Owners of "Empire Market" Dark Web Store Worth $430 Million Charged

In partnership with

Welcome to the latest issue of The Breach Report, a cybersecurity newsletter from the creators of the Cybersecurity Careers Blog. Be sure to subscribe via email or RSS.

The Fall of Empire Market, a Dark Web Marketplace

The United States Department of Justice has announced that two suspects have been charged with owning and operating Empire Market, a dark web marketplace. Empire Market provided access to buying, selling, and exchanging illegal goods and services like drugs, counterfeit items, malware, stolen enterprise data, and other services.

The DOJ has charged Thomas Pavey, aka “Dopenugget,” and Raheim Hamilton, aka “Sydney” and “Zero Angel,” with owning and operating Empire Market from 2018 to 2020. Pavey, 38, resided in Ormond Beach, Florida, and Hamilton, 28, in Suffolk, Virginia.

Two suspects could now face life in prison for the illegal drugs, goods, and services marketplace.

Pavey and Hamilton also previously sold counterfeit U.S. currency on AlphaBay, a dark web marketplace that preceded Empire Market. AlphaBay was shut down in 2017.

In just two years, the pair conducted over four million transactions worth $430 million, according to an indictment in the U.S. District Court in Chicago.

The indictment charges include drug trafficking, computer fraud, access device fraud, counterfeiting, and money laundering.

Empire Market was accessible only on the dark web with a .onion address. Multiple vendors sold various drugs and stolen credit card information. At its peak, over 500 new listings were posted per day, and over 52,000 products were for sale across 4,500 vendors.

For only $750, vendors could register to sell anything customers would be willing to pay for.

Payments accepted on Empire Market included Bitcoin, Litecoin, and Monero cryptocurrencies.

The platform became a hub for learning how to conduct money laundering and attempting to conceal cryptocurrency transactions by “tumbling” it through services like Tornado Cash.

Tornado Cash is used by crypto scammers and dark web users to shuffle cryptocurrency funds across a broad range of cryptocurrencies on the Ethereum blockchain.

Lifetime sentences await Empire Market owners

Empire Market was taken down in January 2020 after a coordinated effort by law enforcement agencies in the United States and abroad. Authorities seized and took the marketplace's servers offline, as well as over $75 million in cryptocurrency, cash, and precious metals.

If Pavey and Hamilton are found guilty and convicted on all counts, they will earn a lifetime sentence each.

If history tells us anything, AlphaBay, Genesis Market, and Empire Market may be gone, but clones inevitably rise. Notorious hacker forum BreachForums remains in operation after repeated international efforts to take down the platform.

Instantly calculate the time you can save by automating compliance

Whether you’re starting or scaling your security program, Vanta helps you automate compliance across frameworks like SOC 2, ISO 27001, ISO 42001, HIPAA, HITRUST CSF, NIST AI, and more.

Plus, you can streamline security reviews by automating questionnaires and demonstrating your security posture with a customer-facing Trust Center, all powered by Vanta AI.

Instantly calculate how much time you can save with Vanta.

[Calculate now]

Latest Cybersecurity News

What we’re reading across the wire about the latest cybersecurity hacks, breaches, industry news, and more.

New from our blog:

• NVIDIA Nemotron-4 340B: Large Language Model Training with Synthetic Data (Cybersecurity Careers Blog)

New from our favorite blogs and journalists:

• Inside the Underground Site Where ‘Neural Networks’ Churn Out Fake IDs (404 Media)

• Kraken Crypto Exchange Hit by $3 Million Theft Exploiting Zero-Day Flaw (The Hacker News)

• Empire Market owners charged for enabling $430M in dark web transactions (Bleeping Computer)

• CDK Global cyberattack impacts thousands of US car dealerships (Bleeping Computer)

• Fake Google Chrome errors trick you into running malicious PowerShell scripts (Bleeping Computer)

• Government and military officials fair targets of Pegasus spyware in all cases, NSO Group argues (The Record)

• UN Security Council to debate cybersecurity threats, despite Russian veto (The Record)

• US intelligence 'not seen much' of Russia attempting to interfere in UK elections (The Record)

• Russia may interfere in UK election, warns senior Democratic senator (The Telegraph)

• Men plead guilty to aggravated ID theft after pilfering police database (Ars Technica)

• High-severity vulnerabilities affect a wide range of Asus router models (Ars Technica)

• “Simulation of keyboard activity” leads to firing of Wells Fargo employees (Ars Technica)

Today’s Cyber Wall of Shame

When someone thinks “cybersecurity” is considered a buzzword… in 2024.

Until next time…

Rob Waters
Founder
The Breach Report + Cybersecurity Careers Blog

P.S. - Do you want to start a newsletter yourself?
You can with beehiiv. Create one today with a free trial.
Disclaimer: The Breach Report may contain affiliate links. Read our Advertising policy page.