Pussy
Ad Revenue Expert
Divine
LEVEL 1
300 XP
The most convincing phishing sites use the MITM "middle man" attack where it redirects traffic to the original Empire Market site, but changes the Bitcoin / Monero deposit address.
People fall into scam because the nature of the attack means that the password and decryption of users' 2FA verification code is displayed correctly and everything looks normal, but when you send / make a transaction, the money disappears and never arrives. This has led many users to wrongly blame the Empire Market and assume that they are making an exit scam, which is not true.
The reason most people get scammed is that they don't check their .onion links and when they do, they use the wrong Empire Market(*) public PGP key located on phishing sites.
The attackers configured it to work with their own Empire Market site, with proxies (their phishing version).
The real Empire Market PGP key as always been located on dreadditevelidot.onion
I write this after losing a large amount of money to scammers during a transaction, for lack of knowledge as I was in a hurry.
I hope my information can help you.
Please take the time to follow all the steps carefully and feel free to comment if you have any problems.
The essential prerequisites that you must have before continuing:
- You must have some sort of PGP program, I use Kleopatra and GPA encryption inside
- You must have a PGP public key and a PGP private key
- You must have imported the official PGP public key from Empire Market into your chosen PGP program (I detail how to do this below).
For download it is https://www.gpg4win.org/get-gpg4win.html
During installation everything should be checked as https://prnt.sc/s7nmzx
Once the installation is complete, click on “Next”, then on “Finish” with the “Run Kleopatra” box checked (it is checked by default).
The main screen of the Kleopatra program is now displayed.
From here, click on the large "New key pair" box in the middle of the screen to generate your PGP keys.
You are then taken to the Key pair creation screen.
Although the word "(optional)" is written next to the Name and Email fields, you will need to provide at least 5 characters in the Name field in order to generate a pair of PGP keys that can be connected to your Empire Market account.
To create PGP keys for darknet market accounts, you don't need to use the same name as your Empire Market account, but you can do it if you want.
Note that a pair of keys is only valid for 2 years by default.
You can increase or decrease the validity period of your keys by clicking on the "Advanced parameters" button and adjusting the field Valid until (uncheck the box next to the field if you want your keys to never expire).
You do not need to adjust other parameters when creating PGP keys for Empire Market. After entering the name of your PGP account, press "Next" then "Create" to generate your key pair. https://prnt.sc/s7npd9
You will then be asked to create a passphrase (password what) of at least 10 letters to secure your keys.
Make sure you create a mdp that you will not forget. Write it down somewhere in case you need to access it later.
Without this, you will not be able to sign and decrypt future messages.
After doing this and entering the same passphrase twice (password), click "OK" to continue. https://prnt.sc/s7nqff
Once the key pair has been successfully created, press "Make a backup of your key pair" under the words "Next steps".
Save the file in a folder where you will remember where it is (the file name will be a long character string, this is called your "PGP fingerprint"). Once the file has been saved, you will be brought back to the key pair creation wizard, then press "Finish".
You will then be returned to the Kleopatra home screen which displays the name of your newly created key pair.
To access your public key (the one you will paste in your Empire Market account), right-click on the field with the name of the key pair and press "Details" at the bottom of the menu. https://prnt.sc/s7ns9i
Then press the "Export" button. This will bring up the contents of your public key.
Click anywhere in the text box, select all (ctrl + a) and copy (ctrl + c) all of the content. This is your PGP public key and what you will paste into your Empire Market account. Paste it (ctrl + v) in a text document and save it where you will remember where it is.
Install the key in your Empire Market account
Log into your Empire Market account using Tor.
Remember to check the links on: dreadditevelidot.onion before logging in
It should especially in no case, and I insist on it, to put your key on a phishing site otherwise you are instant pwned.
(explanations below on how to know if you are on the right page certified by Empire Market)
After successfully logging in, click on the link with your account username in the upper right corner of the screen.
Then copy and paste your entire PGP public key into this box. Your public key will always start with:
—–BEGIN PGP PUBLIC KEY BLOCK—–
And ends with:
—–END PGP PUBLIC KEY BLOCK—–
Then you save and decrypt the coded message that Empire Market will send you to confirm the registration of your key.
------
How do you know if the site is Empire Market certified and that you can buy quietly and how to unmask false pages?
------
Copy and Paste dreadditevelidot.onion into Tor
on the right side of the page you will see a link saying '/ d / EmpireMarket' click on it
near the top of the page, you should see a button called "PGP" click on it.
Copy the PGP public key to Notepad and save it as a .txt or .asc file and import it into your chosen PGP program.
Once you have imported the EM key, with the name you have chosen, it will be the real key that will tell you whether a site you are on is authentic or not.
It is only published by the creator of Empire Market. NEVER and I repeat NEVER use the Empire Market PGP public key located on any URL of a scam as this can be faked. Only use the one from dreadditevelidot.onion, I hope it's clear.
Now what you need to do next is:
1. take a link from dark.fail of Empire Market for example: dkndfkn9gfnf.onion (example huh) and add '/ safe' at the end of it, pass your verification captcha.
2.Click on it until a PGP message appears for you, copy it to Kleopatra or another program and click on "check / decode", if all is well, you should see a popup window saying "valid signature '' and perhaps text highlighted in green. It looks like this:
3. If you see something that says "bad signature", "empty signature", or any other error that does not show that the signature has been validated, do not connect or use the site in any case because it is a phishing site.
Now, once you are certain that the site is real, but still don't want to trust it 100%. What you can do is go to the bitcoin deposit page and click on 'generate bitcoin deposit address'. Once done, below, you will see a link saying "Get PGP signed proof of ownership'', click on it and you will see a PGP and you can also check it by decrypting it to make sure the signature is valid.
Once you have successfully verified and certified all of the previous steps, you are pretty much given the green light to deposit your bitcoin / monero at this address.
However, if you are planning to deposit an amount that you cannot afford to lose, what I would suggest is to deposit a small amount first. And if it succeeds, you can deposit again later, as the site will be confirmed as authentic.
It's an almost foolproof way to make sure you don't lose your bitcoin if you follow the steps I mentioned. HOWEVER, IT MUST BE UNDERLINED THAT EACH TIME YOU DEPOSIT TO A BITCOIN ADDRESS, YOU MUST GENERATE A NEW BITCOIN ADDRESS BECAUSE ANY NEW TRANSFER THAT YOU SEND TO A PREVIOUS ADDRESS WILL BE LOST.
To avoid any further loss to your account, you can access your profile and activate 2FA authentication.
This essentially ensures that no one can access your account unless you have your private PGP key and ALSO BE CAREFUL, if the .onion you see in the decrypted message you get and which is requested at login for 2FA authentication does does not match the url you are on, it is a phishing site.
(so be sure that the decrypted link is the same as the link on which you are, at the 2FA stage)
Edited by 1337eliioFTX, 10 May 2020 - 08:07 PM.
People fall into scam because the nature of the attack means that the password and decryption of users' 2FA verification code is displayed correctly and everything looks normal, but when you send / make a transaction, the money disappears and never arrives. This has led many users to wrongly blame the Empire Market and assume that they are making an exit scam, which is not true.
The reason most people get scammed is that they don't check their .onion links and when they do, they use the wrong Empire Market(*) public PGP key located on phishing sites.
The attackers configured it to work with their own Empire Market site, with proxies (their phishing version).
The real Empire Market PGP key as always been located on dreadditevelidot.onion
I write this after losing a large amount of money to scammers during a transaction, for lack of knowledge as I was in a hurry.
I hope my information can help you.
Please take the time to follow all the steps carefully and feel free to comment if you have any problems.
The essential prerequisites that you must have before continuing:
- You must have some sort of PGP program, I use Kleopatra and GPA encryption inside
- You must have a PGP public key and a PGP private key
- You must have imported the official PGP public key from Empire Market into your chosen PGP program (I detail how to do this below).
For download it is https://www.gpg4win.org/get-gpg4win.html
During installation everything should be checked as https://prnt.sc/s7nmzx
Once the installation is complete, click on “Next”, then on “Finish” with the “Run Kleopatra” box checked (it is checked by default).
The main screen of the Kleopatra program is now displayed.
From here, click on the large "New key pair" box in the middle of the screen to generate your PGP keys.
You are then taken to the Key pair creation screen.
Although the word "(optional)" is written next to the Name and Email fields, you will need to provide at least 5 characters in the Name field in order to generate a pair of PGP keys that can be connected to your Empire Market account.
To create PGP keys for darknet market accounts, you don't need to use the same name as your Empire Market account, but you can do it if you want.
Note that a pair of keys is only valid for 2 years by default.
You can increase or decrease the validity period of your keys by clicking on the "Advanced parameters" button and adjusting the field Valid until (uncheck the box next to the field if you want your keys to never expire).
You do not need to adjust other parameters when creating PGP keys for Empire Market. After entering the name of your PGP account, press "Next" then "Create" to generate your key pair. https://prnt.sc/s7npd9
You will then be asked to create a passphrase (password what) of at least 10 letters to secure your keys.
Make sure you create a mdp that you will not forget. Write it down somewhere in case you need to access it later.
Without this, you will not be able to sign and decrypt future messages.
After doing this and entering the same passphrase twice (password), click "OK" to continue. https://prnt.sc/s7nqff
Once the key pair has been successfully created, press "Make a backup of your key pair" under the words "Next steps".
Loading…
prnt.sc
Save the file in a folder where you will remember where it is (the file name will be a long character string, this is called your "PGP fingerprint"). Once the file has been saved, you will be brought back to the key pair creation wizard, then press "Finish".
You will then be returned to the Kleopatra home screen which displays the name of your newly created key pair.
To access your public key (the one you will paste in your Empire Market account), right-click on the field with the name of the key pair and press "Details" at the bottom of the menu. https://prnt.sc/s7ns9i
Then press the "Export" button. This will bring up the contents of your public key.
Loading…
prnt.sc
Click anywhere in the text box, select all (ctrl + a) and copy (ctrl + c) all of the content. This is your PGP public key and what you will paste into your Empire Market account. Paste it (ctrl + v) in a text document and save it where you will remember where it is.
Loading…
prnt.sc
Install the key in your Empire Market account
Log into your Empire Market account using Tor.
Remember to check the links on: dreadditevelidot.onion before logging in
It should especially in no case, and I insist on it, to put your key on a phishing site otherwise you are instant pwned.
(explanations below on how to know if you are on the right page certified by Empire Market)
After successfully logging in, click on the link with your account username in the upper right corner of the screen.
Loading…
prnt.sc
Then copy and paste your entire PGP public key into this box. Your public key will always start with:
—–BEGIN PGP PUBLIC KEY BLOCK—–
And ends with:
—–END PGP PUBLIC KEY BLOCK—–
Loading…
prnt.sc
Then you save and decrypt the coded message that Empire Market will send you to confirm the registration of your key.
------
How do you know if the site is Empire Market certified and that you can buy quietly and how to unmask false pages?
------
Copy and Paste dreadditevelidot.onion into Tor
on the right side of the page you will see a link saying '/ d / EmpireMarket' click on it
near the top of the page, you should see a button called "PGP" click on it.
Copy the PGP public key to Notepad and save it as a .txt or .asc file and import it into your chosen PGP program.
Once you have imported the EM key, with the name you have chosen, it will be the real key that will tell you whether a site you are on is authentic or not.
It is only published by the creator of Empire Market. NEVER and I repeat NEVER use the Empire Market PGP public key located on any URL of a scam as this can be faked. Only use the one from dreadditevelidot.onion, I hope it's clear.
Now what you need to do next is:
1. take a link from dark.fail of Empire Market for example: dkndfkn9gfnf.onion (example huh) and add '/ safe' at the end of it, pass your verification captcha.
2.Click on it until a PGP message appears for you, copy it to Kleopatra or another program and click on "check / decode", if all is well, you should see a popup window saying "valid signature '' and perhaps text highlighted in green. It looks like this:
Loading…
pasteboard.co
3. If you see something that says "bad signature", "empty signature", or any other error that does not show that the signature has been validated, do not connect or use the site in any case because it is a phishing site.
Loading…
pasteboard.co
Now, once you are certain that the site is real, but still don't want to trust it 100%. What you can do is go to the bitcoin deposit page and click on 'generate bitcoin deposit address'. Once done, below, you will see a link saying "Get PGP signed proof of ownership'', click on it and you will see a PGP and you can also check it by decrypting it to make sure the signature is valid.
Once you have successfully verified and certified all of the previous steps, you are pretty much given the green light to deposit your bitcoin / monero at this address.
However, if you are planning to deposit an amount that you cannot afford to lose, what I would suggest is to deposit a small amount first. And if it succeeds, you can deposit again later, as the site will be confirmed as authentic.
It's an almost foolproof way to make sure you don't lose your bitcoin if you follow the steps I mentioned. HOWEVER, IT MUST BE UNDERLINED THAT EACH TIME YOU DEPOSIT TO A BITCOIN ADDRESS, YOU MUST GENERATE A NEW BITCOIN ADDRESS BECAUSE ANY NEW TRANSFER THAT YOU SEND TO A PREVIOUS ADDRESS WILL BE LOST.
To avoid any further loss to your account, you can access your profile and activate 2FA authentication.
This essentially ensures that no one can access your account unless you have your private PGP key and ALSO BE CAREFUL, if the .onion you see in the decrypted message you get and which is requested at login for 2FA authentication does does not match the url you are on, it is a phishing site.
Loading…
image.noelshack.com
(so be sure that the decrypted link is the same as the link on which you are, at the 2FA stage)
Edited by 1337eliioFTX, 10 May 2020 - 08:07 PM.