At the end of February when I wrote about “Assassination scams, the next generation”, it was only the second time I’d bothered to tear down an individual assassination site scam. Others have been “Whatever happened to the crowd sourced assassination marketplace?” with the overview taking place in “Internet assassination fun-times!”.

Featured: Me at work

The “Besa Mafia” site was distinct from most previous such attempts in that it looked like more than 5 minutes had been spent on web design, and that a little effort had been spent in trying to give it a kind of legitimacy like a real darknet market might have. After presumably all that effort had been put in to building such a site, the proprietors were unhappy for me to dismiss it as a scam so shortly after launch — this might affect the numbers of bitcoins they can scam from suckers!

But then the scammers find my blog and email me.

Warning, full correspondence follows. Summaries are interspersed and conclusions at the end.

Helo, I am one of the admins of the Besa Mafia website on deep web. I saw your blog at

http://pirate.london/2016/02/assassination-scams-the-next-generation/ Would it be possible for us to pay for a true and honest positive review? Our site is a marketplace and we have many registered gang members, we are not like the other hitmen sites where they only have one team. Let me know if we can prove to you that we are legit Yura Ps. No pgp key unless you ask for

There are only a limited amount of cases of such site owners doing open interviews, the major ones being Andy Greenberg talking with the owners of the Assassination Marketplace ( scam ), and author Eileen Ormsby chronicling her correspondence around about “Conversation with a hitman (or not)” around another ‘market’ scam site. Anyhow, waste not want not! What presumably the scammers didn’t realise is how much of an expert I am on darknet market commerce and as a result I thought I’d ask them some interesting questions.

Hi there I would be willing to provide an extended review of your site, but I have a number of questions. Imagery: Why are you using a stock photo of they guy with the rifle on your home page? Given it’s a stock photo, why have you pixelated parts of the face?

Anonymity is serious business

Why are you using random murder pictures on your front page? Why are all your ‘top hitmen’ using stock photos yet also censored? Technical: Why on your site do you recommend people buy bitcoins from various exchanges? All the darknet markets and community recommends use of tumblers in conjunction with use of local bitcoins for more anonymous purchases yet you don’t — why? Why do you incorrectly assert that Bitcoin ‘cannot be traced’? When you say you have a ‘a lot of good feedback and zero negative feedback’ why don’t you provide public listings of this feedback like a darknet market would? Why don’t you list a public key on your orders page so that as brokers you have deniability of the target information? Why are you not confirming to the darknet market model here? Why do you asset that people should ‘privacy eraser’ to keep their machine clean rather than e.g. Tails? Why is the website copyrighted from 2012 through to 2015 when the site has only been in existence since 2016? Why does your link to ‘Guns Depot’ link to Bitcoin Fog? Why is the number of registered members and jobs static at 703/768, but the number of ‘members’ online vary every few minutes between 19 and 26 members or so? Why do you use email at all rather than exclusively on-site messaging like the major markets do? Business model: Why do you assert that your use of Bitcoin and Tor is protection against the service being a scam? There are loads of bitcoin scam services out there, if anything this increases the likelyhood of being a scam. The only non-scam services have lengthy reputation and verification chains between markets, vendors, forums and review. Why do you believe that you can assert the legitimacy of your service to your prospective users when you don’t conforming to the standards in dark web commerce? With such obvious shilling such is in this Reddit thread, why shouldn’t people think all your reviews on blogs etc are all likewise manufactured?

https://www.reddit.com/r/onions/comments/3zqu26/is_besa_mafia_legit_or_a_scam_or_cops/ Why do you only ask for 1 BTC for hitmen sign ups rather than more, a referral system like the markets do? To show me knowledge of the the Albanian mafia’s operation, if you could reveal some currently undisclosed information about the 2006 DDOS attack on Albanian Airlines this would serve as a level of proof. If you could provide proof of solvency via e.g. Bitstamp proving funds you control, this would add to the legitimacy of the operation. What are you comments on the other dark web assassination sites out there? If you claim to be different through use of multi sig, why don’t you present any proof of this just a ledger of past transactions on the blockchain?

For anyone who didn’t follow all that, it can be summarised as ‘why are you not recommending darknet market best practices?’, ‘why is your website so shitty?’ and ‘your business model is obviously a scam’.

None the less they responded:

Hi, Thank you. I am happy to answer each of your questions > *Imagery:*

> Why are you using a stock photo of they guy with the rifle on your home page? No one can expect gang members and criminals to put their real pictures online. Most of our visitors know the images are for exemplication and are stock photos; it would be dumb to put really photos of our gang members; even with pixelated eyes police could still identify them by other characteristics



> Given it’s a stock photo, why have you pixelated parts of the face?

Since the time of me corresponding, they have removed the bios of their various alleged hit-persons with pixelated stock photography, I think they accepted this was ridiculous following my feedback.

Because it looks better, and suggest that we take care to protect identities of all members Some of our visitors know they are stock photos while other visitors don’t know or don’t care; pixelated eyes are a sign that we care about protecting identities > Why are you using random murder pictures on your front page? Becuase this is a dark marketplace about body harm, murder, beatings. Marketplaces that focus on drug dealing, have pictures with drugs, and sites focusing on guns have pictures with guns



> Why are all your ‘top hitmen’ using stock photos yet also censored? The top hitmen can upload any photos to their account; including avatars or cartoons. They are not crazy to upload their real photos, instead they upload stock photos that resemble best their character

All hit man photos are hit man-submitted! For reference, this is a picture of myself:

I accept bitcoin

> *Technical:*

> Why on your site do you recommend people buy bitcoins from various exchanges? We recomment trusted various exchangers, because our customers are vrom USA, Europe and other countries.



> All the darknet markets and community recommends use of tumblers in conjunction with use of local bitcoins for more anonymous purchases yet you don’t — why? Anyone using dark web knows they need to use bitcoin tumblers. We thought this is obvious and well known, we din’t added a special recommendation for it, but we will



> Why do you incorrectly assert that Bitcoin ‘cannot be traced’? Compared to other forms of payment, like credit cards, bank transvers, or paypal transactions, Bitcoin are much harder to trace. Used correctly and with Bitcoin mixers, Bitcoin are near impossible to trace.

Example: person A buy bitcoins into his account on coinbase.com .

He uses an bitcoin mixer, to send bitcoin from his wallet A -> bitcoin mixer -> Wallet B on other site, like localbitcoins , where he des not have a name, phone nor addres. He can access the second site on tor so that his IP will be hidden. If the Bitcoin mixer works correct; his Bitcoins in the Account B will be hard to trace to his account A



> When you say you have a ‘a lot of good feedback and zero negative feedback’ why don’t you provide public listings of this feedback like a darknet market would? There are really no stories about people being scammed about our service.

I mean particular stories, by a person explaining how he made account, how he sent bitcoins to escrow; how he ordered, and how he failed to receive service; together with screenshots of bitcoin transactions and his account internal service We did not scammed anyone. One could either assume that we are a new service with 0 customers, or that we really dont scam



> Why don’t you list a public key on your orders page so that as brokers you have deniability of the target information? As brokers we must process target information and assign it to nearby criminals. Only 20% of our orders are for murder, 80% of the orders are for beat up, set cars on fire, etc, general revenge



> Why are you not confirming to the darknet market model here? We are not a perfect dark net market, and we are improving our service each month



> Why do you asset that people should ‘privacy eraser’ to keep their machine clean rather than e.g. Tails? Tails is a linux distribution that is great; however some of our customers that order beating or minor things just use their windows laptop and tor to place orders.

We advice to use a privacy eraser to erase any files and cookies left on their normal browser when they searched for hire a killer or murder on deep web or whatever keywords they searched when they learned about us Little customers know how to downloa tails and how to setup a separate partition for it, or how to make a bootable usb stick or dvd with tails; they don’t bother if they order minor things



> Why is the website copyrighted from 2012 through to 2015 when the site has only been in existence since 2016? The website has been in existence before 2016, however it has been indexed by onion spiders in december 2015 . > Why does your link to ‘Guns Depot’ link to Bitcoin Fog? We wil correct that, is a broken link



> Why is the number of registered members and jobs static at 703/768, but the number of ‘members’ online vary every few minutes between 19 and 26 members or so? The number of registered members and jobs is not static. You are welcome to create several accounts to see how the number of the registered members increase with each account you create. You can place new orders, and you will see how the number of orders increase. The number of online members is sometime bigger sometimes smaller, as they login and out from the service. > Why do you use email at all rather than exclusively on-site messaging like the major markets do?

We do not use the email, except to send notifications when users have new messages. We do have on-site messaging like major markets, please create an account and you will see > *Business model:*

> Why do you assert that your use of Bitcoin and Tor is protection against the service being a scam? There are loads of bitcoin scam services out there, if anything this increases the likelyhood of being a scam. There is a feature of bitcoin called multi sig. CoinBase allows users to create wallets with multi sig, this is bassically a bitcoin wallet that has 2 or more keys on the bitcoin address. One key is given by the customer, the other key is given by the hitmen. We do accept external escrows like this, so the customer and hitmen can agree to use a multi sign escrow; customer put the funds there, and can not get it out without the other party agreement . It’s a true escrow that ensures neither the customer or the hitman are scammed. No 50% advances, no money for expenses, nothing upfront



> The only non-scam services have lengthy reputation and verification chains between markets, vendors, forums and review. Why do you believe that you can assert the legitimacy of your service to your prospective users when you don’t conforming to the standards in dark web commerce? Because when someone uses a wallet with multi sig feature, it can not be scammed. I dare anyone to scam me using a multi sig escrow wallet, if he succeeds, I will pay a bounty of 10 bitcoin . > With such obvious shilling such is in this Reddit thread, why shouldn’t people think all your reviews on blogs etc are all likewise manufactured?https://www.reddit.com/r/onions/comments/3zqu26/is_besa_mafia_legit_or_a_scam_or_cops/ We are paying freelancers from India and other countries to promote our dark marketplace. Unfortunattely they do not do a good job

I find it amusing they just admitted to their shilling here as it was so indefensible :D

> Why do you only ask for 1 BTC for hitmen sign ups rather than more, a referral system like the markets do? the 1 btc has been waived, we are accepting hitmen and crime members without a 1 btc; we are just giving them a test order that involves beating or car on fire; and it wil be paid if done the 1 btc requirement will be removed soon from the site



> To show me knowledge of the the Albanian mafia’s operation, if you could reveal some currently undisclosed information about the 2006 DDOS attack on Albanian Airlines this would serve as a level of proof. Our website is operated by an cyberteam with albanian and chechen members. We do not personally know many of the criminals that joined our service, and we do not know undisclosed information about the 2006 ddos attack However, if you want us to prove that we do business, give us the name, picture and addres of some enemy of yours, that you want to have beated up. We can send some local crime members do a beating to him, and you will know we have real members who do jobs. At least for beating and cars on fire. For murder, you would have to pay, trhough multi sig escrow, no free demonstrations



> If you could provide proof of solvency via e.g. Bitstamp proving funds you control, this would add to the legitimacy of the operation. We prefer to give you real world proof, by providing test services to anyone reviewing our site



> What are you comments on the other dark web assassination sites out there? Many other dark web assassinations site out there, are scams because:

- they ask 50% in bitcoin upfront

- they ask money for expenses and traveling, visas, etc

- they claim to have a team of 2–3 members Our site is different because:

- we ask no 50% advance

- we ask no money for expenses and traveling

- we have lots of members, and new members from all countries can join to provide services Even if we would be fake, if real members are joining to provide services, and if real customers place orders, they would do business.

With multi sig escrow, they can not ripp each other off

We just make 20% of all transactions, we charge crime members 20% of their income on our site You migth consider it more than on other dark net marketplaces, but that is our policy, because murder for hire and body harm is a much serious thing that drugs and guns ilegal selling We stand out from the other murder for hire sites because We think that no customer should not pay any $$ before, except through escrow This is the difference

> If you claim to be different through use of multi sig, why don’t you present any proof of this just a ledger of past transactions on the blockchain? Because we don’t want to disclose financial information; we don’t want 10 other murder for hire marketplaces pop up with multi sign escrow; we like the fact that we are the about only marketplace focusing on murder for hire and beating up

All other murder for hire are not marketplaces because they are not open to new members signup, and most of them are scams because they ask money without escrow

This bit is fantastic, they don’t want to disclose their business model in case competitors use it! Wait one second, I have to take a call…

With this being saith, we would be happy if you could give us the non-innocent or not-proven-scam status until you get customers who come with proof and report otherwise I know that we have lots of mispellings on the marketplace, i know that we can improve it a lot and we are open to suggestions, we will do our best to make it the best marketplace focusing on body harm revenge and property destruction We are also willing to pay some amount like 50$ montly for some banner ad on your site, if you are willing to sell advertising, and we might increase the amount in the future if you drives us good traffic When you get reports of customers being scammed, you can remove our add and publish reports Let me know

To my surprise, they attempted to counter every accusation with one of their own. These were useless of course, but as the mention of payment for advertising goes, they seem to think I run some sensationalist blog that is hungry for views and need the money. But of course I run a simply semi-sensationalist blog and don’t need the money. I counter:

Thanks for the details responses. I have follow up questions obviously. With regards to the imagery you say it’s obviously these are simply ‘for example’ — yet the youtube videos you link some of which you claim direct credit. How is a user supposed to understand one from the other when you use such mixed methodology? You suggest ‘any dark web user’ knows how to use tumblers — but this simply isn’t the case. Small amount of personal transactions for drugs don’t even require it practically. Given the explicit approach of some of your security advise, this is the exactly the sort of thing that is not implicit. I suggest you are specifically omitting this step as it slows the process whereby you can scam bitcoins from people. With regards to your requirement for email, I suggest you are recommending use of email to create a relatively user-friendly channel to engage in free-form communication better conductive to persuading someone to part with their money. An internal darknet market type structure prohibits this because it assumes the user will not choose a secure email service. You’re mischaracterizing the benefits of multi sig. Multi sig is to protect the transaction between the buyer, market and vendor. This assumes there can be 3-way communication and 2 parties must agree. When the hitman is hidden from the buyer, it is a 2 party situation between the buyer on one hand, and the market and hitman on the other hand. Everyone expects you are one and the same. You have to prove the independence of these parties in order for multi sig to have value. At the minimum level this must exist on the blockchain, but practically this involves forum and other independent online communication channels too. Regarding site promotion, it would take just one news story where someone testified that they had hired a hitman off the internet to legitimise the business. This has never, ever happened. Why should basic web promotion even be necessary? With one piece of proof you’d be flooded with customers and money. I have no interested in getting anyone beaten up, I do have an interest in proving or disproving the existence of hitmen services on the dark web. If you hold, or used to hold bitcoin in escrow the nature of the public ledger means there are a number of ways of proving this. I suggest you hold a negligible amount of bitcoin. When it comes to unproven business models on the dark web, all alleged services are scams until proven otherwise. I’ve suggested a number of ways to provide proof and you’ve been predictably evasive. No testimonial of scam is required, that’s not how the burden of proof works. Besides, I could create my own testimonial, or claim to have been contacted by someone with such a testimonial and this would be no proof either. Example of proofs I would accept:

* Independent proof of activity associated with your site such as multiple coorberating news reports and testimonials linking real life activity with the service * Evidence of a viable business model based on proven ideas such as this one building upon proven darknet commerce standards such at this: http://pirate.london/2015/11/whatever-happened-to-the-crowd-sourced-assassination-marketplace/ * Proof of financial solvency and turn over and associated metadata Individual experience is pretty much worthless.

They are getting pissed off at this point that I’m not buying their shit:

It is clear to me that many law enforcement employees are infiltrated on sites discussing deep web matters, to cause confusion, desinformation and mixed feelings between users. You have a set mind to proof that the site is a scam; and you try to use anything to prove it. That is not ok, one expert on deep web should just say: the site is not proven to either be legit nor a scam, treat it with cautions and don’t send any money except to some 3rd party escrow that you as customer reccommend, and not the site reccomend.

You hear that everyone, this is NOT OKAY.

That would be an obiective review; however because you belif is a scam without having an proof from customers; it makes you like like undercover law enforcement trying to scare users away from using such services



> With regards to the imagery you say it’s obviously these are simply ‘for example’ — yet the youtube videos you link some of which you claim direct credit. How is a user supposed to understand one from the other when you use such mixed methodology? Customers are smart enouch to tell stock photography like on the main page with real killers like those used on the video.The stock photography is clear a model; no tatoos good muscle and clear sharp pictureWe don’t insult the inteligence of the users saying ‘this is stock photo with model man’ ‘this is real killer caught on camera’

Alas they insult my intelligence :(

> You suggest ‘any dark web user’ knows how to use tumblers — but this simply isn’t the case. Small amount of personal transactions for drugs don’t even require it practically. Our customers don’t send the entire amounts of 12 Bitcoin to escrow wallet in one transaction, they first send a small transaction like 0.05 or 0.10 bitcoin to see if it goes through, then they send several transactions of amounts between 1–4 bitcoin, as they get it. they don’t get the entire amount in a single day; it takes them usually 2–3 days up to a week to get bitcointhey use bitcoin mixers without our recommendation



> I suggest you are specifically omitting this step as it slows the process whereby you can scam bitcoins from people. that is completely false; sigaint has a bitcoin mixer that send mixed coins from source wallet to destination wallet whiting 3 confirmations,

about 30 minutes we have a link to sigaint bitcoin mixer since a long time on our resources page but you pretend to not noticed it you don’t notice positive things, instead you notice negative things like broken links that is clear you have a mind set and intention to put a bad light on the site; and the question is why? if you would be a true dark net lover, you would help with suggestions to improve the site. but as you critic the site, it makes you look like a dark net hater , some law enforcement > With regards to your requirement for email, I suggest you are recommending use of email to create a relatively user-friendly channel to engage in free-form communication better conductive to persuading someone to part with their money. An internal darknet market type structure prohibits this because it assumes the user will not choose a secure email service. it assumes the user will not choose a secure email? it means it assumes the users are stupid?

I also assume scammers are stupid. :)

we have a reccomendation on our stay safe page and on our resources page

that they use new created email on sigaint



> You’re mischaracterizing the benefits of multi sig. Multi sig is to protect the transaction between the buyer, market and vendor. This assumes there can be 3-way communication and 2 parties must agree. When the hitman is hidden from the buyer, it is a 2 party situation between the buyer on one hand, and the market and hitman on the other hand. Everyone expects you are… The hitman is not hidden from the buyer. you are superficial and not testing our service I would suggest that you do an account, submit an order. After you submit an order, you will be contacted through messaging on the site about order details, price, etc. Not all orders are $5000 . Then you get a hitman on the site assigned to your job, and you can suggest an external escrow service . You choose an escrow with multi sig, two or three keys, one for you, one for hitmen, and one for us.



> one and the same. You have to prove the independence of these parties in order for multi sig to have value. At the minimum level this must exist on the blockchain, but practically this involves forum and other independent online communication channels too. even if we don’t prove the independence of these parties, multi sig still has value.

user can put a key for him, and we can put a key for the hitmen.

neither the user or us could not move the funds without the other key > Regarding site promotion, it would take just one news story where someone testified that they had hired a hitman off the internet to legitimise the business. This has never, ever happened. Why should basic web promotion even be necessary? With one piece of proof you’d be flooded with customers and money. really? this is really making you look childrish.

Do you really think someone ordering murder on deep web and having it done, would then testify on some news?!?! that would get police to his door, arest him, and give him life time. > I have no interested in getting anyone beaten up, I do have an interest in proving or disproving the existence of hitmen services on the dark web. If you hold, or used to hold bitcoin in escrow the nature of the public ledger means there are a number of ways of proving this. I suggest you hold a negligible amount of bitcoin. We are not going to disclose the amount of bitcoin; for several reasons:

1. if you see we hold a large amount of bitcoin, you might be tempted to launch your own hitmen for hire marketplace, and we don’t want that

2. if we prove we hold a large amount of bitcoin, and if you are law enforcement, you could get a high priority investigation and team come after us Usually law enforcement don’t have intereste into getting anyone beated up; because they can’t do illegal things. Any normal users have ennemies and would say, ok, get this name and addres and beat up this guy > When it comes to unproven business models on the dark web, all alleged services are scams until proven otherwise. As I explained before, no one can scam an user with multi sig wallet. If can buy anything from you, goods or service, and put bitcoin in multi sig wallet. If you can scam me, then i will pay you 10 times the amount with multi sig walets, reputation is zero. even a reputation service can do an exit scam; and even the most new service with no reputation can do business with multi sig



> I’ve suggested a number of ways to provide proof and you’ve been predictably evasive. No testimonial of scam is required, that’s not how the burden of proof works. Besides, I could create my own testimonial, or claim to have been contacted by someone… Thestimonials don’t have value. only value is given my a method to avoid ripping of, that is middle man wallet with two keys once you understand that, you will understand that this works > Example of proofs I would accept: > * Independent proof of activity associated with your site such as multiple coorberating news reports and testimonials linking real life activity with the service

> * Evidence of a viable business model based on proven ideas such as this one building upon proven darknet commerce standards such at this: http://pirate.london/2015/11/whatever-happened-to-the-crowd-sourced-assassination-marketplace/ come on , grow up. There can’t be evidence or testimonials given to masmedia, or the police will arrest them. News appear only when a service gets shut down; and police or fbi sends press release braging about it, about what great they were to seize the service, to justify the tax payers money into that they are doing something and not sleeping I tried to prove you to a certain degree that we are not a scam. We don’t want to prove that we are making a lot of money or not, we don’t want to prove that a lot of customers or not, we don’t want to prove anything else that the business can work We don’t want you to launch a similar site, and we don’t want you if you are law enforcement make requests for investigations and teams shuting site down We don’t speak good english and we are albanian and russians; we can beat you or your ennemies if you provide names or address, and we can kil as well. We are open to all criminal members around the usa and other countries and there are many crazy folks who signed up on our service Do whatever you need to do, but if you say our service is fake, we will say about you that you are an undercover cop with the purpose to confuse and desinform people on deep web Our arguments to sustain this is that

1. you refused our advertisment, normaly any person wants to make money and accept advertisments, if $50 was too litle you could say hey this is too little, but i put up an ad about you for $100 or $200 or whatever per month

2. you refused our proof of beating your ennemiy, again police don’t do illegal things

3. you refuse the logical argument of bitcoin with multi sig, and you are asking for us to show a large volume of transactions; probably to justify request to your law enforcement superiours for an expensive investiation I would suggest you to remain desguised as a deep web lover; and be neutral to our website until satisfied or disatisfied customer start braging on complaining about us Unless you do that, we will pay some cheap freelancers to fill articles and submit posts and comments claiming you are undercover cop; with a bunch of reasons and logic, and we wil search for other posts and reviews where you discourage people from using deep web; we wil claim your purpose is to discourage people and you would not look well into your superiours eyes take care and be well

Alas, my undercover law enforcement career is over before it even began. Follow up emails talk about how as a cop I ‘spend most of my time in an office’ and am ‘too yellow to go in the field’.

In conclusion, if you’re going to scam people, you’re probably best doing something low-effort like phishing onion urls or similar, because the effort to put into a more sophisticated scam site can be easily undone via a simple blogger’s review.

For some of the harsher language used in the final correspondence, I leave you with this song from Flight of the Concords, because bloggers have feelings too.