The story of the Incognito Market is a complex tale of dark web entrepreneurship, law enforcement pursuit, and ultimate betrayal. Centered around a character known as "Pharaoh," the Incognito Market rose to prominence as a drug and anonymity-centered marketplace on the dark web, only to collapse in a heap of exit scams, extortion, and law enforcement intervention. This article explores the rise and fall of Incognito Market, the mistakes that led to Pharaoh's unmasking, and the chaotic aftermath that exposed the dark underbelly of the dark web economy.
The Genesis of Incognito Market
In March 2020, a dark web enthusiast known as Pharaoh drafted a diagram outlining the structure of a new dark web marketplace. Unlike other marketplaces that sold a variety of illicit goods, Pharaoh decided to focus on drugs and anonymity, creating the Incognito Marketplace as a play on Google's incognito mode. The market aimed to provide a safer way to purchase drugs than on the streets.
Key elements of Pharaoh's plan included:
•Vendor-Buyer System: Facilitating transactions between drug vendors and buyers.
•Product Listings: Organizing the illicit products available for sale.
•PGP Encryption: Using Pretty Good Privacy (PGP) keys to ensure secure communication.
•API Tokens: Implementing application programming interface (API) tokens.
•Secure Servers: Hosting the marketplace on servers accessible only through specialized browsers like Tor.
Pharaoh saved this diagram to his personal Gmail account, an action that would later prove to be a critical mistake.
Building the Marketplace
In November 2020, a subreddit called "D Incognito Market" appeared on the dark web forum Dread. An anonymous admin invited people to the community, outlining the market's guidelines and its objective to make drug purchasing safer. The admin then deleted their account, raising questions about the project's trustworthiness.
However, an account named "Incognito official" soon appeared, reassuring users of the market's commitment to anonymity. Simultaneously, Pharaoh began establishing himself as the authority behind the Incognito project on the subreddit.
To attract vendors, Incognito Market implemented a rigorous application process. Aspiring sellers had to submit a "drug dealer CV" including:
•Past vendor experiences
•Recommendations from other marketplaces
•A signed PGP message
Vendors also had to pay a bond ranging from $300 to $1,500 in Bitcoin or Monero, unless they were already highly trusted. Accepted vendors then received additional details via PGP, ensuring encrypted communication.
Incognito's Rise to Prominence
Incognito Market quickly gained the trust of the dark web community through consistent updates, responsiveness to feedback, and effective handling of disputes. For instance, when a vendor named WSB was caught scamming customers, the Incognito team banned him, redistributed his funds to the affected buyers, and exposed his fraudulent behavior on Dread.
The shutdown of Hydra Market, the largest dark web marketplace at the time, in April 2022, further propelled Incognito's growth. Thousands of vendors and buyers migrated to Incognito, causing its monthly transaction value to surge from $700,000 to $2 million between April and June.
Incognito primarily profited through banking and escrow services, taking a 5% fee from each transaction. This resulted in substantial monthly profits for Pharaoh and his team.
The FBI Investigation
Following Hydra's takedown, U.S. law enforcement agencies turned their attention to emerging dark web marketplaces, including Incognito. The FBI launched an investigation led by Mark Rubin, beginning with a controlled purchase of drugs from the site.
The FBI's initial focus was on tracing Bitcoin transactions associated with Incognito. They needed to differentiate between Bitcoin wallets and addresses, understanding that a single wallet could have numerous addresses to obscure activity. Incognito used this strategy, creating many payment addresses to make it difficult to identify the scope of their activity.
Pharaoh employed a complex money laundering process:
•Multiple Wallets: Routing Bitcoin from Incognito's main wallet through at least one intermediary wallet.
•Anonymous Swapping Service: Exchanging Bitcoin for Monero, a cryptocurrency designed to be untraceable.
•Crypto Exchange: Selling Monero for U.S. dollars through a crypto exchange.
Pharaoh's Mistakes and Unmasking
Despite his efforts, Pharaoh made several critical mistakes that allowed the FBI to trace him.
•Dread Post: Complaining on Dread about a swapping service confiscating his funds, revealing the transaction time and amount.
•Domain Registration: Using admin wallet 1 (which received profits from Incognito) to partially pay for four domains on Namecheap.
•KYC Account Link: Contributing a small amount of Bitcoin (0.501 BTC) from admin wallet 1 to complete a domain purchase that was mostly paid for by a KYC-verified account on a crypto exchange.
•Personal Website: The fourth domain was linked to a personal website containing details about the owner
These errors allowed the FBI to connect the crypto exchange account to Lynn Reang, a 23-year-old Taiwanese man. The FBI also obtained the Namecheap account registered under Lynn's name and discovered that the personal website was about Lynn himself.
The Raid and Server Seizure
In July 2022, the FBI compromised Incognito's servers. They discovered that Lynn was associated with a server reseller that catered to dark web marketplaces. The FBI copied all of the marketplace's data, including Bitcoin addresses and seller/customer information.
Lynn's personal Gmail account also provided incriminating evidence. The FBI found an email from March 2020 containing a diagram that perfectly described how Incognito operated. This confirmed that Lynn Reang was Pharaoh, the admin of Incognito Market.
Vendor Troubles and Extortion
In February 2024, Incognito Market users began experiencing issues with withdrawals, leading to rumors of an exit scam. An exit scam occurs when a marketplace admin steals all the money in the site's bank and disappears. At the time, Incognito had over 250,000 buyers and 1,000 vendors, with an estimated $5 to $21 million stored in its bank.
Pharaoh initially denied the exit scam allegations. However, the creator of Dread, HugBunter, claimed that Incognito had indeed exit scammed and that Pharaoh had attempted to bribe him to remove negative mentions of Incognito from Dread.
Incognito then displayed a message announcing the accumulation of private messages, transaction info, and order details, threatening to leak the data unless vendors paid up to $20,000 to have their information deleted. This extortion attempt put many vendors in a difficult situation, as they had trusted Incognito's service.
HugBunter intervened again, warning Pharaoh against releasing any data. He revealed that he had linked Lynn's XMR nodes (mentioned on Dread) to Lynn's personal website. Lynn ultimately claimed the extortion was an April Fool's prank, but the damage was done.
The Arrest
The FBI had been tracking Lynn since his stopover flight in Canada. They arrested him at JFK Airport in New York during a layover on his flight back to Taiwan. Lynn now faces a minimum of life in prison.
Ben's Story
Ben, a German weed vendor, exemplified the success and subsequent risk associated with Incognito Market. He expanded his operations and cashed out his profits in Eastern Europe. Ben's story highlights how vendors became reliant on the platform, only to have their trust betrayed by the exit scam and extortion attempts.
The Hack
In February 2024, hackers targeted Lynn, stealing over $130,000 worth of NFTs and cryptocurrencies. The hackers used a fake meeting app with a real-time translation feature to infect Lynn's device. They stole the credentials of employees who worked at Fabric VC, a well-known crypto venture capitalist fund and reached out to Lynn telling him that they wanted to invest in one of his projects.
Key Points
•Creation: Incognito Market was launched in March 2020, focusing on drugs and anonymity.
•Growth: The market gained popularity after the shutdown of Hydra, becoming a major player in the dark web economy.
•FBI Investigation: The FBI launched an investigation, eventually identifying Lynn Reang as Pharaoh.
•Mistakes: Pharaoh made several crucial errors, including posting on Dread and linking personal information to crypto transactions.
•Exit Scam and Extortion: Incognito Market exit scammed, then attempted to extort vendors.
•Arrest: Lynn Reang was arrested at JFK Airport in March 2024.
Conclusion
The Incognito Market saga illustrates the complexities and risks of the dark web. Pharaoh's mistakes, combined with the FBI's persistence, led to the downfall of a once-thriving illicit marketplace. The exit scam and extortion attempt further exposed the lack of ethics and the inherent dangers of participating in the dark web economy.
Responses (0 )