Alphabay shutdown: Bad boys, bad boys, what you gonna do? Not use your Hotmail...
...or the Feds will get you ♪
Analysis The alleged owner of dark-web marketplace AlphaBay was tracked down by FBI because he was stupid enough to include his real Hotmail address in the content management system used to run the site.
That is one of the eye-opening details in the case of Alexandre Cazes, the 25-year-old arrested earlier this month in Thailand suspected of being the administrator of an illegal marketplace trafficking in drugs, guns, counterfeit goods and hacking tools, among other items.
Cazes must have known that investigators would be all over him: AlphaBay had grown into the internet's biggest black market, with over 200,000 users and 40,000 sellers. It had more than 250,000 listings – making it nearly 20 times larger than Silk Road, which was shut down in 2013 after a massive investigation by the FBI.
Which makes it all the more bizarre that, according to American prosecutors, he used his real email address, albeit a Hotmail address – Pimp_Alex_91@hotmail.com – as the administrator contact for the marketplace software. As a result, every new user received a welcome email from that address when they signed up to the site, and everyone using its password recovery tool also received an email from that address.
However, rather than carefully set up and then abandon that email address, it turns out that Alexandre Cazes – Pimp Alex – had been using that address for years.
US Dept of Justice lawyers, in their case against Cazes, said "law enforcement subsequently learned the 'Pimp_Alex_9l@hotmail.com' email address belonged to a Canadian man named Alexandre Cazes with a birthdate of October 19, 1991, matching the numeric identifier in his Hotmail email address."
Not only that, but Cazes had also used the exact same alias as the admin username for the AlphaBay marketplace – Alpha02 – and associated it with the Pimp Alex Hotmail address for many years, leaving a long digital trail that investigators easily followed.
And if there was any doubt, Cazes repeatedly added his full name to blog posts using that alias, and that email address on online forums.
It was of course still possible that the real mastermind behind the marketplace had elaborately set up Cazes as a fall guy, creating a digital trail to point them to the wrong guy. That would have been smart.
Except when the investigators stormed Cazes' house in Bangkok, Thailand, they found him still logged into the AlphaBay website as the admin and actively communicating about problems with one of its data centers.
Adding to the fact that Cazes had done a terrible, terrible job of protecting himself and his illegal activities, he also did not encrypt his personal laptop – because when law enforcement searched it, they found "passwords to AlphaBay's servers and other infrastructure."
And just in case you had any doubt that this was not a criminal mastermind at work, Cazes had also used his Pimp Alex Hotmail address as well as an email address from his own business – EBX Technologies – to set up online bank accounts and crypto-currency accounts. How did law enforcement know that Cazes was behind EBX Technologies? It was on his LinkedIn profile.
All of this enabled the authorities to do a huge sweep of his assets and turn up $5m in Bitcoin, $2m in Ethereum, $770,000 in Zcash and $474,000 in Monero – all now shifted to government accounts.
That was just the cryptocash. Cazes' miserable operations security also led investigators to accounts in his and his wife's (Sunisa Thapsuwan) names at Bangkok Bank, Bank of Ayudhya, Kasikorn Bank, Siam Commercial Bank and several others.
Even more amazingly, the cops didn't even have to ask the banks for accounts under those names: Cazes had listed all of his accounts, his houses and his luxury cars in a spreadsheet on his unlocked, unencrypted laptop.