Empire Market Launch

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

We would like to announce the launch of our new market, Empire Market.

Our market is modeled after the late AlphaBay Market and has all of the
basic features you are familiar with: 2FA, trust levels, advanced
notification system, support system, exif data remover for listing images, and more.
We chose to use AlphaBay's UI because of its simplicity and user friendly traits.

We began working on this market since August of 2017 after AlphaBay went down.
For those of you who have used AlphaBay Market before; vending, deposits,
and the order purchase process is virtually identical. The UI may look the
same but we assure you every line of code is original and written from scratch,
utilizing the latest in server security and development platforms by a very skilled team.

PGP and 2FA
Only vendors are required to have a PGP key, but it is recommended that
everyone uses it for increased security.

Commission Rates & Vendor Bonds
Our commission rate is set at 4% and vendor accounts require a $100 bond
before selling. Vendors have the option to have their vendor bonds waived
if they are able to prove they are trusted vendors on other marketplaces.
To do so, simply open up a support ticket.

Primary Currency
With the uncertain future of Bitcoin and its fees, we have decided to use
Litecoin for the primary transaction currency.

Affiliate Program
Empire Market has an affiliate program where you can earn 20% of the commissions 
every time your referral purchases anything on the market.

Future Development (otherwise known as phase 2)
During phase 2, we will be implementing CC & Accounts Autoshops, Multisig,
and multiple currency additions. BTC, Bitcoin Cash,Monero, Ethereum, ZCash. 
Along with other feature suggestions by the community.

Support and customer service is very important to us. If you ever have
any questions or issues, do not hesitate to send in a support ticket.
We will answer it as quickly as possible.

Market URL: http://empiremktxgjovhm.onion/

v3 Market URL: hsqluhqe6dlfl7jaxulf7cfun6xt274btvnqvaorliem5j6sqjiwhdyd.onion/

Forums: http://empforumgfttfqnq.onion/

Market PGP Key: http://empiremktxgjovhm.onion/pgp.txt/

Our Subreddit: https://www.reddit.com/r/EmpireDNM/

We have put a lot of time and energy in breathing life back into what once
was AlphaBay, with a new name. Since the demise of many top darknet markets,
the darknet market scene appeared to be losing hope. Fear not. Hope is not lost.


Best regards!

-----BEGIN PGP SIGNATURE-----

iQJCBAEBAgAsBQJadQ7JJRxFbXBpcmVNYXJrZXQgPGVtcGlyZW1hcmtldEBub25l
LmNvbT4ACgkQkWAm9W6rgx40Cg//RKffcjdIrmIuTO2eopWBS//0nND2joZpU9wo
zcfIbxKcigF9de8B4A08e/+hbIBtdhmMxpWV8tqN14KwbLbR7Up0fkVyEipzNlYS
sl9Jg3EsX4uWwCW5w0xSXMvvC11dtFGtwZlswGElpJDQilRX8AtUYZcZAAk1+ky8
VdJlnaysVsFZG9rrVhmiK/LOXW0m9psEiCkYsEfmTfjXoizYv08xQxR8hJJ5uOVV
0e5Mdd3WA9zk4h24Wl8fM3t8oSAYlBMx8KPzuHfYF2+uiCEED6qKRq3kKPNhJiD+
jFl6kDxW4VGe25MHOMIZ6tvmj3VncjcP+648lzfE62OP0LOkMERmLW59Q+Ivt1d2
q2d8SgzyoC7Wgsl+b8beZ2bxvEqqGue81IunL9kQBjanITrCFQsYkuvcOnyYwNaR
vyAsJ/hI70RfmO3I2vdDsxBmCMoMrKwV7RjKFHNDrEgDXNcG0luvfUCyvjjWumSi
blRDauBLdEfjLqWxg4RhwKnYKNgyf3LvstfslIJxpS2Wvin+hLBgwHTUY2rIG386
F8TMmvJsLfzFxy8u7xeqFqvH9HIRin9PZKBsst3bfS6OSsW1qzsAiFUFYNOcK4cQ
ljshs6kp9CTph1FaN+ypLyP8pfPd45UhfRyoNHnSlL9DR/91ZiWc64DfX8rc0vus
Pew/cg4=
=Mlp8
-----END PGP SIGNATURE-----


Comments


[19 Points] penthat:

Such incompetence.

In less than 15 minutes after registering to this market I was able to easily get access to their full database of profiles, as well as some leaked system configuration (Server engine, its version and Operating system).

Basic error handling issues:

https://cdn1.imggmi.com/uploads/2018/2/4/80239348b6b59d46ac7a357aacf4c648-full.png

Configuration leak:

https://cdn1.imggmi.com/uploads/2018/2/4/2bd03c252aea00ff063db18518d7d219-full.png

There is no CSRF protection for forms related to funds withdrawal. This is a crucial security flaw.

To add an insult to injury, I managed to get access to all conversations sent between users.

Even tho there are barely any, but still this is a crazy security breach.

Here's the list of their current users as I grabbed.

Sydney

Administrator

Admin

DeSnake

Moderator

alpha02

DreadPirateRoberts

johndoe

NiggaIm300

Lorenzo

fixer

reqwa

alphabay

martin

elf

EmpireMarket

empire

Zeus

test121

DeepMeds

Billz226

penissmith

penisschmidt

FuckYourPlug

Moderation

T666

EmpireSupport

CustomerSupport

swisscheesecaveman

theturtleinasuit

TechnicalAdmin

fives

cookie

administrator

killuminati23

userunknown99

killphisher666

killuminati

PandaPro

onlooker

beta02a

Bitch

timtimtim

tesla450

midroach

fruitrockz

Drago

engineer

Uljanov0905

vladistar

DrunkDragon

fuckyou

kivley

BobTheDog

dadsadsa

rail

Bud

plasticSHOCKSm

PartySquadNL

thecat

supercanuck

CanadianConnect

Green

Spritex

mihilyf

onlooker

plaguedoctor

tripking

KingCookieMonster

In short, these guys are noobs when it comes to DN stuff. I'm sure if I spent more time I'd find much more vulnerabilities.

If you want to put your life in jeopardy, this would be a good place to start.


[10 Points] CockAutoBot:

Good news is I don’t think anyone will be Dick riding your market. Too embarrassing for the rider. CockBot thanks you. Makes my job easier.

  ___
 //  7
(_,_/\
 \    \
  \    \
  _\    \__
 (   \     )
  \___\___/  

Bleep bloop. I am a bot that finds and shames dick suckers and dick riders.


[7 Points] plague666doctor:

still have ptsd from other markets


[5 Points] SynisterSylar:

We began working on this market since August of 2017 after AlphaBay went down.

1000 man-hours of work and /u/penthat hacks you in 15 minutes. FBI and DEA are probably inbound


[4 Points] Intergalactic_Reborn:

I give these guys 1 month before things go south for them lol


[2 Points] Axaq:

Might not be reusing the name, but using the same UI is literally an attempt to ride off AlphaBay’s success. Put some time into establishing your own brand, this just seems like it’s the Agora Reloaded team back again, quite the coincidence that another one of these markets pops up immediately after AR closes...


[2 Points] trapstar873:

/u/hugbunter HACK IT! HACK IT! HACK IT!


[1 Points] GurningDownTheHouse:

Hug Bunter just went from six to midnight.


[1 Points] dnm_vet_newacct:

OH GREAT! I will gladly hurry up and register, send money real quick make an order and find out that this new site is going to EXIT that quick again......FUCK NO


[1 Points] RossFromFriends_:

You know one of the things people complained about most with Alpha Bay was its UI, right? it looks comfertably familiar though, so good luck with it. I wish you'd gone all the way and called it AlphaBay 2.0, just to let the man know that he cant keep us down for long. Why Litecoin and not Monero or Dash? I wasnt aware LTC was known as an anon coin, its fast at least.


[1 Points] Al1ce1nunderland:

https://www.reddit.com/r/DarkNetMarkets/comments/7fzrne/critical_bug_on_aero_mods_get_in_touch_immediately/dqj07my/?context=3

apparently not


[1 Points] THE6THSENSE:

lets stop “modeling” markets off of other markets and create your own unique ones...


[1 Points] Vendor_WasabiSauced:

I give them credit for putting the effort in and making a new DNM.. Maybe they're novice when it comes to the dev side, but all it takes is practice to get better at that kind of thing. I think this market has potential and I'm going to be following closely.

Keep the comments coming too everyone.


[1 Points] None:

[removed]


[-2 Points] PenTestCert:

EmpireMarket! You do not know us or awares of our testing. We are independent pen testers who test markets and we have the upmost strict criteria on all markets. We have come to many conclusions and our team was falling off our chairs at how strong your security is. We rate your security as LIQR LVL 5 compliance, which is only often seen of the highest security programmes and institutions.

We are independent testers EmpireMarket and you did not even know we were testing. This is how we are valid for others because they know we run the strictest tests and unbiased results.

The verdict report:

We are glad to publish our conclusions so everyone can rest easy with your market. We would like to be in contact with you to give us some insights on how you built something so safe and strong. We need more professionals like yourself. We are still stunned and impressed by your skills and the security. Your users will greatly benefit from your service!

PenTesters Anonymous