- Dark web marketplace ‘Wall Street Market’ (WSM) has exit scammed stealing over $14.2 million of vendors’ funds.
- WSM admins have ‘exit scammed’ by moving the funds from the market’s bitcoin wallets to another location hat had no connection to the main WSM backend.
What is the issue - One of the popular dark web marketplace ‘Wall Street Market’ has exit scammed, stealing over $14.2 million of vendors’ funds.
What is Wall Street Market - Wall Street Market (WSM) is a dark web marketplace where cybercriminals sell an assortment of illegal products such as user data, drugs, weapons, malware, and more.
Whose funds were stolen - WSM admins stole funds belonging to cybercriminals selling drugs, weapons, and malware.
The big picture
Cybercriminals buy illegal products from vendors who have listed their products in the Wall Street Market. The money which the buyers pay is deposited in WSM’s bitcoin wallets which vendors could withdraw after a period of time.
Vendors faced issues in withdrawing the funds that they ‘ve made in the previous sales. WSM admins said that the servers hosting these wallets were facing issues in synchronizing with the main bitcoin blockchain thereby making any withdrawals impossible.
However, WSM admins were actually ‘exit scamming’ by moving the funds from the main bitcoin wallets to another location hat had no connection to the main WSM backend.
After days on constant delays and complaints from other vendors, WSM users realized that Wall Street Market has exit scammed and that they have lost all their funds from recent sales.
- Wall Street Market marketplace has now been delisted from the DeepDotWeb catalog of dark web marketplaces.
- Most of the WSM product listings have now been renamed to warn buyers about the exit scam.
Why it matters - A cryptomarket researcher ‘Caleb’ tweeted that some of WSM’s customer support staffs are threatening WSM customers to share their bitcoin address with law enforcement authorities and demanding a ransom payment of 0.05 Bitcoin worth $280.
“So apparently WallStreet Market is threatening customers who sent addresses in cleartext,” Caleb tweeted.
Meanwhile, another security researcher named ‘Patrick Shortis’ tweeted that the customer support staffs who were threatening WSM customers have leaked the customers’ mod login credentials online, allowing anyone to sign in to WSM as the mod and access all customer information.
“Of much greater concern to users: The same mod has posted his login credentials to Dread. This gives anyone the ability to sign in to WSM as the mod and access all information pertaining to users and their orders that isn't encrypted. He also gave the server IP address up,” Shortis tweeted.