The silent war between black markets in the deep web

The silent war between black markets in the deep web, Mr Nice Guy hired a blackmailer to hit TheRealDeal and its competitors. TheRealDeal hacked back.

Today I desire to tell you a story of ordinary war among operators behind principal black markets. A few weeks ago I have published a detailed analysis of a new black market hosted in the Tor network, TheRealDeal, specialize in the sale of zero-day exploits. The black market soon reached a great popularity, so he became a privileged target of other criminal rings. A bad actor, dubbed “ddosforsale,” started to hit TheRealDeal with major DDoS attacks requesting a ramson of 10 Bitcoin to stop the offensive.These attacks had already been

These attacks went on for weeks and interested also many other marketplaces. The administrator of TheRealDeal decided to hack back the cyber criminals.

“We don’t like being taken as fools,” TheRealDeal said. “We wanted to teach them a lesson tbh.”

The administrator of TheRealDeal decided to set up a trap, he deployed a phishing website with the intent to steal the blackmailer’s credentials. TheRealDeal invited the blackmailer to access the bogus site to negotiate the ransom. The trap has been successful, the TheRealDeal obtained with this technique the precious credentials, at this point he tried it to access many other black markets in the hope the blackmailer used them elsewhere.

In this way, the operator of TheRealDeal discovered a blackmailer account on another black market named “Mr Nice Guy.”

When TheRealDeal accessed the account on Mr Nice Guy, he discovered in the InBox messages that demonstrated that the admin of Mr Nice Guy was also a victim of the DDoS attacks for extortion purposes. But TheRealDeal found evidence that he was trying to recruit the blackmailer to hit other dark markets, its competitors.

“I will pay you to DDoS other markets, and not mine!” is the offer made by Mr Nice Guy to the blackmailer.  The entire conversation is reported on the Deep Dot Web website that published the logs provided by TheRealDeal.

Mr Nice Guy offered to pay $200 each day if the blackmailer will attack the above dark markets. Mr Nice Guy was planning an exit scam.

“If customers then flooded to his market he would have the option of pulling an “exit scam”, according to the chat logs. An exit scam is when a market takes its users’ bitcoins and disappears, as happened recently with the popular Evolution marketplace.” reported Motherboard.

Mr Nice Guy confirmed Motherboard that he tried the hit his competitors, but of course denied the plan to exit scamming.

“Yes they are!”

Mr Nice Guy also reported that that his website was literally bombarded with DDoS attacks, probably as retaliation for its initial plan.

Pierluigi Paganini

(Security Affairs –  TheRealDeal, DeepWeb)