Things You Should Know But Don’t: DarkMarket Takedown

Posted February 1, 2021

The dark web is a seemingly endless, horrifying place where people can anonymously live out their worst impulses. A topic of particular interest for authorities is the emergence of digital black markets – markets that focus on the sale of illegal drugs, counterfeit money, stolen credit card information and other sensitive personal information. These markets are often hosted on private and difficult-to-track servers that operate outside of the law and cannot be accessed without special software.  As a result, it can take months – if not years – for investigations to culminate in any kind of takedown.

Often the discovery of a single dark web marketplace can lead to the discovery of the covert servers (or vice versa) and result in a snowball effect that leads to the discovery of more marketplaces or individual sellers.   For example, on January 12, 2021, DarkMarket was taken down. This was a result of the international investigations into Cyberbunker, the long-standing servers that hosted sites like The Pirate Bay and WikiLeaks in the past, both of which were springboards for this recent takedown. So far, 179 arrests have been made across several different countries.

Unfortunately, there is also what authorities refer to as a “whack-a-mole” effect. This means that taking down one black market site often just sends the users to the next best place, leaving an endless trail of markets that can be difficult to keep up with.

One of the most fascinating dark web takedown stories is from 2017 when Dutch police, unbeknownst to any of the users, seized control of a dark web marketplace called Hansa.  They continued to operate the site normally for months, discreetly changing code to track user information like passwords, bitcoin transactions, and even user location.  Around the same time, the FBI was working in the U.S. on taking down another large marketplace called AlphaBay.  In tandem with the Dutch police, the FBI shut down AlphaBay and as a result, around 5,000 users a day fled to Hansa to continue their trade. None of them had any idea it was under police control. Taking advantage of the whack-a-mole effect allowed the police to gather more data on users than they ever could have imagined, resulting in hundreds of arrests of top sellers who operated on both two sites.

At the time, the Hansa/AlphaBay takedown severely disrupted the dark web trade.  Not just because it made those markets defunct, but because it shook the sense of security and trust users had in their ability to remain anonymous on the dark web, even with software that was meant to protect them from this kind of thing. When criminals realize their anonymity is no longer secure, they look to other platforms from which to commit their crimes.  While these market takedowns are significant when facing an enemy that can seem to reappear at a moment’s notice, like a hydra, just cutting off one head isn’t enough to take the beast down.

Leave a Reply

Your email address will not be published. Required fields are marked *