Counterfeiting On The Darknet: USD4U
USD4U
While traversing the darknets, as one does today, I came across a constellation of sites hawking counterfeit currency, particularly American twenty and hundred dollar bills. It is not uncommon to see counterfeit currency on offer on the darknet markets but in this case these were stand alone sites by a proud group of counterfeiters offering on the face of it, almost superbill quality notes. Stuff that has not been seen in a while since the take down of the DPRK’s efforts to not only manufacture currency for their own purposes, but also to potentially be used in a larger scheme of currency destabilization.
The notes in this case however, aren’t the old hundred dollar notes of yesterday but instead today’s counterfeit protected notes that the US rolled out in 2013 to the masses. With color as well as new inks that fluoresce, have metal in them, and hidden tech to stop fakes, the new bills were supposed to be incredibly hard to create. Well, it seems that these guys on the darknet have done a pretty good job at creating a passable facsimile as seen below;
Their hundo
Hundo front with markings of checking points/features
Their hundo back
Real hundo
Quality
That’s right kids, this can pass the UV light test, it has the fiber/metal strip, it has the holographs, and has the look of a real bill. In fact I have at least one alleged user who has passed the hundo’s at a local establishment without issue. Of course it is common practice to use smaller bills than this, some devil may care types will buy the hundreds and pass them in gas stations and other low end brick and mortar stores in hopes that the teller’s there will not know the difference nor have the technology to test the bill for authenticity.
So someone has been passing these already if you are to believe the Reddit post. I should think that it is quite possible and while I did not check out “mrexpat” to see if he is a shill, I know just by looking at the site and the language they use, they make a “quality” product. The site(s) are all by the same maker and or brand if you will. They call themselves USD4U and they are pretty brazen in their advertising including telling the client not to haggle with them, the price is the price! That price being as follows for varying denominations and weights;
Printing
As you can see they offer anything from ten dollar bills all the way up to the hundred dollar bills seen at the top. They are dealing only in Bitcoin and they offer FREE SHIPPING with an order over $250.00 and over. Of course now if you look at the prices they are pretty cheap for the main part. However, in larger operations it is not by the note but by the pound (weight) that you buy bills in with serious folks. These guys have the niceties as well of an “affiliate” program and an earnings program, which I am not sure exactly how that would work but ok…
Another interesting note is that they say they ship from the US, which makes me wonder a bit about these guys. For the most part my digging has shown that in their photos the players are Asian but that could just mean it is a Tong or another group doing this. They certainly though spent big bucks on the printing process and seem to be using quality materials as well to make these notes… So is this just a sideline or what? The brazen behaviour I alluded to above is that they have taken photo’s of their Flexo Printer that they “heavily modded” in order to make these bills.
For those not in the know, and do not want to go read more in the link above, a “Flexographic Printer” is a specialized piece of machinery that can print things on many types of material with rubber “plates” that can carry high rez scans. So, if you ever had print shop back in the day (as I did) you make a flexible plate and then run that on your media with the flexo and you can get crisp images with texture. Texture is a key here, see, when you just laser print a note you don’t have the right feel and you may not be able to run high fiber content paper through an inkjet in some cases. No, these are printed on cotton stock and have raised ink feel to them as well like the real deal.
(I know what you’re thinking here.. “What has he been up to?” No, I am not a counterfeiter… No really!.. Ask me at DEFCON and buy me a drink maybe I will tell you more…)
This modded rig as they call it can run jobs fast, multi color, and handle the iridescent ink that they need to make a passable note. I would have to really get my hands on a note to say more about the quality of the paper and the strip and all so I will just leave it there but were one to pass one of these at the local gas-n-sip without the little pen check, I am pretty sure you would walk away with change.
A Little Investigation
Anyway, looking at this site I decided to dig a bit and see if they done fucked up somewhere on the OPSEC. I ganked the sites down using WGET Torrify and checked for metadata etc. What I found was pretty much nothing to write home about. They have done a good job at securing the site and using ToR to obfuscate who they are but those photo’s just had me thinking they must have left some clues there. So I took a closer look at them.
Asian Man 1
Asian Man 2
Asian Man 3
6 1380684725
So yeah, Asians unloading the Flexo. Are they the owners? Are they minions? I really cannot say, but I will say that the Asian gangs have been known to be involved with this activity in the past as well as DPRK. Slick professional operations like this means to me that these guys have been at this for a while. Their versatility in making old and new bills, the use of the Flexo and the right materials… It all leads me to believe they are pro’s…
Or… It’s a trap!
The images though had no metadata to use so we have to go on the IMINT itself. The biggest tell to me is the number on the forklift. Someone may be able to get a lock on where this thing is sitting because they unloaded it in these photos in some industrial area and that machine did the work. A long shot really but hey, it is what it is right? That’s all the attribution I am willing to state here on this. Maybe Los Feds (USSS) can do a better job?
So What’s It All Mean?
Welp, I for one an impressed with what I see here. From a forgery perspective these guys have a legit *cough* act here. Yes yes yes, criminal but interesting! So many places on the darknet are just poorly put together craptastic sites with a barker at the front door yelling “BUY SHIT!” This though is more subtle, straight forward, in a crooked way, and merits the attention of both me and perhaps the federal authorities that handle such things as fake currency. They must be doing a good job because they also claim at the top to look out for a cloned site as well! Imitation being the most sincere form of flattery is it?
I also think it very telling that they offer no bitcoin wallet on the site as well. This to me says that they are being careful with the OPSEC, and frankly that is a smart play. You have to order with your email address and they will contact you. It could all just be a scam… It could be a sting operation… I am not going to go any further to find out though. I just surf the darkest parts of the darknets and chortle.
Oh darknet.. I lurv you!
Dr. K.
Krypt3ia 
Leave a Reply