A hacker, operating under the pseudonym “PhishKingz,” has allegedly generated over one million dollars in just 14 months on the recently closed down dark web marketplace AlphaBay by running a phishing scam.
The hacker gave an interview to DeepDotWeb detailing how profitable the operation has been. “I have a trade volume on LocalBitcoins of about 500 BTC in total. This is all on an account I created one year and two months ago. Everything is stolen BTC from phishing and I have a cryptopay.me account that has had over £400,000 ($515,000) worth in BTC over the last six months. Phishing is very profitable on the dark web.”
PhishKingz began his operation after he took advantage of a glitch on AlphaBay’s site that gave him easy access to new members. Using this malfunction, he was able to redirect the new members to a fake verification page of his creation. Through this page, PhishKingz was “able to obtain the login details syncing, and the mnemonic phrases, as well as any PGP private key and password and pin code.”
In order to ascertain when a deposit was made, he “would save a bookmark using blockchain.info/address/hhhhh and then I would highlight 50 at a time every 20 minutes checking for deposits.” PhishKingz would then cash out the money using a bot.
AlphaBay had long been riddled with complaints from users who claimed they had been kicked out of the marketplace after placing a BTC deposit. PhishKingz asserts that this was entirely his doing.
The hacker claims the bazaar’s operators were not too concerned with the protection of their user base. “The admins didn’t really care about their customers, and it only took opening a support ticket with a problem to learn this. BM (Big Muscles), an AlphaBay moderator, especially is a stupid one. He would let me into accounts for 50 percent if I provided mnemonic phrase knowing I had phished the account in the first place.”
The hacker, who is also a dark web vendor, has now moved his phishing operation to another darknet marketplace, Dream Market. “Since the downing of ‘the bay,’ I have moved to Dream Market and already made four BTC since yesterday launching the new site. With the migration, many of my old accounts now work on Dream. I have had a few active vendors.”
This decision follows the realization that AlphaBay has been shut down for good by law enforcement agencies. The leading dark web marketplace went offline after the arrest of its alleged creator Alexander Cazes.