Dark web marketplaces such as AlphaBay have gained unprecedented popularity in the past few years.
For a long time, darknet markets have been associated with all sort of internet-related crime including drug trafficking, arms dealing, fraud, illegal pornography, and also extortion as well.
For these and other reasons, darknet markets have increasingly become the focus of law enforcement agencies all over the world.
However, law enforcement agencies are not the only parties that dark web markets have to worry about.
Other dark web users and extortionists are quickly becoming a major threat to darknet market platforms.
Cyber criminals are adept at targeting the platforms in efforts to milk as much money as possible from the administrators and users.
A recent report shed some light on one of the latest extortion schemes on AlphaBay, the largest darknet market at the moment.
According to the report, the AlphaBay staff seem to have made several payments to an alleged extortionist.
Apparently, the cyber-criminal in question managed to discover the identity of a former AlphaBay administrator as well as that of current staff members.
This notorious and common attack method is known as doxxing.
It is the practice of researching information particularly identifiable or private information about an organization or individual.
Doxxing is not always done for sinister reasons such as coercion, extortion, online shaming, or harassment.
In some cases, it is conducted to aid law enforcement, business analysis, and social justice.
In the case of cyber criminals such as the AlphaBay extortionist, they often threaten to broadcast the information if a fee is not paid.
An online news and media outlet learned through an official Reddit account tagged “alphabaysupport” that AlphaBay staff had not conclusively determined the authenticity of the dox.
However, they reiterated that the bits of information sent by the extortionist seemed to confirm the dox.
This indicates that the payments made served a precautionary purpose in efforts to protect the identities of the affected employees.
The extortionist boasted of having identified AlphaBay’s creator, Alpha02, last year along with other website employees.
Screenshots provided by the extortionists appeared to confirm that AlphaBay had indeed paid them not to broadcast the information.
The screenshots showed an unconfirmed customer support account conversation on the official AlphaBay site.
The news outlet revealed that they had contact with the said extortionists, where they availed a Reddit account username and password.
The Reddit account was said to contain conversations detailing the exchange between the extortionist and AlphaBay throughout February of this year.
According to one of the threads in the conversations, the extortionists claimed to have traced and uncovered the real-life identity and locations of two AlphaBay employees going by the usernames BigMuscles and Raspi.
The AlphaBay staff then inquired about the price for keeping this information private.
According to the conversation, the extortionist may have received approximately $45,000 in bitcoin (35 Bitcoin) from AlphaBay staff in February.
However, this is mere speculation since the payment could not be verified.
The extortionist allegedly used a PGP encrypted message to send the Bitcoin transfer address.
Cybersecurity experts and law enforcement agencies often insist that victims should not pay the demanded ransom or extortion fees demanded by cyber criminals.
According to the aforementioned thread, after the extortionist was allegedly paid and requested to disclose how they acquired the information, they turned around on the deal and demanded approximatey 147 bitcoin ($190,000+) that was left in the payment wallet.
AlphaBay staff confirmed that they had indeed paid the initial ransom.
However, they would not pay the additional amount demanded by the extortionist.
This is in accordance to a policy implemented by AlphaBay, which strongly prohibit paying extortions and ransom twice.
AlphaBay staff have now resigned to ignoring the alleged extortionist hoping the incidence will blow over.
The question that many people will be asking is why AlphaBay staff readily admitted to paying an extortionist the first time around.