Sunday, November 22, 2015

AlphaBay Market Place ★★★★1/2


Since Abraxas went offline, many vendors and buyers are seeking alternative. We are confident you will find AlphaBay to fit your needs. They offer fair & transparent administrating of all matters with community involvement, strong security for the peace of mind, constant improvement in functionality (new features), professional handling from Staff and diverse community second-to-none.

Buyers and vendors! Below you will find useful information for your stay on AlphaBay.

About Vendor Bond Waive: If you are reputable vendor from Abraxas, please send PM to @DeSnake with PGP signed message, link to your Grams profile, link to your AlphaBay Marketplace account, link to your AlphaBay Forums account, introduction of what is your area of service. Your requests will be processed as fast as possible and you will receive free vendor account in both Marketplace and Forums.

Why they can offer you the better experience? AlphaBay offers a great collaboration of people that made the market what it is today, A few of the features which have been created by AlphaBay and are unique to our Marketplace - Digital Contracts, Multi-Trust Contracts, ScamWatch, Front page bidding

AlphaBay has an advertisement platform ready for vendors to make use of to promote their services both on Marketplace and Forums. Read here about Paid Advertisement via Sticky Listings and Sticky Topics. You could also bid for your listing to appear on the front page Front page bidding.


AlphaBay Is currently the Largest Darknet market available and so far has proven to be worthy of the title as leader.

Get invited to AlphaBay Here - http://pwoah7foa6au2pul.onion/affiliate.php?ref=outraged

Rating -  ★★★★1/2  
Posted by at No comments:
Labels: , , , , , , , , , , , ,

The Dream Market Place ★★★★★



Since Abraxas is currently down, many vendors and buyers are seeking alternative. Dream is a strong alternative that should fit your needs. The dream market is the longest running darknet market ever and currently the second largest. It offers fair & transparent administrating of all matters with community involvement, strong security for the peace of mind, constant improvement in functionality.


Features:


Running stable with a uptime of 97% since 2013
Featured anonymous market platform
Using bitcoin transactions to increase anonymity
Escrow system to prevent fraud actions
Dual rating system to increase trust and business confidence
Automatic currency conversion using current exchange rates
Messaging system with conversations
Seller product and order management system
Different shipping prices supported
Captcha secured registration und login
Support to recover lost passwords with PIN-numbers
Password update function
phpBB board for member discussions
Verified import of your Black Market Reloaded reputation
Mail server for e-mail clients (enables you to respond faster)
PGP login for improved security
Chat system for faster instant communication (javascript only)


Registration link - http://lchudifyeqm4ldjj.onion/?ai=71553

Rating -  ★★★★★

Posted by at No comments:
Labels: , , , , , , , , , , , , , ,

Valhalla market place ★★★★



Valhalla Was a Finnish only marketplacen(Silkkitie) turned international and available in English, exists since October 2013. Offers both traditional escrow & multisig, 2FA and forced PGP, recently turned invite only and require a referral link to register as a buyer or a vendor (which you can find below). Was recently rebranded and now called “Valhalla”.
They support true P2SH multisig and make it dead simple to use. This keeps everyone honest and the funds remain safe.
There code base has supposedly been vetted by the most famous (and expensive) security experts and They run a generous bug bounty program for finding new issues.
Security is the top priority: PGP messaging is forced by default and accounts can be secured with two-factor authentication.

Invite link - http://valhallaxmn3fydu.onion/register/SWuR

Rating - ★★★★
Posted by at No comments:
Labels: , , , , , , , , , , , , , , ,

Hansa Darknet Market ★★★1/2


Hansa is a Darknet Market with the main focus on a trustless payment system, which makes it impossible for the vendors OR the site staff to run away with Bitcoins of the buyers.

Here are the main features that distinguish HANSA Market from other Darknet Markets:

2-2 multi-signature escrow between vendors and HANSA

Funds can only be accessed by the vendor after the buyer finalizes a transaction and can never be accessed by the site staff. Theft from either party is impossible.

No Bitcoin deposits

Every order has its unique Bitcoin address similar to BitPay's or Coinbase's payment system. Buyers have 15 minutes to pay the order and do not have to wait for deposits to arrive. Payments are submitted to the vendor after 1 confirmation and the vendor is then given 24h to accept or decline the order, which transfers the funds into the multi-signature escrow system or back to a refund address, which the buyer provided.

No Finalize Early

They do not support FE or partial escrow releases and they don't have to! The multisignature escrow makes it impossible for the site staff or vendors to steal any Bitcoins.

Other features

Sophisticated search engine, i2p support, Bitmessage notifications, optional auto-delivery for digital goods, high server uptime

Get invited to Hansa Here -  http://hansamkt2rr6nfg3.onion/affiliate/894

Rating - ★★★1/2
Hansa has a great design and concept. It just lacks the traffic of some of the larger markets at the moment. It has the potential to be a 5 star market once it gains more attention.


Posted by at No comments:
Labels: , , , , , , , , , , , , , , , , ,

Dream now offering vendor bond waivers for sellers from all major markets



First Signup to Dream here - http://lchudifyeqm4ldjj.onion/?ai=71553

Now visit this link - http://lchudifyeqm4ldjj.onion/vendor

This page lets you apply as vendor or revoke your vendor application. Vendor status requires a bond of ?0.75 ($234). If you decide to revoke your vendor status you will get your money back. Also if you have gained a certain level of trust level, you can get your vendor bond back while retaining your vendor status.

For verified vendors the vendor bond can be waived. Please first verify your vendor account here -

http://lchudifyeqm4ldjj.onion/verify

There you will find links to verify your account. Currently supported are verifications with Blank Bank, Black Market Reloaded, Agora, Nucleus, Alphabay and Abraxas vendor accounts.


    Verify using Black Bank - http://lchudifyeqm4ldjj.onion/linkBlackBank
    Verify using Black Market Reloaded - http://lchudifyeqm4ldjj.onion/linkBmr
    Verify using Agora - http://lchudifyeqm4ldjj.onion/linkAgora
    Verify using Nucleus - http://lchudifyeqm4ldjj.onion/linkNucleus
    Verify using Alphabay - http://lchudifyeqm4ldjj.onion/linkAlphabay
    Verify using Abraxas - http://lchudifyeqm4ldjj.onion/linkAbraxas
    Verify using Middle Earth - http://lchudifyeqm4ldjj.onion/linkMiddleEarth

After that, request vendor bond waiver here -

http://lchudifyeqm4ldjj.onion/contactMember?member=SpeedStepper#conversation

They will process your request ASAP.

Posted by at No comments:

AlphaBay's Multisig Guide


This is a guide for multisig transactions in Alphabay market – Quoted from the market:

 Original: http://pwoah7foa6au2pul.onion/forum/viewtopic.php?f=2&t=1871

We are pleased to announce that AlphaBay Market now supports multisig transactions! This was requested a long time ago by the community so we decided to step up our game a bit and go for this option.
We are now the only marketplace on the Deepweb having ALL of the following security measures (source: DeepDotWeb’s marketplace list):
– Multisig transactions (2/3)
– 2FA
– Withdrawal PIN
– Vendor bond
– Forced vendor PGP
For the less tech-inclined, here’s how a multisig transaction works:
1) Both the buyer and the seller must have set their public Multisig key in their profile.
2) The buyer deposits 4% of the item value in his AlphaBay wallet to cover market fees.
3) The buyer purchases the item, then a multisig Bitcoin address is generated using the buyer’s key, seller’s key, and a market-generated public key (2/3). Both parties can use this publicly-viewable information to verify the authenticity of the address.
4) The buyer sends money to this address, and the seller ships the goods.
5) If the buyer is happy, he finalizes, and the seller received the market private key.
6) In case of dispute or refund, the buyer receives the private key.
7) Whoever got the private key will use it, along with his own private key, to claim the coins.
To make it simple: buy the product, and you get a BTC address to send the coins to. Seller gets the private key when you finalize. You get the key if you dispute and win.
This is a fool-proof method to avoid exit scams. You never give your private keys to anyone.
We don’t provide help in cashing out the multisig address. You have 2 private keys out of 3, so you are supposed to know the rest. If you lose your private key, it’s too bad.
Enjoy!


Get invited to AlphaBay Here - >  http://pwoah7foa6au2pul.onion/affiliate.php?ref=outraged
Posted by at No comments:

AlphaBay now offering vendor bong waivers for Abraxas, Amazon Dark, And Middle Earth


As many of you are aware, Alphabay Market is still up and running, and it looks like they
have no intention of leaving. In the light of the recent events where Abraxas
and Middle Earth seem to be MIA, they offer vendor bond waivers to
qualiying Abraxas vendors. Howevere, they are currently unable to do so with ME vendors,
as Grams does not yet index the sales.

We understand the concern of being afraid to leave your money in Escrow, this
is why we offer true 2-on-3 multisig with complete protection against any form
of exit scam. For vendors who do not wish to use multisig, large-volume vendors
may be granted FE at the admins discretion.

The procedure to get a waiver goes as follow.
1) Go to Grams infodesk and locate your vendor page.
http://grams7enufi7jmdl.onion/infodesk

2) Head on to Alphabay and make your account:
http://pwoah7foa6au2pul.onion/affiliate.php?aff=45866

3) Head over to the forums, Announcements section, waiver section.

4) Post a PGP signed message using the key in the Grams account. We will
evaluate the request and assign the appropriate privileges.

Welcome to all refugees, and see you over there! The multisig guide can be
found here:  http://newdarknetmarkets.blogspot.com/2015/11/alphabay-multisig-guide.html
Posted by at No comments:

Key security points for Darknet survival


Just thought I would post some basic key points for anyone new or old who wants to improve their security. A lot of noobies out there who are just earning their stripes. Just want to make those of you who are new aware of what goes on around the DarkNet and how to stay safe. I would hate to see a promising individual get caught for something that could have been prevented.

1.) Social Engineering
- This is the Holy Grail of Doxxing, be aware of what you say in public or private.
---a.) Using chat software (XMPP) is a form of isolation. Isolation is used in one of two ways: relaxation or intimidation
- You should always be cautious of who you talk to. Even if you think they are 'cool' or you knew them for a long time.
- Not only LE but if your 'cool friend' gets wrapped up he will be the first to snitch you out.

The most notorious hackers of the world aren't always just sitting behind of a computer. Kevin Mitnick, once the most wanted hacker in the world, although advanced technically was a far better social engineer who ended up in a plethora of allegations ranging from: hacking into the Department of Defense, National Security and several banks. So, it isn't always about how many computer skills you have or how many programming languages you can write in. Sure, that is one aspect but basically, no one here is your friend. We can be social and cordial to one another but always keep in mind that you don't know the person on the other side or their agenda.

2.) Online Dumpster Diving
- Rummaging through posts and trying to gather and piece together information to build enough identity about you.
- Be careful about what you post in the forums, think before you write too much.
- Never post absolutes about yourself and always stay adaptive.
---a.) You can be anything you want to be in anonymous world, just don't be you.
- If you stick to facts and the less opinionated you are, the less character you have.

It is often easy to use a forum such as these to come and 'hang out.' Honestly, this is not the place to hang out. Hang-out with your family, get a girlfriend/boyfriend or Facebook for that. It doesn't mean you can't snap a joke and you have to be rigid, it just means take a second to think before you post something. It might end up being too revealing.

3.) Money
- They follow money trails.
- Wash your coins, double and triple wash.
- Buy other e-currencies and trade back.
- Buy physical goods with BTC you are capable of selling for fiat.

Money is nice. Especially when you finally get to spend it. That car, that house, that diamond studded Rolex. Well, all those major purchases get reported to some tax collection agency. In the USA, it is the IRS. They have the authority to monitor your spending (whether legitimate or illegal) purely for the purpose of finding out if you have been paying your taxes.

4.) Third-Parties
- Be aware of third party websites like Reddit, Bitcoin Washing services, and the possibility of a Fake Market.
---a.) Not only can fake Washers and Markets be used to steal your money, they can also be used to track your money.
- Don't use the same log-ins for every site.
- LE can cross analyze data and habits much the same way Google Analytics works.

Here you have a way to start linking your identity if you aren't cautious. For example, you post identical comments on the DarkNet as you do on the Clear Net. You use the same name to buy and vend and wash your coins. It is always a figurative pain in the ass to go the extra steps to be secure but don't let it become a literal pain in the ass when you get to prison.

5.) Keep your personal life and DarkNet life completely independent.
- They watch you from the outside-in and the inside-out

There should be no need to tell your friends around town what you do. That is not being Anonymous. That is being Pseudonymous.

6.) "Patience is the weapon that forces deception to reveal itself." -- Unknown
- It works both ways. The Feds will/can watch you for 10 years if they want. When they get tired of you... that's it.
- If you're in for a long run follow the rules of engagement. Never become relaxed and keep your OPSEC up to date at all times.

Be patient. There is no need to rush anything. Anyone trying to rush you is a pressure salesman of some sort.

7.) Malware / phishing links and sites.
- LE are no better than you or me. We breathe the same air and bleed the same blood. They are capable of writing code as well.

Always check the links in messages. They could be a phishing attempt. Always bookmark the correct links and use those and then search for a thread or verify the main URL first. It's a bit lazy and insane to just go around clicking every link you get on the DarkNet.

8.) Keep your software up to date.
- When TOR has an update. Update it!
- When Tails or Whonix has an update. Update it!

There are some exceptions to this rule when it comes to new features by Windows, Lenovo and other commercial hardware and software manufacturer's. They are now joining together to fight cyber-crime by installing back-doors and rootkits to your privately owned software. Quite a few years back, Sony had several class action law-suits against them (including 7 U.S. States) for installing rootkits via Columbia Records' digital content CDs. Now, it is becoming the norm to invade your privacy.

Windows User's: Disable/Uninstall Telemetry Updates found in Windows 10, 8.1, 8 and 7 - https://voat.co/v/technology/comments/459263 (clearnet link)
- If you don't trust the software you can do this manually from the "Uninstall Updates" menu and search for each KB file independently. There are 29 or so, I believe.

9.) PGP for Yourself
- Auto-PGP is a nice feature but it is not as secure as we like to pretend it to be.
- No DNM is open-source.
- The DarkNet is a trust-less environment.

Not saying anything is truly bad going on, but there is possibility that auto-PGP messages are retained. The way PHP (the language) works is by grabbing form data and then manipulating it. This leaves it wide open for the Admin to do whatever they want to with your message (not saying they are or spreading FUD.) PGP on your PC and then paste it to the form. Do this for ALL markets and forums.
Posted by at No comments:

Complete Darknet market safety guide



Hello Everyone!

I wanted to put together some useful information for anybody who wishes to purchase goods anonymously via the DarkNet. My aim is not to promote my own products or services – I simply want to help everybody who comes here to have a safer, more positive experience.

★ Disclaimer: I am not endorsing any sites or services listed below; this post is purely to help inform and educate our community :-)

Contents

1) Places To Buy
2) Understanding Bitcoin
3) Choosing A Vendor
4) Digital Security
5) Physical Safety & Harm Reduction
6) Email

1. Places To Buy

The top 2 markets to buy from currently are Dream and Alphabay

http://lchudifyeqm4ldjj.onion/?ai=71553 ( <- Referral link required to join)

- Uptime 98.34%

http://pwoah7foa6au2pul.onion/affiliate.php?aff=45866 (<-Referral link required to join)

- Uptime 95.95%

However there are several other less used markets available

Agora - > http://agorahooawayyfoe.onion/register/Yp38jeoAcz (<-Referral link required to join) ---- *Offline till further notice
Bloomsfield - > http://spr3udtjiegxevzt.onion ---- Uptime 99.57%
Crypto Market - > http://cryptomktgxdn2zd.onion ---- Uptime 97%
East India Company -> http://g4c35ipwiutqccly.onion/ ---- Uptime 96.85%
French Dark Net -> http://s35ws7u7sj2g3uxm.onion ---- Uptime 99.4%
GotMilk Pharmacy -> http://334bkn7o7ffp6p7a.onion ---- Uptime 99.5%
Hansa -> http://hansamkt2rr6nfg3.onion/affiliate/894 (&lt;-Referral link required to join) ---- Uptime 99.53%
HonestCocaine -> http://honestcqcmljqczq.onion ---- Uptime 84.92%
IDC -> http://2qrdpvonwwqnic7j.onion --- Uptime 99.27%
London underground -> http://lustorecibkvrjhj.onion ---- Uptime 97.38%
Middle Earth Marketplace -> http://mango7u3rivtwxy7.onion ---- Uptime 95.38%
Nucleus Market -> http://nucleuspf3izq7o6.onion ---- Uptime 97.94
Outlaw Market -> http://outfor6jwcztwbpd.onion ---- Uptime 93.29%
Ramp -> http://ramp2bombkadwvgz.onion ---- Uptime 95.31%
RuTor -> http://xuytcbrwbxbxwnbu.onion ---- Uptime 99.12
Silkkitien -> http://silkkitiehdg5mug.onion ---- Uptime 96.08
The Hub -> http://thehub7gqe43miyc.onion ---- Uptime 93.51
The majestic Garden -> http://bm26rwk32m7u7rec.onion ---- Uptime 98.83%
Tochka -> http://tochka3evlj3sxdv.onion ---- Uptime 69.32%
Torepublic Market -> http://nco5ranerted3nkt.onion ---- Uptime 91.61

Another great place to find hidden marketplaces is the list published by DeepDotWeb:

http://www.deepdotweb.com/2013/10/28/updated-llist-of-hidden-marketplaces-tor-i2p/

The list is updated fairly regularly as new markets are added or old markets are taken down.

2. Understanding Bitcoin

What Is Bitcoin?

The Wikipedia page is here: https://en.wikipedia.org/wiki/Bitcoin

Bitcoin (BTC) is a decentralized digital currency. It isn't anchored to gold, or any other asset, meaning its value (when exchanged for FIAT currencies) can fluctuate quite wildly.

Whenever you make a Bitcoin transaction, it is recorded on a public ledger called the Block Chain. This means anybody can see any transaction made (see http://www.blockchain.info). The tough part - the part that makes Bitcoin the currency of choice for anonymous purchases - is linking transactions to people.

To reduce the chances of transaction being traced back to yourself, you can 'tumble' your Bitcoins.

Tumbling Bitcoins

Tubmling your Bitcoins is a way of swapping your original BTC for other people's BTC, in order to sever your Block Chain trail. This makes it more difficult for people to link your purchases to you.

It is important to Tumble your coins through either a Tor hidden service, or using a wallet routed through Tor.

3. Choosing A Vendor

The following links list various vendors on the darknet:

• El Presidente's vendor directory http://directory4iisquf.onion

• Gram's Infodesk vendors directory http://grams7enufi7jmdl.onion/infodesk

Before you buy from a vendor, do your research and make sure you read reviews and discussions on DNM Forums - the Hub has a Vendor area you can look at to gather this kind of information.

You should also learn what it means to finalize early (FE) - markets offering only this type of payment will not get you your money back if the vendor does not send your product: Understand the risks, and only FE with a vendor you trust. If you are unsure, you should find a market offering an escrow service.

If you have a dispute with a vendor, it helps to be polite and try to work towards a resolution that is fair to the both of you before raising a complaint to the market staff. And stick to the facts at all times - lies get uncovered more often than not, and they aren't fair (we're a community!).

4. Digital Security

Deep Dive information https://cryptostorm.org/

There is a lot to do to ensure anonymity. Here I will outline some of the core practices you should be following.

Tails: https://tails.boum.org/download/
Tails is a live operating system, that you can start on almost any computer from a DVD, USB stick, or SD card. It aims to preserve your privacy and anonymity, and helps you to:

&gt; use the Internet anonymously and circumvent censorship;
&gt; force all connections to the Internet to go through the Tor network;
&gt; leave no trace on the computer you are using (unless you ask it to explicitly);
&gt; encrypt your files, emails and instant messages using state-of-the-art cryptographic tools

Linux on a thumb drive or CD running Tails is widely used

Virtual Private Networks (VPNs)

VPNs can offer an additional layer of protection; HOWEVER, not all VPNs are secure. This article on DeepDotWeb can help you separate the good from the bad and the downright ugly: http://www.deepdotweb.com/2014/07/08/is-your-vpn-legit-or-shit/

• NEW - https://torrentfreak.com/anonymous-vpn-service-provider-review-2015-150228/

Please use these sites to see if you are really anonymous (while your VPN is up &amp; running)

IP leaks testing resources:

DNSLeak: http://dnsleak.com/

IPLeak: http://ipleak.net/

IPv6 Leak:http://ipv6leak.com/

E-Mail IP Leak: http://emailipleak.com/

PGP

This is one of THE most important things for you to learn, as it allows you to keep your communications between only yourself and the person you are talking to. Take the time to learn PGP even if you do nothing else.

Windows: http://www.deepdotweb.com/2013/11/11/pgp-tutorial-for-newbs-gpg4win/

Mac: https://gpgtools.org/

Remember to learn the difference between your Public Key and your Private Key - failing to do so could ruin your efforts to remain anonymous.

Tor Project

Always check up on any updates that are made available, as they are usually very important - people are trying to break TOR all the time, and many times these updates are designed to combat any faults found: https://www.torproject.org/

Current version of TBB is 4.5.2 this version has an option when you select the onion and the dropdown appears there's now a "Privacy and Security setting" you can now adjust to diferent levels of privacy and security

5. Physical Safety &amp; Harm Reduction

You are free to choose what you put into your body. I believe that fully. However, you should make this choice only after fully informing yourself of the potential consequences! Here are some great links:

Know what you blow http://cocaineweogeta6y.onion

http://wedinos.org

http://www.dancesafe.org/ (KET, MXE, MDMA, ETC...)

https://www.erowid.org/ (A site for sharing knowledge and experience with chemicals that have an influence on how your brain works)

https://pillreports.org (PILLS)

http://www.grindfactor.com/Forum/forumdisplay.php?1-Drug-Harm-Reduction

Testing Products

This trend in fake drugs is serious - I have heard too many bad stories for my liking. You can buy test kits at:

http://bunkpolice.com/

http://www.eztestkits.com/en/

They are on Ebay as well. Do it and be safe!

(Remember that buying a test kit is NOT a crime - don't stop yourself buying a test kit because you're worried what it might say about you as a person; it's always smart to keep yourself safe physically)

6. Email

Always use encryption for personal safety. I'm not a fan of email however I realize it's a necessary tool at times. Use TOR at all times when accessing them and make sure all sensitive conversations are properly encrypted. Lastly, no one is 100% sure that these e-mail providers won`t comply with Law Enforcement or that they are really private so treat this as information not an endorsement.

http://sigaint.org/ http://sigaintevyh2rzvw.onion/
http://lelantos.org/ http://lelantoss7bcnwbv.onion/
http://www.innocence.se/
http://riseup.net/
http://inventati.org/
http://ruggedinbox.com/
http://mailtor.net/
http://mail2tor.com/
http://onionmail.in/
http://toremail.net/
http://cock.li/
http://www.unseen.is/
http://www.safe-mail.net/
https://tutanota.de/
Posted by at No comments:

Saturday, November 21, 2015

How to use Multisig for orders on Darknet markets

"Customers/buyers
    Get Electrum 2.0 www.electrum.org/#download
    Run Electrum.
    Select Create New Wallet and multi-signature wallet, then proceed. If you already have a default wallet, File>New/Restore.
    Select 2 of 3 on next screen, then proceed.
    You will find your seed generated. Copy it to your clipboard and a text file then #fuckingwriteitdown.
    click next, then paste that same seed onto the next screen. Hit next.
    Create a password. Don’t skip this step, the password is required to keep your end secure and release funds. Click next.
    Copy your master public key, and share it with the market and vendor. Take care not to share your seed or password.
    Gather the two master public keys, one from the market, one from the vendor. Paste them each, order doesn’t matter. Next.
    “Select Server Manually”, then config to route through Tor. Tor Browser Bundle must be running for this to work.
    SSL, SOCKS5, localhost, port 9050
    Light in bottom right corner will turn from red to green when connected.
    On the receive tab, note that all the addresses start with 3, instead of one. This signifies they are indeed multisig addresses.
    You are responsible for funding the correct amount of bitcoins to an address on this wallet. Remember, any funds transfered there can’t be transfered back without without 2 of 3 consensus. Be careful to send the correct amount. After this is done, your work is done until it’s time to finalize the transaction (which you will do in a timely manner, as you are not a little bitch).

Vendors it’s your turn!

Generate your Master Public Key

    Get Electrum 2.0 www.electrum.org/#download
    Run Electrum.
    Select Create New Wallet and multi-signature wallet, then proceed. If you already have a default wallet, File>New/Restore.
    Select 2 of 3 on next screen, then proceed.
    You will find your seed generated. Copy it to your clipboard and a text file then #fuckingwriteitdown.
    click next, then paste that same seed onto the next screen. Hit next.
    Create a password. Don’t skip this step, it is for your security. Click next.
    Copy your master public key, and share it on your market profile. Take care not to share your seed or password.
    end the creation, you will not be making a wallet at this time. This is done by deleting the wallet file.

To open your end of a wallet created by a customer/buyer (this is for each order).

    File>New/Restore, name the file.
    Select “Restore a wallet or import keys” and “multi-signature wallet”. next screen, 2 of 3. next.
    Paste your previous generated master public key.
    Gather the two master public keys, one from the market, one from the buyer. Paste them each, order doesn’t matter. Next.
    Verify the correct funds are present.
    You are responsible for creating two transactions. One is to pay the market their previously agreed upon share. The other is to pay yourself the rest to the correct bitcoin address. You won’t be able to complete these, but you will generate the text needed for the customer or market to sign off on these transactions. These will be exported as .txn text files, which you can then copy and share the contents to the market message system, for the buyer or market to fully sign the transaction.
    Click the send tab
    enter correct address, and amount, then click send.
    Agree to the fee.
    Provide your password.
    save the file. repeat for each transaction, ideally the markets small share first.
    Open the files in a text editor, and share on the markets message system.
    Wait to get paid once the buyer receives their package.

Finalizing

    Open the correct multisig wallet. Nothing will work unless you are in the right wallet.
    Tools>Load Transaction>From Text
    Copy paste each transaction (one at a time), starting with paying the market first.
    It should load up a small window, giving signing as an option. Make sure all the details look correct before you sign!!!!!!!!
    Repeat for vendors transaction.
    Congratulations! The transaction is complete!

Disputing

Weather it’s the vendor or buyer disputing, they are responsible for providing a return address. The market is responsible for generating the transaction text. The winner of the dispute is responsible for signing/finalizing the transactions and making sure the the coins are going to the right address."

https://www.deepdotweb.com/2015/03/21/multi-signature-transactions-electrum-2-0/

Posted by at No comments:

AlphaBay now recruting a dedicated anti scam team. Way to go AlphaBay!


It looks like AlphaBay is taking another step to make itself stand out from the rest of the darknet markets by recruiting a dedicated ant scam team. This is the original post from "Admin" on the AlphaBay forums.

Original post http://pwoah7foa6au2pul.onion/forum/index.php?threads/new-anti-scam-team.17512/

We have introduced several changes to AlphaBay which will benefit everyone.

1) Our newest feature which allows top community members to work alongside AlphaBay Staff to clean scammers in a fast manner to give you, the user, an unparallel positive marketplace experience.

The anti-scam team, ScamWatch, is a paid position and consists of @penissmith, @vaas and @onionhood. Each member is proven and recognized, each with individual focus - not only fraud but drugs, hacking, malware, general etc. Staff has long worked to prevent scammers, however, with the increase of user base, we needed a team to entirely focus on detecting and preventing scams of any sort.

Staff is part of ScamWatch programme and will follow same procedure with the difference of being able to moderate topics/delete listings/make products physical etc. ScamWatch members at current stage do NOT have any moderation permissions on the forum or dispute access in marketplace.

What do ScamWatch members do?
They patrol all the time AlphaBay marketplace and forums to detect/prevent scams or signal for potential ones. ScamWatch members will have the ability to freeze vendor account withdraws for 24hrs if suspected of scamming. Issues such as physical items marked as Digital (scam) will be enough for freeze and report to Administration.

Example ScamWatch procedure?
After an account is frozen, SW member/Staff responsible for it will create post in hidden forum section, explaining the situation (+details+evidence) and Administration will be able to apply ban within 24hrs or dismiss the case, e.g. due to lack of evidence.

Why freeze not ban?
We at AlphaBay believe each persons role should be balanced in order not to be abused. A temporary freeze of 24hrs is the best solution.

I am not a scammer, should I be worried?
SW will not be harassing you if you do not scam, all of this is done for the protection of buyers and vendors. Should any abuse from SW happen, please message Staff member about it and it will be promptly reported to Administration.

SW can be abused to freeze all accounts on marketplace?
We have put in place code to prevent automated abuse of this feature or stop it in its tracks.

2) All support from AlphaBay in the Forums is now in one section - AlphaBay Support. The section consists of Helpdesk, Bug Reports, Scams Reports. Scam Reports is now put on daily tasks for SW members and Staff to review and manage. We have added labels to each topic so it will be known its current status (scam report unresolved/resolved).

3) alpha02 account will be renamed to 'Admin'. This account will ONLY accept private messages from Staff. The account will be used by staff members. If you have something important to say, feel free to encrypt PGP message and send it to Staff member to pass it on to 'Administration' account. For any issue, use the Helpdesk.

4) Staff will be responding/managing sections Helpdesk and Bug Reports. Any legitimate requests will be escalated to Administration and they will be instantly processed.

With the recent changes, we are proud to say AlphaBay and its community, will be the first marketplace ever to take specific, meaningful actions against scammers/phishers/all those who wish harm in one form or another to fellow darknet users.

 AlphaBay Is currently the Largest Darknet market available.

You can get invited to AlphaBay Here - http://pwoah7foa6au2pul.onion/affiliate.php?ref=outraged

Posted by at No comments:

Friday, November 20, 2015

Complete PGP Tutorial For Newbs (Gpg4Win)

Tutorial for Gpg4Win using Kleopatra can be found here.
We found a great tutorial posted on deepdotweb today about how to stay safe and use PGP.
The link to the original article is this: http://www.reddit.com/r/DarkNetMarkets/comments/1qdzl8/guide_pgp_4_n00bz/
All the credit for the tutorial goes out to this reddit user:  BenZoThr0w –  http://www.reddit.com/user/BenZoThr0w
=====
The goal here today is to try and educate n00bZ on what PGP is, how to install GPA, I’m making the guide because I educated myself on PGP and it took awhile for me to understand it. So here is a picture guide to installing and creating a PGP key to encrypt and de-crypt messages.
=== BACKGROUND of PGP ===
Basically, each individual has a unique PGP key. In the program GPA, you import peoples unique key to your list of keys. When you go to write a PGP message, you type it normally in the clipboard { you’l learn about the clipboard later, it’s your friend } and then press an encrypt button, which then lets you pick from your unique list of keys to encrypt to, where ONLY that person can read it. [ this is why people give their public keys out, so anyone can encrypt them a message ] === THE STEPS ===
– Step One –
Okay, so first things first, let’s get a PGP program. One of the most popular is GPA. Head over to this link to download gpg4win which includes GPA {you can see a list of the programs gpg4win contains to the left of the download page, GPA is one of them}
Download: http://gpg4win.org/download.html
IMPORTANT !!!!!!! ***********************
When installing gpg4win you get the option to install which programs you want from the package. By default, GPA is not checked. MAKE SURE YOU CHECK GPA! You need it in order to easily encrypt and decrypt messages. This is what it looks like during the installation:
Pgp Tutorial 1
Next, you want to make a PGP key. Remember, none of the details need to be valid. I’d use your online name or a different alias when making your key. Something that isn’t your gamertag for online games, or anything that may tie to you. A completely new alias. The e-mail doesn’t need to be valid at all. Here are some pictures to help you through the process. Also make a backup of your key!!!
First, click the keys in the menu at the top. Alternatively, you can click CTRL+N to begin the process of creating a key. Shown here:
Pgp Tutorial2
You will go through a set up, where you make a name for your key, which I suggest you use an alias. Shown here:
Pgp Tutorial 3
After selecting your alias it asks for an e-mail adress. This e-mail should be non existent, and be linked to a website that also doesn’t exist. Shown here:
Pgp Tutorial 4
Then you’re asked to make a backup of your key. I highly suggest you do this! Although you can make a back up at any time, you should just do it now. This is where your public key will be that you give to others to contact you. Shown here:
Pgp Tutorial 5
– Step 2 – Find Your Key –
Find where you put the back up of your key. It will be an .asc file but no worries, when asked to open the file just tell windows or whatever OS to open it using Notepad. Here you will find a public key similar to this.
Pgp Tutorial 6
When sharing your key with others, you wan’t to copy and paste from the beginning dashes to the end dashes. Exactly how I have copied and pasted above.
— HOW TO IMPORT SOMEONE ELSES PGP KEY TO YOUR GPA PROGRAMS —
You see people giving their public keys away so others can contact them. Simply open a notepad file, copy and paste their key and import it using the GPA program. I will show you how to do this.
First make a blank text file and copy the users pubic key to it. Shown here:
Pgp Tutorial 7
Then, in the Keys menu where you made your key, select import keys. Shown here:
Pgp Tutorial 8
Select the Text file you saved with the public key in it. Shown here:
Pgp Tutorial 9
Then you should get this if the key was successfully imported:
Pgp Tutorial 10
Now, lets send an encrypted message.
First, open the clipboard. You can get there through the Windows menu or through the clipboard icon on the quickbar. Shown here:
Pgp Tutorial 11
Then after opening clipboard type the message you’d like to send and select encrypt at the top of the clipboard window. Shown here
Pgp Tutorial 12
When you press encrypt, you are given a menu shown below. In this menu you select what key you’re using to send the message, and what key is going to be receiving the message. I chose to send the fake account used to make this tutorial a message with my personal account. Here’s what that menu looks like:
Pgp Tutorial 13
After you select who’s sending and who’s receiving you should get an encrypted message that looks like this:
Pgp Tutorial 14
This encrypted message is what you send instead of cleartext. So when messaging on websites, simply paste the PGP message. If you receive a PGP message, you can also use the clipboard to decrypt the message you have received by opening the clipboard, pasting the PGP message you got, and then pressing the decrypt button, shown here:
Pgp Tutorial 15
That about sums it up. I hope that people with questions on PGP and how it’s used can be solved here, as I tried to make the tutorial as noob as possible. Please be safe when communicating confidential or sensitive information on websites. Always PGP. Never FE. Be safe people. If you have questions, comment, and I’ll try my best to answer them.
=====
Hope this helps.
Posted by at No comments:

Thursday, November 19, 2015

Beware Of phishing attempts!


Recently another round of “market cloning” phishing scams is going around that will not only log your user and password but you cookies as well when you are logged into markets, this is the recent info as it was provided to us by “DS” at AlphaBay

Original warning link on the forum: http://pwoah7foa6au2pul.onion/forum/index.php?threads/warning-phishing-links.4414/

I want to make a warning that there are phishing links posted (or attempts to post) on our forums, marketplace, personal messages (pms) & other places like reddit. The user responsible for the phishing links is the banned few days ago was ex-vendor “Logs” aka “TinKode” (user registered with this name on our forums) aka dev.null (with whom I talked on jabber). The user will surely be using this to create clone of other dark net marketplaces (as he has said in our conversation).
After visiting his phished link, I put a message to him (telling him to fuck off) in the password field. When he saw it in his logs, he found from the forums here one of my contacts and started talking me into buying his onion cloner script* – which I knew was free. The scammer asked 10 BTC and since I wanted more information (if it is something modified version of onion cloner etc.), I agreed. No deal took place of course. But we now know how he script works (we injected specific URLs which we now see in server logs) & we are working on blocking phishing links on both marketplace and forum. You can read the details of the conversation with the scammer in the Screenshots below:
ready-new1
ready-new2
ready-new3
ready-new4
ready-new6
ready-new7
ready-new9
ready-new10
The solution is dead simple – Please make sure to memorize the real market links or keep them locally in some text file, if you can’t do that than make sure that you are using links only from legit sources – such as our list , /r/darknetmarkets list or dnstats.net sidebar – No other source should be trusted and anyway, a manual check should be made to make sure you are not using a malicious exit node who might replace the links with phishing links.
* The onion cloner script enables to mirror any .onion website on the fly and only catching specified fields like username and password ones. The user browsing the phished website sees no difference between that one and the real website – except the URL. Be very careful when visiting links because it SNIFF your COOKIES if you are logged into the real marketplace.
Posted by at No comments:
Subscribe to: Posts (Atom)