Home » Featured » 3.9.17 Dark Web and Cybercrime Roundup
Click Here To Hide Tor

3.9.17 Dark Web and Cybercrime Roundup

Alphabay Vendor “PeterTheGreat” [Faced] a Judge in August [and Pleaded Guilty]

One out of two defendants behind the Alphabay and Dream vendor account “PeterTheGreat” pleaded guilty at recent court date. After the arrest of a couple from South Carolina for the distribution of U-47700, it was not long before the internet made the connection between both suspects and PeterTheGreat. Not long after that, the government unsealed the grand jury indictment filed against the duo. The grand jury indictment accused 24-year-old Ana Milena Barrero of conspiracy to distribute U-47700 and two counts of use of the mail system in while committing a felony. And the indictment accused Barrero’s boyfriend, 28-year-old Theodore Vitaliy Khleborod, of conspiracy to distribute U-47700.


While Khleborod’s hearing has been delayed until December, Barrero just faced a judge for her’s. In the hearing, Barrero entered a guilty plea by way of a 13-page plea agreement. She admitted distribution of the U-47700, along with fentanyl and several additional opioids. Khleborod will see a judge in December. His lawyer said that the case would likely not reach a trial phase, but if it did, the trial would occur in February 2018. DeepDotWeb

Malware Tech Arrested for Creating the Kronos Banking Trojan Pleads Not Guilty

After being arrested by the FBI in Nevada on August 2nd, MalwareTech aka Marcus Hutchins pleaded not guilty to the charges in the six count indictment that charged Hutchins with the creation of the Kronos malware. He had previously admitted to being the creator of the trojan, or part of it, according to a transcript published by Vice. Later, researchers discovered that the creator of the Kronos malware used a hooking engine from Hutchins’s GitHub account. MalwareBytes labs analyzed Kronos and came to the following conclusion:

Screenshot from 2017-09-02 17-36-41.png

An overall look at the tricks used by Kronos shows that the author has a prior knowledge in implementing malware solutions. The code is well obfuscated, and also uses various tricks that requires understanding of some low-level workings of the operating system. The author not only used interesting tricks, but also connected them together in a logical and fitting way. The level of precision lead us to the hypothesis, that Kronos is the work of a mature developer, rather than an experimenting youngster.”(MalwareBytes)

Hutchins is currently “free” after posting a $30,000 bond. That “free” includes a GPS anklet and travel restrictions. Unlike some suspects in high-profile cases, Hutchins was granted permission to use the internet. Much of his job depends on it. DeepDotWeb

Anonymous Cryptocurrency Monero Sees Drastic Increase in Liquidity, Adoption by Largest Exchange

Wired once called Monero the “drug dealer’s cryptocurrency of choice” in an article about the currency being “on fire.” The piece followed Alphabay’s acceptance of Monero and the currency spiked. According to Bitcoin Magazine, it spiked six-fold. Even today, Monero’s growth is far from over. Markets like TradeRoute and Wall Street both accept the anonymity-focused cryptocurrency. Darknet markets are not the only adopters of the cryptocurrency though.

Screenshot from 2017-09-02 18-22-01.png

Bithumb, “the world’s largest cryptocurrency exchange by volume,” announced Monero support by the end of August. Many exchanges have been reluctant on adding Monero support due to laws regarding money laundering and customer identification. Bithumb, however, added Monero and the currency is fully supported. DeepDotWeb Bithumb

Dutch Police Arrest Three in Research Chemical Investigation

Dutch law enforcement raided a non-operational drug laboratory in Boxtel, a small town in the southern Netherlands. In reality, the lab was operational, to some degree—just not to the police’s standards. During the raids—one at the lab and one less than ten minutes away from it—the police arrested three suspects for international drug distribution. The descriptive phrase fell along the lines of “mail order drug trafficking organization.”


“[The lab is] not a lab where drugs are being produced, but we had a suspicion that there was a reasonable amount of hard drugs [in the lab],” a spokesman said. She added that “the property featured fentanyl…” In many of the photographs of the raid on the laboratory, workers can be seen wheeling and carrying barrels of what the police later reported to be fentanyl, various “research chemicals,” and precursors for unidentified substances. Based on a set of significant yet circumstantial factors, the identity of the three suspects has likely been discovered. DeepDotWeb

Eight Busted for Selling Fentanyl-laced Oxycodone Pills on the Darknet

The DEA, USPIS, and local law enforcement moved in on a group the DEA had targeted in a two-year investigation. The investigation began in 2015. Later, DEA agents wiretapped a phone that belonged to one of the suspects. They discovered that this group of eight had ordered pill presses and other parts needed to press their own pills. They also ordered fentanyl in bulk. The group pressed fake oxycodone pills with fentanyl as the active ingredient.


Eventually, law enforcement raided the gated home in Houston, Texas, where the group pressed the pills. Agents seized massive 0.5 kilograms of fentanyl; 10 kilograms of “oxycodone pills” that had been pressed with fentanyl; 0.5 kilograms of meth; 5 kilograms of methamphetamine-laced Adderall pills; and 6 kilograms of a unique blend: “Xanax pills” laced with methamphetamine.


Based on the drugs discovered and the locations that the group had shipped packages from, the group, or members of it, likely operated the vendor account Dopeboy210 on Alphabay. A DeepDotWeb reader wrote: “Definitely Dopeboy210 from AB. Happened right around the time they were thought to have exit scammed. And 210 is he area code for San Antonio. And they were the #1 on AB for fake Fent and Adderall tabs.” DeepDotWeb

Leave a Reply

Your email address will not be published. Required fields are marked *


Captcha: *