There are plenty of unscrupulous individuals on the dark web looking to profit from unsuspecting users. Sometimes, however, certain users do get the better of these criminals.
This seems to be the case for a notorious phisher known as “Phishkingz,” who recently got doxxed.
Doxxing is the practice of researching and publishing private information about an individual or organization.
In this case, online reports reveal that a hacker targeted Phishkingz over the past week and supposedly uncovered his true identity.
The hacker, who goes by the name “InsanityDRM,” announced his plans to dox Phishkingz on Reddit.
The person using the pseudonym Phishkingz is behind major phishing campaigns on the dark web. His main operations are based on tricking users into handing out their usernames and passwords.
Phishkingz achieves this through a network of false dark web marketplaces that have been designed to imitate the actual sites. When unsuspecting users log into the markets, their login credentials are sent to Phishkingz.
He then logs into their accounts and attempts to steal the users’ Bitcoins.
Phishkingz has gained notoriety among those in the dark web community largely because he readily announces his exploits. He is known for taunting his victims on forums including Reddit.
He also takes part in interviews with media outlets, wherein he openly brags about his phishing activities.
During one interview, he claimed to be dominating the phishing domain on the dark web. This assertion was based on his annual returns from his elaborate scheme.
He claimed to have made more than $1 million over the past year targeting users from AlphaBay, which was seized by law enforcement agencies earlier this year.
Phishkingz went on to reveal quite a bit of information regarding his campaign, including his phishing links. This seems to have played a role in his doxxing.
Hacker InsanityDRM stated that he targeted Phishkingz following his constant bragging on the TradeRoute subreddit.
TradeRoute is a dark web market that also went offline recently. InsanityDRM was able to pull off the doxx by following the online clues left by Phishkingz during his bragging activities.
The aforementioned interview with the press proved to be the first hunting grounds. Phishkingz stated at the time that he had managed to hack a dark web market known as Trishula.
Insanity DRM proceeded to hack this site and managed to obtain Phishkingz’s login credentials including his password, which was the name of a football club plus a number.
A database search of the dark web marketplace confirmed that the password InsanityDRM claimed to have obtained was indeed the one being used by Phishkingz. The hacker stated that Phishkingz also uses the passwords for his Reddit and Jabber accounts.
InsanityDRM got in touch with journalists via Phishkingz’s account, proving he had access.
The hacker searched for individuals using that password in hacked databases. He matched the password to a person conducting credit card fraud who was registered on a number of sites.
The person was using what appeared to be a personal email address. InsanityDRM was able to tie this information to a Facebook account, which used the said passwords a few years back.
With this information, he attempted to extort Phishkingz for approximately $10,000. His attempt was unsuccessful.
The individual believed to be behind the pseudonym Phishkingz has since tightened his privacy on Facebook. According to InsanityDRM, Phishkingz could also be operating Onion.top.
This is a site that enables access to dark web markets without Tor.
InsanityDRM added that he had availed the information to authorities, which is most likely the Internal Revenue Service (IRS).
Following his doxxing of Phishkingz, an IRS cybercrime agent allegedly contacted InsanityDRM to ask about the information he had acquired. The IRS agent is yet to confirm any of the exchanges.
It would seem that the IRS has increased its involvement with the dark web.
The agency enlisted the services of a cybersecurity firm earlier this year to investigate the dark web.
It now appears to have its own cybercrime agents doing the same.
Law enforcement agencies have been known to go after people who scam dark web users. This is regardless of whether the hacked users are criminals or not.
Phishkingz’s next actions following this recent event is anyone’s guess. InsanityDRM is contemplating the possibility that he may withdraw into the shadows.