In a shocking turn of events earlier this month, Incognito Market, a notorious darknet platform connecting sellers of illicit substances to potential customers, is suspected of orchestrating a well-planned exit scam.
However, this exit scam has taken a more malicious twist, as the platform’s admin has resorted to extorting their former user base using sensitive order information accumulated “over the years.”
The concerns surrounding Incognito Market surfaced last week when users found themselves unable to withdraw bitcoin and monero, a privacy-focused cryptocurrency, from the platform.
Initial attempts to attribute the issue to technical glitches were later abandoned, revealing the true nature of the unfolding exit scam.
The situation escalated dramatically when Incognito Market’s homepage was replaced with a message forewarning users of a ‘nasty surprise,’ leaving no room for speculation: “YES, THIS IS AN EXTORTION ! ! !” The message explicitly threatens to publish sensitive information, including “private messages, transaction info, and order details,” at the end of May, accompanied by a thinly veiled warning about potential leaks to law enforcement.
The staggering scale of the threat becomes evident with over half a million order details and 862,000 crypto transaction IDs purportedly at stake. Vendors, based on their ‘level,’ are coerced into paying between $100 and $20,000 to safeguard their data, with prices set to double on April 1.
Buyers are allegedly offered the option to remove their records in a few weeks.
Raising suspicions about the security of the platform’s auto-encrypt feature, Incognito Market may have acquired sensitive information through a potential man-in-the-middle attack.
Additionally, the platform’s claim that ‘expired’ information was never deleted raises doubts about the efficacy of payments in ensuring the removal of records.
Cybercrime expert Brian Krebs draws parallels between Incognito Market’s scheme and ransomware groups targeting corporations.
In this similar scenario, the darknet platform obtains sensitive customer data and demands payment, typically in bitcoin, first for a digital key necessary to unlock compromised systems and subsequently to secure a commitment that any pilfered data will neither be published nor sold, but instead destroyed. The alarming convergence of crypto theft and data extortion marks Incognito Market’s exit scam as a chilling “double whammy” in the realm of darknet criminal activities.