It’s a BitBazaar that they thought they could deceive us!: A Soap opera featuring dark web forums and marketplaces

“When it comes to controlling human beings, there is no better instrument than lies. Because you see, humans live by beliefs. And beliefs can be manipulated. The power to manipulate beliefs is the only thing that counts.”   – Michael Ende

The cybercriminal underground has long been associated with manipulation and deceit. Yet members of this community tend to meet new examples of insidiousness with anger and an ironic sense of injustice. If everything within the cybercriminal community is not to be trusted, why is it still surprising when another instance of deceitfulness is called out?

This week Digital Shadows (now ReliaQuest) observed a ban on a subdread on the dark web community forum Dread belonging to the lesser-known dark web marketplace “BitBazaar” following accusations of just such treachery. Dread alleged that BitBazaar had manipulated its user numbers to artificially inflate its popularity and trick cybercriminals into using the marketplace.

This blog will take a look at the history of BitBazaar, detail how the marketplace’s subdread ban came to fruition, discuss why a marketplace would want to inflate numbers, the potential impact on the dark web marketplace scene, and why this soap opera should come as no real surprise.

bitbazaar manipulation dark web

A brief overview of Dread

Dread is an English-language community forum that was launched in February 2018 by the administrator “HugBunter,” who has long been known to Digital Shadows (now ReliaQuest) (See our blog post Recon – Dark web reconnaissance made to look easy). The forum was created as a dark web version of the popular discussion platform Reddit, with an increased focus on privacy and usability for the security-conscious audience.

Dread has grown in both strength and security since its inception. While it has not all been plain sailing for the site—it took a brief hiatus between March and April 2018 following HugBunter’s protracted dispute with the administrators of the now-defunct Olympus marketplace—the forum is now highly regarded by many in the cybercriminal underground. It is particularly prized as a secure communication platform for discussions about developments within the dark web community, e.g., new sites, reasons for outages.

What is BitBazaar?

bitbazaar dark web market

The dark web marketplace BitBazaar was established in mid-2019 and describes itself as a “walletless market with escrow, auctions and anonymous orders.” This means the site allows a user to buy a listing on the marketplace entirely anonymously, without an account. In an attempt to differentiate itself in a saturated market, BitBazaar highlights several of its features in its advertising material:

  • It hosts content in multiple languages
  • It supports multiple FIAT currencies (EUR, GBP, CAD, and AUD)
  • It offers an integrated forum located on the same URL
  • It has a low (in dark web marketplace terms) commission rate of 1 percent

BitBazaar’s popularity grew steadily following recent exit scams by rival marketplaces such as Berlusconi and Apollon Market in late 2019 and early 2020, respectively. In November 2019, the site had 682 listings, but by April 2020 this had risen to approximately 6,300.

BitBazaar’s presence and dedicated threads on platforms such as Dread, and the user traffic these sites can generate, may also have contributed to its growth. Dark web users often refer to platforms like Dread, Envoy, and The Hub to identify new marketplaces and seek direct interaction with these services’ administrators to help strengthen customer relationships.

bitbazaar support

Why was BitBazaar’s dedicated subdread banned?

On 2 May 2020, Dread’s moderator “/u/Paris” announced that BitBazaar’s dedicated subdread had been permanently banned due to “massive subscriber manipulation with the subsequent spam from that manipulation.” /u/Paris said Dread had identified that BitBazaar support staff was incentivized to “create accounts, subscribe, and periodically post on the /d/BitBazaar subdread.” /u/Paris said that while Dread accepts that user subscriber manipulation is prevalent on the site, the number of such accounts would be expected to be in the “low to “mid-tens. However, following an investigation and review of BitBazaar’s subscriber list, /u/Paris identified 454 confirmed manipulated accounts.

The reaction from the Dread community has been predictable. Most users condemned the marketplace and supported /u/Paris’s actions. For example, the user “/u/blonger” stated, “What makes their behavior so sh**** is that manipulation was their business plan” and user “/u/SamCulper” declared “F*** yes Paris! Do your thing!”.

A minority of users attempted to defend BitBazaar and its admin team: User “/u/TheStealthTeam” stated: “I am not taking any sides, but since we started vending we have been very satisfied on the service and the platform. They indeed have good support and have been very transparent on everything they do(also their mistakes). If its true I understand the punishment but I will keep supporting Bitbazaar for they have treated me and I believe a lot of [sic]”.

This mixed reaction is typical of a community like Dread. In previous similar instances of foul-play, the majority of the audience has been ready to throw the market to the scrap pile, a select number of users have attempted to defend the market and those who run it, and still, others have opined the punishment maybe doesn’t fit the crime.

bitbazaar manipulation and permanent ban
bitbazaar users

Why would a marketplace want to inflate their subscriber numbers and listing volumes?

In a scene brimming with cybercriminals ready to part with their money, why would a dark web marketplace want to inflate volume numbers and user figures?

It all comes down to popularity and reliability. If a marketplace cannot prove it is a reliable platform with a decent amount of users and listings, then the average dark web user is unlikely to consider it as a viable source. Slightly ironic that a community known for mistrust and deception is ruled by notoriety and proven evidence so a service can be trusted.

By artificially inflating listing or user numbers and establishing itself on one of the top dark web community forums for marketplace recommendations and reviews, BitBazaar would be achieving its primary aim: Internet traffic. With traffic comes user clicks, new registrants, more vendors with more products to sell, and, ultimately, more opportunity for profit.

With so many potential benefits, you may be asking yourself why more marketplaces don’t employ such tactics. The truth is they probably do. Back in September 2018, the now-defunct dark web marketplace Olympus was accused of similar deceit. Although its demise was not wholly related to statistics inflation, it was a contributing element to its downfall.

Employing the aforementioned tactics also brings negatives. Accusations or correct identification of foul play on the part of a marketplace’s admin team typically results in a furious backlash and widespread condemnation from the cybercriminal community. The reputation of those linked with the service can be tarnished for the foreseeable future, and there is a high likelihood of users blacklisting the service, leading to its ultimate demise.

bitbazaar dark web response

What was BitBazaar’s response?

BitBazaar has tried to remedy the situation following the subdread ban. The marketplace’s administrators said the site had been the victim of countless attacks in the past. They also claimed they had no incentive to artificially inflate the site’s subscriber numbers because of its increased popularity after the demise of other marketplaces and the unique features that differentiated BitBazaar from its competitors. They stated they had never been concerned with “listing volumes, numbers of users,” so would have no reason to start now.

There is nothing to corroborate BitBazaar’s version of events. The site’s administrators could well be telling the truth. However, their position as a trusted marketplace will be called into question following this incident, and the site’s recent popularity surge will probably be reversed. If other platforms similar to Dread pick up on these latest developments, they may also be obliged to mark BitBazaar as an untrusted platform and remove any recommendations for the service.

bitbazaar support dark web

What impact does this saga have on the dark web marketplace scene?

Unfortunately, this minor soap opera drama is likely to have little to no impact in the dark web community.

Dark web users will continue to condemn BitBazaar for its alleged attempts to trick users and will likely shun the marketplace in favor of others. However, due to the ease with which a marketplace can be anonymously created from scratch and the potential to falsely boost listing volumes and user numbers at the touch of a button, artificial inflation will probably continue. The English-language marketplace scene is a somewhat comical motion picture filled with platforms popping up and going down seemingly at will; deception and manipulation will continue to be at the heart of this fierce battleground.

The Modern Cybercriminal Forum