Dark web souk AlphaBay outage: Users fear they've been scammed
It's not like you can go to the police, eh?
Dark web marketplace AlphaBay has dropped offline, sparking frenzied speculation that its admins may have disappeared for good after pocketing a swag bag of digital currency. The outage may be down to a simple security update, if assurances offered through Reddit are true.
The AlphaBay marketplace became inaccessible in the early hours of Wednesday, 5 July. Multiple users on Reddit quickly suggested an exit scam had taken place. Unconfirmed estimates suggested that $3.7m in digital currency was on the line.
"One user on Reddit claimed that law enforcement had raided the houses of two AlphaBay vendors, but provided no evidence to prove this had occurred," reports threat intel firm Digital Shadows. "Furthermore, some users have posted Bitcoin addresses to which large transactions had been made or withdrawn on 05 Jul 2017. These addresses were claimed as evidence the owners of AlphaBay had stolen the money deposited to the site."
"We detected no evidence to suggest a link between these Bitcoin addresses and the marketplace," Digital Shadows adds.
Fears have been calmed after a profile said to be maintained by an AlphaBay staffer surfaced on Reddit to say that the outage was down to a server update, adding that the site would be back online soon.
An update from a different Redditor said the downtime was part of a "security update", which, if things go as scheduled, would mean that the site would return online later today.
AlphaBay is among the largest marketplaces on the dark web, competing against the likes of Abraxas, Dream and Hansa.
Dark web exit scams are far from unprecedented. The Evolution market famously ended with the loss of 40,000 Bitcoins. Exit scams have become an established hazard when conducting business in a criminal marketplaces.
Denizens often rush to assume exit scams when dark web marketplaces go offline, even though a variety of other scenarios might be playing out. Alternatives including intrusions from other criminals, DDoS attacks from competitors, law enforcement interdictions, and even unannounced site maintenance. ®
Sponsored: Becoming a Pragmatic Security Leader