Dark Web Drugs Market Ransoms Their Own Users in INSANE Exit Scam

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

the dark net Market Incognito which provides a platform for the sale of pharmaceuticals has executed one of the most insane exit scams in the whole of dark web history also in your hacking news Roundup strangely wholesome hackers Target 3D printers and The Flipper zero can actually be used to hack into Teslas but first incognito's exit scam it all began when users of the site started reporting problems with drawing Bitcoin however this was quickly resolved and blamed on technical problems Bitcoin kept on flowing in and out of the market and everyone was happy but in reality this was a precursor to an exit scam likely designed to instill confidence in users so that when withdrawals stopped working again they could trust that the operators of incognito were genuine guys and would eventually resolve the issue just as they had done before eventually those withdrawal problems returned one of incognito's admins who goes by Pharaoh quickly spawns to put people at ease chalking the problems up to technical issues caused by a new withdrawal system they had just implemented he even used the opportunity to announce support for new cryptocurrencies creating the illusion of businesses usual that there was nothing to worry about withdrawals will soon be fixed and their developers are even working on new features so in an exit scam The Operators want to keep the illusion of normality Trucking along for as long as possible so customers keep depositing more crypto ordering more Pharmaceuticals and vendors keep shipping orders with the expectation that those withdrawals will eventually be fail fixed however when the shirad inevitably falls apart The Operators simply take the site offline and weasel away Into The Ether with all those unwith drawn deposits of their customers and vendors and incognito's exit scam was following this Playbook I mean you can visit the site and even sign up for a new account everything works as normal well except withdrawing your coins however instead of just unplugging their servers and going dark as you might expect incognito's operators have one final trick up their sleeve in the last couple of days upon logging in users were greeted with an announcement vendors check your vendor panel we've got a little something fuel Incognito are playing a move never seen before well I mean exit scams are really common but this is something else the vendor panel reads we got one final little nasty surprise we have accumulated a list of private messages transaction info and Order details over the years you'll be surprised at the number of people that relied on our Auto encrypt functionality and by the way your messages and transaction IDs were actually never deleted after the expiry we'll be publishing the entire dump of 557 th000 orders and 862,5kg 000 depending on their vendor level incognito's operators are even naming and shaming which vendors have paid The Ransom of which at the time of making this video roughly 20% have paid but that's assuming this list is even accurate and hasn't been tampered with in order to pressure vendors into paying up the damage that all this data could do if published mainly lies in those messages sent between buyers and sellers you see when placing an order the buyer is given a text box to type in their full name and address for the parcel buyers have the option to pgp encrypts this message manually however for the many users maybe even most that didn't bother and just rather relied on the sites Auto encrypt functionality they're going to get a pretty nasty surprise when all their messages that contain their real name and address are soon made public unless of course the vendor pays up whilst it is unlikely law enforcement will go after buyers of small amounts of weed or whatever it is customers who bought large amounts of drugs probably for resale could face investigation and of course the Fed are sure to scour messages for anything that might help them identify dark web vendors themselves a couple weeks from now the price for vendors to purge their records will double at the same time the option will open for incognito's customers to pay a fee to delete their records individually this is really quite a creative exit scam up until now the main concern with auto encrypt features on darket sites was that if the feds hacks the sites which does happen on occasion they might be able to read your messages the idea of darket marketplaces extorting their own users is a new one owners of any cubic branded 3D printers have had a strange few days numerous people have taken to Reddit reporting that after booting up their machine like theyve done countless times before they were greeted with a message indicating that their 3D printer has somehow been taken over by hackers though luckily for them the hackers didn't add the printers to a botn net or troll the owners by printing demons instead all they did was drop a txt file which reads your machine has a critical vulnerability posing a sign ific threat to your security disconnect your printer from the internet if you don't want to get hacked by a bad actor this is just a harmless message you have not been harmed in any way followed by an adorable asy worm the vulnerability apparently lies in the ability to remotely control any cubic printers via their app in particular the hackers claim the problem lies in any cux mqtt server which allows anyone with valid credentials for one machine to connect to and control all machines via the API mqtt is a protocol often used to control iot devices it's considered lightweight and efficient but of course like anything it needs proper implementation which didn't happen here and whilst mistakes do happen what makes this whole situation particularly embarrassing for any cubic and is the reason why so many people are pissed off with them is that in a forum post the hackers claim they made repeated attempts to responsibly disclose the bug we have attempted to communicate with any cubic regarding two critical security vulnerabilities we identified but despite our efforts over theast last 2 months we have not received a single response to our three emails despite our initial intention to resolve the issue amicably it appears that our concerns have not been taken seriously by any cubic and so they sent this message out to they claim almost 300,000 printers and if there's one way to get the attention of a corporation it's to flood the internet with unhappy users and a barrage of bad press I have a feeling it's no coincidence that soon after this story took off the company suddenly found those emails by the white hats and have since released a patch this isn't the first time hackers have gone after printers back in 2018 when the subscribed to PewDiePie meme was in full swing hackers took over tens of thousands of printers of the 2D variety and used them to print a short tutorial on how to support PewDiePie's battle with T-Series security researchers have devised a way to break into and steal a Tesla with the assistance of a flipper zero we're not talking about opening charging ports here but rather a fullon attack method that would allow a bad guy to actually drive away with the car the researchers used a flipper zero paired with a Wi-Fi module but before we go any further I just want to point out that this could also be performed with a Raspberry Pi or that Dusty old ThinkPad you haven't used in 2 years this isn't a flipp zero exclusive sorry Justin The Flipper isn't uniquely evil this method was developed by researchers at MK they noticed that all Tesla Service Centers operates the same guest Wi-Fi network Tesla guest or in the German researchers case Tesla Gast Tesla owners will be very familiar with connecting to Wi-Fi networks of this name whilst they sit around waiting for their car to be repaired the attack method prays on this familiarity by spawning a clone of this network somewhere where Tesla owners might congregate say for example a Tesla Supercharger when a victim unwittingly connects to the clones Network they served a captive portal and prompted to login with their real Tesla credentials the fake login page looks pretty similar to the real one but by no means identical the attacker controls everything here and can of course see what ever credentials are inputed and they're even able to grab onetime passcodes which allows them to log straight into the victim's Tesla account in real time at this point the attacker is able to add a new phone key this adds the attacker's phone to the list of devices that are allowed to unlock the car via Bluetooth and all it requires after gaining access to the victim's account is to be within a few meters of the victim's vehicle and now hey presso the attacker has access to the car can unlock it drive away with and enjoy their new Tesla and surprisingly the victim would have no idea of any of this because the act of a new device logging into their account or the addition of a new phone key doesn't generate any push notifications or even email notifications however Teslas do come with extra security features you could set a PIN codes that you're required to key in before you're able to start the car but this option can actually be disabled within your account without any additional authentification and given in this scenario the attacker has access to your account it's completely useless the the researchers of course reported this attack to Tesla via their bug Bounty program but like most bug bounties social engineering and fishing attacks don't fall within scope and so the researchers unfortunately weren't rewarded for this however confusingly Tesla's owners manual clearly states that in order to add a new phone key you must authenticate this action with your Tesla key card which is an RFID Card that comes with the car when you buy it and acts as a kind of backup to the phone key in case you lose your phone however something's not right here because the research has clearly demonstrated that no such authentication is required they pointed this obvious contradiction out to Tesla but Tesla were for some reason incapable of reading their own manual and gaslit the researchers by saying the phone key section of the owners manual you link to makes no mention of a key card being required to add a phone key but I mean it clearly does anyway hopefully Tesla wises up and fixes this before it's used in the real world right now this is all totally hypothetical but given how little interaction is required on the part of a victim and the fact that technologically minded Tesla thieves do exist there's a realistic chance this could actually be used in the real world as always thanks for watching and I'll see you in the next video have a good one

Info

Channel: Seytonic

Views: 178,037

Rating: undefined out of 5

Keywords: technology, tech, computer, computer science, computers, technology news, tech news, weak web, cybersecurity, cyber security, infosec, info sec, information security, cybersec, hack, hacker, hacks, hackers, hacked, dark web, dark net, darkweb, darknet, incognito

Id: zrF0p0hWteU

Channel Id: undefined

Length: 10min 16sec (616 seconds)

Published: Thu Mar 14 2024