Did a hacker or hackers pull off a huge heist from one of the biggest black market drug-selling sites, or did the operators of the anonymous digital narcotics bazaar, Sheep Marketplace, just get away with stealing at least $5.4 million and perhaps as much as $40 million from their clients?
After the shutdown of Silk Road in October, Sheep Marketplace became the most popular illicit virtual drug shop. Like Silk Road, Sheep Marketplace was a Deep Web site accessible via the Tor network; customers paid in the digital currency Bitcoins. But by Saturday, Tapscape reported, "It appears as though the entire site was a scam, resulting in all of the buyers and sellers losing their money. Concerns regarding the legitimacy of the site came into play once the administrators at the marketplace decided to prevent vendors from withdrawing any of their bitcoins from the site."
Then on Sunday, Sheep Marketplace administrators posted on the homepage:
We are sorry to say, but we were robbed on Saturday 11/21/2013 by vendor EBOOK101. This vendor found bug in system and stole 5400 BTC – your money, our provisions, all was stolen. We were trying to resolve this problem, but we were not successful. We are sorry for your problems and inconvenience, all of current BTC will be ditributed to users, who have filled correct BTC emergency adress. I would like to thank to all SheepMarketplace moderators by this, who were helping with this problem. I am very sorry for this situation. Thank you all.
Forbes’ Andy Greenburg reported:
Sheep’s owners have used that theft to justify closing the market without returning the bitcoins stored in the market by users, despite claiming that they would redistribute those coins to users’ “emergency addresses.” Sheep users and other Bitcoin followers on reddit say that the administrators began blocking withdrawals of bitcoins from the site more than a week ago, and may have absconded with as much as $44 million from the site’s users, pointing to a movement of 39,900 bitcoins visible in the public record of Bitcoin transactions known as the blockchain.
Sheep Marketplace is being called the “biggest Darknet scam ever” by some roaringly-angry robbed people and DeepDotWeb is warning, “Let us remind you that we have recently published a claim from one of the Sheep old moderator[s] warning that the same owner is planning a second scam – so we urge you to think twice before trusting another marketplace, especially those who are recommended by the sheep staff.”
Sheep Marketplace linked to a new drug bazaar, Tormerket, in their “Sheep is down” message. But the Tormerket operators said, “First of all, we are not associated with the sheep team. The sheep admin is linking us on their frontpage. This is the worst PR we can get right now. Please admin remove the link. Please. And most important thing: delete all data and backups to keep the users safe.”
“A site called Black Market Reloaded stopped letting new users register on 1 December saying it could not handle the influx of users caused by the closure of Sheep,” added BBC.
The text-only site SheepMarketplaceScam.com started spreading the word on 11/27 that Sheep could be a scam. The Daily Dot added, "Most damning, several vendors who are admins, moderators, or closely affiliated with admins, are reported to have suddenly started doing something which is very frequently seen in drug market cons: Offering far larger quantities than they ever have before, at unusually low prices (50% or less than their previous pricing), and requiring FE (immediate and upfront release of funds to them rather than going through escrow). Frequently done to rope in the maximum amount of hopeful suckers before bailing with the money."
Meanwhile, reddit user sheeproadreloaded2 is chasing “the scoundrel with our stolen (96,000) bitcoins through the blockchain.”
The Secret Service and FBI have offered no comment on whether the feds seized the Bitcoins, or if they are “investigating fraud allegations.” Yet it seems unlikely that dealers and buyers of illicit drugs on a black market site would lodge complaints with the feds. This theft, either by the operators or by a hacker as the admins claim, highlights some of the most disturbing problems with doing business over the Deep Web.