In 2017, the FBI together with the Dutch Police authorities managed to close the Dark Web drug market, Hansa. Yesterday, the Dutch national television presented all the details of how the Dutch Police managed to close the infamous website.
In 2016, Bitdefender first reported that Hansa, one of the most popular markets on the Dark Web, was hosted somewhere in the Netherlands. Hansa's popularity sparked interest from authorities, who began looking for ways to shut down the site, and arrest those involved.
Its markets Dark Web, such as Hansa, sell drugs, stolen credit card information and various other prohibited goods or services.
Anonymity is ensured through Tor, but also the bitcoin used in transactions.
"We wanted people to know that you can not count on the anonymity of the internet to commit crime - even on the Dark Web," Gert Ras, head of the Netherlands National High Tech Crime Unit, told the Kaspersky Security Analyst Summit this year. week.
Let's see how the authorities moved.
In October 2016, police managed to create a copy of Hansa's private server on their own network. Searching the data, they found conversation logs and thus managed to locate two of the site's administrators, German nationals.
When they contacted the German police, they were informed that both were already under investigation for conducting a pirate ebook distribution operation. However, investigations have led Hansa executives to suspect that something is wrong. So they transferred the server outside the jurisdiction of the Netherlands.
However, administrators used the same Bitcoin wallet to pay for the new server hosting company as the wallet they used for the server in the Netherlands. So the website was found to be hosted in Lithuania.
Police were able to gather a wealth of information, including the size of traffic from Hansa servers, the names of the four administrators and their login details to the private chat service they used.
Then came the FBI. The Fed at the same time had managed to close another large drug market, the Dark Web Alphabay, and discovered that some of the site's infrastructure was hosted in the Netherlands. The authorities of the two countries agreed to cooperate in a cunning plan. They would initially close Alphabay, and wait for Hansa to fill up, so they could capture more.
So on June 20 last year, the site began operating with administrators Police authorities. The two German administrators were arrested at their homes and interrogated. They quickly acknowledged the operation of the site and handed in the login credentials for their accounts, allowing the police to take full control of Hansa's servers.
So with administrator accounts they could see every transaction, the shipping addresses, but also any additional information given by the sellers so that the buyers would not be caught.
Immediately after a special unit team, took over the project. EUROPOL and other EU police authorities have been notified to make all arrests.
On July 4, they arrested the administrator of Alphabay, gaining access to both an unencrypted laptop and passwords. The next day the page closed and its members started moving to Hansa.
The traffic was so heavy that they had to stop new registrations for a while because the servers could not handle it.
On July 20, during a simultaneous interview in the Netherlands and the United States, it was announced that the servers had stopped working. Police seized more than 2.500 Bitcoins and recorded details of more than 26.000 transactions. Hundreds of arrests followed.