Another possible moral is don't be a freelance security researcher as a hobby. You should at least get paid for it and get some organisational cover - not only are you potentially at risk of crossing organised crime, but you can very easily be framed and end up raided by the police.
> Another possible moral is don't be a freelance security researcher as a hobby. You should at least get paid for it and get some organisational cover - not only are you potentially at risk of crossing organised crime, but you can very easily be framed and end up raided by the police.
Alternate reading -- the best way to extricate yourself from a dark web scam is to pose as a freelance security researcher as a hobby and turn on your co-conspirators. Explains why you have admin access to the the site and all its email correspondence when the police come looking for you.
Great point. They say eat veggies, exercise etc., but the best thing for longevity is to "mind your own business," when it comes to organized crime and tens of million$ at stake.
Because of John I may lose $4 million and go to jail for 20 years=lots of incentives to 86 John.
When I saw this comment I was confused, because I get the reference (from restaurants) and hadn't heard this origin. Then I followed your link and got more confused, because it doesn't mention graves at all.
I think perhaps someone made up an origin, passed it on to you as fact, and you assumed that wiki would agree without checking?
That is almost definitely not the origin of the term. It was used to refer to absent menu items (1936) decades before it was first used to refer to people (1959).
"Monteiro says that, as he didn’t know his NCA contact’s full name and he didn’t have access to his devices while in custody, he could not immediately prove his dealings with the agency."
I'd say "Do anything remotely shady anonymously" would be more practical advice. People do things because they're somehow motivated and that motivation won't go away just because they could get into trouble.
You so rarely run into a news story that considers a genuinely difficult ethical question. I think I’d say that it’s morally wrong to run a scam hit darksite to steal money from people who want assassins, but it is not obvious. Especially when you consider the larger point that the existence of scams like this one make it harder for a real service to pop up.
There is research showing that suicide rates increase with greater access to easy methods(ie. guns). My guess would be that murders work much the same way. Planning and executing a murder is difficult, signing up for a website and sending bitcoin is easy. I suspect that murder appearing more accessible encourages more people to pursue it. Obviously a scammer won't pull off an actual hit, but I worry that the person paying might be more willing to pursue other methods after months of thinking about it and being led on by the scammer.
A small argument here... where it seems you are misusing causality.
>There is research showing that suicide rates increase with greater access to easy methods(ie. guns).
Saying that "access to guns" increases suicide is a very misleading statement often used intentionally. As there is no concern for the opposite effect of ownership nor any reasoning of cause vs effect. There are more defensive uses of guns than misuses, including suicides according to the CDC. BUT...
To tie it to your argument... Does having access to internet CAUSE an increase in murder for hire?
If we want to limit murder for hire - Should we ban Tor or encryption, should be allow our civil rights to be removed because some people will misuse them? By your wording especially-yes because these things are 'easy', it's just signing up for a website and making a bitcoin transfer after all.
I question any line of thought that leads with "this is bad because people might misuse it" or that "we should stop people thinking about something".
Well, that's the reason you can't buy a nuclear gun even if you have the money it costs; because you "might misuse it" or maybe you just want it for a collection, doesn't matter you can't have one; so its not as black as white as some might believe.
That's a disingenuous argument. We're talking about guns and in a broader sense encryption access as it pertains to the article. Which are two things that have legitimate and defensive purposes.
Something like a "nuclear gun" or DDoS attack has no defensive purpose. In the terms of firearms, you jumped to ordinance when the topic is about arms. I hope you didn't do so intentionally.
Ok you want to get really specific about guns, let's do that. The reason guns are so popular for suicide is because it is immediate, unlike filling your car with carbone dioxide (gas) or figuring out how to hang yourself. The immediateness give suicidal people a lot less minutes to further consider their decision, an minutes are very important in the case of these people, specially when the decision hasn't been in their heads for years but only for days meaning a emotional response to an traumatic event, for example that's what happened to Katie Stubblefield, broke with his boyfriend then took his brother's rifle and shot herself in the head at her parent's house, you see... when you fail to kill yourself by hanging there is not pretty much any lasting damages due such failed attempt, unfortunately for Katie the same cannot be said for rifle shots, she was found by her mother with pretty much nothing left of her face but lots of blood and exposed bone and still breathing; so yeah, guns make the suicide issue a lot more complex for multiple reasons while there is no upside for society, America would be pretty much the same if after 1900 guns had been banned, of course you think otherwise, you give it some emotional weight or some false protection purpose, given countries without guns on their streets don't seem to be doing any worse.
>America would be pretty much the same if after 1900 guns had been banned
That’s a pretty massive leap. Maybe you can ignore the 500k-3M defensive gun uses per year, maybe you can ignore the civil rights movement that was furthered by blacks arming themselves - coincidentaly this is the roots of modern gun control in the USA (a plan to keep “the wrong people” from owning guns, still rooted in racism today), ignore the “rooftop Koreans”, ignore that unlike Mexico to the tip of Chile that razor wire and bars on Windows isn’t common in USA because the penalty for property crime can be death, ignore that our military is the best in the world because of country boys that grew up with positive gun culture, ignore all you like. You’re clearly not presenting a factual argument with such a broad hypothetical.
Edit: I’ve already been sucked in to a silly line of thinking too much. The point here isn’t that you’re scared or upset about the existence of guns. It’s that we don’t get rid of things or stop people from thinking things because someone might be bad. That’s not how a free society works.
I can see where the problem is, "best military in the world" if by "best" you mean the creators of ISIS for destabilizing a middle-east country or violating every human right on Vietnam, or torturing people in guanmo. The blacks arming themselves was a response of whites already being armed for centuries, bla bla you can say that everybody you dislike has not a factual argument, it means nothing as well.
Your definition of "free society" is probably the problem here. In mine the tools of violence play a non-existing role; for exactly the same reason they don't get atomic bombs.
> In mine the tools of violence play a non-existing role;
Lol. When you have a problem, you’re going to call police, to bring a “tool of violence”. You’re just being naive about who is ‘allowed’ to have a means of defense.
If police are the only ones that can defend themselves from people like you - you aren’t free, you are subservient. Aren’t the same people a threat to them, a threat to you? Classes of nobility don’t seem very free to me.
But... you jumped to “nuclear gun”, so how much of a serious argument could I expect from you?
HN is no place for tedious flamewar, and we ban accounts that post like this repeatedly. Please use HN in the intended spirit. It's described at https://news.ycombinator.com/newsguidelines.html, and in addition you might find these other links helpful for getting a clearer idea:
You’re right, I’m sorry, I didn’t realize you were literally a child, mattigames.
>only gun needed by the police may be a taser gun
:D please tell me more about your experience with police and police training! Then I’ll tell you mine where I’ve traveled around the country training and training with police. Can’t wait.
EDIT: Nice job using a throwaway account to downvote my posts! Though you should know that’s against the TOS here.
Please don't do flamewars on HN, and especially don't cross into incivility like you did here. That's a way to get banned on HN, but we'd much rather that you take the spirit of this site to heart. Please see the links at https://news.ycombinator.com/item?id=18787962.
would it still be morally wrong if the police ran it? I think not they frequently run covert operations. Thus a non-police vigilante would not ve wrong either right?
Yes, still wrong if the police ran it. I think that in the end, the fate of the world is more likely to hang on how much people can trust each other, than on having even fewer assassins.
> A tall man in his thirties with thick sable hair, a short beard and deep-set, dark eyes, Monteiro ... [can be found doing this and that and also doing this in reddit and... ]...
Hey, This guy put a lot of effort trying to be anonymous and could have serious problems if not, so lets describe him thoroughly in a public e-journal!.
At this point, he had already revealed probably-identifying information in an interview with the Mirror newspaper. That same interview respected his accomplice's desire for anonymity, so I don't think we can assume journalists were at fault here.
This was after he was disturbed enough by receiving a video of a burning car to go to the police. He seems to have a complex relationship with anonymity.
I think this and the rest of the article really only shows me that this guy while technically prepared to be a security researcher - practically or emotionally is not.
His buddies have the good sense to remain anonymous.
I think to some degree he tried, I'm still wondering if "bRspd" is the same guy, anytime it talks about proper hacks / database dumps it blames whoever bRspd is, and keeps him and Judge Judy out of it. It just seems a little too coincidental. He should of published as an anonymous blogger (or more), and then based his wiki work off that. Maybe purposely write in terrible English in anoymous blogs.
I'm always wondering - how can people that are determined enough to access the dark web and buy crypto, and willing to instigate a murder, fall for such obvious scams? Do they really think the mafia hosts front sites for anyone to browse and order through? What, do they think they give discounts and fidelity cards as well?
In the early 2000's, I knew a guy that responded to a spam message, which seemed like an obvious scam.
It was selling illegal software on DVD. After you pay through VISA, they would send you some DVD's with cracked software.
For me it was obvious that they would clear his VISA. But weeks later, he received the DVD's, and didn't have trouble with his VISA getting stolen. Seemed like a "legit" business.
I still can't believe it, but sometimes it seems to work out just fine (⊙_⊙')
Hitmen are an actual thing that exists, it's not crazy to expect them to be available for hire via the dark web. In terms of legality and the consequences of being caught, ordering a hit on someone is not that different from ordering a kilo of heroin, and the dark web facilitates that pretty well. (Morality is, of course, another matter.)
Hitmen don't actually make their service readily available* like a pizza restaurant's website, and the ones who do quickly get caught - natural selection if you will. I haven't ever heard of a case of someone getting targeted by an online hit ordered through one of those websites, which you'd expect to if even a single one of them were actually legit. Which makes sense from an economic point of view - there's much more incentive running a (relatively inoffensive) scam and making boatloads of money, rather than risking lifetime jail and committing atrocities to make the same amount of money.
As for ordering drugs, the legal consequences vary a lot depending on the country's jurisdiction. There's also such a thing as a priority list in law enforcement, and they presumably care a lot more about murders than drug use, so one will draw much more attention than the other.
*Yes, readily available. There's nothing "dark" about a website that can only being accessible through special software, it's been a thing since the days of Usenet and BBS.
> I haven't ever heard of a case of someone getting targeted by an online hit ordered through one of those websites, which you'd expect to if even a single one of them were actually legit.
Centralizing murder-for-hire is a good way to get caught, scam or not. I believe Kuklinski did it for a while but it's not a savvy way to go about your business these days.
There have been more than a few cases of people putting ads for wetwork on Craigslist that were successfully responded to. There was even one bizarre case in which a teenaged girl put a successful hit out on herself.
> Which makes sense from an economic point of view - there's much more incentive running a (relatively inoffensive) scam and making boatloads of money
Not everybody is intelligent/skilled/capable enough for organized crime. To a lot of people, a mere $5000 is enough money to get caught up on their late rent, car payments and child support. Pull-trigger-get-5k is a simple procedure, moreso than running elaborate darkweb portals and fucking around with Bitcoin.
Contract killing hasn't changed much over the ages. You don't need to retain a celebrity hitman, you just need to get in contact with some desperate nobody willing to do anything to make ends meet. Morality and ethics are luxuries for those who can afford it.
Online drug dealers are similarly incentivized to sell oregano and baking soda, yet apparently there are plenty of real drugs being transacted as well, including quantities well beyond personal use. And it does depend on the jurisdiction: I'd wager that in (say) the Philippines and some parts of Central America a kilo of heroin would draw more police attention than a murder, unless the victim is well connected.
And to be clear, I'm not saying murder for hire on the Internet is a thing; I'm just mildly surprised nobody seems to have done it yet, especially now that cryptocurrencies have pretty much solved the largest problem of how to get paid.
Reviews and escrows are a thing in the drug world. Generally speaking everything with drugs is easier:
-It's easier to manufacture your own drugs than commit murder
-It's easier to go unnoticed by law enforcement manufacturing, selling or buying drugs than going unnoticed with murder
-Enforcement authorities around the world are much more willing to cooperate with each other when it comes to solving murder rather than busting someone's MDMA lab
-The market for drug consumption is much larger than the market for hitmen (fortunately!) and it's easier to reach out for the former audience rather than the latter
-There are much more third parties willing to act as escrow for drug trade rather than hitmen services
-There's a moral case to be had about leaving drug use alone (victimless crime and all that), as opposed to murderers or murder instigators which are universally reviled; there are much fewer people willing to engage in a hypothetical hitman market than there are with a drug market
-A review system can actually work with drugs because of the large demand and relatively risk-free aspect for buyers; a good seller can quickly build a reputation, while a bad seller will get buried by bad reviews. Can you imagine a hitman customer writing an Amazon-style review over the person he had murdered?
>And to be clear, I'm not saying murder for hire on the Internet is a thing; I'm just mildly surprised nobody seems to have done it yet, especially now that cryptocurrencies have pretty much solved the largest problem of how to get paid.
There just isn't enough demand for it to be worth the risk and hassle. As I said, any hitman stupid enough to set up a front store is begging to be busted by undercover cops posing as "customers".
> -It's easier to manufacture your own drugs than commit murder
Well that seems false. You literally need no equipment to commit murder. If you have no connection with the victim, it's even easy to get away with it with a few precautions.
Drug synthesis is much, much harder.
The rest of your points seem mostly sound. The low demand for murder services is probably the most pertinent reason for the difference.
I was taking into account the human factor; most people are simply not willing to kill another human being in cold blood, whether it's sheer empathy or the risk of getting caught.
I think simple human empathy would be a problem for anybody considering a career in contract killing.
A bigger problem might be that it's not as easy to for sure kill someone as most people think, especially if you want to avoid leaving any evidence at all. It only takes one error to kill your career. It also doesn't help that the public's image of assassins (super professional bald guys with enormous resources) is pretty much completely wrong. Actual assassins are much more likely to be drug addicted flat broke bums.
I think this overstates the case. Up to 40% of murders go unsolved in any given year. Most murders are committed by people the victims know, that's why they're "easy" to solve. If you don't know your victims, there's virtually no way for the police to link you to the crime unless you make a colossal mistake, like divulging our identity or your contact info to the person who hired you, as the police will be looking at them closely.
DNA and fingerprints, unless you're already a criminal where those are registered, would only establish you as serial murderer whose identity is unknown.
Or someone's camera-doorbell catches you walking down the street at the time of the shooting and they match your face up at the airport...
Or a cop happens to be sitting one street over and hears a gunshot and gets to the scene just as you're stepping out of the building.
Or the victim is paranoid and has an itchy trigger finger.
Or the cops are investigating the victim's family and associates and notice a weird pattern in their bank account.
There's a lot of ways a killing can go wrong. Even if the odds of any one killing going bad are small, the cumulative chance of an error creeps up with each job. Worse, it's hard to jack up your prices really high to reduce the number of jobs you have to do because the more money moves around the more scrutiny it receives.
Every circumstance you described is clearly exceptional and not representative of the norm, which don't seem to change the points I've made. Simple precautions would handle most of them too.
Interesting that you assume an assassin's preferred method of execution is a gun or other violent means of execution. That seems like the last resort of anyone competent to me.
I'm sure there is a crazy world of high-end assassins given the incidents involving Jamal Khashoggi, Viktor Yushchenko, Alexander Litvinenko, etc. But from a business standpoint and morality aside, the "every person" assassin almost seems as bad of a business model as the one high school kid who sells fake ids. You have a bunch of one time customers, extremely high legal risks versus the financial payoff, and a high likelihood of eventually getting caught. With drugs, you have addicted, and therefore, repeat customers.
Indeed, I would suspect that real hitmen usually aren’t full time hitmen as an occupation. In the case of the highend examples you mention, they’re probably ex special forces or spies for that country that usually don’t get asked to do that, but do some other jobs for their paymasters. And most “hitmen” are probably actually from extremely poor countries and live and work in gangs doing all the usual gang illegal stuff in addition to doing hits (for relatively low sums).
I think dark web hitmen are entirely scams, but I suppose if we can literally buy heroin or crystal meth online from the dark web, it’s not entirely naive to think aprori that hits could also be purchased. The reason they’re not is probably that it’s actuslly extremely difficult to regularly perform hits in the West, and probably not a great business model to scale on the dark web for the average Joe who wants to pay only a few grand for a hit.
Richard Kuklinski was a fulltime hitman. He had some other scams on the side, but killing was his business. I suspect that when you're running a large criminal enterprise you need people like Kuklinski on a kind of retainer basis.
> Throughout his criminal life, Kuklinski was involved in narcotics, pornography, arms dealing, money laundering, collecting debts for loan sharking, hijacking and contract killing.
As a data point for low-end assassinations -- some cities don't have the police resources to investigate fully every time a faceless teen or young twenty-something rolls up on a moto, shoots someone, and rolls on. I remember this being something that the local radio and papers would talk about in some of the south american cities closest to the fishing village I spent 7 or 8 years in.
It was convenient to pretend that all kinds of legitimate low-level assassinations are gangland "ajuste de cuentas," back-and-forth murders amongst gangs, to the point where the phrase 'ajuste de cuentas' became kind of a shorthand to refer to the police's lack of zeal.
So that the entry level product could be surprisingly reasonable for settling business disputes in extra-legal ways.
In all the cases you mentioned, these assassins were not in a business or contracting service, they were government agents, military, and otherwise trained and in the sole use of their own government. In most cases of “mafia” hitmen, they were not contractors either, but essentially a specialist within a family. There are freelance hitmen, especially in places like Mexico where cartels hire from pools of desperate young men, who get paid mediocre money for killing. I doubt that a world of truly skilled, high-end assassins exists as a free market, too many legitimate and illegal interests would benefit from their dissolution.
The way it typically works with mid level street gangs is somebody or a group of criminals (crowd sourced murder) floats a bounty on some other criminal, and other freelancer mid level guys try and collect it. They pass around 'paperwork' to each other which is usually evidence of said target collaborating with police or breaking some other gangster code. There is always more than enough violent and foolish street criminals willing to claim the bounty. Somebody tried running a crowd sourced tor hidden service scheme for murder a few years ago IIRC.
What happens if you buy something from the dark web and you receive nothing or some garbage, there is always a large risk of being scammed, some people have too much bitcoins and could afford losing some.
How can I trust the reviews and the escrows, explain it to me as you would explain someone that is not technical (so no crypto terms if possible). I mean we have fake reviews on Amazon and other sites.
I assume you would buy something small, see if all is fine, then buy something more expensive wait and see how things work out, but for something very expensive how will it work, how is the mediation happening if I don't like what I receive or I am evil and report that I do not receive what I asked for?
Surprisingly enough, dark market sellers have excellent customer service. Since the market is completely transparent for a seller. On a number of dark markets both a seller and a buyer have a reputation that is tracked by the market. If a seller sees that you've bought before and this is the first time you ask for a refund they'll send you your order again.
Same with the reviews, a seller that has been around for a few years on a market, has good reviews, is most likely not a scammer. If they were they would be banned from the (reputable) dark market(s).
The fact that users' reputations are visible apparently lead to a widespread swindle called "selective scamming": sellers would ship as normal to buyers with an established reputation, but just outright rip off new users knowing that the buyer would be assumed to be the scammer.
But as a buyer to build a reputation I need to buy multiple things , this means I need to buy drugs from X, a gun from Y, some forbidden magazines from Z, my anonymity drops with each purchase. If I would do heavy illegal things I would not reuse same identity. I doubt that the mafia on the dark web have real reviews and fair escrows.
There is also the risk that all is a trap and you incriminate yourself, even if you try to be anonymous there is a risk to make a mistake and leave a trace.
This is what's so mind boggling to me. Even if the criminal never provides their name or any identifying information they have to provide the name of their target. I'd imagine if the police told a victim someone tried to put a hit on them the victim would probably have a pretty good idea of the criminal's identity for the police to then investigate.
The way you describe such a person makes that person sound like a person who is desperate and irrational. I think that's part of your answer right there.
Well, the main character seems to be slightly bubbling in terms of keeping himself anonymous, having keep records and contacts with police, appropriately handling contacts with journalists, and the story only glances on the murder of Bryon that is touched on twice and never resolved in the slightest making me assume it’s tangentally related enough to add to the article title but that’s about all.
I’m not sure “amateur security researcher” makes a good story. Look at the ethical question posed, some dude make upto millions on this scam, by taking money from bad people, he by far isn’t the worst person in the story.
IDK. I see the real hero of the story here to be the two hackers that remained anonymous through the story, because they had the good sense to make that a priority.
This could be the seed of a great movie. Hobbyist investigates "dark web" sites and find a hitman site that seems like a scam, only to find it's really much worse.
I almost want to make a joke saying that the moral of the story is not to get married. Nevertheless, an excellent write-up and just as enticing of a story.
Although that's amusing, there's a pretty good real moral to this story:
> It appeared that Monteiro had been arrested on the basis of a misinformation campaign.
> There had been warning signs for a while, at least since the point at which Yura had threatened to expose him as a cop. In June 2016, when Monteiro hacked into Yura’s Gmail account, he had noticed that the scammer had created email addresses under the name of Chris Monteiro
Until I got to this point in the article, I hadn't realized that the initial denunciation of the site[1] was done under Monteiro's real name. This is a good example of why messing with internet scumbags, even if they're pretty clearly not actual mafia capos, is an activity best undertaken pseudoanonymously (at the very minimum). Although what happened to Monteiro was a bit nastier than usual skiddie fare, there are a lot of ways, from financial fraud to swatting, for someone who wishes you ill and possesses your dox to seriously mess with your life.
Seems like Monteiro was too wrapped up in the acquisition of personal notoriety to care about opsec. My intent isn't necessarily to victim-blame Monteiro, but hopefully this episode will serve as a lesson to other well-meaning but potentially naive vigilantes.
Some of the nasty stuff that's happened to Krebs[2] also falls into this category. I guess in his case it's probably more of an intentional, aware-of-the-risks tradeoff, but man, I don't think that's a deal I'd be willing to make, especially since many such incidents don't end so peacefully[3].
> Until I got to this point in the article, I hadn't realized that the initial denunciation of the site[1] was done under Monteiro's real name. This is a good example of why messing with internet scumbags, even if they're pretty clearly not actual mafia capos, is an activity best undertaken pseudoanonymously (at the very minimum). Although what happened to Monteiro was a bit nastier than usual skiddie fare, there are a lot of ways, from financial fraud to swatting, for someone who wishes you ill and possesses your dox to seriously mess with your life.
I hope he learned from "Judge Judy" to not expose his real identity.
This guy hacks into a darknet "hire a hitman" site and downloads the target list. Although the site is fake, he realises that the target list could help pre-empt real murders.
He goes to the cops who ignore him, because they feel they have better things to do then prevent What enda up being at least two murders.... then later the bad guy buys some SEO and they raid the white-hats place because they think he’s running the site..... the site he handed over to them already... the site they didn’t care about. These cops don’t just seem incompetent, they seem downright moronic.
As presented by the journalist here, it makes sense to believe him. But imagine seeing what Monteiro is presenting in real-time, with some reasonably cautious skepticism. His computers contain the entire source of the hitman site, he had admin capabilities of the site, enough to take it down. Even as Yura created new sites Monteiro retained the ability to read all of the email of the site. A reasonable reading of that, is that rather than a white knight, it was just as likely he was a co-conspirator.
And frankly they shouldn't fully let go of that idea. The author seems willing to take everything Monteiro says at face value, without an ounce of skepticism. If Monteiro and Yura were a team and one got cold feet, how would it play out, and how could one best cover his tracks?
>Even as Yura created new sites Monteiro retained the ability to read all of the email of the site. A reasonable reading of that, is that rather than a white knight, it was just as likely he was a co-conspirator.
Yes. I found this to be unbelievable.
Let’s say bad-admin uses an out of date Wordpress or join pa instance with some security flaw. Am I really to beleive in 2 years he keeps using the same instance every time his site is taken down?
That seems extremely unlikely.
If your hian site is taken down by some guy in London, you’re going to wonder how; and probably assume it was some bad code on your end.
Dude keeps using the same code and keeps wondering how his site keeps getting hacked - yet, knows enough to work SEO, get a guy SEATed, run an anonymous darkwrv site, and handle crypto payments?
To be clear, he is not a white hat, he's a grey hat at best. Once you hack gmail accounts (without Google's permission) you're definitely in grey hat territory with a possible side of black.
Just do a CTRL+F on "Njoroge" if you want to read more about the case in the opening paragraph. The story doesn't circle back to that until WAYYYYY too deep in this long form article.
I get the writing style, but it should give some closure to that much earlier on.
