Cipher0007 has a small reputation on the dark web. In January 2017, the hacker discovered a bug on the popular black market AlphaBay. If accessed, the bug would’ve allowed an attacker to gain access to 218,000 private messages. Instead of abusing this obvious vulnerability, Cipher0007 submitted a ticket to AlphaBay moderators. They were able to fix the issue before it could be abused.
In a similar white-knight style, Cipher0007 claimed that Sanctuary Dark Web marketplace was filled with scams and potential weaknesses. For the good of the dark web community, they took matters into their own hands. The hacker uploaded a SQL injection to a backdoor on the Sanctuary’s server.
Cipher0007 provided proof for their claims on the DarkNetMarkets Reddit forum, including screenshots and references. In one of his comments, he states:
“I have already said this market is useless and the administrator is a scammer, I have found on server many urls and folders with fake login of AlphaBay and other market, and the source code of market it’s very bad 0 security and with much bugs, markets like this cannot survive in this jungle.”
The black marketplace is illegal for a reason. If someone attempts to purchase items off of it, there is always the chance that they will get caught. Still, many users test the waters. However, there are forums, blogs, and detailed instructions on how to stay secure when testing them. Do not attempt anything without doing the necessary research.
In reference, DeepDotWeb has a list of tips on their blog:
- Get your markets links only from reputable sources, phishing scams are very common. Make sure you see the lock and HTTPS:
- Never enter your pin on a login page. If a login page requests your pin – it’s a phishing site.
- Always use PGP
- Use Multisig where available.