The popular darknet service Versus Market was shut down after the discovery of an exploit that could open access to the database and reveal the IP addresses of servers. Having discovered the vulnerability, Versus operators decided to disable Versus themselves in order to avoid detection.
Versus was launched three years ago and has achieved very high popularity in the cybercriminal community, offering banned substances, hacking services, stolen payment cards and stolen databases.
Last week, a specialist identified a vulnerability in the trading platform system and demonstrated on the Dread darknet social network the process of gaining access to the server’s file system.
Versus disconnected to conduct a security audit. According to the website, operators have previously disabled Versus 2 times after suspicions of flaws or real hacks. After disabling the site, users assumed that Versus operators were engaged in fraud and were caught by the FBI.
However, soon the operators announced the closure of the site again. One of the main Versus operators published the following message signed by PGP (Pretty Good Privacy):
“After a thorough assessment, we identified a vulnerability that allowed access to a 6-month-old copy of the database, as well as a potential leak of the IP address of one server that we used for less than 30 days.
We take any vulnerability very seriously and consider it important to challenge claims in our direction. Especially important: there was no pwn server (exploiting), and users have nothing to worry about as long as standard security methods are used (for example, PGP encryption).
As soon as we identified the vulnerability, we were faced with a choice: we need to recover and return (as we did before) or gracefully retire. After much thought, we settled on the latter. We built Versus from scratch and worked for 3 years”, – the operator of the site declared.