17.7.17 Dark Web and Cybercrime Roundup
Alleged Alphabay Admin Found Dead in Bangkok Jail
On July 12, news sites in Thailand reported that a 26-year-old Canadian man had died in a Bangkok jail. The news spread quickly and the world soon learned the manâs identity: Alexandre Cazes of Trois-RiviÃ¨res, QuÃ©bec, Canada. Alphabay marketplace disappeared when the Royal Canadian Mounted Police raided locations throughout Trois-RiviÃ¨res, hunting for âcomputer equipment.â
Police in Thailand arrested Cazes on behalf of the FBI on July 5 for undisclosed drug crimes. The 26-year-old had lived in Thailand for years as a fugitive, but he lived well, according to media reports. He owned several houses, multiple high-end vehiclesâincluding a Lamborghiniâand had $12m in combined assets. His father, Martin Cazes, admitted that his son created illegal websites and made a fortune with Bitcoin, but did so âwithout bad intentions.â
- âHis companyâs website(s), however, disappeared with the Alphabay servers. Nevertheless, LinkedIn provided a skillset which pointed towards only one thing: that Cazes had the skills required to fill the role DeSnake performed.â
- â[Cazesâs] business addresses were in locations searched by the RCMP on July 5. On top of that, one Reddit user explained, âthe EBX company site [â¦] was developed and had similar code to Alphabay when inspecting sources.ââ
- Martin Cazes, Alexandreâs father, said the feds tried to connect his son to the Alphabay admin âalpha02.â Additionally, his father claimed Alexandre lived in Thailand for four yearsânot the alleged eight years.
Read the full story at DeepDotWeb.
Alphabay death: Wondering which market is Headed to the Top? Here is some insider info!
Alphabay vanished. Some believe that the site will return. Others believe that the marketplace will never see the light of day. It could, in part, be due to the RCMP raids in Quebec. The death of the alleged Alphabay admin, DeSnake, could have sent the other Alphabay admins into a frenzy. Maybe the time for an exit scam finally came. Whatever the case may have been, the âTop Marketsâ list needs a new drug market. Not only that, but some former Alphabay users need a new marketplace.
DeepDot revealed incoming Google search terms for different darknet drug markets, alongside additional metrics:
- Impressions & Clicks: How many times did a Google search with a marketplace name pull DDW pages. And among those, how many viewers clicked a DDW link for a specific marketplace.
- Searches on the site: How many queries, using DDWâs built-in search feature, contained market-specific search strings.
- Market-focused page clicks: How many DDW visitors travelled to market-related pages.
The stats covered the previous 28 days, so Alphabay, despite the âdefunctâ status, still dominated the search traffic. DeepDotWeb
Hansa Registration Disabled Temporarily
Former-Alphabay users searched for a replacement marketâor as Bitcoin.com wrote, âDarknet Users Rush for a replacement market.â Many landed on the multi-sig market known as Hansa. Too many users, according to Hansa administration. Only a few days after the Alphabay disappearance, Hansa reported technical issues and blocked user registration.
âDue to the influx of Alphabay refugees we are dealing with technical issues. We have set a temporary stop on new registrations until further notice. Registration disabled temporarily.
HANSA staff (Hansa frontpage and Reddit discussion.)
Vault 7: CIA Developed Android Malware That Works as an SMS Proxy
In a recent installment of âVault 7,â the name for a series of CIA tool leaks orchestrated by Wikileaks, the public learned of an Android tool that reroutes text messages to a CIA-owned server. The tool, dubbed âHighRiseâ came packaged within an Android Package Kit, also known as an APKâthe âformatâ of Android applications. The app, called TideCheck, has a secret control panel for HighRise.
The HighRise features:
- Send a copy of all incoming SMS messages to an Internet-based server controlled by a CIA operative.
- Send SMS messages from the target’s smartphone.
- Provide a communications channel between the HighRise field operator & the LP.
- TLS/SSL secured internet communications.
Wikileaks has dumped CIA tools since March, if not earlier. BleepingComputer
Interview with a Top Alphabay Accounts Phisher
On June 27, one Bitcoin phisher pleaded guilty to creating fake darknet market phishing login pages. He claimed that he had made $360,000 from his phishing sites. On July 12, DeepDotWeb conducted an interview with a more successful Bitcoin phisher. Under the online handle âPhishkingz,â the phisher explained that he made more than $1 million during the last yearâmerely from fake Alphabay pages. Now that Alphabay vanished, he started the same work on the Dream marketplace. In the first day phishing Dream users, he claimed that he had already made four bitcoins.
âI have a trade volume on local bitcoins of about 500 BTC in total. This is all on an account I created 1 year and 2 months ago. Everything is stolen BTC from phishing and I have a cryptopay.me account that has had over 400,000Â£ worth in BTC over the last 6 months. Phishing is very profitable on the dark web.â – Phishkinz. DeepDotWeb
Additionally, remember that the only official clearnet link for DeepDotWeb is DeepDotWeb.com. A typo can easily send an unsuspecting user to DeepDortWeb, DeepDogweb, DeeepDotWeb, etc. The only .onion.sale link, additionally, is: deepdot35wvmeyd5[dot]onion.