FBI Take Down Dark Web Drugs Traders

An international law enforcement effort has brought down two of the dark web’s largest marketplaces, AlphaBay and Hansa Market.

According to a Europol announcement, AlphaBay hosted roughly $1 billion in transactions since its founding in 2014, primarily focused on drugs and fraudulent IDs. At the time of its takedown, it reached over 200,000 users and 40,000 vendors, with nearly $4 million in bitcoin stored in escrow wallets on the site.

“This is one of the most important criminal investigations of this entire year,” said Attorney General Sessions at a press briefing accompanying the announcement. “I believe that because of this operation, people around the world are safer from the threat of identity fraud and malware, and safer from deadly drugs.”

As hidden services, both AlphaBay and Hansa were accessible only through the Tor network, presenting a significant challenge to law enforcement agents hoping to seize the host servers. It’s still unclear how authorities were able to locate the servers or site administrators, but it appears to have been done without compromising the underlying protections of Tor.

While this marks the first official Department of Justice statement on the matter, the AlphaBay takedown has been the subject of rumors for weeks. AlphaBay’s site went down around midnight on July 4th, but the page simply timed out rather than showing the official seizure notice that has accompanied previous marketplace takedowns.

That led to some speculation that the owners of the site had performed an exit scheme, until a Wall Street Journal report the following week indicated the site had been taken offline by an international law enforcement effort, citing sources familiar with the matter.

At roughly the same time that the site disappeared, Canadian national Alexander Cazes was arrested by Thai authorities on behalf of US law enforcement. He was found dead in his cell the following week. This announcement confirms that Cazes was arrested for his role in creating and maintaining AlphaBay, although the circumstances of his death remain unclear.

The indictment also involves the seizure of significant assets from Cazes, who appears to have grown quite wealthy from AlphaBay. A seizure document lists over $5 million in Bitcoin, $1.8 million in Ethereum, and $760,000 in Zcash, in addition to conventional bank accounts of unknown value. The government also seized a 2013 Lamborghini Aventador, a Porsche Panamera S, a BMW motorcycle, and a Mini Cooper allegedly owned by Cazes, along with real estate properties in Bangkok, Phuket, and Cyprus.

Hansa Market remained online in the aftermath of the takedown, in what now appears to be a coordinated strategy by law enforcement. According to Europol, Hansa saw an eightfold increase in users after the disappearance of AlphaBay, allowing authorities to gather significant information about the market’s customer base. The agency claims to have collected 10,000 addresses of European Hansa customers over the course of the investigation.

Notably, the announcement was also marred by significant technical issues. The US Department of Justice intended to announce the takedown in a live stream at justice.gov/live, but the morning of the announcement, the site was unavailable for many users. It’s unclear whether the downtime was the result of a denial-of-service attack, or simply technical failures within the department.

The Verge:

 

« What Will The Car Of 2040 Be Like?
Dangers Of Betting On Hybrid Cloud »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

UCD Centre for Cybersecurity and Cybercrime Investigation

UCD Centre for Cybersecurity and Cybercrime Investigation

UCD Centre for Cybersecurity and Cybercrime Investigation is Europe's leading centre for research & education in cybersecurity, cybercrime and digital forensics.

Cloud Security Alliance (CSA)

Cloud Security Alliance (CSA)

The CSA is a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within Cloud Computing

LogonBox Software

LogonBox Software

LogonBox Software specialises in producing a cost-effective range of Network Security and Identity Management software solutions for all sizes of Enterprise.

CyberOwl

CyberOwl

CyberOwl builds on cutting-edge research and combines decades of experience in developing, securing and operating large distributed systems.

Quick Heal Technologies

Quick Heal Technologies

Quick Heal Technologies is a leading IT security solutions provider focused on endpoint and network security solutions.

Secure Decisions

Secure Decisions

Secure Decisions focus on research and product development related to national security including information assurance, computer network defense, cyber security education, and application security.

VADO Security Technologies

VADO Security Technologies

VADO Security enables the safe transfer of data between low & high security networks.

Precise Biometrics

Precise Biometrics

Precise Biometrics develop and sell fingerprint software for convenient and secure authentication of people’s identity in mobile devices, smart cards and other products with fingerprint sensors.

J2 Software

J2 Software

J2 Software is a leading African Information Security and ICT business providing information security, governance, risk and compliance solutions.

Nameshield Group

Nameshield Group

Nameshield is one of most experienced domain name registrars, trademark protection specialists and managers of online reputational risk in the world today.

Cord3

Cord3

Cord3 delivers data protection, even from trusted administrators – or hackers posing as administrators – with high privilege.

Peraton

Peraton

Peraton provides innovative solutions for the most sensitive and critical programs in government today, developed and executed by scientists, engineers, and other experts.

StrataCore

StrataCore

StrataCore is a single-source technology lifecycle advocate that works behind IT teams as a strategic partner to help them achieve peak enterprise outcomes.

Closed Door Security

Closed Door Security

Closed Door Security is the only cybersecurity team in the north of Scotland offering everything from IASME Certification to CREST-Accredited penetration testing.

Redcoat AI

Redcoat AI

Redcoat AI provide a comprehensive security platform that continuously evolves with the threats and opportunities presented by AI.

Quantum Dice

Quantum Dice

Quantum Dice is an award-winning venture-backed spinout from Oxford University’s world-renowned quantum optics laboratory.