The US Federal Bureau of Investigation (FBI), the US Drug Enforcement Agency (DEA), the Dutch National Police, and Europol have cracked down on darknet markets, shutting down two of the major Tor-concealed marketplaces for illegal goods and services: Hansa and AlphaBay.
The US Department of Justice overnight announced that it had seized AlphaBay, the darknet market site that hosted the so-called ‘Medicare Machine’ service.
AlphaBay has been offline since 5 July.
The Medicare Machine was a service that offered to obtain the Medicare card details of any Australian when provided with his or her name and date of birth.
AlphaBay was considered to be the largest darknet market. The site’s alleged operator, Canadian Alexandre Cazes, was arrested in Thailand earlier this month. He died in custody, apparently taking his own life.
The Department of Justice said investigators had found Cazes' personal Hotmail email address, Pimp_Alex_91@hotmail.com in the header information of a welcome email sent to new AlphaBay users in December 2014.
AlphaBay was believed to have more than 200,000 users and 40,000 vendors. It supported transactions using a range of cryptocurrencies including Bitcoin, Monero and Ethereum.
“This is likely one of the most important criminal case of the year,” US attorney-general Jeff Sessions said at a press conference announcing the seizure.
“Make no mistake, the forces of law and justice face a new challenge from the criminals and transnational criminal organizations who think they can commit their crimes with impunity by ‘going dark.’
“This case, pursued by dedicated agents and prosecutors, says you are not safe. You cannot hide. We will find you, dismantle your organization and network. And we will prosecute you.”
Investigations by Dutch National Police, aided by Bitdefender, led to the location of infrastructure for the Hansa marketplace. Servers have been seized in the Netherlands, Germany and Lithuania.
Two alleged Hansa administrators have been arrested in Germany.
Europol revealed that the Dutch National Police had taken over the site on 20 June, monitoring its usage.
“In the past few weeks, the Dutch Police collected valuable information on high value targets and delivery addresses for a large number of orders,” Europol said.
“Some 10 000 foreign addresses of Hansa market buyers were passed on to Europol.”
Computerworld has confirmed the code is still present on the Dream Market Site; however the presence of the IP address in the code, apparently used for a pop-up chat function, does not necessarily indicate Dream Market’s infrastructure is hosted by Loopia (or hosted in Sweden).