise of things like fitness culture contributing to it and "alpha male" stuff so now every other cis guy is at the TRT clinic for supposed low testosterone levels.

            As a bonus it's now less stigmatized than it used to be.

            So now there's more people using, more people selling it, and more ways to get it if you can't legally, just a numbers game.