Slashdot Mirror

← Back to Stories (view on slashdot.org)

Authorities Take Down Hansa Dark Web Market, Confirm AlphaBay Takedown (bleepingcomputer.com)

Posted by BeauHD on from the cease-and-desist dept.

An anonymous reader writes via Bleeping Computer: Today, in coordinated press releases, the U.S. Department of Justice (DOJ) and Europol announced the takedown of two Dark Web marketplaces -- AlphaBay and Hansa Market. First to fall was the Hansa Market after Dutch officers seized control over their servers located inside one of the country's hosting providers. Dutch Police seized Hansa servers on June 20, but the site was allowed to operate for one more month as officers gathered more evidence about its clientele. The Hansa honeypot received an influx of new users as the FBI shut down AlphaBay on July 5, a day after it took control over servers on July 4. Europol and the FBI say they collected mountains of evidence such as "usernames and passwords of thousands of buyers and sellers of illicit commodities" and "delivery addresses for a large number of orders." FBI Active Director McCabe said AlphaBay was ten times larger than Silk Road, with over 350,000 listings. In opposition, Silk Road, which authorities seized in November 2013, listed a meager 14,000 listings for illicit goods and services at the time authorities took down the service.

11 of 41 comments (clear)

  1. Or by sexconker · · Score: 5, Insightful

    Or you could let people have drugs and sex.

    1. Re: Or by Anonymous Coward · · Score: 3, Insightful

      And other people's credit cards, bank info, personal info, hacking tools, murder for hire, risky "research chemicals" sold as other drugs, etc.

      I'm fairly libertarian, and have no problem legalizing weed and hookers. But those are a small portion of what gets dealt on these services.

    2. Re: Or by Anonymous Coward · · Score: 3, Insightful

      Sorry- no- if there is a problem (which there is) I'd argue for developing and rolling out new systems that are more secure. Police can't do shit to solve the problem and are only providing an illusion while partaking in a system of theft of my hard earned money. NEVER have they helped me recover funds and it literally does no good to go after a few big fish (which is the argument they'll make). I get hit personally every year by at least a number of self-entitled pricks and crooks/fraudsters alike in my business and if I can be against taking down these dark markets (and I also don't smoke, drink, do drugs, nor am I involved in any kind of fraud that gives me an interest in them existing) then certainly anybody whose arguing for it is just another piece of the problem. You want security? Go secure your own place with your own funds.. and stop stealing from me.

      I take credit cards online. We've put up stronger defences and largely go unscathed, but it does piss off some customers (some could just be fraudsters although doubtful of that sometimes). If you can't understand why we demand additional verification should you not be able to provide a verified address f' off.

      Well, we do give customers other payment options that entirely resolve the theft/fraud issues and that is the solution you should be pushing for rather than arguing against anonymous free markets.

      We take Bitcoin for instance that has none of the problems of accepting credit cards and we're seeing significant growth of orders paid with crypto currencies (at the moment its only Bitcoin that we accept, but we'll expand as time permits to other crypto currencies).

      And if banks can't figure out how to secure their sites I can't sympathize with stolen 'bank info' and the same applies to 'identity theft'. Sorry- but that is a crime against the issuer of the credit- not you. Your not liable for any of that. The fix involves developing or implementing non-sucky authentications systems that don't involve government. More than 60% of our income is stolen by government (this thing called taxes) and that number increases in many other countries (Europe). Taxes are really just a form of wealth redistribution under the guise of providing you with something. The vast majority of it is just wasted. I'd rather pay for 'essentials' out of my own pocket on a voluntary basis.

    3. Re: Or by Anonymous Coward · · Score: 3, Informative

      Plenty of places have legal prostitution and it works just fine. It provides a secure and safe place of employment that benefits those visiting and those working. Your examples are just ridiculous.

  2. Damn by Anonymous Coward · · Score: 2, Funny

    NOW where am I going to trade my stolen low-number Slashdot logins?

  3. Monumental OpSec mistakes by Anonymous Coward · · Score: 2, Informative

    The site also has a different, more interesting article detailing the AlphaBay admin's OpSec mistakes. In short, they were many. https://www.bleepingcomputer.c...

    1. Re:Monumental OpSec mistakes by toonces33 · · Score: 2

      The problem for these guys is that they have no margin for error.

  4. Re: 'Dark Web' isn't dark enough by dnaumov · · Score: 3, Insightful

    Important thing to note is that these guys weren't caught because of some TOR weakness, but because of essentially non-existent opsec.

  5. And what did we learn? by WolfgangVL · · Score: 2

    Sneakernet your drugs and pick up your whores at the tittie bar like everybody else. Buy your firearms privately, and your stolen creds directly from the supplier.

    Sometimes, the old ways are best.

    Maybe some entrepreneur should just setup a matchmaking site, complete with user reviews and ratings. Community vetting is perfectly legal, and you can charge a small fee per connection. Like a dating site for hustlers, pushers and pimps.....

    hustlerspushersandpimps.com is available.......

    User: 420man
    Interests: Cannibus
    Price:$$
    Location: Las Vegas, NV.
    Contact: *Click here to create an account*
    User rating: *****

    Reviews:

    --
    You are being ripped off every second of every day, so that advertisers can help rip you off even more tomorrow.
  6. Re:The real reason by BillKaos · · Score: 2

    I am surprised they've gathered real client data. Standard OPSEC in those sites is to encrypt your delivery address with the public key of the vendor, so unless the vendor is hacked, your personal data should be safe from the market going down.

  7. Re:The real reason by sound+vision · · Score: 4, Insightful

    The average buyer on one of these sites has only a cursory understanding of opsec. Even the sellers and the site admins often get it wrong, as we see in the story. With probably hundreds of thousands of transactions, and a decent chance of a fuckup from at least one of the parties in each transaction, there's a whole lot of information law enforcement can get from this.

    I used to think there was basically no way to fight the emergence of these online markets, but my ideas on that are shifting now. With honeypot operations like this, they can essentially get a huge list of drug users' addresses. Never before has this type of data been amassed on that scale. The worst part of it is that the data set is skewed toward casual users; the dealers typically have better opsec. Additionally, the fact that these packages usually travel over state or national borders significantly ups the legal ante. With assholes like Jeff Sessions in power, I can see large numbers of people getting 30-year sentences for things that many local police departments wouldn't even make an arrest for. Simply because it happened on the internet.