Courtesy of the FBI
At its peak in 2015, the anonymous online market AlphaBay had an estimated 200,000 users who used cryptocurrency to buy and sell drugs, weapons, and a myriad of illegal goods and services.
It all came crashing down in July of last year, when U.S. and international law enforcement agencies seized it and arrested Alexandre Cazes, a Canadian citizen who ran the site.
On Jan. 9, FBI Special Agent Nicholas G. Phirippidis told attendees at the ICCS 2018 how “Operation Bayonet,” as it was dubbed, came together.
The bureau’s first break in identifying Cazes came when an agent in Fresno made two arrests of vendors who’d been selling on AlphaBay. Those arrests prompted someone to leak to the agent an e-mail that Cazes had sent to an early user of AlphaBay, and that e-mail revealed both an ISP address and Cazes’ personal Hotmail account.
Phirippidis said that as they began to track down his digital footprint on social media sites around the internet, it appeared Cazes had cleaned up other parts of his name online.
“For the most part, he had a lot of success, but the internet archive and a few other sites that take snapshots through time allowed us to go back and see some of the early uses of the e-mail address affiliated with his name,” he said.
“Like many of these subjects on the dark web, they try to have a firm firewall [to protect their public persona], and every once in a while, they’ll make the smallest mistake. That’s usually how we can attribute a true name to a moniker on the dark web.”
Another feature of AlphaBay that the FBI explored was the site’s so-called “bitcoin mixer,” which was billed as a foolproof way to launder cryptocurrency but which FBI analysts could figure out. They were able to trace …