because if he's not lying about everything, which is seems like he isn't, then we need people like him to expose insecure marketplaces. It doesn't take a fucking PHD in rocket science to figure out why we need this. We're hurling insults his way, yet we all post in a community that will literally, tangibly BENEFIT from his actions. This is absolutely fucking ridiculous and makes everyone on this subreddit seem extremely ignorant. Disagree with his methods? Sure, that's understandable. Think about it though, I mean, reaaallllyyyy think about it. If the Havana/Absolem crew had everything on the up and up, this sort of drama wouldn't occur in the first place. I absolutely appreciate what /u/hacks4what is doing, and I think we need to take a step back as a community and realize that these sorts of dirty tactics are sometimes necessary in the pursuit of actual security, as far as DNMs are concerned. We're all criminals here, so let's not act like we're on some sort of moral high ground compared to someone who is just trying to secure their pay for work that they have already completed. I could be COMPLETELY wrong here, but if you read past all the drama and bullshit, it seems like there is a lot of truth to the whole situation.
We never hired him as a security consultant. As we have stated before we paid him for stopping his initial attack and letting us know what was causing the vulnerability. We owe him no further bitcoins because we never hired him to do anything at all. As soon as he moved from DOS'ing to extortion and threatening doxxing, his contributions to the community, which are debatable at best, ended. I have not had a lot to say in this matter because it just seems to make it worse. So yes, Absolem and Havana have, for the time being, gone back to invite only and added captcha requirements to send messages and added other restrictions to the functionality of the market stop him from disabling the market. How is that a contribution? He'll probably continue with this for a while. We fully expect it. It's not that we don't have money to pay him. We just refuse to pay extortion. It will just encourage him and people like him need to be discouraged, not encouraged. We will never pay extortion.
And for the record, the "email address" he claimed to have was an ID for OTR encrypted chat over Tor. It may look like an email address, but it isn't one. You can create ID's like that instantly with no personally identifiable information with Pidgin for XMPP encrypted chat. I never used it for email and never used it without Tor and the off-the-record Pidgin plug-in. He has nothing. Don't encourage him.