Story image

Major Dark Web Player goes offline: Could it be an exit scam?

07 Jul 17

One of the Dark Web's biggest marketplaces for illegal online trades was taken offline this week, with reports circulating that it was part of an 'exit scam'.

The AlphaBay marketplace had a user base of more than 20,000 users, whose unencrypted details have now been exposed as part of the shutdown.

Digital Shadows VP of strategy, Rick Holland, says that the site continued to release new features, including security enhancements.

"We confirmed that the site remained inaccessible at the time of writing. We detected only speculation as to why the marketplace was not accessible at the time of writing, with multiple users on Reddit suggesting an exit scam had taken place," Holland says.

Reports circulated that police raided two AlphaBay vendors' houses,, according to Holland.

Others have speculated that two large Bitcoin transactions to addresses belonging to AlphaBay owners were evidence of the owners stealing money - around US$3.8 million in Bitcoin.

Holland says there is no evidence of that claim yet. He says that exit scams, such as those suspected in the AlphaBay case, aren't new and are actually quite common.

"These exit scams are one of the risks when conducting business in criminal marketplaces. The increasing value of BTC (>$2,500 as of today) makes exit scams appealing. These exit scams are often the first assumption when a marketplace goes offline, however there are alternatives including intrusions from other criminals, DDoS attacks from competitors, law enforcement interdictions, and even unannounced site maintenance," he says.

"Multiple vendors of compromised data, payment card details, malware and other services would have to seek other online services. The Dream and Hansa markets are likely to benefit from any potential Alphabay demise. Digital Shadows is tracking this development and will provide updated analysis as it becomes available."

JASK prepares for global rollout of their AI-powered ASOC platform
The JASK ASOC platform automates alert investigations, supposedly freeing the SOC analyst to do what machines can’t. 
Pitfalls to avoid when configuring cloud firewalls
Flexibility and granularity of security controls is good but can still represent a risk for new cloud adopters that don’t recognise some of the configuration pitfalls.
CERT NZ highlights rise of unauthorised access incidents
“In one case, the attacker gained access and tracked the business’s emails for at least six months. They gathered extensive knowledge of the business’s billing cycles."
Report finds GCSB in compliance with NZ rights
The Inspector-General has given the GCSB its compliance tick of approval for the fourth year in a row.
Securing hotel technology to protect customer information
Network security risks increase exponentially as hotels look to incorporate newer technologies to support a range of IoT devices, including smart door locks.
Why total visibility is the key to zero trust
Over time, the basic zero trust model has evolved and matured into what Forrester calls the Zero Trust eXtended (ZTX) Ecosystem.
Gartner names Proofpoint Leader in enterprise information archiving
The report provides a detailed overview of the enterprise information archiving market and evaluates vendors based on completeness of vision and ability to execute.
WatchGuard appoints new channel distributors in A/NZ
The appointments will enable WatchGuard to expand its regional channel reseller footprint.