Quantcast
Dark Web Market AlphaBay Staff to Alleged Extortionist: Don't Dox Us, Here's Some Money

“How much do you want for that?”

It's not only the feds that threaten dark web marketplaces. Opportunistic hackers target these sites too, perhaps looking for a way to squeeze some bitcoin out of the marketplace owners.

Consider the staff of AlphaBay, currently the largest dark web marketplace, who appear to have given an extortionist several payments, because the extortionist claimed to have uncovered the identity, or dox, of a former administrator and current employees of the site.

"We do not know if the dox is true or not, but with what he sent us, a lot of things make sense, so we are trying to protect this guy," alphabaysupport, an official Reddit account for AlphaBay, told Motherboard in a private message.

The extortionist first contacted Motherboard in August 2016, saying they had identified Alpha02, the creator of AlphaBay, and other staff members of the site. The extortionist provided screenshots of an alleged conversation with a customer support account on AlphaBay itself, which suggest the extortionist was paid in exchange for keeping the dox private.

Fast forward to this week, and the extortionist gave Motherboard the username and password for a Reddit account that includes conversations with alphabaysupport conducted throughout February. 

"In the past few months I have been tracing BigMuscles' and Raspi's online footprints in addition to what I previously had shown you and now have conclusive evidence pointing to their real life identities and whereabouts," the extortionist writes, referring to two AlphaBay staff members.

"How much do you want for that?" alphabaysupport replies.

extort

One of the messages sent by alphabaysupport to the alleged extortionist.

Judging by the messages, it appears alphabaysupport may have paid 35 bitcoin (around $45,000) to the extortionist in February. The bitcoin address allegedly used to transfer the funds was sent in a PGP encrypted message, however, so Motherboard cannot independently verify that a payment indeed took place. The extortionist declined to provide the address to Motherboard. 

"Done, hope the fee is high enough. Please let us know how you found the information," alphabaysupport writes.

"You've shot yourself in the leg and dug your own hole by paying me," the extortionist replies, before demanding even more money: 147.92 bitcoin (over $190,000) allegedly left in the wallet used to pay them originally.

Alphabaysupport told Motherboard that they did pay the extortionist.

"The amount the attacker asked for was reasonable so we paid, but once we paid, he said he wanted more," alphabaysupport claimed. "We have a very strong policy of not paying an extortionist twice, so he is now making throwaway accounts and sending us proofs of his Jabber conversation with you in an effort to extort more coins from us. Now we are just ignoring him and we hope he will just get tired shortly." 

The question is, why did alphabaysupport so readily "admit" to a journalist that they paid an extortion demand? It's unclear whether or not that would simply increase the chance of more extortion. 

According to alphabaysupport, however, there's another reason they paid on top of the threat of identification: "to avoid a potential reddit shitstorm."

Subscribe to pluspluspodcast, Motherboard's new show about the people and machines that are building our future.