Interviews

Dark Web takedown

by Mark Rowe

Law enforcement operations, led by the Federal Bureau of Investigation (FBI), the US Drug Enforcement Agency (DEA) and the Dutch National Police, with the support of the EU policing agency Europol, have shut down the infrastructure of an underground criminal economy responsible for the trading of over 350,000 illicit commodities including drugs, firearms and cybercrime malware. Rob Wainwright, the Executive Director of Europol hailed it as ‘an outstanding success by authorities in Europe and the US’.

AlphaBay was the largest criminal marketplace on the Dark Web, using a hidden service on the Tor network to effectively mask user identities and server locations. Before its takedown, AlphaBay reached over 200,000 users and 40,000 vendors. There were over 250 000 listings for illegal drugs and toxic chemicals on AlphaBay, and over 100,000 listings for stolen and fraudulent identification documents and access devices, counterfeit goods, malware and other computer hacking tools, firearms, and fraudulent services. At a conservative estimate by the authorities, a billion dollars were transacted in the market since its creation in 2014. Transactions were paid in Bitcoin and other cryptocurrencies. Hansa was the third largest criminal marketplace on the Dark Web, trading similarly high volumes in illicit drugs and other commodities.

With the help of Bitdefender, an internet security company advising Europol’s European Cybercrime Centre (EC3), Europol provided Dutch authorities with an investigation lead into Hansa in 2016. Enquiries located the Hansa market infrastructure in the Netherlands, with follow-up investigations by the Dutch police leading to the arrest of its two administrators in Germany and the seizure of servers in the Netherlands, Germany and Lithuania. Europol and partner agencies in those countries supported the Dutch National Police to take over the Hansa marketplace on June 20, 2017 under Dutch judicial authorisation, facilitating the covert monitoring of criminal activities on the platform until it was shut down on July 20.

Comments

Andrei Barysevich, Director of Advanced Collection at Recorded Future, says: “Coordinated closure of two of the most popular underground marketplaces shows the level of sophistication and, most importantly, the willingness of international law enforcement agencies to combat cybercrime jointly.

“The successful takedown of AlphaBay and Hansa marketplaces — the largest police operation since SilkRoad — has already significantly disturbed the underground economy, and I expect to see the level of cybercrime go down in the short term. Despite recent news, we don’t expect criminals to abandon dark web marketplaces, as the business opportunity of exposure to hundreds of thousands of buyers is too lucrative and as we have seen before, eventually new market leaders will arise, filling the void.”

And Kyle Wilhoit, senior cybersecurity threat researcher at DomainTools said: “Hansa and AB were two of the most prolific underground marketplaces that distributed and sold drugs, credit card numbers, and malware. The shutdown of these underground marketplaces are becoming more commonplace. The shutdown of these two sites will dramatically affect the underground marketplace ecosystem in the short term as buyers flock to other sites. Individuals with nefarious intentions must either migrate to another underground shop with less reputation, or they must find alternate business techniques, such as selling on deep web forums. Ultimately, this isn’t wholly surprising- considering AB has been compromised on two separate occasions resulting in their API being compromised and over 210,000 private messages leaked. When you are conducting business with criminals, you must expect to some degree that your business is on shaky footing anyway, so this isn’t terribly surprising to me.”

Related News

  • Interviews

    Cloudy outlook for 2020

    by Mark Rowe

    New year, new risks: what can we expect from the world of cybersecurity in 2020? asks Ray Pompon, Principal Threat Research Evangelist,…

  • Interviews

    Cyber attack is new low

    by Mark Rowe

    News broke yesterday about a serious cyber-attack (in a week of serious cyber-attacks) on the European Medical Agency. If ever you need…

Newsletter

Subscribe to our weekly newsletter to stay on top of security news and events.

© 2024 Professional Security Magazine. All rights reserved.

Website by MSEC Marketing