Less than a month after the oldest and biggest dark web marketplace announced plans to shut down, another dark web market has "exit scammed" after the site's admins ran away with over $14.2 million in user funds.
The stolen funds belonged to criminals selling drugs, weapons, and malware, so there won't be many of our readers shedding tears for defrauded "victims."
With the Wall Street Market's exit scam, this also means that the T•chka Market is now the only major player on the once crowded dark web market scene.
WSM admins run away with vendors' money
The Wall Street Market (WSM) exit scam was set into motion last week when the site's admins started moving funds from the market's main Bitcoin wallets to another location.
Site admins had used these wallets as an escrow system, where buyers deposited funds, which vendors could later withdraw after a period of time to allow the sale to go through without user complaints.
But last week, WSM admins invoked problems with the server hosting these wallets, which, they said, was not synchronizing with the main Bitcoin blockchain, making any transactions or withdrawals impossible.
Admins moved existing funds to a new wallet that had no connection to the main WSM backend, and which vendors couldn't command to withdraw funds from previous sales. WSM admins claimed they did this as a temporary measure to deal with the buggy server.
However, WSM users didn't fall for these explanations and the constant delays and excuses in reconnecting the wallets storing everybody's funds to the market's backend, and accused WSM admins of "exit-scamming."
Other dark web markets that exit-scammed in the past pulled similar tricks.
Almost a week after this happened, and after tens of complaints on Dread (a Reddit-like clone hosted on the dark web), Wall Street Market users appear to have now accepted that they lost all of the funds from recent sales.
At the time of writing, many of the Wall Street Market's product listings have now been renamed to warn buyers to stay away from the market.
The website has also been delisted from the DeepDotWeb catalog of dark web portals.
While vendors and buyers are now looking for new places to sell or buy their products, things are also devolving into chaos inside the market's former userbase.
Some of the market's customer support staff are now blackmailing WSM customers. Staffers are asking for 0.05 Bitcoin (~$280) from vendors and customers who shared their Bitcoin address in support requests, threatening to share the address with law enforcement unless users pay the requested fee.
And just as we were writing this article, the same moderator who was extorting WSM users took things to another level by sharing their mod account credentials online, allowing anyone --including law enforcement-- to access the WSM backend, which may contain details about buyers and sellers' real identities.
Possible exit-scam reasons
As some infosec analysts have discussed on Twitter and some WSM users have done the same on Dread, the primary and most likely reason for Wall Street Market's exit scam is --ironically-- the Dream Market's upcoming shutdown --scheduled for April 30.
While the admins of other dark web markets would have licked their chops in anticipation of the massive sales commissions they would have made from the incoming Dream Market userbase, the WSM admins didn't want to take any risks.
On the day that Dream Market announced it was shutting down, Europol, FBI, and DEA officials announced tens of arrests and a massive crackdown on dark web drug trafficking.
WSM admins most likely realized that with the massive influx of Dream Market users, this would have also brought increased attention from law enforcement forces --which in previous years have shut down all the major dark web marketplaces like clockwork --see Silk Road, Silk Road 2, AlphaBay, Hansa Market, and RAMP.
Making off with the funds stored inside the escrow wallets was most likely the safest option they had, compared to facing possible jail sentences.
As we've seen in the past, despite the Wall Street Market's shutdown, cyber-criminal activity on the dark web won't remain silent for long, and the dark web community will soon find a new favorite market to buy drugs, weapons, counterfeit documents, malware, hacking tools, or user data.
Related malware and cybercrime coverage:
- FBI: US companies lost $1.3 billion in 2018 due to BEC scams
- Cyber-security firm Verint hit by ransomware
- Reveton ransomware distributor sentenced to six years in prison in the UK
- Source code of Carbanak trojan found on VirusTotal
- Security researcher MalwareTech pleads guilty
- Source code of Iranian cyber-espionage tools leaked on Telegram
- How to avoid document-based malware attacks TechRepublic
- Game of Thrones has the most malware of any pirated TV show CNET