Attacker Gain Access to 218K Private Messages on AlphaBay Dark Web Marketplace

DarkWeb–A user named “Cipher0007”, posted five screenshots of random user private conversation on Reddit. The Dark Web Marketplace (AlphaBay) confirmed the bug and issued a statement regarding the incident, admitting that the intruder gets access to over 218,000 user’s private messages.

The intruder gets the last 30-day private messages of AlphaBay user due to a bug on their marketplace. He obtained the list of user IDs and their username. And, also the Marketplace PMs not older than 30 days, up to ID 2609452.

Reddit admin confirmed the bug on the same day where the data is breached on their marketplace. AlphaBay admin acknowledged the second bug, which was discovered by the same Cipher0007.

AlphaBay Bugs

AlphaBay is a world of hidden dark web, where one can buy legal and illegal products such as drugs, exploits, malware, stolen data, guns, and more. The user more often talks about their transaction procedure and order details via private messages, where they exchange contact and payment information.

To avoid the AlphaBay user from the threat, admin allows the user to use a PGP key to encrypt the information like delivery addresses, Bitcoin wallet IDs, tracking numbers, and others.

AlphaBay Pays Cipher0007 to Reveal the Secrets

AlphaBay admin paid Cipher0007 to reveal the method that he used to access their user’s private messages and IDs.

Earlier in Aril 2016, AlphaBay suffered from a similar incident, when there is a bug in their API which allowed the attacker to obtain access to 13,500 private messages.

Cipher0007 also found another bug in the Hansa Market after the discovery of AlphaBay Dark Web Marketplace.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s