In 2017, the FBI together with the Dutch Police authorities managed to close the Dark Web drug market, Hansa. Yesterday, the Dutch national television presented all the details of how the Dutch Police managed to close the infamous website.
In 2016, Bitdefender first reported that Hansa, one of the most popular markets on the Dark Web, was hosted somewhere in the Netherlands. Hansa's popularity sparked interest from authorities, who began looking for ways to shut down the site, and arrest those involved.
Its markets Dark Web, such as Hansa, sell drugs, stolen credit card information and various other prohibited goods or services.
Anonymity is ensured through Tor, but also the bitcoin used in transactions.
"Θέλαμε να γνωρίζει ο κόσμος ότι δεν μπορείτε να υπολογίζετε στην ανωνυμία του διαδικτύου για να διαπράξετε έγκλημα - ακόμη και στο Dark Web", δήλωσε ο Gert Ras, επικεφαλής της Netherlands National High Tech Crime Unit, at the Kaspersky Security Analyst Summit held this week.
Let's see how the authorities moved.
In October 2016, the police managed to create one copy of Hansa's private server on their own network. By searching the data they found chat logs and thus managed to locate two of the site's administrators, nationals of Germany.
When they contacted the German police, they were told that both were already under investigation for running a pirated ebook distribution business. However, the investigations made Hansa managers suspect that something was amiss. That's how they transported him server outside the jurisdiction of the Netherlands.
However, administrators used the same Bitcoin wallet to pay for the new server hosting company as the wallet they used for the server in the Netherlands. So the website was found to be hosted in Lithuania.
The police were able to gather a lot of information, such as her size movements from the Hansa servers, the names of the four administrators and their login credentials to the private chat service they used.
Then came the FBI. The Fed at the same time had managed to close another large drug market, the Dark Web Alphabay, and discovered that some of the site's infrastructure was hosted in the Netherlands. The authorities of the two countries agreed to cooperate in a cunning plan. They would initially close Alphabay, and wait for Hansa to fill up, so they could capture more.
So on June 20 last year, the site began operating with administrators Police authorities. The two German administrators were arrested at their homes and interrogated. They quickly acknowledged the operation of the site and handed in the login credentials for their accounts, allowing the police to take full control of Hansa's servers.
So with admin accounts they could see every transaction, shipping addresses, and everything extra information were given by the sellers so that the buyers would not be arrested.
Immediately after a special unit team, took over the project. EUROPOL and other EU police authorities have been notified to make all arrests.
On July 4, they arrested the administrator of Alphabay, gaining access to both an unencrypted laptop and passwords. The next day the page closed and its members started moving to Hansa.
The traffic was so heavy that they had to stop new registrations for a while because the servers could not handle it.
On July 20, during a simultaneous interview in the Netherlands and the United States, it was announced that the servers had stopped working. Police seized more than 2.500 Bitcoins and recorded details of more than 26.000 transactions. Hundreds of arrests followed.