There is one thing you have to be aware of when you decide to participate in the darknet—it is not uncommon to get hacked, revealed or exposed.
This is why we support the best-practice of “Safety First.” Even if you do everything possible in your power to protect yourself and stay safe while browsing the dark web, you have to understand that some things do not depend on you.
Frequently, the market you are visiting is subject to a hack due to lax security.
For the given reasons, we highly recommend doing research about the marketplace you are going to be a part of, whether as a vendor or a buyer. Be very cautious and informed before taking any further actions.
But don’t get us wrong; sometimes even the most stable and secure darknet markets do get hacked. This only confirms the theory that nothing is ever safe on the dark web.
With that being said, we will proceed to do an overview of the latest hack to hit this large hidden web—Odyssey Market is officially down.
According to frequent users of darknet markets, since its very beginning Odyssey Market has been somewhat questionable.
It was very obvious to all visitors that it was an amateur creation in both network and development, and the management and security of the site was not much different.
After looking into the factors dictating the market’s performance, Reddit user HugBunter came across several findings that offer insight into the recent hack. These findings confirm users’ concerns about the site.
Site-wide, Odyssey Market is completely open to all types of XSS injections. Here, “site-wide” refers to the navigation and linking structure that is expanded across the complete website.
Examples of these attack vectors are: Profile Text, PM’s, PGP Keys, Product Details, Support Tickers, etc.
Odyssey Market has not done a good job correctly sanitizing the website. In fact, even the sanitized features are not sanitized fully.
Another concern was that the server was rooted in less than half an hour. A third party gained complete root access within 15 minutes.
During this time, Odyssey Market allowed complete access to the full database and the backups of it. Therefore, it was not an impossible thing to download all the data therein.
HugBunter also pointed out that in this marketplace, it was not difficult to find information about the admin. This is one of the most dangerous mistakes that can occur on the darknet.
In general, Odyssey Market had a lot of extensive security failures. The marketplace was not a safe environment nor a place you would like to visit while browsing the network.
Following to these circumstantial facts, the Odyssey Market’s shutdown was predictable as well as understandable. At this point, it is closed and off the Tor Browser.
It is advised that users be cautious when ordering from Odyssey Market in the future. As evidence presented by HugBunter shows, the site can easily be hacked by any individual or group.
As is known, being revealed on the darknet poses a risk to yourself and to everyone you have come into contact with.
So—be very careful and do your research before joining a market that may ultimately expose your identity in a hack.