AlphaBay Market Takes Over the Dark Web Again

Five years after being destroyed, the resurrected dark web marketplace is making its way back to the top of the cyber underworld in its own way.

For years, dark web marketplaces and the law enforcement agencies that fight them have been trapped in a cycle of raid, purge, repeat: for every dark web marketplace that is destroyed, there is always another that takes its place. But rarely has a dominant dark web marketplace been destroyed by a massive law enforcement operation and then been able to rise from the ashes five years later to reclaim its top spot - a feat that could soon be achieved by dark web trading marketplace AlphaBay, the once and future king of the dark web in the contraband crypto economy.

In July 2017, a global law enforcement operation called Operation Bayonet cracked down on AlphaBay, a massive drug and cybercrime marketplace, seizing the site's central servers in Lithuania and arresting its creator Alexandre Cazes outside his home in Bangkok. , in August of last year, AlphaBay's number two administrator and security expert (nicknamed DeSnake) suddenly reappeared, announcing AlphaBay's resurrection in a new and improved form. Now, 10 months on, thanks in part to a string of attacks and the mysterious disappearance of competing dark web marketplaces, DeSnake's reincarnation of AlphaBay is now on its way to the heights of its former role in the digital underground. In some ways, it appears to have regained that position.

"Yes, AlphaBay is currently the No. 1 dark web marketplace," DeSnake wrote in a text conversation with WIRED last week, "and I did tell you before that we would be No. 1," he added, referring to WIRED's interview with AlphaBay's new administrator when it relaunched last summer. "As I told you, I'll do what I say."

DeSnake's boast is true, at least in part: as of last week, AlphaBay had more than 30,000 unique item listings - mostly drugs, from ecstasy to opioids to methamphetamine, but also thousands of listings for malware and stolen data, such as Social Security numbers and credit card details. That's up from just 500 items last September. Another venerable marketplace called ASAP shows more than 50,000 items. But ASAP is known to allow vendors to post duplicate items. AlphaBay had about 1,300 active vendors in the first six months of the year, while ASAP had about 1,000, according to Flashpoint, a security firm that closely tracks competing marketplaces. AlphaBay's merchandise also appears to be growing at a significantly faster rate, according to Flashpoint.

Other marketplaces touted on dark web forums, such as Archetyp and Incognito, have only a few thousand or a few hundred product listings. All of this suggests that AlphaBay may have become the most popular marketplace for Dark Web vendors to list their wares for sale.

AlphaBay's tens of thousands of merchandise listings are still a tiny fraction of the more than 350,000 it offered before it was busted in 2017, when it was the largest dark web marketplace ever. The FBI estimates it was 10 times the size of the fabled Silk Road drug marketplace, and DeSnake acknowledges that revenue from the new AlphaBay has yet to approach peak levels from 2017, when blockchain analytics firm Chainalysis estimated AlphaBay was generating as much as $2 million in sales per day. (DeSnake declined to disclose current sales figures, but said "the numbers are big.")

In addition, unlike most of its competitors, the new version of AlphaBay only allows users to buy and sell the privacy-focused cryptocurrency Monero, rather than Bitcoin, whose transactions can often be tracked through blockchain monitoring. This makes the site's sales difficult to measure and could mean fewer sales per item, as many users prefer to transact in bitcoin.

But Ian Gray, an analyst at security firm Flashpoint who focuses on the dark web, said that even accounting for this discrepancy and other unknowns, AlphaBay appears to be the leading market in a side-by-side analysis of dark web markets, or will be soon. said Gray: "There is talk that AlphaBay could re become the most popular marketplace, and it already appears to be the largest in terms of the number of vendors."

AlphaBay's rapid growth - or re-growth - has been driven in part by what Gray calls "the big network retirement. In the past 18 months, at least 10 dark web marketplaces have gone offline for various reasons. Some have been dismantled by law enforcement, such as Dark Market, the target of a Europol-led crackdown early last year, or Hydra, a massive Russian-language drug and money-laundering market whose servers were seized in a law enforcement raid in April. Other sites, such as Dark0de and World Market, are believed to have conducted "exit scams" and suddenly disappeared with their users' money. Still others, such as Cannazon and WhiteHouse Market, conducted more thoughtful and organized exits, giving users time to withdraw any funds held on the site.

Until late May, this left a site called Versus as the last leading dark web marketplace. But just two weeks ago, DeSnake posted a thread on the dark web marketplace forum Dread with evidence that Versus had a security flaw that could have exposed Versus' IP address, potentially leaving its users vulnerable to hackers or law enforcement. deSnake claims that this was provided to him by a user named "threesixty "In his post, DeSnake wrote, "threesixty and I both mean well, and we want to have a productive conversation about security in the dark web marketplace."

Versus responded by immediately announcing its retirement. William Gibson, the site's administrator, wrote: "We would say there is a clear agenda behind the way this was initially handled, but we'll let you draw your own conclusions."

Meanwhile, DeSnake insisted on the Dread site that he had no personal or professional ties to threesixty, the hacker whose exploit discovery destroyed AlphaBay's largest remaining competitor. deSnake said, "Due to the severity of the issue, we handled it the best way we could. "

Flashpoint's Ian Gray said that in addition to the Versus exit, the number of dark web marketplaces has been declining recently, perhaps because of the generally unfriendly environment they face. Marketplaces are regularly bombarded by distributed denial-of-service attacks launched by competitors, who use wave after wave of spam traffic to bring them down and have to deal with ongoing disputes between buyers and sellers. Marketplace managers also feel the constant threat of law enforcement hovering in the background. All of this has inspired any dark web administrator who has achieved some level of success to take the money and run, and has led DeSnake (who seems more ambitious and persistent in his goals) to lift AlphaBay back to the top. says Gray: "With all these other marketplaces closing down, you have very few players in this space, in fact there's only one that's fairly established, and that's AlphaBay."

When AlphaBay first resurfaced, Gray and other dark web analysts and users expressed suspicion that DeSnake may have been controlled by law enforcement. Although he appeared to prove his identity as the former AlphaBay right-hand man by signing messages using the same PGP encryption keys he used in the past, many dark web residents feared he might be controlled by police agencies as part of an undercover operation, just as Dutch police secretly took over the Hansa dark web drug market in 2017.

Still, nearly a year after going back online, DeSnake says he feels "vindicated" because few undercover operations have lasted this long, DeSnake says: "For most vendors and customers, the problem has been solved. "

If DeSnake has proven himself to be the rightful heir to AlphaBay and did not perpetrate the "exit scam" himself, he still faces the risk of arrest by law enforcement, a risk that will only increase as the reborn marketplace comes under scrutiny. Grant Rabenn, a former federal prosecutor, said, "This is Russian roulette running a dark web marketplace, especially with all the information we've gotten from the AlphaBay downfall." The investigation he led led led to the seizure of AlphaBay in 2017 and the arrest of its original administrator, Alexandre Cazes, who was later found dead in a Thai prison in what officials say was a suicide. (DeSnake claims, though without evidence, that Cazes was murdered).

Rabenn implies that the 2017 case also led to U.S. law enforcement gaining "a great deal of information" about AlphaBay staffers. As the dark web marketplace grows and previous investigations may provide clues to DeSnake's identity, federal agencies are refocusing their attention on AlphaBay and its new owner.Rabenn says, "It's definitely putting a target on your back, not only from historical behavior and connections, but most importantly, everyone is going to be looking for that person."

However, DeSnake told WIRED that he has developed some forms of protection that give him the confidence to stay one step ahead of the FBI. Perhaps most importantly, he claims to reside in a former Soviet Union country that has no extradition treaty with the United States. His choice of AlphaBay to use only Monroe coins rather than Bitcoin may make the kind of blockchain analysis that led to the original site being taken down more difficult. He claims to have built sophisticated technical protections, including redundant infrastructure in multiple countries/regions, and a system called AlphaGuard, which is designed to automatically restart the site on a new server in the event of a system failure. "We'll be back up and running within days and won't lose a penny." DeSnake said.

DeSnake announced that he eventually hopes to develop a "decentralized marketplace network" in which dark web marketplaces are hosted on hundreds of servers -- a kind of uncensored, unidentifiable Bittorrent -- to replace the current marketplace, Napster. Napster. he claims a beta version of that decentralization plan is planned for the end of this year, with AlphaBay moving to it sometime in 2023. "First of all we want to reach the previous scale in 2017, which is our milestone. Second, we want to launch the beta version of the decentralization project," DeSnake said, "and then gradually migrate it completely so that AlphaBay can exist for years to come and bring the [dark web marketplace] scene into a new golden age like we did before."

It's unclear whether this plan - or DeSnake's self-described saber-rattling - is real or a mirage. But he appears to have delivered, or is about to deliver, on his first promise: reclaiming the crown of the dark web trading marketplace. another period of AlphaBay domination may just be beginning.

From:On DarkNet – Dark Web News and Analysis
Copyright of the article belongs to the author, please do not reproduce without permission.

<<Pre Post
Next Post>>