FBI Take Down Dark Web Drugs Traders
An international law enforcement effort has brought down two of the dark web’s largest marketplaces, AlphaBay and Hansa Market.
According to a Europol announcement, AlphaBay hosted roughly $1 billion in transactions since its founding in 2014, primarily focused on drugs and fraudulent IDs. At the time of its takedown, it reached over 200,000 users and 40,000 vendors, with nearly $4 million in bitcoin stored in escrow wallets on the site.
“This is one of the most important criminal investigations of this entire year,” said Attorney General Sessions at a press briefing accompanying the announcement. “I believe that because of this operation, people around the world are safer from the threat of identity fraud and malware, and safer from deadly drugs.”
As hidden services, both AlphaBay and Hansa were accessible only through the Tor network, presenting a significant challenge to law enforcement agents hoping to seize the host servers. It’s still unclear how authorities were able to locate the servers or site administrators, but it appears to have been done without compromising the underlying protections of Tor.
While this marks the first official Department of Justice statement on the matter, the AlphaBay takedown has been the subject of rumors for weeks. AlphaBay’s site went down around midnight on July 4th, but the page simply timed out rather than showing the official seizure notice that has accompanied previous marketplace takedowns.
That led to some speculation that the owners of the site had performed an exit scheme, until a Wall Street Journal report the following week indicated the site had been taken offline by an international law enforcement effort, citing sources familiar with the matter.
At roughly the same time that the site disappeared, Canadian national Alexander Cazes was arrested by Thai authorities on behalf of US law enforcement. He was found dead in his cell the following week. This announcement confirms that Cazes was arrested for his role in creating and maintaining AlphaBay, although the circumstances of his death remain unclear.
The indictment also involves the seizure of significant assets from Cazes, who appears to have grown quite wealthy from AlphaBay. A seizure document lists over $5 million in Bitcoin, $1.8 million in Ethereum, and $760,000 in Zcash, in addition to conventional bank accounts of unknown value. The government also seized a 2013 Lamborghini Aventador, a Porsche Panamera S, a BMW motorcycle, and a Mini Cooper allegedly owned by Cazes, along with real estate properties in Bangkok, Phuket, and Cyprus.
Hansa Market remained online in the aftermath of the takedown, in what now appears to be a coordinated strategy by law enforcement. According to Europol, Hansa saw an eightfold increase in users after the disappearance of AlphaBay, allowing authorities to gather significant information about the market’s customer base. The agency claims to have collected 10,000 addresses of European Hansa customers over the course of the investigation.
Notably, the announcement was also marred by significant technical issues. The US Department of Justice intended to announce the takedown in a live stream at justice.gov/live, but the morning of the announcement, the site was unavailable for many users. It’s unclear whether the downtime was the result of a denial-of-service attack, or simply technical failures within the department.
