Alpha02 was trapped by LE 'issuing a reboot command to the server'

A bit more info on how they caught 'Alpha02' with his computer open that I have not seen on Reddit.

"The security forces caused the server to shutdown. This forced Cazes to access the AlphaBay forums to reply to upset users. Additionally he was forced to access the servers to attempt to reboot them to bring them back online."

Source:

https://blog.comae.io/dark-net-trap-545ae5dd8476

LE timed the raid for when they knew he would be online with his computer unencrypted.

I am thinking the Canadian RCMP, pulled a plug on a server or something similar just before the raid to make sure he would be at his computer trying to fix the site when the Thai police raided him.

Edit: Does this mean they located the server but could not access it?


Comments


[36 Points] None:

Those Thai ladyboys got him good.


[12 Points] trynakick:

The part about his email address is just stunning to me. Pre-DNM use I knew exactly nothing about infosec except that it was a bad idea to make my password, "password" and I still made compartmentalized email accounts for porn and Craigslist (poorly compartmentalized but still, I had the basic idea).

This feels so stupid it makes me wonder if it's a cover for more sophisticated techniques. If it really was this simple, the dox should have shown up here at some point. But the only alpha02 dox I remember was from the (asinine if generally reputable) whyusheep/hacksforcracks. Who had it on the wrong continent. I now feel bad for that guy.


[12 Points] urAdumbnigger:

I just spoke to alpha02 via oujie board. Asked him what he's up 2. Just said "hanging around" and then nothing else


[10 Points] shimakaze_kun:

This forced Cazes to access the AlphaBay forums to reply to upset users. Additionally he was forced to access the servers to attempt to reboot them to bring them back online.

23 million USD in profit and he still cares about his uptime -- it's kinda tragic how he kept running the damn thing wayy too long :(


[3 Points] alt_right_shift:

The security forces caused the server to shutdown. This forced Cazes to access... the servers to attempt to reboot them

How do you remotely access powered off servers? I mean yes it can be done if you have some sort of "lights out" management, but do many ISPs offer that?


[2 Points] None:

I can't wait for the in depth wired article about this ! I bet Tarbell was pulling the strings !


[2 Points] kilogrammes:

But seriously, what idiot thinks Thailand is an offshore country. Wikipedia alone will prove that Thailand's LE will suck the ass of any Western Force.

And why would you be lavish while you know yourself you have warrants out for you 8 years earlier?

Hmmmm my Quebecois brother, idiot.


[2 Points] bhp5:

Lessons learned: Admin your DNM site inside of a locked vault, nowhere else


[1 Points] ItzNotLuck:

Seems like they located the server first and they wouldn't of just pulled the plug on the server if they had access imho since they somehow thought about using hansa as a honey pot


[1 Points] Anotherwonton:

Kind of what I was thinking maybe they got access in Canada and were able to see when he got on to time the raid.


[1 Points] ugotitright82:

The article mentions that Dutch police ran Hansa for a month.. are they be going after people ordering recreational amounts ? Friend of mine in US has used AB & Hansa daily for small amounts of product daily (orders ~$200), should he be worried?