Editor's Note: This article comes fromCarbon chain value (ID: cc-value)Editor's Note: This article comes from

Carbon chain value (ID: cc-value)

, Author: Author: Wang Zelong, Editor: Jiang Xiaoyu, forwarded with authorization.

The dark web hackers are also very good. There are organizations that specialize in access proxy entrances from the Internet to the dark web. After word of mouth is built, user traffic is slowly accumulated, and then the middleman hijacks and steals users’ cryptocurrency. By the way, set up a dark web service navigation, which also contains phishing cryptocurrency. If you don't have certain privacy and security skills, don't just browse the dark web... ——SlowMist Technology Cosine

image description

Illegal items seized by the police when arresting WSM-related personnel | Source: New York Times

The arrest lasted about a year and a half, and brought together the power of law enforcement agencies from Germany, the Netherlands, the United States, Romania and other countries. Although the relevant departments claimed that this may be the most difficult law enforcement action against cybercrime so far, but from various sources Judging from the information exposed by others, the fall of WSM is quite similar to that of its predecessors—history always rhymes.

secondary title

01 A Brief History of Darknet and WSM

To understand how WSM fell, we might as well look at the history of darknet markets in the past.

The pioneer of the darknet market is naturally the well-known "Silk Road". After it was shut down by the FBI in September 2013, the traffic of a darknet market called "Reloaded" increased rapidly. , because the former users need a new platform to meet their trading needs. However, two months later, the platform was forced to go offline due to the unbearable traffic explosion.

Another darknet market called "Sheep Marketplace" was launched in March 2013. The collapse of "Silk Road" also made it a lot of money in terms of customer sources. However, the good times didn't last long. In December of the same year, two Florida hackers stole $6 million worth of bitcoins from users of the website. After the police paid attention, the website stopped operating.

The experience of these two darknet markets in the "Silk Road" era has laid two dark lines for the development of similar markets in the future:

One platform will receive a lot of traffic due to the failure of another platform, but this may cause the website to be unable to load;

Another line is: the platform may suffer heavy losses due to hackers and theft, and then go offline; or, the platform will generate an "Exit Scam" (Exit Scam) after realizing that it is being targeted by the police. The development status of platforms in the post-Silk Road era basically fits the above hidden line.

2015 was a watershed year for the darknet market. In March of that year, a darknet market named "Evolution" carried out a large-scale "Exit Scam", stealing the value of users and merchants. After receiving 12 million US dollars in bitcoin (this value was equivalent to half of the amount of the entire darknet market at that time), the operation was directly shut down.

Then the market leaders took over: Black Bank and Agora, two darknet markets, but the former also ran away with money after being suspended for a few days in the name of "maintenance" in May of the same year (However, the exact amount is unknown).

It is against this background that WSM was born in 2016. At the beginning of its launch, it tried to introduce some new mechanisms: support Monero to enhance the privacy of transactions; launch Multisig’s Bitcoin custody model, Coexist with the traditional platform hosting model to reduce the risk of customers and merchants' funds being kidnapped by the platform; it also set up an "in-depth FAQ" section to help customers understand its platform; in addition, it is also Dread (the forum of the darknet market) and Reddit invite specialists to handle issues for customers and merchants, and maintain public relations between the platform and the outside world.

Andy Kraag, director of the Dutch National Criminal Investigation Department, pointed out that it is difficult for law enforcement agencies to assess the overall transaction volume of WSM, but the transaction volume of drug dealers on WSM in the Netherlands alone is as high as 100 million euros. It can be seen that WSM huge in size.

02 Success is also Xiao He, failure is also Xiao He

However, WSM's measures did not bless it for a long time - after all, frequent black swans are the norm in this world: In April this year, WSM's counterpart and the largest darknet market Dream announced that it would take the initiative to shut down and let users Migrate to another platform.

WSM, which has a good reputation in the industry, has naturally become the best choice for everyone. The sudden influx of massive users greatly increases the load on the website, and WSM is forced to enter the "maintenance state".

image description

WSM Operations Specialist at Dread that the site is working on upgrading its hardware and software | Source: darkwebnews

At the same time, something went wrong in the website’s hosting fund pool: the bitcoins of a large number of users and merchants were locked, and they could not transfer them to their accounts. The founder and administrator of Dread, Hugbnter, also suggested that WSM may have a risk of running away in the relevant sections of Dread.

According to various sources, the locked bitcoins at that time were about 14 million US dollars - 30 million US dollars, and if WSM ran successfully, they could withdraw at least 11 million US dollars in cash.

The short-term movement of a large amount of funds attracted the attention of law enforcement agencies. The German police said afterwards: "When we saw WSM withdrawing funds, we immediately launched an action."

And Med31ln, the commissioner who helped WSM operate Dread and Reddit, even gave law enforcement a divine assist:

Perhaps sensing that the platform was about to run away, the WSM commissioner actually began to blackmail customers and merchants. He asked the latter to pay him 0.05 bitcoins each, otherwise he would directly hand over the information of relevant personnel to law enforcement agencies and let them behind bars.

However, while this may satisfy his selfish desires, it also exposes the real IP of WSM, which will obviously increase the possibility of the police solving the case.

WSM’s case-solving process is roughly as above, but there is still an unresolved question: How did law enforcement determine the criminal’s wallet address?

secondary title

03 A slight loss is a thousand miles away

First, law enforcement tested a VPN that might be used by WSM. Coincidentally, the VPN stopped working for some reason, but the criminal team still accessed the WSM website (without the VPN, the user's data is equivalent to losing its protection), which allowed the law enforcement agencies to successfully obtain some of Frost's information (including other exact location and possibly name).

Then, the law enforcement agencies turned to analyze Frost’s wallet address. After cutting off its layered “protection layer”, the law enforcement agencies found an address suspected of being the manager of WSM, and an anonymous address traded on the Hansa Darknet (Hansa Market) unanimous.

Then, the law enforcement agency transferred the address on Lufthansa to an unnamed Bitcoin transaction service provider, and found that the name of the controller behind it was "Martin Frost", as well as the related email address. The information found after the stop was consistent, so Frost was locked. Using a similar approach, law enforcement tracked down two other WSM administrators.

image description

Law enforcement will reverse engineer bitcoin's transaction history | Source: sciencemag

It should be noted that although the failure of the VPN provided important clues for law enforcement agencies, the success of solving the case has a lot to do with the "dismantling" of the Bitcoin address. The United States Postal Inspection Service (The United States Postal Inspection Service) is responsible for this States Postal Inspection Service). After the Silk Road was shut down that year, the related bitcoins were also traced by the reverse dismantling of law enforcement agencies. At that time, the FBI was in charge of this work.

The end of WSM is obviously not the end of the dark web, let alone the end of the struggle between law enforcement agencies and dark web platforms. The former will learn the lessons of the downfall of WSM, and may build a more secure VPN, use more complex shorthands to hide the traces of cryptocurrencies, and even create new anonymous cryptocurrencies;

Reference link:

https://techcrunch.com/2019/05/03/how-german-and-us-authorities-took-down-the-owners-of-darknet-drug-emporium-wall-street-market/

https://darkwebnews.com/darkwebmarkets/wall-street-market-exit-scam/

https://www.forbes.com/sites/daveywinder/2019/05/03/did-a-bitcoin-exit-scam-cause-dark-web-wall-street-market-crash/amp/

https://www.nytimes.com/2019/05/03/business/germany-wall-street-market-drugs.html

https://bitcoinmagazine.com/articles/major-darknet-marketplace-wall-street-market-shuttered-law-enforcement/amp/

https://en.bitcoinwiki.org/wiki/Darknet_market

https://www.ndss-symposium.org/wp-content/uploads/2019/02/ndss2019_09-1_Lee_paper.pdf

https://explorepsychedelics.com/markets/wall-street-market/