FlagThis

Abstract

This presentation demonstrates how investigators can leverage PGP (Pretty Good Privacy) public key metadata as a high-value pivot point for unmasking darknet market vendors. Despite the use of encryption, many vendors commit critical operational security (OpSec) errors by including identifiable information—such as names and email addresses—within the optional fields of their PGP key pairs. Through an automated analysis of over 700 vendor profiles, the speaker illustrates how correlating PGP metadata with historical data breaches, WHOIS records, and social media activity can lead to successful real-world attribution.