In darknet markets, a drop is an address used by the buyer of a good or service to receive a product.
Since what is ordered can either be tangible or intangible, it is essential for the user to analyze their actions and consider some crucial factors.
Types of Drops
Drops are classified into two main categories—physical and digital. The physical drops are used to collect tangible products that are bought of darknet markets, whereas the digital drops are used to receive digital products.
The dark web offers a wide range of goods which must be physically delivered to the address of the buyer. Starting from drugs, which are the most sought-after products on the dark web, to counterfeit items and weapons, when one buys either of these, it is their hope that they will receive them.
However, this is not always the case. The most notable reasons why products may not be delivered to the buyer are: fraud by a vendor, seizure of the products by customs or police and, last but not least, the goods getting lost in transit.
In this case, we take a look at how the physical address may compromise the security of an individual. In certain cases, this may lead to the arrest of the buyer of the goods.
In a recent incident, a Dream Market user named only-gone-and-reddit posted in the popular DarkNetMarkets subreddit (which was banned last week) stating that police had arrived at his drop address.
See screenshot below.
In the post, he says how he never received what he ordered but instead got a “love letter” late last year after his shipment ordered from a Dream Market vendor was seized. Since then, he has opted not to order anything from the vendor, who ships his goods from the Netherlands.
According to the user, this is the first time he has experienced such issues since he started ordering products from the dark web about a year ago.
Since the same drop was being used by his colleague, he notified him of what had transpired and told him not to order from abroad but instead keep orders domestic.
But for one reason or the other, his workmate never followed the advice and ended up ordering from the Netherlands anyway.
In early January, the user received a similar “love letter.” But as expected, and as was the case last year, the order never arrived.
Upon receiving the letter, the user got a bit worried and wondered what would happen next since he does not leave in the location where the goods were to be delivered.
What followed was a visit by police, who came to inquire the details of the receiver and further went on to say that some goods belonging to him have been seized at the Royal Mail Centre and it was necessary they get access to him.
But when questioned by the police, the person who resides at the user’s drop address said that he was not aware of anyone going with the name.
In typical cases, in order to stay safe, darknet users employ a variety of tactics when receiving good obtained through dubious means. Among them is selecting a drop which may not directly implicate them.
Referring to the case of the Reddit user above, he used a physical address which is not his actual address. By doing so, he was able to divert investigations that would have otherwise directly implicated him.
Apart from using another person’s details, buyers will often use an open postal address with fake information, which they then use to receive their products.
In another instance, in what would be a small mistake turning out to become a costly blunder, another buyer of drugs used his actual address to receive Gorilla Glue (also known as GG), which is a form of drug readily available in darknet markets.
See screenshot below
Since the drug is illegal in the country, it ended up getting seized by law enforcement agencies in the region. Given the fact that the purchaser had used his real addresses, then it becomes easy for the police to catch up with him.
Drops for Digital Items
Drops used to receive digital products are known to carry lesser risks as compared to those that require physical addresses since most of the operations are done online, often beyond the direct reach of law enforcement agencies.
More so, the individuals engaging in the vice will employ the use of anonymity tools, thus leaving little or no trace.
Products that fall under this category include: credit/debit cards, PayPal transfers, bank logins, scans, data dumps and, last but not least, tutorials that may cover strategies for cashing out and hacking.
Cashing out involves using money transfer platforms, betting sites, cryptocurrency exchanges and other platforms to illegally acquire money.
Money transfer platforms are a popular hub for carders. When dealing with these, the buyer of the transfer should take some factors into consideration to ensure that the operation is successful.
With money transfer platforms, the drop is the email address registered on the particular account. It could be PayPal, Skrill, Neteller or any online money transfer company that is frequently used by carders to cash out.
Now, depending on the site, a variety of factors will be required before an individual can consider using the email address registered as a drop. Among them is the age of the account, the number of transactions and whether the account is verified.
A point to note: aged and verified accounts with a high volume of transactions are preferred as drops because the probability of success is much higher as compared to those that are new and not verified, which may have zero probability.
Drops can also be bank accounts, especially when funds have been fraudulently transferred from one financial institution to the other.
Given the fact that there are darknet vendors who have put bank logins for sale on the dark web, then it is for sure that the practice is effective for some.
A point to note is that digital products are mostly purchased by cybercriminals. These individuals have learned from numerous attempts of trial and error to perfect the art of carding, enabling them to record high success rates.
Then, given the fact that some relevant tutorials are readily available on the dark web, it simplifies a whole lot of factors for the fraudsters involved. But what matters is the skill and the level of experience.
The main challenge with virtual drops when dealing with money transfer platforms is that when the operation has failed, the account—whether it is on a monetary transfer platform or bank account—may face limitations rendering it useless.
And if the process is successful, then the drop might be negated, leading to negative balances. It all depends on the type of transfers involved.
For money transfer platforms and PayPal to be specific, vendors in darknet markets have realized that carders are in need of these types of drops.
So, what they do is open PayPal accounts, verify them and slowly start sending and receiving “clean” funds with them over time in a bid to age them. Afterward, they dispose them to those seeking to cash out via PayPal.
They will also often sell hacked PayPal accounts to those looking to buy the drops. But, notably, this comes with its challenges due to security barriers such as two-factor authentication and proxies. So, if one does not know how to set up a proxy, then the operation is bound to fail.