Thai police arrested the 26-year-old administrator of the websiteσελίδαq, Alexandre Cazes, στη Μπανγκόκ και το FBI κατάσχεσε τον κεντρικό διακομιστή του AlphaBay στη Λιθουανία, κλείνοντας μια αγορά που κέρδιζε πολλά εκατομμύρια δολάρια ετησίως από την πώληση ναρκωτικών, κλεμμένων data, και άλλα παράνομα στους 400.000 συν εγγεγραμμένους χρήστες της.
The FBI called the closure of the site a "landmark operation."
But one key player escaped. The former AlphaBay admin number two, and security expert, self-described as a co-founder, was called DeSnake.
Τέσσερα χρόνια μετά το κλείσιμο της αγοράς, ο DeSnake φαίνεται να είναι και πάλι στο Internet και μάλιστα ξεκίνησε ξανά το AlphaBay.
In an extensive interview, DeSnake describes to WIRED how he escaped the "fall" of the authorities on AlphaBay, why he came back and what his plans are for the resurrected Dark Web market.
He communicated with WIRED via encrypted text messages, from a frequently changing series of accounts with different aliases, after proving his identity by signing a public message with DeSnake's original PGP key, which was confirmed by many security researchers.
"The biggest reason I come back is to mention the name AlphaBay and why the founder committed suicide," says DeSnake.
Cazes was found dead in a Thai prison cell a week after his arrest. But many in the DarkWeb community, including DeSnake, believe Cazes was murdered.
AlphaBay's updated version allows users to buy and sell with cryptocurrency only Monero, το οποίο έχει σχεδιαστεί για να είναι πολύ πιο δύσκολο να εντοπιστεί από το Bitcoin, του οποίου το blockchain έχει αποδειχθεί ότι επιτρέπει την οικονομική παρακολούθηση.
AlphaBay's new site is now accessible not only via Tor, like the original AlphaBay, but also with I2P, a less popular anonymous system that DeSnake encourages users to use. He has repeatedly stated his skepticism about Tor and that he is vulnerable to surveillance, but without giving any evidence.
DeSnake says his security practices - both on the new AlphaBay and on a personal level - far exceed those of his predecessor, Cazes, who used the nickname Alpha02.
Cazes was caught, in part, by a Bitcoin blockchain analysis confirming his role as AlphaBay admin, a trick that would have been much more difficult, if not impossible, with Monero.
DeSnake claims that the new security practices he uses will make AlphaBay much more invincible this time around.
DeSnake attributes his freedom to a business security scheme he uses with reverence. He states that his computers work with one "Amnesia" operating system, a Linux distribution that focuses on security, designed not to store data.
He claims that he does not store any incriminating data on hard drives or USB, encrypted or not. He also says that he has prepared a "kill switch" device on a USB, which is designed to erase the memory of his computers and close them in seconds, if he ever leaves them in control.
To avoid the risk of being snatched from his computer while connected to AlphaBay, DeSnake says he shuts it down completely every time he walks away from it, even to go to the bathroom. "The biggest issue in this regard is human needs… I would say this is the biggest inconvenience," says DeSnake. "You make sacrifices and once you get used to it, it becomes second nature."
Recall that the authorities confiscated the laptops of Alexandre Cazes and Ross Ulbricht - the latter is serving a life sentence for operating the Silk Road - while open, operating and logged in to DarkWeb administrator accounts.
DeSnake, on the other hand, claims that his work computer could not license others, even if confiscated.
But all these technical and functional protections may be less important than a simple geographical protection. DeSnake claims to be in a country that cannot be extradited, and is far beyond the reach of US law enforcement.
In messages στο WIRED, ο νέος admin του AlphaBay αναφέρει ότι ζούσε στην πρώην ΕΣΣΔ και μάλιστα παλαιότερα έγραφε στα Ρώσικα σε χρήστες του πρώτου AlphaBay.
AlphaBay has long been rumored to have some kind of relationship with Russia or with Russians. Its rules forbade the sale of data stolen from victims in countries of the former USSR, in order to prevent the Russian authorities from getting involved. Alexandre Cazes wrote under the name Alpha02 on the website, a Russian phrase for "stay safe". But when Cazes was located and arrested in Thailand, many speculated that AlphaBay's Russian footprints were designed to mislead the authorities.
Meet Alexandre Cazes
DeSnake first appeared on the first AlphaBay in the fall of 2014, looking for a new one home, after the Evolution administrators absconded with their users' money. Alpha02 was befriended by a very unorthodox method:
He claims he "popped a shell" on AlphaBay, hacked the site and could run his own commands on the server. But instead of exploiting this breach, he helped the administrator fix it and soon became the site's number two administrator and chief security officer.
What is happening today
Dark Web buyers and suppliers are not exactly crowded on AlphaBay after its return. A few weeks after the restart, it has just 500 listings, compared to more than the 350.000 that the old AlphaBay had in 2017.
These low numbers are probably due to DeSnake's insistence on accepting only Monero. Of course, there are many skeptical DarkWeb users waiting to see if the new AlphaBay goes ahead. DeSnake, on the other hand, says that dark markets usually gain new users only if another popular market closes or is ruined by the authorities.
DeSnake, meanwhile, is trying to lure users with promises of another unproven system called AlphaGuard, which is designed to allow users to withdraw money even if authorities seize AlphaBay servers again. .
Many see the DeSnake move as very suspicious. If the authorities had contacted him and launched the new AlphaBay as a honeypot, they could "gather" a lot of people, buyers and suppliers.
Of course, DeSnake says that if that had happened, the authorities would have reused the original AlphaBay code. Instead, he says, he rewrote the code from scratch. He also points out that the restriction on transactions with Monero only protects users much more than a site that simply accepts Bitcoin.