WARNING: Abraxas Marketplace Accused of Revealing Clearnet IP

Users on The Hub and Reddit have accused new darknet marketplace Abraxas of poor OpSec, specifically leaking one of the clearnet IP addresses of their server.

Via Reddit:

Don’t use Abraxas (leaked clearnet IP)
Hi,

just browsing some of the markets for fun, after the evo fallout, and I noticed that Abraxas currently shows a clearnet IP in the listings, instead of the onion address.

Whois says the server is located somewhere in the Baltics, open ports are SSH and HTTPS, it responds to ICMP and runs nginx 1.2.1. I didn’t poke the server any further, but already pretty shoddy opsec if you ask me.

Since LE will have that information as well, no doubt, I’d stay clear.

This alone is enough reason to stay away from a market, but at least one user is also claiming that the market’s admin has recently begun behaving in a way that arouses suspicions of infiltration by law enforcement. These are currently only the claims of one person, but another troubling sign is the fact that their support page specifically says that PGP encrypted messages will not be answered.

The following was taken directly from the Abraxas market’s support page:

Have you read info/help and went through forum and still can’t find an answer? Read again. Then ask.
Dont hesitate to notify us about Spammers,Scammers and any other unwanted activity.
If you want to join as vendor without paying vendor bond, send us an PGP signed message with your url from other market.Evo vendors can use Grams Vendor Info Desk url.
Do not send PGP Encrypted messages. If you must prove your identity, use PGP signed message only. We will not respond to any PGP Encrypted message.
We’ll process your request as soon as we can.

DarknetMarkets.org is currently warning people to avoid using the Abraxas Marketplace.

 


Shortlink to this page: drk.li/627