Deep web underground marketplace AlphaBay was forced to pay a hacker who managed to exploit the vulnerabilities in the internal mailing system of the website, hijacking over 200,000 private unencrypted messages from several users whose identities, illegal trades or even vendor inquiries could be easily exposed.

AlphaBay Was Cyber Attacked By Cipher0007

According to the International Business Times, this was such a delicate situation for AlphaBay, that the Deep web marketplace made a statement in which it said that it have been made aware of the bug that allowed a hacker -or outsider- to view the private messages that was written within the website, and that it was believed that the community has the right to be made aware of what data was obtained. Naturally, this represents a huge setback for a website that clearly depends on the users´ safety and privacy, given the fact that the Deep web is an unsafe space in which this kind of situations tends to happen.

Apparently, the person who made the action was a hacker using the pseudonym Cipher0007, who actually made an announcement on Reddit two days ago, explaining that it used two high-risk bugs in order to steal troves of private messages that belongs to buyers and sellers on the Deep web marketplace AlphaBay, which has been characterized for dealing drugs and other illicit substances. In fact, wanting to prove that it had successfully compromised the users´ information, the hacker posted a series of screenshots in which it was showed images of private random conversations between some AlphaBay´s customers.

The Hacker Also Attacked Another Deep Web Marketplace

As reported by Bleeping Computer, user Cipher0007 also managed to found another bug in the Hansa Deep web marketplace, which allowed the hacker to compile a list of Hansa usernames, being something extremely similar to what this person did with AlphaBay. In any case, this bug has already been reported to Hansa, but the website hasn't made a statement regarding the issue yet.