American and Dutch authorities announced this afternoon that AlphaBay and Hansa Market, which represented a sizable chunk of illicit activity in the shadowy realm of the darknet, are down for good. However, they say they collected reams of virtual data upon tens of thousands of transactions after driving AlphaBay’s business to Hansa Market, which they say they have been operating since last month.
Dutch national police and officials from the United States Department of Justice made the announcement earlier today, saying they have been operating Hansa Market since June 20 of this year, silently harvesting 10,000 postal addresses while monitoring 50,000 transactions on the site.
Although authorities are tight-lipped about how precisely they accomplished it, court filings shine a sliver of light upon the methods used in the undertaking they christened Operation Bayonet. According to a government complaint, police were able to crash AlphaBay, compelling the site’s alleged operator Alexandre Cazes to access the server from his laptop moments prior to his apprehension. With Cazes in custody and his laptop open and communicating with AlphaBay’s servers, control of the site fell into the government’s lap. Although apparently unintended, icing on the government’s cake came due to the fact that Cazes was also logged in to the site’s forum as an administrator, leaving the door wide open to control of that facet of the operation as well.
While precise timing and a bit of luck gained the government access to the driver’s seat at AlphaBay, authorities say that Cazes contributed greatly to outing himself as the man behind the curtain. Court filings indicate that investigators were able to link a Hotmail address appearing in the headers of emails sent to users in 2014 who lost their passwords to the Canadian. How exactly they connected the dots between “Pimp_Alex_91@hotmail.com” and Cazes is also open to speculation, but an article at Forbes points out that the address was part of a quartet of major data breaches between 2015 and 2016.
In addition, investigators point to Cazes’s evidently lax handling of passwords and financial information related to the site. According to the filings mentioned above, investigators say they found log-in information and online identities tied to the site in unencrypted text files on the same laptop. Additionally, they advised the court that Cazes’s financial statements were also on the laptop, showing him to have a net worth of $23 million, most of which was spirited away in cryptocurrencies like Bitcoin, Etherium, Monero, and Zcash.
With complete control over the site, government investigators decided to go for more. Being familiar with the skittish nature of darknet users, cyber cops shut the site down in a way that made users think AlphaBay’s admins took the money and run – an all-too-common hazard on the darknet. Deep-sixing the site would send users to the next biggest thing on the darknet, they hoped.
It did. Former AlphaBay users stampeded to Hansa Market, which was by now being run by Dutch cops who were taking notes on the alleged sale of vast quantities of illicit drugs. With apparently reams of data on a tremendous number of illicit transactions, Dutch police finally pulled the plug on the site today and announced the arrest of the site’s two admins in late June.
Though it is too early to assess the precise fallout of the weeks-long operations, law enforcement officials on both sides of the Atlantic were euphoric over their success. Speaking for American authorities, Attorney General Jeff Sessions highlighted the historic size and reach of the undertaking.
“This is likely one of the most important criminal investigations of the year – taking down the largest dark net marketplace in history … Make no mistake, the forces of law and justice face a new challenge from the criminals and transnational criminal organizations who think they can commit their crimes with impunity using the dark net. The dark net is not a place to hide. The Department will continue to find, arrest, prosecute, convict, and incarcerate criminals, drug traffickers and their enablers wherever they are. We will use every tool we have to stop criminals from exploiting vulnerable people and sending so many Americans to an early grave. I believe that because of this operation, the American people are safer – safer from the threat of identity fraud and malware, and safer from deadly drugs.”
Despite being charged with several counts involving racketeering, narcotics, theft, and identity fraud, among others, Cazes will not face criminal sanction for his alleged involvement in AlphaBay, as U.S. authorities say he took his own life while in custody earlier this month. However, asset-forfeiture procedures against his estate will continue.
[Featured Image by guteksk7/Shutterstock]