Monero 0-day. The Black Marble Attack. How we did it

[antinet]

Clarifications & Answers questions (reddit & other places) Re: Monero 0-day. (due to Reddit censorship) >>> https://antidark.net/board/viewtopic.php?t=15



We are AntiDarknet. A collective dedicated to disrupt (darknet) operators and their websites - drug trades, illegal hacking, fraud, CP.


Philosophy
We believe darknet websites, groups or communities are a positive thing. However we don't agree on these websites spreading CP, human or animal abuse, facilitating heavy drug sales or other sub-human activities. The darknet is a way for people to express themselves and cultivate new ideas in anonymous way. Our belief is it should be done so without breaking the law or instances where the law needs changing, without human suffering.

More on our philosophy, goals and methodologies: https://antidark.net/board/viewtopic.php?t=2

"Black Marble" attack
We did find the name "black marble" unfitting however we have accepted it and will refer it as such throughout the post/press release.

The attack was done in a very simplistic way and without much scripting.

All you had to do was use the official RPC to create ~200,000 accounts per wallet. Create 2 or 3 wallets each with 200K accounts. Start depositing money to each of these accounts in very small amounts. Wait some hours to have all of them verified.

Randomize sweeping the accounts or taking out a percentage from each account. Within a couple of minutes of doing that from multiple wallets and multiple accounts the Monero blockchain will clog up. Job done.


Funding
We want to express our gratitude to one of our core members who owns an exchange who loaned us the amount to execute the attack. We only had to pay around a huge $30,000 in fees and other misc expenses. A small price for double rewards.


The Result
Majority of active marketplaces were affected not due to "bug in monero RPC" as their incompetent admins claimed but due to the way they were coded to handle and verify sending out transactions. The delay in the network had the effect of delaying transactions meaning when they were not sent, they would repeat again and again and again until a hash or some other verification is acquired.

Really poor choice of coding practice and it only shows these darknet market admins are nothing more than inexperienced kids who lie to their customers. Lies which were also facilitated and repeated by "neutral" admins of big darknet discussion forum boards demonstrating their involvement in the deception "Everything is fine we only had a bug and lost your money move along..."

One strike resulting in an outstanding result for our goals accompanied by rewards.


Rewards
The first reward was we were able to reach one of our goals to completely dismantle a marketplace. Several markets suffered and some folded such as Cypher marketplace.

We were able to generate more than $300,000+ in "donations" to our cause. We wanted to thank in name the biggest donors to our campaign namely Incognito, Cypher, Super markets for the money. We say thank you and we are already using the money to cause further damage to your competitor operations as you have ceased to exist.


The Future
We will continue disrupting marketplaces one by one, forum by forum, service by service until their world unravels. Where Law Enforcement doesn't have jurisdiction we will step in. Where police can't identify we will seek. We will hack, DDoS and wreak chaos to the evil bastards.

Privacy and for freedom are important. But not at the cost of being complicit in for-crime operations such as those marketplaces. We sincerely hope the Monero developers patch the vulnerability and we apologise for the disruption to any legitimate users during and now as a result of dropping this zero-day.


Your contribution ways
Help us by donating. We won't waste the resources! We will fight cybercrime.

Help us by joining. Donate to us your free time! Fight for a right & just cause.

Help us build a better future for our children.


Meet you all again very soon. Keep an eye out to https://antidark.net for our next upcoming operation(s).

[antinet]

Special thanks to PrintL for letting us use exchanger funds ++

[PrintL]

Any time for a good cause!

Awesome to see it announced was way too fun

[slushy]

lemme get it str8 you were the ones causing big delays in monero in last couple of months? FUCK YOU

but also holy shit for taking on darkweb markets ingenius way they deserve to be shut down

Xmr user here but i see why the slowdowns niiice the monero devs shuld bring donation to the site

[antinet]

lemme get it str8 you were the ones causing big delays in monero in last couple of months? FUCK YOU

but also holy shit for taking on darkweb markets ingenius way they deserve to be shut down

Xmr user here but i see why the slowdowns niiice the monero devs shuld bring donation to the site

In some instances sadly yes. Some spanking to darkweb markets was in order indeed.

[slushy]

antinet wrote:
> [quote=slushy post_id=25 time=1721668739 user_id=61]
> lemme get it str8 you were the ones causing big delays in monero in last
> couple of months? FUCK YOU
>
> but also holy shit for taking on darkweb markets ingenius way they deserve
> to be shut down
>
> Xmr user here but i see why the slowdowns niiice the monero devs shuld
> bring donation to the site
> [/quote]
> In some instances sadly yes. Some spanking to darkweb markets was in order
> indeed.
keep up the good work fellas clean the pedo scum out

[Fast8ball]

antinet wrote:
>

> lemme get it str8 you were the ones causing big delays in monero in last
> couple of months? FUCK YOU
>
> but also holy shit for taking on darkweb markets ingenius way they deserve
> to be shut down
>
> Xmr user here but i see why the slowdowns niiice the monero devs shuld
> bring donation to the site
>

> In some instances sadly yes. Some spanking to darkweb markets was in order
> indeed.
keep up the good work fellas clean the pedo scum out

Words of motivation