Debate Magazine

The Sanctuary Market Hacked by Cipher0007

Posted on the 19 June 2017 by Darkwebnews @darkwebnews

The steady increase in the popularity of darknet marketplaces in recent years has attracted the attention of two perfectly contrasting sides-criminals and law enforcement authorities.

The anonymous nature of these platforms provides considerable safety to online criminals. At the same time, law enforcement agencies have revamped their efforts to combat these criminal activities facilitated over the dark web.

The Sanctuary Market Hacked by Cipher0007

Now it's not only darknet platforms that have to worry about law enforcement, but hackers who ironically operate on the very same platforms also have to be cautious with their behavior.

There have been increasing cases of hackers targeting dark web marketplaces for financial gain and other motives.

This is the case for a darknet marketplace called The Sanctuary Market, which recently became the latest victim of a cyber attack.

The Sanctuary Market was hacked by a notorious hacker going by the pseudonym "Cipher0007." Before the attack, The Sanctuary Market was a growing dark web platform best known for dealing illegally acquired digital information and malicious tools such as malware.

Although the site also exhibits drug and gun sales, digital information makes up the largest fraction of the sales volume.

The hacker successfully orchestrated the attack due to a SQL injection flaw, by which he was able to completely take over The Sanctuary Market. SQL injection refers to a method that is used mostly to attack data-driven applications such as databases.

The hacker often inserts malicious SQL statements into entry fields for execution such as dumping the contents of the database to the attacker's end. It appears that this is what The Sanctuary Market hacker did.

Cipher0007 exploited the SQL injection flaw to introduce a shell on The Sanctuary Market's server. Having created this backdoor, the hacker was able to gain access to certain sections of the backend.

Cipher0007 then proceeded to dump the private key used for The Sanctuary Market's .onion URL.

The hacker also claimed that he was able to dump the data configuration details and other unspecified login information by using the platform's phpMyAdmin installation.

This action left The Sanctuary Market's login page open to external connections long after Cipher0007 executed the hack.

The hacker was quick to provide proof of his dark web exploit, posting a screen grab online while he entered the shell to the market's server. Cipher0007 also posted The Sanctuary Market's 1024 bit RSA private key and its root account login information.

As of writing, news outlets and users on the dark web have generally come to the assumption that The Sanctuary Market is dead until further notice.

This is a fairly common occurrence in the case of dark web platforms that have experienced major hacks. The criminals who use these platforms are wary of the attention generated by such news, and fewer users trust the sites after cyber attacks.

Most dark web markets operate through escrow services, meaning that they have control over considerable amounts of users' funds. In the past few years, several marketplaces have had these funds stolen following hacks.

Cipher0007 has built up a rapport for hacking dark web platforms in the past. Earlier this year, he earned a Bitcoin reward after he reported two high-risk bugs to AlphaBay staff and to the public.

AlphaBay is currently the top trading dark web marketplace in terms of size and traffic. The bugs discovered by the hacker could have been used by an attacker to gain access to more than 218,000 private messages on the platform. Cipher0007 chose not sell the bugs, for which he was duly compensated from AlphaBay.

At the moment, the motive behind The Sanctuary Market hack has not been conclusively established-that is, aside from the conjecture that Cypher0007 seems to have performed the hack to point out the market's security flaws.

The Sanctuary Market Hacked by Cipher0007


You need to enable JavaScript to vote

You Might Also Like :

Back to Featured Articles on Logo Paperblog

These articles might interest you :

  • Tulip Stairs

    Tulip Stairs

    The first geometric, self-supporting spiral staircase in Britain is in the Queen's House, Greenwich. It is 'geometric' because each step supports the stair... Read more

    The 24 June 2017 by   Carolineld
  • Playing Under the Sea at Palau by Jennifer Avventura

    Playing Under Palau Jennifer Avventura

    Last year, I was given a super-duper under water camera, and I’ve had a ton of fun playing under the sea at Palau, Sardinia, Italy. Read more

    The 24 June 2017 by   Jenniferavventura
  • How to Get a Thai Tax ID Without a Work Permit (Digital Nomads)

    Thai Without Work Permit (Digital Nomads)

    In this article, I am going to show you how to get your very own Thai tax ID to pay taxes in Thailand without having a work permit. I'll also explain in this... Read more

    The 24 June 2017 by   Harvie
  • Full Length Swimsuits Are This Summer Trends

    Full Length Swimsuits This Summer Trends

    This summer, the silhouette does not matter so much! Swimsuits in trends are so varied, from cuts and materials to prints, that choosing the most suitable... Read more

    The 24 June 2017 by   Poundtravel
  • Gremlin (2017)

    Gremlin (2017)

    Director: Ryan Bellgardt Writer: Ryan Bellgardt, Josh McKamie, Andy Swanson (Screenplay) Starring: Adam Hampton, Kristy K Boone, Catcher Stair, Katie Burgess,... Read more

    The 24 June 2017 by   Newguy
  • Bandcamp Bonanza – Strummed By Solstice

    Bandcamp Bonanza Strummed Solstice

    What a great week at camp we had. Just as Summer solstice slams us with record heat, the camp treasure chest opens its casket to uncover a rare combination of... Read more

    The 24 June 2017 by   Ripplemusic
  • Carpe Carmina Celebrates VIII (feat. Yarbo)

    Carpe Carmina Celebrates VIII (feat. Yarbo)

    Let's not shed a tear for today's the antepenultimate artistic contribution carpe carmina celebrates can present to you, on the contrary let's seize the moment... Read more

    The 24 June 2017 by   Vanessa Holthausen