I can't say exactly what happened, because of the raids that coincided with the shutdown of AlphaBay, however I can provide some sort of insight that I am now happy to reveal due to no contact from any of their Admins.
On Sunday July 2nd, I contacted Support to get in touch with a high level Admin immediately. I was directed to create a Forum account and speak with the head admin regarding a huge vulnerability I found which exposed a lot of data and allowed me to identify a separate server IP address tunneling some of their API requests, this server was located in Europe. I rooted this server and was able to send malicious queries through the API to return vendor messages, order details and insert my own orders, which could have allowed me to empty their wallet.
I was told to provide some more info and discussed a large bug bounty with them on Monday 3rd. This was the last contact I had with them before the site promptly going dark, so-to-speak.
The vulnerability found was relatively simple, I hadn't attempted to fuck with the API before and I think it's a bad idea to have any sort of API similar to theirs on any other market. It may seem convenient and allow for integration with other sites, however the security of this is absolutely essential and it's not worth spreading your playing-field in such a way that you compromise your user's security, as the displayed in the past with the amount of data that was able to be leaked.
My theory here is that they have exit scammed on July 4th due to the amount of sales for the holiday weekend and the sheer volume of coin that would have been on the market at that current time and they may have been worried to trust me as I could have still easily outed them after receiving a bug bounty in many ways. They could have also already planned to exit scam on this date already.
The other option of course is the raids. I think this is ENTIRELY coincidental personally as this would have been apparent by now, unless they are still investigating. Taking down the market and no contact from the admins would be a sign to other staff to pack their shit and leave however and they would have all the info they need to find them (if any). If they did seize their servers, there is a high chance that they also found the vulnerability that I mentioned, considering I have ran short tests on the API before and yielded no results, it may have been a recent update that allowed for this flaw to occur.
So why am I telling you all this now? To try and help with some closure on knowing that there is a much bigger chance that this is an exit scam and because I feel I am in the clear, as I was left very paranoid regarding the raid and me having accessed their servers, albeit securely and anonymously, you're never 100% secure and I doubted myself many times over the past week or so.
I also want to raise this now, so we can put an end to this happening. It shouldn't still be possible in 2017, we're almost 4 years from the Sheep Marketplace exit scam and still we don't seem to have learned a thing. Don't think this excludes you if you've moved to Multi-sig only - you too. This is a community effort that needs to pave the way for this to become standard across the board.
/u/wombat2combat /u/theeconomist1 /u/CrushOnJenny /u/pinochetHA
Change the rules, penalize the markets not using true multi-sig only, for the sake of everyone. You can't blame people being too lazy to change in their ways, we actively teach standard market escrow processes. Allow for an announcement, a warning that any markets using centralized escrow will be archived/removed from the Superlist, make it a standard for any new markets that want to launch here, focus all DNMNoobs guides on Multi-sig 100%, adjust/remove any old steps, force people to make the move otherwise more markets will carry on to do the same, even offering both multi-sig and centralized escrow.
Please consider contacting market admins who currently run such shit excuses from markets looking at you Dream. 3 strikes and you're out on security too - people lose their lives due to sloppy security on the markets end.
On a brighter note, I'd like to provide some security reports soon on some markets including new ones such as Sourcery and Wall Street, they had some initial small bugs that I found, not security related however. They are in good standing from what I have saw though.
I will post some extensive reports within the next week or so and going to setup my own onion service for penetration tests, security checkup services and market reports, so users can choose their go-to based on a security rating as well as it's core features.
Signing off.
Thanks for all you do.