Pretty Good Pivot: Examining the PGP Key Pair Creation Habits of Dark Net Vendors

On the dark net reputation is currency and operational security is necessary for long-term survival. Vendors selling hacking tools, stolen data, and cracking services swear by Pretty Good Privacy (PGP) encryption to verify their identity while also protecting correspondence with potential buyers. But what if one of the tools they trust the most is also what eventually gets them burned?

Despite years of busts, leaks, and veteran "OPSEC guides", dark net vendors continue to make the same basic mistakes when creating PGP key pairs, mistakes that OSINT investigators can readily exploit.

This talk is the result of an investigation into over 700 dark net vendor profiles across ten dark net markets (DNMs) to take a closer look at the PGP key pair creation habits of DNM vendors and will cover:

An overview of PGP encryption and its value both to dark net vendors as well as OSINT investigators

Example investigative methodology for analyzing PGP public keys at scale

Case examples that showcase common mistakes DNM vendors make when creating their PGP key pairs and the potential consequences of doing so