The holiday season has started on AlphaBay Market with most traders offering customers amazing deals for saving
on their money. One vendor, in particular, is offering buyers molly for $25 a gram before New Year’s Eve, including single grams for 30 bucks. Standard priority shipment is $7 for orders that are below $250.
Despite this offer, others were providing even lower rates to attract more people such as 20 bucks an ounce. Still, some AlphaBay Market vendors are more lenient giving customers a one-time holiday deal of $5.9 a gram. Seemingly, this is one of the best molly prices currently available on the darknet market. Similarly, other AlphaBay Market dealers have released weekly threads showing all the offers they will be providing during this holiday period. Customers can also place in suggestions on the kind of deals they would want to see, including delivery options where possible.
Other products being sold on discount are Girl Scout Cookies and Blue Haze; furthermore, the darknet market trader is working hard to ensure that more strains are introduced into the market in time for the holiday season. Buyers can check the many positive reviews posted by other users on AlphaBay Market to determine the best offers that are available.
According to the vendor, for Blue Haze products, one can get an extra 7 grams of the strain by ordering an ounce or higher of the item. Customers are given a code to use in their PGP when placing an order to get this offer; the dealer is providing it to the first 30 individuals who will use this code.
Nevertheless, these offers are apparently limited only to the holiday season.
Aaron James Glende, 35, was charged and brought before the United States District Court in Atlanta for selling personal credential information, including stolen bank account login details. Aaron used a pseudonym “IcyEagle” to conduct his illicit activities on Alpha Bay Market.
It is revealed that IcyEagle began marketing his criminal services on the Alpha Bay Market from November 2015 to May 2016.
Alpha Bay Market is a darknet market built with features that made it easy for buyers with intentions to procure criminal services.
The listings on the darknet market even had categories such as fraud, drugs, counterfeit items, etc. Users could, however, make payments using digital cryptocurrency such as Bitcoin.
The Alpha Bay Market vendor known as IcyEagle was said to have sold a lot of customers’ information of various companies, including banks.
However, the most popular dealings were the transactions IcyEagle made with regards to information belonging to SunTrust Bank clients.
The FBI revealed the criminal activities of IcyEagle on Alpha Bay Market.
In the months of March and April this year, on totally different dates, an undercover agent accessed the Alpha Bay Market and made the purchase of SunTrust Bank account information from the vendor, IcyEagle, using bitcoin.
The undercover FBI agent revealed that the information he obtained from IcyEagle actually contained active email addresses, bank account numbers, telephone numbers, usernames, and passwords of at least five different customers of SunTrust Bank.
As a matter of fact, IcyEagle priced and categorized the SunTrust Bank account credentials depending on the amount of money in the bank accounts.
For instance, bank balances that fell in the range of $250,000-$500,000 cost for $229.99, while low-balance bank accounts were sold for $9.99, for balances of about $100-$500.
In addition to that, IcyEagle made life easier for his customers by selling them a 6-page tutorial on how to withdraw the money out of the SunTrust Bank accounts.
The tutorial IcyEagle sold to his Alpha Bay clients consist of sections on background checks, routing numbers, bitcoins, and other tips.
There were several other listings posted on Alpha Bay Market by IcyEagle that were not related to the SunTrust Bank. He also sold hacked Amazon gift balances.
Other accounts for sale include email logins, customer reward program logins, dating site logins, and logins for different financial services among others.
Coincidentally, almost at the same time of his arrest, the police were also given a heads up about IcyEagle’s involvement in trafficking narcotic substances. This was a tip from the US Postal Inspectors to the local police.
The police raided IcyEagle’s home in Minnesota and actually found a variety of drugs at the Alpha Bay vendor’s place.
It was after this drug-related arrest that the Federal Bureau of Investigations began tracking his activities on the darknet market.
In a recent press release, the Special Agent in Charge of FBI Atlanta, J. Britt Johnson, commented on the issue and noted that the FBI department is fully aware that cyber crime and cyber criminals like Aaron Glende, also known as IcyEagle, were becoming a persistent increasing problem for American citizens.
Agent Johnson, however, assured the public that the IcyEagle investigation and his arrest was a clear indication that the FBI was working closely with other law enforcement agencies, will track, identify and arrest these cybercriminals regardless of how deep in the digital underground they reside.
In conclusion, Aaron James Glende was found guilty of having used the Alpha Bay darknet market to source for clients and sell information containing different personal credentials of innocent people.
The court sentenced Aaron James Glende, alias, “IcyEagle” to four years and two months in prison.
A security researcher from Emsisoft, Fabian Wosar, recently revealed that he had discovered a new decrypter that could unlock files closed by the Philadelphia ransomware. This malware is relatively new and was developed by the same person who created the Stampado ransomware.
Like many other ransomware software currently in circulation on the dark web, Philadelphia targets encrypted files and removable drives based on a list of sanctioned files extensions, before finally uploading its ransom message.
Wosar had earlier released another free decryption tool for Stampado, but since the two programs are related with both being coded in AutoIT scripting language, he was able to unravel Philadelphia’s method of operation and create a fully functional decrypter before it could cause any damage.
Hacked Alpha Bay Market account – discovery of Philadelphia
A hacked Alpha Bay Market account had earlier led to the discovery of Philadelphia; news about its existence first came to light on September 7th, when an online user called Arslan0708 posted a chat message between a possible hacker, SkrillGuide2015, and Philadelphia’s developer known as The Rainmaker.
Arslan0708 says that he cracked a machine owned by an Alpha Bay Market user, and was able to remotely access a Jabber/XMPP chat between the two parties.
Since this activity was illegal, the individual refused to reveal any further details, but his hacking of the Alpha Bay Market account unraveled the upcoming ransomware threat which later turned out to be Philadelphia.
During the conversation on the Alpha Bay Market, The Rainmaker was discussing a new ransomware file he had just finished creating and was now selling it for $400.
Previously, he had sold the first ransomware, Stampado, at a much lower rate of $39.
The ransomware makes use of a new C&C communications system; it works through bridges or proxies that report back to the main server.
Nevertheless, founder of Bleeping Computer and malware analyst, Lawrence Abrams, identified certain problems with Philadelphia’s implementation of the Bridges system.
He says that unless the bridges are stored on anonymous networks such as Tor, they are likely to be discovered and brought down pretty quick.
However, since these bridges are hardwired inside the Philadelphia system code and cannot be retrieved automatically, if these servers are disabled then it leaves victims in a bad situation of inability to pay the ransom and decrypt their files.
Another feature that’s worth highlighting about this ransomware is the existence of a “Mercy” button; hackers can use it to decrypt the victim’s files without first requiring a ransom.
Recently, security researchers discovered an email spam that was delivering an overdue payment message from Brazil’s Finance Ministry; it was infected with Philadelphia.
You can identify a Philadelphia ransomware by the long random names found on their encrypted files and .locked extensions.
The ransomware requests for only 0.3 BTC from the victims, which is around $210.
Beware that Philadelphia can delete a certain number of files from infected computers, particularly if the victim delays on paying the ransom.
Once a machine has been infected, the victim should decide quickly whether they want to pay the ransom or download Fabian Wosar’s decrypter.
If they take too much time before decrypting, a huge portion of their files will go missing.
Philadelphia operates differently from other ransomware; however, its operations rely mostly on bridges which have the capacity to infiltrated shared networks.
It’s a PHP script that makes use of its own database, no MySQL. They can store the user’s keys, verify payments and even show the victim’s data on the headquarters server safely.
They can also be hosted on all types of servers, including those that have been hacked, shared hosting networks, dedicated and VPS servers amongst others.
To infect an unsuspecting victim, the hacker who buys a Philadelphia license for $400 must first install PHP scripts for the bridges found on their attack sites.
Additionally, they need to put up Philadelphia Headquarters program onto their machine. This control panel allows them to access every bridge on their network, which ultimately gathers random information about the victims and also records encryption key.
Nevertheless, the ransomware claims that it innovates over other crypto-malware samples already in existence, by auto-detecting when victims are making bitcoin payments.