Hunting The Dark Webs Biggest Villain

it's February 8th 2024 and a young Taiwanese crypto developer is preparing for a potentially life-changing meeting he's been contacted by a team of investors from fabric VC one of the biggest crypto related Venture Capital funds in the world however since his English isn't that good they request him to download a special meetings app that includes a realtime translation feature but what he doesn't know is that all of this was a lie the team didn't exist their prom es were lies and the translation app was nothing other than a trojan virus once it's installed it silently

infects the young man's device giving a group of unknown hackers access to all of his crypto accounts within moments over $130,000 worth of nfts and possibly hundreds of thousands in cryptocurrencies are stolen however the hackers were unaware that their target wasn't just some ordinary crypto developer instead he was the secret owner of incognito one of the largest illegal dark web marketplaces in the world and stealing most of his money would trigger a series of events that put the entire dark web drug economy in Jeopardy this is the story of pharaoh the dark web's most hated

Kingpin this video is brought to you by Nord pass but more on that later on March 12th 2020 Taiwan this is Pharaoh a dark web Enthusiast who just finished drafting a simple diagram labeled workflow it outlines vendors buyers product listings encrypted pgp Keys API tokens and servers but Pharaoh isn't planning a new retail Venture instead he's strategizing the launch of his own dark web Marketplace dark web marketplaces are illegal online stores that sell everything from drugs to hacking tools and even weapons however these markets are only accessible through specialized browsers like tour these browsers provide

access to both the clear web and the dark web with the latter being a hidden part of the internet because it's not indexed by traditional search engines the dark web is basically an uncensored space where people can post sell and buy anything they want furthermore while accessing the dark web is allowed engaging with dark web markets or partaking in other sketchy activities remains illegal either way Pharaoh had been studying dark web marketplaces like Silk Road and Alpha Bay he's realized that selling everything would attract too much attention and decides to create a drug and anonymity

centered Market called the Incognito Marketplace a playful illusion to Google's incognito mode however after finalizing his diagram he saves it and sends it to his personal Gmail account a small action that would have major repercussions later on sometime in November of 2020 a new subread called D Incognito Market emerges on the popular dark web Forum dread the mysterious admin invites several people into this closed community and creates two foundational posts about the market the posts go over the Market's guidelines on what is allowed on the site and explain that their objective is to make purchasing

drugs safer than if someone bought them from the streets shortly after the admin deletes his account and vanishes forever leaving the newly invited people questioning if they could trust this new market project however only hours later another account going by Incognito official steps in and answers the questions by saying thate users will buy drugs and disappear no tracking and no tracing unquote adding that the mysterious creation of the subread was just another way to prove their commitment to anonymity at the same time Pharaoh also starts appearing on the subread where he establishes himself as the

main Authority behind the Incognito project marking the official beginning of one of the most insane dark web sagas in history this is Ben a dark web drug vendor who's trying to expand his business he just received an important call from one of his Partners apparently a new Marketplace called Incognito just opened its stores and was actively searching for new vendors for Ben this is great news and he doesn't waste any time signing up he visits the site through dread enters his credentials and completes a simple capture to finalize the registration process however becoming a vendor

wasn't that easy after signing up as a normal user aspiring sellers had to create a job application this is basically a drug dealer CV and must include past vendor experiences recommendations from other marketplaces and assigned pgp message this resume was then sent to incognito's team who would analyze the information and decide whom they'd accept or not but back to Ben he spent the day writing his resume and just send it off however complete the process he also had to pay a $1,500 bond to incognito it turns out that every seller unless they were already a

highly trusted vendor would have to pay a fee that ranged from $300 to $1,500 and only via the cryptocurrencies Bitcoin or Manero the next day Ben logs on to incognito and sees that the team has accepted his applic appliation and sent him a bunch of extra details to his pgp address pgp or pretty good privacy is an encryption method and a Communication Service used by most people on the dark web when you send a message through pgp Services it encrypts the message into unbreakable codes which are then sent to the recipient who is the only

person that can decrypt said message to achieve this pgp uses a system of public and private Keys each user has a public key which they share with others and a private key which is kept secret the public key allows others to encrypt messages that can only be decrypted by the corresponding private key pgp's convenient and secure communication characteristics make it very popular among criminals and a headache for law enforcement who can never decrypt these messages using pgp is crucial for dark web users but even if you're not involved in the dark web your data will

almost certainly still end up there recently a TNT suffered a breach exposing information on over 73 million customers including names emails and passcodes such incidents are part of a broader Trend with around 80% of consumers having at least some data leaked on the dark web this is problematic because many people use the same email and password combinations across multiple accounts significantly increasing the risk of their accounts being compromised even worse if people use the same cred credentials for personal and workplace accounts these hackers can infiltrate an entire workplace system causing significant damage to businesses by

stealing data and funds all it takes is for a single employees data to be hacked and leaked on the dark web to protect yourself and your business it's essential to use unique complex passwords for each account however managing numerous strong passwords can be challenging this is where a password manager like Nord pass comes in nordpass generates stores and autofills strong passwords ensuring that each account is protected by a unique hardto crack password additionally Nord pass monitors leaked databases and alerts users if their data appears in a breach providing an extra layer of security nordpass also

offers features like email masking 24/7 support and a great UI that makes it super easy to use I can't recommend Nord pass enough because once some some 's credentials are on the dark web they're there forever so choose the safe route and use the code thinker at nordp pass.com slinker to get a free 3-month trial of nordpass business no credit card required going back to Ben over the next few months he starts selling his products to hundreds of customers the demand keeps growing and eventually it exceeds his capabilities forcing him to expand his operations lights

pH Checkers fertilizers seeds soil he gets everything he needs and without any major issues and rents out a small Warehouse in a nearby Village either way Incognito was truly on its way to becoming a big player in the dark web market economy the market had finally gained the trust of The Wider dark web Community for several good reasons Pharaoh was always asking for feedback and implementing almost monthly updates something that was highly appreciated by the community incognito's team also seemed to handle disputes between vendors and customers extremely well for example in one case a vendor

who went by WSB promised a completely unrealistic price for certain drugs the community quickly noticed this downvoted his promotional post and warned everyone that he had a reputation for scamming people on other markets but even despite the warnings WSB continued to operate and complaints about his behavior started to pile up the Incognito team eventually reviewed his account banned him and decided to take the money from his account and send it to all of the customers who didn't get the promised products WSB then went on dread to complain however instead of receiving support he was exposed

for having over 50 undelivered orders 30 disputed orders a negative score of almost 300 vendor points and many complaints about his business the truth is that incognito's team team was very active in Banning fraudulent vendors and were also highly active on their subad either way everything seemed to be going according to plan and with The Disappearance of other marketplaces like dark code reborn and White House Incognito was slowly climbing to the top and then came the 5th of April 2022 the largest and longest running illegal Marketplace in all the world is shut down officials in

Germany made that announcement today the operation part of a month-long effort with the US justice department the illegal Marketplace called Hydra Market Hydra enabled users in mainly russian-speaking countries to buy and sell a staggering variety of illicit goods and services including illegal drugs stolen financial information fraudulent passports and even hacking tools and hacking Services it does not matter how well you conceal your assets it does not matter how cleverly you write your malware or hide your online activity the justice department will use every available tool to find you disrupt your plots and hold you accountable

Hydra was the biggest Marketplace at that time and when it was taken down it left a massive power vacuum in the dark web ecosystem thousands of vendors and buyers were now forced to migrate to other sites and Incognito had positioned itself to become one of their main destinations the influx of new users was so significant that from April to June incognito's monthly transaction value shot up from around $700,000 to $2 million per month however none of this was made by directly selling drugs you see most dark web marketplaces don't make money by selling their own

products instead they mainly make money through their Banking and Escrow Services to keep it short there are three main participants in a dark web Market the customer the marketplace's bank service and the vendor now if a customer wants to buy $1,000 worth of a product he must first send this money to the site's bank which is basically just a crypto wallet next the marketplace will take a fee which in incognito's case was 5% and the remaining money is then credited to the vendor's account keep in mind that the money is only credited to the vendor's

account and will only be paid out if the seller requests a withdrawal a fact that will play a major role later on either way if incognito's transaction volume was around $2 million per month it would be equivalent to at least $100,000 in monthly profits for the Incognito team this meant that Pharaoh was starting to make money and a lot of it but what he didn't know was that after hydra's takedown the US and their allies put their sights on a bunch of upcoming marketplaces and one of them was none other than Incognito itself only one

day after Hydro was taken down the FBI started its investigation into Incognito the officer in charge of the designated task force was a man named Mark Rubin to start the case he ordered five GRS of drugs from the night 6 days later a package arrived at the designated pickup address containing exactly what rubben had ordered in documents from the task Force's investigation he wrote that they purchased the substance for $170 in Bitcoin and used a drug test to confirm the authenticity of the drug this verified that the market was real and thus a legitimate Target

for the FBI's task force however they only had two pieces of information to work with the Bitcoin app address that they used for their drug purchase and Pharaoh's dread account to understand how the FBI proceeded in the investigation we need to take a step back and understand a few simple concepts related to crypto money laundering first we need to understand the difference between a Bitcoin wallet and an address the wallet is where Bitcoin is stored but every wallet needs an address to receive and send Bitcoins to other wallets however a single a wallet can have

an unlimited number of addresses which obscures the activity of a certain wallet and helps hide its transaction structure for example in incognito's case whenever they acquired a new customer they would create a new payment address by creating hundreds or possibly thousands of addresses they made it nearly impossible to identify the true scope of incognito's activity this is important because if the FBI knew every address associated with incognito's business they could analyze their activity and eventually discover a transaction that instead of receiving Bitcoin sent it to some sort of service for example an exchange that allows

the user to sell crypto for normal currency like the US dollar and because most exchanges require the user to confirm their identity through a process known as kyc a single outgoing transaction can reveal someone's real identity even if it was sent to an exchange that doesn't require the user to go through the kyc proc process the authorities can request information on the user's Associated Bank account and unless the bank is in a country with strong banking privacy laws they won't have an issue revealing the identity of an alleged crypto criminal this is why Pharaoh had

to put another layer of obscurity into his money laundering process he did not send the Bitcoin from incognito's Main wallet directly to an exchange instead it went through at least one other wallet before it was sent to an anonymous swapping service there he would swap his Bitcoin for Monero a cryptocurrency designed to be untraceable finally Pharaoh would send this untraceable Monero to an exchange where he sold it for dollars his money laundering scheme was solid and would be incredibly hard if not impossible to trace however this would only be the case if he didn't make

any stupid mistakes and unfortunately for Pharaoh this is exactly what happened on May 15th 2022 Barrow logged on to the dread forum and complained that one of the swapping Services he was using to launder his Bitcoin had declined to accept his funds stating that they somehow figured out it came from criminal activities and straight up confiscated his funds it's unknown why this happened but posting about it on dread was a massive mistake the task force was monitoring his account and they quickly saw this post furthermore Pharaoh mentioned exactly what time and how much BTC he

sent to the swapping service this gave the FBI everything they needed to know and they started to search for both the transaction and the address associated with it the address that made this transaction was part of what the task force called admin wallet 1 a wallet that directly received profits from incognito's Main Bank wallet they discovered that one of the addresses that pertained to admin wallet 1 was involved in yet another gigantic mistake for whatever reason Pharaoh used admin wallet 1 to partially pay for four domains on name cheep three of which were about promoting

dark web markets however the fourth domain which is not described in the investigation documents was most likely a personal website with all the details about the owner something that would play a major role later on but remember that I said that admin wallet 1 only partially paid for them this is because three of these domains were mostly bought by an account registered at a kyc crypto exchange however for unknown and probably really stupid reasons the fourth domain was paid for by both the kyed account and admin wallet 1 which contributed a measly 0.501 BTC or

$22 9 to complete the purchase that the kyc account couldn't finish this single transaction directly linked whoever was behind the crypto exchange account with the person in charge of admin wallet 1 which remember is a wallet that received incognito's profits and as such almost certainly belonged to Pharaoh the only thing the authorities needed to do was to force the exchange to give them access to the kyc account and this is exactly what happened happened it turned out that the account belonged to a 23-year-old Taiwanese man called Lyn reang furthermore the FBI also got their hands

on the name cheep account which was also registered under Lynn's name and lastly the personal website was about none other than Lynn himself this was a crucial breakthrough for the task force who then began to infiltrate Lynn's life emails social media accounts domains and any internet related business connected to Lynn was being investigated it's the early morning of July 19th 2022 and while Lynn is making himself a coffee his phone notification suddenly go crazy for whatever reason incognito's servers had been taken down and the site wasn't working for anyone Lynn frantically begins to search for

solutions to get his servers back up but what he didn't realize was that he was still logged into his personal Gmail account moreover the reason that Incognito had gone offline wasn't some sort of bug instead the FBI's task force had found and compromised the site servers somehow they found out that Lynn was associated with a server reseller that quote advertises itself as an entity which offers services to dark web marketplaces unquote the documents say that the reseller was foreign so probably Eastern European or Russian but that they leased the server from an unnamed company my

guess is that since the FBI was granted access to their servers it was most likely some European company that owned the servers either way once they got their hands on Incognito servers they copied all the marketplace's data including information about all of incognito's BTC addresses and more importantly all of the seller and customer information but the worst part was that while Lynn was frantically Googling for ways to fix his server issue the FBI who had infiltrated all of his personal Gmail accounts could see these searches in real time using Gmail was another massive mistake and

once the FBI dug deeper into his account they found even more incriminating evidence for example in an email from the 12th of March 2020 Lynn sent a diagram that perfectly described how Incognito operated to his own email account and probably forgot to delete this message this in addition to all of the other discoveries once and for all proved that Lin reang was incognito's admin known as Pharaoh August 2023 Germany nrw at this point Ben the German weed vendor is making a lot of money every day he processes dozens of orders resulting in thousands of dollars

in profit each week he struck gold with Incognito and 2 years after applying as a new vendor he's risen to the upper echelon of sellers he's got a ton of positive reviews and occasionally features on the vendor leaderboard which attracts even more customers once a month he travels to Eastern Europe where he cashes out his profit at crypto ATMs of course while covering his face when asked about his money he simply refers to a trust in the British Cayman Islands but what he doesn't know is that while he's making thousands the FBI has started investigating

the site's vendors including his account and if this wasn't bad enough a team of hackers was about to pull off one of the most consequential hacks in dark web history October 2023 approximately it's late at night when a team of unknown hackers and frauders come together to plan their next Heist Apparently one of their members stumbled upon what seemed like an easy target a 23-year-old Taiwanese crypto developer named ly reang they identified his Twitter account where he frequently posted about the General State of crypto he also shared his trades showing off a bunch of big

p&l numbers bragging about being a level three VIP on binance and continuously revealing his new nfts with the information he revealed on Twitter the hackers decided that attempting to hack him would be worthwhile and they got to work they created an entire business around a project called XA a meeting software similar to zoom but with a Twist it could Translate speech from each participant in real time however this was obviously a complete sham and nothing more than a ploy to get their victim to download the app onto their computer once they did the app would

infect their system and drain every crypto related account the translation feature and language issue were already perfect excuses to get Lynn to download the app but getting him to even talk to them was another challenge for this they stole the credentials of employees who worked at fabric VC a well-known crypto venture capitalist fund and reached out to Lynn telling him that they wanted to invest in one of his projects the final step was to set up a serious meeting with Lynn February 8th 2024 St Lucia Lynn who was working for the Taiwanese foreign Ministry had

traveled to a small Caribbean island country called St Lua apparently the Taiwanese Embassy and St Lucia's government had planned some joint activities however while he was there he began communicating with what he thought was a team of investors from fabric VC he had scheduled a meeting with his associate that day however due to a supposed language barrier the person requested that he download a special realtime translation meetings app called XA Lynn downloads the app and the alleged team almost immediately ceases to communicate with him at that point he realized that something was off all of

his crypto accounts had been drained everything including a boor ape nft was gone and even though it can't be confirmed it's likely that a large sum of his illegal profit from Incognito was also stolen however the hackers were unaware that their actions would directly lead to what many call the biggest move in dark web history February 20th 20 24 only a few days after Lynn has his money stolen Ben tries to withdraw his money from incognito's Bank however as time goes by nothing arrives and he isn't alone many others start complaining about withdrawals not going

through fake transaction logs being generated by Incognito and the site straight up acting weird all of this eventually culminates in rumors about an exit scam an exit scam is basically when a marketplace's admin takes all the money in the sight's bank steals it and disappears leaving everyone else wondering what just happened keep in mind that at this time Incognito had built up a massive customer base of over 250,000 buyers and more than 1,000 vendors all of whom stored some of their money with incognito's bank meaning that if Incognito were to exit scam they would likely

run off with at least 5 to1 million of their community money nonetheless Pharaoh countered the rumors by stating that they were working on the issue and insisted we not scamming Pinky Promise unquote only days later the creator of the dread Forum himself hug bunter published a post claiming that Incognito had indeed exit scammed and advised people not to deposit any more money into their Bank hug bunter also claimed that Pharaoh tried to bribe him with darknet live a dark web news portal that Incognito owned in exchange for DNL hugbunter would remove all traces of incognito

and its team from the dread Forum however hug bunter refused the bribe and stated that he couldn't be bought following this announcement darket live claimed that hugbunter post was a smear campaign designed to discredit incognito and DNL strangely enough after this announcement DNL disabled comments on their site which created even more confusion on the dark web on March 10th Lynn Now using the username staying Innovative confirmed the exit scam on dread and hinted at one final surprise from Incognito however it wasn't a gesture of Goodwill or an apology instead the site displayed a message that

nobody could have anticipated expecting to hear the last of us yet we got one final little nasty surprise for y'all we've accumulated a list of private messages transaction info and Order details over the years surprise surprise anyway if anything were to leak to law enforcement I guess nobody never slipped up we'll be publishing the entire dump of 557 th000 orders and 862,5kg and your customers info is on that list is totally up to you and yes this is an extortion thank you all for doing business with Incognito Market in order for vendors to have their

data deleted they were charged up to $20,000 however people like Ben who only used pgp were safe because even if authorities got their hands on their messages they couldn't decrypt them but dozens of other V vendors had completely trusted Incognito service and were now in deep trouble the situation was getting out of control some people paid the fee others threatened Incognito and the FBI was probably watching all of this unfold and it's at this moment when hug bunter entered the picture once again in a post complaining about incognito's extortion hug bunter commented that if Pharaoh

released any data he'd be quote totally unquote insinuating that he had crucial information about him Lynn then responded that he didn't believe him and threatened to start releasing seller information within the next 24 hours however hug bunter who knew Lynn's real name invited him to chat through jabber to prove his claims privately it turned out that a few years ago Lynn had mentioned some of his XMR nodes on dread and when hug bunter scanned the web for these nodes they only appeared on one site an XMR node list that pointed to none other than Lynn's

personal website we don't know what else was revealed during their conversation but after this private discussion Lynn stated that hug bunter talked him out of releasing any information moreover Lynn's final post claimed that the entire extortion ordeal was just an April Fool's prank which was obviously just a cheap way to get out of this mess so we could say that hug bunter didn't just save the community once but twice however remember that the FBI had already raided the site servers in 2022 this means that anyone who took the appropriate steps to disappear due to incognito's

doxing threats was now safe from the FBI all without even realizing it either way it seemed that Lynn had turned himself from being a victim of cyber crime into the perpetrator he pulled off a successful exit made Millions in the process and most likely ended the Incognito thread for good however the FBI was still on his Trail yet Lynn's connections to the Taiwanese government made extradition nearly impossible forcing the FBI to wait for the perfect moment to arrest him March 25th 2024 it's early morning on a beach in St Lucia and Lynn is lounging on

a beach chair with his laptop preparing some notes for a seminar he's about to give ironically he has been booked by the St Lucian police to conduct a 4-day training on cryptocurrency and cyber crime prevention funded by the Taiwanese Embassy this situation is so surreal that if I hadn't discovered his post about this seminar on LinkedIn I wouldn't believe it myself either way it's unclear what he did after the training but he was likely either just enjoying life in St Lucia or setting up some offshore infrastructure to launder his new wealth but while Lynn was

enjoying his time the FBI had been tracking him since his stopover flight in Canada moreover they noticed that Lynn made another crucial mistake when he booked his flight back to Taiwan it's around 10 a.m. and Lynn is on a flight back home however this flight doesn't go directly to Taiwan instead it has a stop over in the United States specifically at the JFK Airport in New York the flight arrives at JFK in the afternoon and after everyone exits the plane Lynn decides to take a stroll around the airport suddenly several FBI officers surround him tell

him to get on the ground and arrest him on the spot after 4 years of dark web activities having helped sell over a hundred million dollar in drugs and scamming and extorting his own customers for hundreds of thousands of dollars Lynn ended up in the worst place possible a US jail and when the news broke no one celebrated more than the dread Forum which laughed about his arrest and couldn't believe just how stupid Lynn's mistakes were something that I have to include in this video is that he literally posted an analysis about dark web Market

markets on his Twitter and included his own Market something that everyone was clowning him on Twitter for he even features in a video where he talks about a DDOS prevention method which he used on his Market as well about me my name is lingang and I'm currently an amateur backend and blockchain developer and an undergraduate at National Tower University I also consider myself a crypto enthusiast it's truly insane how many mistakes this guy made either way Lynn will now begin his trial and if he's found guilty which seems to be the case will serve a

minimum of life in prison at only 23 years of age furthermore because the FBI had already seized all his data Lynn has nothing left that he can offer to lower his sentence check out this video for more stories about the crazy digital world this video is sponsored by Nord pass narrated by Eric Peabody