Versus Market was hacked a few days ago, with the admin taking the market offline just a few hours after the hack was published. The admin of Versus Market has been quiet and did not publish any thing about why the market was taken down and when it is coming back online, until now.
On a post under the title “Well… That’s All Folks!” (similar title to his previous post a few weeks ago where he announced that Versus Market goes invite only), the admin has published he has taken the market offline to check what the hack was about.
The markets admin claims that the hack is of a read only copy of the markets status 6 months ago, and that there might have been an ip leak of a server that he used for the last month.
Facing those finding, the admin says he had 2 choices – either fix the issue and continue with the market or shut it down. He choose to shut down the market. Vendors will get a working link to get their funds back without having to wait 90 days for the automatic refund.
Versus Market was one of the longest running darknet markets around, with it being over 3 years old, it took a long time for the markets to rise to the top, and only when Dark0de Market has exit scam following by World Market did Versus Market become the largerst darknet market.
With Versus Market gone, AlphaBay is now officially the largest darknet market (once again).
Versus Market admin full statment:
Dear Community,
There is no doubt that there has been a lot of concern and uncertainty regarding Versus in the last few days. Most of you that have come to know us have rightfully assumed that our silence has been spent working behind the scenes to evaluate the reality of the proposed vulnerability. After an in-depth assessment, we did identify a vulnerability which allowed read-only access to a 6+ month old copy of the database as well as a potential ip leak of a single server we used for less than 30 days. We take any and every vulnerability extremely seriously but we do think that its important to contend a number of the claims that were made about us. Specifically of importance: there was no server pwn and users/vendors have nothing to worry about as long as standard and basic opsec practices have been utilized (for example, PGP encryption)
In many ways, we are glad to see the community coming together to improve everyone's security, this was our dream from the beginning with Versus, though we will say that there was a clear agenda behind the way this was originally handled, but we leave you to draw your own conclusions
Once we identified the vulnerability, we were posed with a fork in the road, to rebuild and come back stronger (as we had done before) or to gracefully retire. After much consideration, we have decided on the latter. We built Versus from scratch and ran for 3 years. We built a community and even became the #1 DNM when we never intended for that to be the goal. At a certain point, there is no further way up to go, only down, and in this business it is best to not make decisions out of pride. While we are not ending on the note that we would have liked, we hope that the truth about the actual scope of the vulnerability, combined with the impact we have had on the community, leaves users remembering Versus fondly for years to come. Versus Market has officially retired and we thank you for your support and being part of something that hopefully defined the future of DNM's.
For all our vendor:
We will soon publish a link where you guys can get your transactions without the locktime. No need to wait 90 days.
It was a good run and I would like to thank you all.
All the best,
William Gibson