Password Reuse Exposes Dream Darknet Vendors to Law Enforcement

Not too long ago, we touched on the need for internet users to avoid bad passwords. People commonly reuse their passwords across many different platforms. This is a huge problem because it makes it easier for criminals to hack those individuals’ accounts. It now appears darknet users fall victim to the same issue, which recently allowed Dutch police officers to use Hansa market data to crack down on other vendors.

Darknet Vendors Reuse Passwords as Well

It is disconcerting to see how careless some internet users are with their passwords. It has become significantly easier to create strong and unique passwords for every site one uses without he or she having to remember them all. Password managers are a must-have these days for anyone who accesses the Internet on a regular basis. There is absolutely no reason to reuse the same password multiple times.

Dutch police officials were surprised to learn that darknet users have a habit of reusing passwords as well. They obtained extensive information from the Hansa marketplace, which they infiltrated and operated for a full month before shutting it down. This means law enforcement officials are now looking to crack down on as many darknet vendors as possible. That task has become a lot easier than originally anticipated.

The login credentials and passwords confiscated from Hansa can also be used on other darknet marketplaces. A lot of vendors use the same names and passwords for markets such as Dream, for example. After AlphaBay and Hansa were shut down, many vendors sought refuge on Dream, but that also may be coming to an end pretty soon. Law enforcement agencies have declared war on the darknet and they will not relent anytime soon.

Any vendor not using 2FA on Dream and using the same password as on Hansa will have their account compromised. All of these credentials are now actively monitored and used by the Dutch Police in the hopes of cracking down on other vendors and even customers on the darknet. So far, at least 14 different vendor accounts have been compromised, although more will follow over the coming days and weeks. Reusing passwords is a foolish move for anyone, even if you’re a notorious drug dealer on the darknet.

As it turns out, password reuse is not the only pressing concern for darknet vendors. It appears police officials have gotten their hands on locktime files, which are used as an authentication method by which vendors request Bitcoin funds are released. It appears some of these locktime files were replaced with Excel sheets containing a hidden image. Any vendor opening the Excel file would then log the user’s IP address. It is possible dozens of Hansa vendors suffered from this “attack” without even knowing it.

Europol is still processing all of the information gathered from the Hansa marketplace as we speak. It is believed the agency received around 10,000 addresses of buyers and vendors to investigate. With Dutch Police officials now going after Dream vendors as well, things will get very interesting over the next few weeks. Anyone using the darknet needs to be very cautious, unless they have nothing to hide.