There’s more to the Dark Web than just AlphaBay and Hansa

By 28th July 2017News

Launching in 2014 and 2015 respectively, AlphaBay and Hansa have dominated much of the Dark Web marketplace for weapons, drugs and indecent images of children. More recently, they’ve also both been host to the buying and selling of large amounts of sensitive corporate data like company credit card information, employee network login credentials, intellectual property and company secrets — which criminals have got their hands on via phishing or by other illegal means.

Last week, international law enforcement agencies including the FBI shut down AlphaBay and Hansa. The run up to their closure was an interesting one — on the 5th July, US authorities made a move on AlphaBay, forcing swarms of users over to Hansa. RepKnight noted a number of conversations between buyers and sellers about their next movements over to Hansa. Ironically Hansa actually refused some AlphaBay sellers and users because of their choice of merchandise, but for those that did make the move over, they did so without the knowledge that Dutch authorities had already taken over the site on 20th June.

The good news about the shutdown of AlphaBay and Hansa is the police’s increasing engagement with the Dark Web to combat its threats. After having shut down AlphaBay, police will have seen users switch to new Dark Web sites and will be able to use that incriminating behaviour as evidence against buyers and sellers in court, which will hopefully lead to a higher conviction rate — especially so if they engaged in the purchase of illegal goods or services.

Hansa and AlphaBay — just the tip of the Dark Web iceberg

But while the shutdown of AphaBay and Hansa is certainly great news, when you consider the fact that 80% of the internet is made up of the deep Dark Web, you realise that these two sites are just two grains of sand in a beach full of others. There are dozens of equally large and dangerous Dark Web marketplaces out there, like Dream Market, Valhalla and Wall Street Market. In a recent quick trawl, RepKnight found 14 financial markets dealing in Bitcoin, counterfeit currency, money laundering and hijacked accounts. We as a company regularly monitor the activity of more than 300 markets — many of which are growing thanks to the death of AlphaBay and Hansa.

Based on our experience of the Dark Web, these are the top marketplaces we believe businesses should be aware of. (The list contains recently ‘departed’ markets for context of turnover):

  1. AlphaBay (No longer exists)
  2. Dream Market
  3. Valhalla (Silkkitie)
  4. Hansa Market (No longer exists)
  5. Outlaw Market (No longer exists)
  6. Acropolis Market (No longer exists)
  7. Tochka
  8. House Of Lions
  9. Apple Market
  10. TradeRoute
  11. Wall Street Market
  12. Zion Market
  13. Crypto Market
  14. Silk Road 3.0
  15. The Majestic Garden
  16. Ramp (Russian Forum)
  17. Bloomsfield
  18. Darknet Heroes League
  19. Minerva
  20. RsClub Market
  21. PekarMarket
  22. The Open Road
  23. CGMC
  24. Placemarket

Now that AlphaBay and Hansa no longer exist, Dream Market has staked its claim for the biggest and most dangerous marketplace on the Dark Web — and every organisation is at risk of having its data end up on there (and others) for sale.

So how can you go about finding out if your data is for sale on the Dark Web? Checking manually is not a good idea. Not only is there too much for a company of even a thousand expert IT professionals to sift through, signing up to the Dark Web exposes you to all sorts of horrors, whether it be dangerous and illicit material or phishing from cybercriminals.

The safest and easiest way to monitor the Dark Web is through advanced monitoring tools. RepKnight has developed BreachAlert, which uses automated bots to harvest content from each hidden corner of the Dark Web in real time, and alerts you to posts containing your data within seconds of that post going live. BreachAlert also enables organisations to browse the Dark Web safely through a portal that does not capture images or executables — protecting those that use the RepKnight platform.

The beauty of BreachAlert is the speed with which it works — the quicker you know about a data leak, the quicker you can plug any security gaps in your infrastructure and take action against thieves. And with the GDPR coming into force in May 2018, advanced Dark Web monitoring tools should be essential in any organisation’s GDPR compliance strategy, helping to avoid fines of €20 million or 4% of annual turnover, whichever is greater.

Don’t become a victim. Do something about it before it’s too late.