FBI Take Down Dark Web Drugs Traders

An international law enforcement effort has brought down two of the dark web’s largest marketplaces, AlphaBay and Hansa Market.

According to a Europol announcement, AlphaBay hosted roughly $1 billion in transactions since its founding in 2014, primarily focused on drugs and fraudulent IDs. At the time of its takedown, it reached over 200,000 users and 40,000 vendors, with nearly $4 million in bitcoin stored in escrow wallets on the site.

“This is one of the most important criminal investigations of this entire year,” said Attorney General Sessions at a press briefing accompanying the announcement. “I believe that because of this operation, people around the world are safer from the threat of identity fraud and malware, and safer from deadly drugs.”

As hidden services, both AlphaBay and Hansa were accessible only through the Tor network, presenting a significant challenge to law enforcement agents hoping to seize the host servers. It’s still unclear how authorities were able to locate the servers or site administrators, but it appears to have been done without compromising the underlying protections of Tor.

While this marks the first official Department of Justice statement on the matter, the AlphaBay takedown has been the subject of rumors for weeks. AlphaBay’s site went down around midnight on July 4th, but the page simply timed out rather than showing the official seizure notice that has accompanied previous marketplace takedowns.

That led to some speculation that the owners of the site had performed an exit scheme, until a Wall Street Journal report the following week indicated the site had been taken offline by an international law enforcement effort, citing sources familiar with the matter.

At roughly the same time that the site disappeared, Canadian national Alexander Cazes was arrested by Thai authorities on behalf of US law enforcement. He was found dead in his cell the following week. This announcement confirms that Cazes was arrested for his role in creating and maintaining AlphaBay, although the circumstances of his death remain unclear.

The indictment also involves the seizure of significant assets from Cazes, who appears to have grown quite wealthy from AlphaBay. A seizure document lists over $5 million in Bitcoin, $1.8 million in Ethereum, and $760,000 in Zcash, in addition to conventional bank accounts of unknown value. The government also seized a 2013 Lamborghini Aventador, a Porsche Panamera S, a BMW motorcycle, and a Mini Cooper allegedly owned by Cazes, along with real estate properties in Bangkok, Phuket, and Cyprus.

Hansa Market remained online in the aftermath of the takedown, in what now appears to be a coordinated strategy by law enforcement. According to Europol, Hansa saw an eightfold increase in users after the disappearance of AlphaBay, allowing authorities to gather significant information about the market’s customer base. The agency claims to have collected 10,000 addresses of European Hansa customers over the course of the investigation.

Notably, the announcement was also marred by significant technical issues. The US Department of Justice intended to announce the takedown in a live stream at justice.gov/live, but the morning of the announcement, the site was unavailable for many users. It’s unclear whether the downtime was the result of a denial-of-service attack, or simply technical failures within the department.

The Verge:

 

« What Will The Car Of 2040 Be Like?
Dangers Of Betting On Hybrid Cloud »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ECSC Group

ECSC Group

ECSC is a full-service information security provider, specialising in 24/7/365 security breach detection and Artificial Intelligence (AI).

Eden Legal

Eden Legal

Eden Legal provides legal services on commercial and regulatory issues affecting digital businesses.

Lumeta

Lumeta

Lumeta’s cyber situational awareness platform is the unmatched source for enterprise network infrastructure analytics and security monitoring for breach detection.

Korea Internet & Security Agency (KISA)

Korea Internet & Security Agency (KISA)

KISA is committed to improving the competitiveness, reliability and security of Internet information and knowledge in Korea.

BMS Group

BMS Group

BMS is an independent, employee-owned specialist insurance broking group. Broking solutions include Cyber and Technology.

IAC

IAC

IAC is a specialist Irecruitment consultancy covering Internal Audit, Risk, Controls, Governance, IT Audit, and Cyber Security roles.

National Cybersecurity Hub - South Africa

National Cybersecurity Hub - South Africa

The mission of the National Cybersecurity Hub is to be the central point of collaboration for cybersecurity incidents in South Africa.

IT Security Jobs

IT Security Jobs

IT Security Jobs is a dedicated portal for everything related to IT professionals looking for IT Security jobs.

African Cyber Security

African Cyber Security

African Cyber Security and it's partners, have the expertise and skills to provide holistic solutions for companies, institutions and government.

Scythe

Scythe

SCYTHE is a next generation red team platform for continuous and realistic enterprise risk assessments.

Keeper Security

Keeper Security

Keeper is a leading enterprise password manager and cybersecurity platform for preventing password-related data breaches and cyberthreats.

NJVC

NJVC

NJVC delivers IT automation, optimization and security to empower mission-enabling IT for customers with secure requirements.

Athreon

Athreon

Athreon utilizes a fusion of AI technology, human interpretation, and the latest in cybersecurity to deliver sound business solutions that help our clients make better data-driven decisions.

Skudo

Skudo

Skudo is dedicated to creating innovative best-in-class solutions that protect data exchange with the highest level of security and privacy.

Aite-Novarica Group

Aite-Novarica Group

Aite-Novarica's Cybersecurity practice provides ongoing research and advisory services to chief information security officers focused on protecting their companies’ assets.

GitLab

GitLab

GitLab is a complete DevOps platform, delivered as a single application, fundamentally changing the way Development, Security, and Ops teams collaborate and build software.