[GUIDE/TUTORIAL] Proper OpSec/Operational Security for Darknet Market Buying & Selling – Do’s and Don’ts for DNM Users
First of all move over to the most secure (and luckily largest) darknet marketplace, Dream Market. Dream Market, Darknet Marketplace is invitation only which you can register for with this invite code/URL (you must use TOR browser to connect):
BTC/Bitcoin Cleaning/Laundering (Cover Your Money Trail)
This is IMHO one of the easiest ways to get caught. Money laundering is simply trying to make your profit look like it came from a legit source. Take IRL drug dealing for example. Lets say that the dealer wants to bank his profit instead of keeping the cash around his home. You cant just bank a large amount of money without being prepared to explain where it came from. Large amounts that are deposited all at once or quite often are flagged and LE can get involved. This is because the bank knows how often you deposit money and a large deposit of money can be seen as suspicious. Even small amounts every so often can be seen as suspicious as the bank will not know how the money is obtained and will assume it is from criminal activity most of the time. Now the dealer is faced with the problem of keeping the cash around his house which could be used as evidence if he was ever caught or he has to try and find a way to make it look like he obtained the money from a legit source. Getting back to the DNM's the same thing applies. Vendors have to make it look like the money came from a legitimate source. They can do this in a number of ways which I will not delve into but the ultimate goal is to make it seem that you obtained the money legally. The bank are aware of what bitcoin is and you have to be careful in the way to cash out your profit.
Never transfer straight to/from a market and a service like coinbase that's tied to your real name. If you don't have a good idea of this read up more but the simplest way is to purchase or sell bitcoin on a place like localbitcoins.com (of course don't use your real name on an account) and use either western union with no ID (secret question/answer instead) or cash deposits into the BTC seller's bank account. Furthermore you should always use a tumbler as the first stop of your coin between the market (withdraw and deposit) and your legit wallet. These tumblers pool all the coin from thousands of users into various wallets and send you coin back from a different wallet, this makes it so the coins cannot be traced via a look at the blockchain.
Telling Somebody/Keep Your Mouth Shut
Another big way vendors get caught. They could tell somebody who they think they can trust and the next thing they know they are busted because they opened their mouth. One of the beauties of the DNM's is it allows vendors to stay anonymous. IRL dealers suffer from the fact that if they cut someone off or they upset a customer it is easy for them to anonymously tip LE and get the dealer busted. Same thing applies to anyone who knows you are an online vendor. LE will address the claim that is made and it will be easy to catch you off guard. Never tell anyone of your online activities involving the DNM's IMHO this also applies if you are just a customer. The only person you can always trust us yourself and telling someone is one of the easiest ways to get caught.
As you probably know when you first find out about being able to get any drug you want delivered in a day or two to your door (even super rare stuff or stuff at good prices) its AWESOME! Some of your retard friends will think so too and they'll tell their retard friends and soon you'll be known as that guy who has the hookup coming from out of state/country which is something the police like to hear about.
It was once said: Welcome to the dope game, this is where we don't play, leave your friends with no brains…
Real information linked to you
You would be surprised how many vendors accidentally link their DNM activity to themselves. It can be done in a number of ways. Take the recent busts for example and how the owner of SR2 used his real email address on the hosting company for his site. Stupid. Never use any real information that can link your DNM activity to you. Use both a fake name and return address when sending out packages. Lets say you use a fake address but your real name. The chances are the fake address is close by but how hard would it be for LE to find you with your real name if you use an address in your local area? Not very hard. Never link anything to your real identity. EVER.
Evidence in your home
Even if you do everything you can to avoid possible detection but LE somehow find out you are a vendor. Chances are they have absolutely nothing until they find solid evidence in your home. It is a very stupid mistake to make to keep all of your vending equipment/drugs in a place where they are easily found. Always keep them well hidden and make sure you do this every time you have finished getting everything ready for shipping. Find a very concealed way to hide everything including the packages ready to be sent when you are done. Never leave anything out in your home that could link you to your online vending activities.
This normally happens with poor stealth. If you are a regular you are bound to build a relationship with your post office but they would not think twice about dobbing you in. Let's say the package smells obvious to begin with. If it makes it to the postal system and gets caught then they have the return address your gave them to work from but if it gets caught at the post office they can easily call the police and identify that you gave them the package with CCTV. This is why a lot of people choose to use the post boxes but this is not always an option and is also not always guaranteed to maintain your anonymity.. Always make sure your stealth is 100% perfect.
Something that is easy to forget. IMHO you should always wear gloves while dealing with any package. If they fail to catch you out on anything else they will be able to identify your finger prints were on the package. Take precautions to keep your fingerprints off the package.
Evidence on computer
They can easily catch you out with unencrypted evidence on your computer. PGP keys, Bitcoin wallets and TOR to name a few. None of these are illegal to have on your machine but can easily link you to your vendor activities if LE are trying to do so. Strong encryption and TAILS can really help out here. Always keep incriminating evidence on your machine to an absolute minimum.
If you are vending then 100% of the time, as in always, access markets, wallets, etc. through a bootable TAILS install on a USB stick. This way nothing is saved to look at and you can easily dispose of your USB stick if need be leaving no traces of ever even using TOR let alone a darknet market at all.
When markets are seized it could compromise a vendor in a number of ways. Always remember strong PGP encryption and never disclose anything personal on a message. When a market is seized LE will go through all the information they can hoping to find something that can lead them to a possible vendor. If you have a pending order out there and your message is in plain text then voila, they just read your address and know who you are and what drugs you're buying/selling as well as when you're expecting a delivery. Sending ALL personal info and especially addresses encrypted with PGP is a must every time, its easy and will take you literally 15 extra seconds each time after you figure it out the first time. This is the difference between allowing the police to know your name and address alone with an incriminating record of the drugs you have bought/sold and them viewing a worthless block of garbled letters.
I hope this can at least help a few of you out there by showing just how easy it is to make a simple mistake which could lead to LE involvement. Always use your common sense.
Remember this is your freedom we're talking about, its illegal to be doing drug deals, especially through a federal service (USPS) across state and national borders. You'll feel real stupid sitting in Federal prison for years because you were too lazy to follow these simple and painless OPSEC/Operational security measures when you're buying or selling drugs on darknet markets or deepweb sites such as Dream Market!