Story image

Major Dark Web Player goes offline: Could it be an exit scam?

07 Jul 2017

One of the Dark Web's biggest marketplaces for illegal online trades was taken offline this week, with reports circulating that it was part of an 'exit scam'.

The AlphaBay marketplace had a user base of more than 20,000 users, whose unencrypted details have now been exposed as part of the shutdown.

Digital Shadows VP of strategy, Rick Holland, says that the site continued to release new features, including security enhancements.

"We confirmed that the site remained inaccessible at the time of writing. We detected only speculation as to why the marketplace was not accessible at the time of writing, with multiple users on Reddit suggesting an exit scam had taken place," Holland says.

Reports circulated that police raided two AlphaBay vendors' houses,, according to Holland.

Others have speculated that two large Bitcoin transactions to addresses belonging to AlphaBay owners were evidence of the owners stealing money - around US$3.8 million in Bitcoin.

Holland says there is no evidence of that claim yet. He says that exit scams, such as those suspected in the AlphaBay case, aren't new and are actually quite common.

"These exit scams are one of the risks when conducting business in criminal marketplaces. The increasing value of BTC (>$2,500 as of today) makes exit scams appealing. These exit scams are often the first assumption when a marketplace goes offline, however there are alternatives including intrusions from other criminals, DDoS attacks from competitors, law enforcement interdictions, and even unannounced site maintenance," he says.

"Multiple vendors of compromised data, payment card details, malware and other services would have to seek other online services. The Dream and Hansa markets are likely to benefit from any potential Alphabay demise. Digital Shadows is tracking this development and will provide updated analysis as it becomes available."

IoT and DDoS attacks: A match made in heaven
A10 Network’s Adrian Taylor uses findings from a number of reports to illustrate his point that advances in technology are facilitating cybercrime.
ForgeRock launches Sandbox-as-a-Service to facilitate compliance
The cloud-based testing environment for APIs enables banks to accelerate compliance with Open Banking and PSD2 deadlines.
Cloud application attacks in Q1 up by 65% - Proofpoint
Proofpoint found that the education sector was the most targeted of both brute-force and sophisticated phishing attempts.
Singapore firm to launch borderless open data sharing platform
Singapore-based Ocean Protocol, a decentralised data exchange that promotes data sharing, has revealed details of what could be the kickstart to a global and borderless data economy.
Huawei picks up accolades for software-defined camera ecosystem
"The company's software defined capabilities enable it to future-proof its camera ecosystem and greatly lower the total cost of ownership (TCO), as its single camera system is applicable to a variety of application use cases."
Barracuda expands MSP security offerings with RMM acquisition
Managed Workplace delivers an RMM platform with security tools and services, such as site security assessments, Office 365 account management, and integrated third-party antivirus.
Flashpoint: APAC companies must factor geopolitics in cyber strategies
The diverse geopolitical and economic interests of the states in the region play a significant role in driving and shaping cyber threat activity against entities operating in APAC.
Expert offers password tips to aid a stress-free sleep
For many cybersecurity professionals, the worries of the day often crawl into night-time routines - LogMeIn says better password practices can help.