fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Notorious AlphaBay Darknet Market Comes Back to Life

Notorious AlphaBay Darknet Market Comes Back to Life

The AlphaBay darkweb market has come back to life after an administrator of the original project relaunched it over the weekend.

At the same time, the admin announced plans for setting up a platform for darknet markets to set up shop with a strong focus on anonymity.

AlphaBay OG announces comeback

AlphaBay started in 2014 and it became the largest darknet market. The business ended when law enforcement took it down on July 5, 2017.

In Thailand, the police arrested Alexander Cazes, a Canadian citizen using the online alias Alpha02/Admin and one of the two AlphaBay administrators.

Someone named DeSnake was the other partner, responsible for the security of the market, and was never caught by the police.

At the end of last week, DeSnake announced on a dark web forum that the AlphaBay market reopened and was ready for business.

Also Read: Don’t Be Baited! 5 Signs of Phishing in Email

DeSnake announces AlphaBay comeback
source: Tom Robinson

Tom Robinson, co-founder of blockchain analysis company Elliptic, found DeSnake’s messages to the darknet market community, where they introduced themselves as the “security administrator and co-founder of AlphaBay.”

DeSnake provided their original public PGP key used in the heydays of the illegal market to prove their claims, allowing anyone to verify the identity on public PGP keyservers:

DeSnake verification via PGP key
source: BleepingComputer

One darknet user confirmed DeSnake’s key and that they were part of the original AlphaBay tech staff. Another one confirmed the admin’s identity after private conversations on “things that only he knew as a staff member of AlphaBay.”

One concern is that the admin may be doing this project from a compromised position, following instructions from law enforcement to trap vendors of illegal products.

One network for many markets

In a lengthy, five-part statement, DeSnake explains that they want to set new standards for a sustainable model and build a “professionally-run, anonymous, secure marketplace.”

The vision down the line is bigger than this, though. DeSnake aims to develop an autonomous and anonymous Decentralized Market Network where anyone can set up a marketplace.

From their description, it looks like an Amazon of darknet markets that allows vendors and buyers to roam from one market to another using one account and without having to trust any of them with their cryptocurrency.

AlphaBay admin DeSnake's vision for a Decentralized Market Network
source: BleepingComputer

DeSnake says that the new AlphaBay has been built to last, using secure and audited code, bulletproof servers, and safeguards against disruptions caused by hardware failure, police raids, or seizures.

Also Read: 4 Reasons to Outsource Penetration Testing Services

The admin also advertised an automated system called AlphaGuard that “assures users/vendors can access their wallet funds (including escrow) at any time on I2P/Tor.”

Another system in place is Automatic Dispute Solver, which aims at solving problems between buyers and sellers without the intervention of a moderator.

DeSnake also laid out a set of rules for the new AlphaBay to avoid drawing unnecessary attention from law enforcement:

  • NO harming others (hitman service etc.)
  • NO guns/guns discussions (even for self-defense)
  • NO erotica/porn of any sorts (logins for major sites are okay)
  • NO fentanyl or fentanyl-laced/based substances
  • NO Covid-19 vaccines of any sorts
  • NO doxing or threats of doxing
  • NO any Russia/Belarus/Kazakhstan/Armenia/Kyrgyzstan-related activity (people, organizations, governments) or citizens data
  • NO ransomware selling, recruiting for access to deploy ransomware or ransomware discussions

Flashpoint researchers note that the rule restricting activity related to former Soviet Union countries is typical for threat actors based in those regions, to avoid scrutiny from local law enforcement.

AlphaBay now uses only Monero cryptocurrency and currently has only two featured listings, both for drugs.

Listings on illegal AlphaBay darknet market
source: BleepingComputer

Statistics for the forum show 19 members that exchanged 72 messages.

In its glory days, AlphaBay served over 200 000 users and 40 000 vendors. It had more than 250,000 listings for drugs and toxic chemicals alone.

Stolen and fake identification documents, malware, hacking tools, firearms, and fraudulent services accounted for another 100,000 listings.

It is estimated that the market transacted at least $1 billion worth of cryptocurrency (mostly Bitcoin) since its creation.

By comparison, the infamous SilkRoad had a little over 950,000 users and about 14,000 listings, most of them for drugs. It transacted 9.5 million bitcoins in two-years time, valued at $1.2 billion at the time.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us