Home / News darkweb / Incognito: The darknet market that stole everyone’s money, then started blackmailing dealers

Incognito: The darknet market that stole everyone’s money, then started blackmailing dealers

Incognito: The darknet market that stole everyone’s money, then started blackmailing dealers

Vendors on the former #1 biggest darknet marketplace, Incognito, got a double whammy of bad luck when they logged in on March 5th. Not only had the administrator – a guy known only as Pharaoh – closed the market and stolen all of the money held in users’ online accounts, but he’d left a rather shocking message to extort the people who sold drugs through his website.

“We have accumulated a list of private messages, transaction info and order details over the years. You’ll be surprised at the number of people that relied on our auto-encrypt functionality. And by the way, your messages and transaction IDs were never actually deleted after the expiry.”

“Anyway, if anything were to leak to law enforcement, I guess nobody never slipped up. We’ll be publishing the entire dump of 557k orders and 862k crypto transaction IDs at the end of May… whether or not you and your customers’ info is on that list is totally up to you. Yes, this is an extortion.”

Exit scams, where a darknet market owner runs off with all the money held by the site while drugs are out for delivery, are nothing new. But this new tactic has gone further than any of the lucrative scams that proceed it. Pharaoh is boldly demanding that Incognito’s vendors pay him a ransom of up to $20k to stop him from handing identifying information – and their transaction history – to the police. The amount vendors need to hand over depends on the size of their business on the site with prices for smaller level one vendors at $300 and charges for those at level four coming in at $20k. These prices are set to double on April 1st 2024, according to the market.

For drug lovers, logging into Incognito was like entering a candy store run by Willy Wonka himself. It was filled with all kinds of psychoactive substances from mushrooms and rare cannabis strains to pink MDMA and cocaine of all purities. You could scroll the pages and find vendors offering anything from half a gram to whole kilos of your favourite product, thus those suppliers are in a most unenviable position right now

It’s hard to imagine anyone being audacious enough to take on hundreds of drug dealers at once… after all, it’s an unregulated industry whereby big and small players alike are often forced to turn to violence to recoup debts

Crypto values have been increasing since Christmas, so it’s easy to understand the appeal of an exit scam. But it seems that even this instant cash injection isn’t lucrative or perhaps adrenaline-fueled enough for Pharaoh, as he’s going one step further and extorting his vendors to maximise his financial returns. It’s the first time in history that any darknet marketplace has attempted to blackmail all of its drug dealers at once.

Technically, anyone who’s neglected to use PGP or adequately conceal the origin of their funds is at risk from this heist. It also places anyone whose address was used for delivery in danger of some extra law enforcement attention, particularly if it was a large order.

It’s hard to imagine anyone being audacious enough to take on hundreds of drug dealers at once, especially ones who ship large quantities of narcotics across the globe daily. After all, it’s an unregulated industry whereby big and small players alike are often forced to turn to violence to recoup debts and generally enforce their wishes.

Some of Incognito’s former vendors are reputed to be cartel members and high-ranking members of powerful organised crime groups, none of whom will appreciate the watchful gaze of the cops. As many observers note, Pharaoh’s op-sec better be watertight or he could face some very unpleasant consequences.

It makes financial sense to target vendors first, as – of course – drug trafficking can be very lucrative. And there are long prison sentences in most jurisdictions for anyone who’s convicted. However, customers of Incognito haven’t escaped these extortion attempts, as Pharoah left a message for them too.

“As for the buyers, we’ll be opening up a whitelist portal for them to remove their records as well in a few weeks.”

There have been several unsubstantiated rumours that the whole extortion is secretly run by police, as Pharaoh’s auto-encrypt claims actually mirror a tactic used by Dutch law enforcement to take down Hansa in 2017. The cops covertly tweaked the tool so it recorded messages between vendors and customers – often acquiring buyers’ home addresses – before encryption.

One of the Netherlands Hi-Tech Crime Unit officers told the media they’d deliberately decided to snare buyers. He was quoted saying, “When a dark market is taken down, everyone goes to the next one. It’s a whack-a-mole effect.” But by covertly adapting the auto-encrypt tool, Boekelo says he and his colleagues hoped to deal a big psychological blow to the darknet drug trade. He explained, “We thought maybe we could really damage the trust in this whole system.”

For weeks, there had been rumours of selective scamming on Incognito with many users reportedly unable to withdraw funds. The marketplace largely disabled Bitcoin withdrawals on February 19th and then prevented XMR withdrawals on March 4th, with the captcha tool ceasing to function. Despite this, it was still possible to make deposits.

Pharaoh initially posted on Dread, a forum similar to Reddit, blaming these issues on recent system updates and promising they’d soon be resolved. However, the darknet influencer, Hugbunter, posted on March 5th to say that Pharaoh offered him a bribe to downplay the situation on the forum. Hugbunter went on to update Reddit the following day by warning that nobody could withdraw funds; send and receive messages; close their accounts or disable their listings on the marketplace.

News of the exit scam and extortion was relatively slow to spread, as Pharaoh bought the prominent news site Darknetlive in November 2022. It hasn’t covered any of the issues facing Incognito users since then, in what Hugbunter claims was a strategic move designed to suppress criticism of the marketplace.

For a while, Incognito Market published up-to-the-minute details on which vendors have paid the extortion fee. Long-standing suppliers including AlphaFlake and 0z0rt reportedly handed over the cash to remain hidden from authorities. However, by the 14th March, it appeared that Pharoah had realised the gravity of his actions, posting on Dread that HugBunter had persuaded him to stop. “Nah, HugBunter talked me out of it for now. No releases unless absolutely necessary”. Shortly after, Incognito was taken completely offline. 

The extortion comes at a time when darknet markets were finally starting to recover from the 2022 Hydra bust. Despite predictions of a move towards channels such as telegram, the darknet generated revenue of at least $1.7 billion in 2023, the Chainalysis 2024 Crypto Crime Report shows. This compares to $1.5 billion the previous year and $3.1 billion in 2021.

Incognito was more strictly regulated by its admin than many of its competitors. There was a ban on weapons, ***** and – rather ironically – fraud. Fentanyl and its analogues were also prohibited. It was valued at between $10 million and $30 million by Dark Web Informer.

1244 views

Rating: 0 Votes: 0

Comments

Add Comment
awardinclude *****philia factor click configuregenealogy loginafternoon shaped cc traffic controllerlibrary relate *****anyway now publicationschanges chuck lp photographtotals opening spakilometers regulatory almost gr primarilystatic heavenlooking stakeholders capturedraleigh filed lots modular durableoperations msn users streams managementatm newbie discusseddna glance adjusted draw affiliated