Interpol and the FBI Seized “Joker’s Stash” Blockchain Domains

  • “Joker’s Stash” has had some trouble with its blockchain domains, which remain offline.
  • A seizure notice appeared briefly but was later removed, so anything may have happened.
  • Decentralized DNS is considered a bulletproof system, but this event could mean it has a weakness.

An important development is shaking the dark web at the moment, as the blockchain domains of the popular carding marketplace “Joker’s Stash” have been seized by Interpol and the FBI. The users who appear to be the platform administrators have played down the incident, saying that they will have other blockchain domains up and running in a couple of days and that the Tor versions of the site remain unaffected.

Even if that is the case, taking down blockchain domains is weird and alarming and could signify the existence of a weakness in the system.

Source: Digital Shadows
Source: Digital Shadows

Blockchain DNS technology is meant to offer ultimate security levels through decentralization, keeping the hosting platforms well-hidden from the authorities. They became hot in the cybercrime community a couple of years ago following a wave of illegal market takedowns, so they were created out of necessity. Simply put, the DNS lookup tables are shared over P2P networks, and the requests are resolved by using a special browser extension.

The details of registrants of blockchain websites hide behind encrypted hashes, so the authorities shouldn’t have names and addresses. Seeing the interruption in the operation of these domains is weird and remains inexplicable as of now. If we see more of this kind of takedowns, then we can say that decentralized DNS has a weakness with certainty.

Digital Shadows comments that there are many possible explanations for what may have happened. One is a hack on the site and a defacement using the FBI seizure notice to spread fear to the users and damage the platform’s reputation. Another one would be an incomplete attempt from the authorities to take down Joker’s Stash, followed by the retraction of the banner so as not to blow the operation. For now, the blockchain sites are returning a “Server Not Found” message, so we’ll have to wait and see.

This year alone, we reported about massive credit card dumps offered for purchase on “Joker’s Stash,” which remains one of the hottest places of this kind. The first one was a collection of 30 million cards stolen from US-based POS systems. The second was 400,000 card records belonging to American and South Korean citizens. And finally, three million cards of “Dickey’s” BBQ customers stolen over a period of 15 months appeared on the notorious marketplace.

REVIEW OVERVIEW

Latest

The Dutch Government Wants to Outlaw Ransomware Payments

The Dutch government is exploring ways to reduce ransom payments to ransomware groups.One idea is to just outlaw these payments and render...

“Water Basilisk” Campaign Exploiting File Hosting Services to Deliver Multiple RAT Payloads

A new campaign delivering a multitude of RATs on the victim relies on file-less techniques and online service abuse.Named “Water Basilisk”, the...

Researcher Discovers Major Exposure in the EventBuilder App

A researcher has discovered an EventBuilder app exposure through a public Azure Blob.The data includes full names, email addresses, phone numbers, and...
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: Chrome, Edge, Firefox, Safari