The Versus Market, one of the most popular English-speaking criminal darknet markets, is shutting down after discovering a severe exploit that could have allowed access to its database and exposed the IP address of its servers.
When conducting criminal activities online, dark web marketplaces must keep their physical assets hidden; otherwise, their operators risk identification and arrest.
The same applies to the users and vendors, who need to remain anonymous while using these illegal platforms. Anything that undermines trust to protect their info renders the platform extremely risky.
Apparently, after finding these vulnerabilities, the operators of Versus have decided to pull the plug themselves, finding it too risky to continue.
Versus launched three years ago and reached very high popularity in the cybercrime community, offering drugs, coin mixing, hacking services, stolen payment cards, and exfiltrated databases.
Going dark
Last week, a hacker exposed the marketplace's poor security by leaking a PoC on how to access the file system of the site's server on Dread, a darknet social media space.
.jpg)
Versus went offline to conduct a security audit like the site says it has done twice before, following suspicions of severe flaws or even actual hacks.
After they went offline, users became concerned that the Versus was conducting an exit scam, that the FBI had taken over the site, and various typical assumptions that accompany these sudden moves.
Soon though, the platform's operators re-emerged to announce that they were shutting down the marketplace.
A staff member who is among the main operators of Versus posted the following PGP-signed message:
"There is no doubt that there has been a lot of concern and uncertainty regarding Versus in the last few days. Most of you that have come to know us have rightfully assumed that our silence has been spent working behind the scenes to evaluate the reality of the proposed vulnerability.
After an in-depth assessment, we did identify a vulnerability which allowed read-only access to a 6+ month old copy of the database as well as a potential IP leak of a single server we used for less than 30 days.
We take any and every vulnerability extremely seriously but we do think that its important to contend a number of the claims that were made about us. Specifically of importance: there was no server pwn and users/vendors have nothing to worry about as long as standard and basic opsec practices have been utilized (for example, PGP encryption)
Once we identified the vulnerability, we were posed with a fork in the road, to rebuild and come back stronger (as we had done before) or to gracefully retire. After much consideration, we have decided on the latter. We built Versus from scratch and ran for 3 years.
The message ends with a notice to vendors on the platform, promising to post a link for them to perform transactions without time restrictions, allowing the retrieval of escrow balances.
A turbulent success
Versus was exposed for IP leaks in March 2020 and suffered a massive Bitcoin theft from user wallets in July 2020. In both cases, the platform owned the mistakes and was completely transparent about what happened.
This allowed Versus to continue forward and become a large marketplace in terms of user numbers and transaction volumes. However, the operators probably realized the risk of exposure was too significant to continue.
Whether or not members of the law enforcement have already exploited the existing vulnerability remains to be seen in the weeks/months ahead.
Post a Comment Community Rules
You need to login in order to post a comment
Not a member yet? Register Now