Looks like Incognito Market users might not have been so 'incognito' after all.
The market is now extorting its vendors and buyers, threatening to leak hundreds of thousands of order records, details, transaction IDs and private messages it has harvested if the vendors don't pay up.
Even though users are supposed to be encrypting their orders and messages offline, Incognito claims many users still only relied on the market's 'auto-encrypt' feature, where the market does the work of encrypting messages to the vendor.
This is a very unique exit scam case, and could probably set a precedent for future exit scams to attempt the same kind of moves.
Incognito Market is Extorting Vendors and Buyers
=> More informations about this toot | More toots from molytov@infosec.exchange
As cool as it would be to monitor and see exactly all the vendors that pay, I doubt Incognito would accept a vendor application request from a sockpuppet account. They're only making the page visible to vendors.
If there's a vendor keeping an up to date list on who's allegedly paid, I haven't found it yet.
Interestingly enough, Pharoah (the admin) hasn't provided any samples or proof of them having this information. Even shitbags on cesspool places like BreachForums tend to provide a sample for leaks they want to be paid for to at least suggest they are worth taking seriously.
=> More informations about this toot | More toots from molytov@infosec.exchange
Hooooo I was wrong!
=> More informations about this toot | More toots from molytov@infosec.exchange This content has been proxied by September (ba2dc).Proxy Information
text/gemini