Full WSM Story (Crimintal Complaint from USA) : DarkNetMarkets | Torhoo darknet markets

Med3lin's got a quick hand
He'll look around the danknet, he won't tell you his plan
He's got a rolled cigarette, hanging out his mouth he's a doxxboi kid
Yeah found a way to exit scam
In his admin's panel, hidden oh in a box of fun things,
i don't even know what
But he's coming for you, yeah he's coming for you


All the other kids, with no PGP skills
You'd better run, better run, outrun LE
All the other kids with no PGP skills
You'd better run, better run, faster than Speedstepper
All the other kids, with no PGP skills
You'd better run, better run, outrun LE
All the other kids with no PGP skills
You'd better run, better run, faster than Speedstepper


Vendor works a long day
He be coming home late, he's coming home late
And he's bringing me a surprise
'Cause my speed's in the kitchen and it's packed in ice
I've waited for a long time
Yeah the ESCROW of my order is now a quick press FE
I reason with my lawyer
And say your address's in plaintext, you must have lost your wits, yeah


All the other kids, with no PGP skills
You'd better run, better run, outrun LE
All the other kids with no PGP skills
You'd better run, better run, faster than Speedstepper
All the other kids, with no PGP skills
You'd better run, better run, outrun LE
All the other kids with no PGP skills
You'd better run, better run, faster than Speedstepper

1. Don't use a vpn unless you're backed by tor, aka only use tails if possible
2. Coin mixers are uselss, Monero is the only known solution for mixing correctly (Assuming Monero is safe)

13. Similar to the above, the funds from Wallet 4 were also “mixed” by a commercial service, and through thorough analysis, the United States Postal Inspection Service was able to “de-mix” the flow of transactions, to eventually ascertain that funds from Wallet 4 paid FROST’s accounts at the Gaming Company.

14. Similar to the above, the funds from Wallet 5 were also “mixed” by a commercial service, and through thorough analysis, the United States Postal Inspection Service was able to “de-mix” the flow of transactions, to eventually ascertain that funds from Wallet 5 paid FROST’s account at the Gaming Company.

y'all motherfuckers need monero

3. During the BKA’s investigation, the BKA determined the
WSM administrators accessed the WSM infrastructure primarily
through the use of two VPN
service providers. The BKA
determined that one of the administrators (based on the fact
that this individual was accessing control elements of WSM to
which only an administrator had access) used VPN Provider #1.
Based on the BKA’s analysis of the WSM server infrastructure,
the BKA noticed that on occasion, VPN Provider #1 connection
would cease, but because that specific administrator continued
to access the WSM infrastructure, that administrator’s access
exposed the true IP address of the administrator.

According to the Dutch National Police, which
issued legal process from Github, a platform for software and
coding development sharing, LOUSEE holds an account with the
user name “codexx420” similar to the administrator account
“coder420” found on the Gitlab server.

The third administrator for WSM was known as “TheOne,”
and as described below, the investigation has further revealed
probable cause to believe that FROST is “TheOne” for two primary
reasons. First, as described below (at paragraph 30), the PGP
public key for “TheOne” is the same as the PGP public key for
another moniker on Hansa Market, “dudebuy.” As described below,
a financial transaction connected to a virtual currency wallet
used by FROST was linked to “dudebuy.” As explained above in
paragraph 4.l, a PGP public key, in the context of darknet
investigations, is likely a unique identifier to an individual.
Second, as described below (at paragraph 31), investigators have
identified a wallet used by FROST that subsequently received
Bitcoin from a wallet used by WSM for paying commissions to
administrators.

You've got to be shitting me.

"Based upon my training, experience, and research, I know that: a.The Internet is a collection of computers and computer networks which are connected to one another via high-speed data links and telephone lines for the purpose of communicating and sharing data and information." (Leroy Shelton - FBI Special Agent "SA")

Nice! Mr. Cyber Crime Squad goon knows what the internet is!! Damn! This is so fucking sad.

So many small avoidablr mistakes these guys made, I mean fuck if you're gonna run a market you gotta have imppecable opsec,like no room to cut corners. I mean shit first they used an obviously shitty vpn provider, one of the admins connected the the WSM infastructure without the vpn(hey LE heres my real ip), and the codex420 dude basically using same username for WSM activities and non WSM stuff when obviously those should have been made as two different identities. Stupid mistakes, everyone take not and don't ever cut corners with opsec

It sounds more likely to me they were trying to arrest the admins and run WSM undercover to collect IP's similar to Hansa, but the scam put that to a stop.

Not sure what happened with Dream and rather not go into conspiracies, but the "rogue mod" asking for the first btc address used to deposit is highly suspicious for someone just looking to scam..

AlphaBay and Hansa all over again huh?

Be safe, stay safe

Public Wifi
Tor Router
VPN with killswitch to only allow network traffic to/from the VPN.

smart enough to run a market but not enough to use iptables? reusing wallets ? Surprised they made it so far

8d. Usually after the vendor confirmed on WSM that the contraband had been shipped, WSM released the funds to the vendor for payment from the customer, less commission fees retained by WSM.

I had never used WSM, so I have a stupid request: please tell me that what is implied here isn't true.
Did a WSM vendor get the funds before the order was marked as received?
Reading that complaint like someone from LE would, this sentence automatically renders all vendors as scammers.

Pure dumbass. Love the pumped up kids parody. Read the complaint. These were some fake ass criminals. Just some computer ppl with a pension for exit scams.

good point

they only asked how high :D

Check out the LE's vendor level and page on bottom of p. 14

Solid rating.

Further investigation revealed that these packages came from a vendor, "U4IA," who advertised on WSM... ...I learned that this darknet vendor had been convicted for distributing fentanyl resulting in the overdose death of the Florida resident and was sentenced to 12 years in prison.

I have such a hard time reconciling my feelings that any individual should be able to put whatever they want in their body, and that all drugs (whether pharmacy supplied or private-vendor supplied) should have to undergo testing with the fact that it's probably in the best interest of some individuals that LE goes after extremely specific cases such as this - selling any product without having it third-party certified.

Slippery slope either way I suppose.

So here are my thoughts and questions about this situation...

What provider was hosting the server? Does anyone care to speculate on this? Do you think they were using a "bulletproof" hosting service and if so are they really actually bulletproof or only as bulletproof as their security updates. By this I mean LE have stockpiled zero day exploits for this EXACT situation so vendors, admins and buyers alike should assume that you could be compromised at any moment and conduct yourself on the darkweb accordingly as no human has the capacity to discover and plan for EVERY possible type of attack.

Settings table included conversations? Can anyone with more DB knowledge than me explain this? Does SQL have some sort of built in means of communication ?

These guys weren't stupid, I mean they made mistakes but they weren't stupid so they'd have to be using an all singing all dancing VPN provider like cyberghost, nordvpn etc who do not collect logs. With that said the fact that 1 admin was identified by virtue of his VPN provider shitting the bed must mean that said provider does not have a killswitch feature or at least does not have it active by default. Can anyone help me narrow down the list of potential providers based on this? Clearly we should all avoid said provider/s.

Just for a laugh id love to know how long LOUSEE had that UMTS stick. How the hell was he not rotating that thing out every few weeks or so boggles my mind, and he was administrating the site from home WTF? Even for vendors is that not rule breaking DN OPSEC number 1? That is like Pablo escobar putting a sign outside his mansion saying "Buy coke in bulk here". Please. Then on top of that these guys were using WSM associated BTC addresses to make direct purchases, what ?

As others have said a lot of this can probably be put down to the 'laziness over time' disease that most crimianls catch. However the insecurity (in terms of anonymity) of BTC has nothing to do with that. BTCs intrinsic public nature is in my opinion the biggest contributing factor to the downfall of these admins. Therefore as others have mentioned we should all switch to monero immediately and demand that all markets do the same. Surely any sensible DNM admin is considering doing that at this very moment.

Aside from that they got what was coming to them as they exit scammed TWICE so fuck them. I look forward to hearing their sentencing.

I believe LE can reach anybody they feel like, when they feel like it. It just depends if you are a priority target or not.......

DOY

It just matters how important you are if they want to point a satellite at you or not.

VIDEO
Instagram account : politie_landelijke_eenheid

https://linx.li/3r0xixi2.jpg

as it was mentioned iin another Thread:
it was or is not illegal tto run the Platform/Marketplace itself.
No Crime, no Prosecution.
The Scam on the other Hand...
I gues they can get a Big Number of Years in Jail.

WOW

The bottom line here is that it is very difficult to do anything clandestine without making a mistake.

I do thank the WSM for it's contribution to the Dark Web Markets and I wish them nothing but love.