Article Lead Image

Second-largest Dark Net market seized by FBI prepares to return

Law enforcement must be pretty unhappy about how ephemeral this victory was..


Patrick Howell O'Neill


Posted on Nov 11, 2014   Updated on May 30, 2021, 5:54 am CDT

Less than a week after a global cadre of police brought the hammer down on the Dark Net and seized Silk Road 2.0, its alleged boss, 26-year-old Blake Benthall, and 27 hidden websites, the underworld recovery is underway.

On Monday, hackers stole back their site from the FBI, and on Tuesday, Cloud Nine, the second-largest black market to be seized, was preparing to relaunch.

Cloud Nine—home to just over 2,000 drugs and a handful of other products—had its server and database seized last week. However, the market’s owner, missy76, was never arrested or even identified. She never went silent and yesterday took to Reddit to make clear her intention to relaunch the site.

Cloud Nine, hidden on the Tor anonymity network, accounted for 4.5 percent of the Dark Net economy about one month before the FBI seized it, and was known for selling cannabis, ecstasy, and prescription pills.

Police also never seized the market’s bitcoins, so missy76 is still in possession of all of customer’s deposits.

The main problem with relaunching, she said on Reddit, is that the last backup of Cloud Nine’s databases took place two weeks before the seizure, meaning two weeks of deposits are unaccounted for. That may end up being the full extent of the immediate losses for some of Cloud Nine’s customers.

Other customers, however, may have much more to worry about. While Cloud Nine automatically encrypted information like shipping addresses as it moved between buyers and sellers, other data—like shipping tracking numbers—did not get encrypted and is now in the hands of police. The unintended side effect of sellers offering better customer service is that they may have inadvertently tied the noose for their loyal customers.

On Reddit, missy76 said that she has plans to avoid a future seizure by police after Cloud Nine is brought back.

“The plan being put into progress over the coming days/week is to have a replicated standby server with a second onion URL that will be released if the new server is seized at any point in the future,” she explained. “We will also secure the private key of the onion site better so they cannot take it to put up a seizure notice. Lastly we’d be building a detection script to check and alarm for when our servers are frozen for a period of time (e.g. disks are being snapshotted without our request) so we can recognize when/if servers need to be moved.”

In the aftermath of the global police operation against anonymous black markets, the Dark Net is still scrambling to not only recover but also figure out what went wrong. Tor’s developers have more questions than answers about how police succeeded, and several Dark Net market owners who were not involved in the police operation—most notably the owner of The Marketplace—have disappeared without explanation. One possibility is that they’ve quit while they’re still out of handcuffs.

Still, the Dark Net emerged from the law enforcement operation relatively intact. Two of the top three black markets remain untouched by police. If Cloud Nine recovers, four of the top five markets will be back online. Buyers and sellers are excited about peer-to-peer technology being applied to new, decentralized markets meant to resist censorship even further.

Meanwhile, police around the Western world are loudly warning targeted Tor users that their anonymity is breakable and their days of comitting crime without reprecussions are numbered.

Photo via NSA

Share this article
*First Published: Nov 11, 2014, 9:07 am CST