Slashdot Mirror
Silk Road Shut Down, Founder Arrested, $3.6 Million Worth of Bitcoin Seized
New submitter u38cg writes Ross William Ulbricht, known as 'Dread Pirate Roberts,' was arrested in San Francisco yesterday and has been charged with one count each of narcotics trafficking conspiracy, computer hacking conspiracy, and money laundering conspiracy, according to a court filing. Silk Road has been shut down and some $3.6m in Bitcoin (26,000 Btc) seized. The question is — how?"
onyxruby submitted a link to the criminal complaint (PDF; coral cache might work better). The court filing indicates that they seized the actual servers and recovered their contents, making numerous references to the private messaging system. Also according to the court filing, the Silk Road was used to sell ~$1.2 billion in illicit goods since being founded in 2011.
Nope, apparently Canadian authorities turned up some fake ID in a routine postal search.
According to the complaint, they tracked him by intercepting fake id's he sent to his actual home address. Whether they breached TOR and just set him up, or just hit the stupid mistake of a lifetime by him using his actual address I doubt we will ever know. In any case, they traced things back to him in the end it seems.
Tor isn't a magic bullet. It's still fundamentally putting your trust in someone else. There's always a human element to relay communications. Any complicit person can yield some useful information. You can encrypt what you're saying, but someone has to know who you're talking to.
The only surprise here is why this arrest and seizure took so long. I hope all these evildoers and drug pushers realize now that they can't hide behind anonymity and the authorities can prosecute and punish these dastardly bastards.
Congrats to the FBI, DEA, and government for taking this hooligan down.
Sounds like you need a mushroom session.
it appears that agents found Ulbricht after Canadian border authorities routinely checked a package intended for his San Francisco home and discovered nine fake identification cards within, which Ulbricht allegedly was seeking to obtain to rent more servers to power Silk Road as it massively expanded.
source: http://www.forbes.com/sites/alexkonrad/2013/10/02/feds-shut-down-silk-road-owner-known-as-dread-pirate-roberts-arrested/
On reddit it was reported that a parcel containing fake IDs (presumably to buy servers) mailed to DPR was intercepted at the Canadian border, and this is what lead to the arrest.
Nope. ... and a name and address.
http://krebsonsecurity.com/wp-content/uploads/2013/10/UlbrichtCriminalComplaint.pdf
TLDR version:
A user named altoids advertised SR on various forums very early on.
Later the same user wanted some dev work done, used a gmail address as contact.
Same gmail address leads to a LinkedIn profile
Seize that dudes computers.
Find keys to the kingdom for the SR servers.
https://medium.com/p/d48995e8eb5a
I didn't write it.
Link to indictment contained within too.
http://lkml.org/lkml/2005/8/20/95
You had me sold on this theory, right up until you said "warrant".
Then I knew it was bullshit.
Like our government feels the need to recognize the legal process anymore.
You know that he's going to have a trial, right? And that the FBI won't want him to get off because there was no warrant for the evidence the prosecution presents in that trial, right? There might very well be unconstitutional monitoring in this process, but to bring it to court and get a conviction, a warrant is necessary paperwork.
No. http://www1.icsi.berkeley.edu/~nweaver/UlbrichtCriminalComplaint.pdf has more info. DPR got extremely sloppy with keeping his identities separate. The Tor part worked fine.
From Forbes: "Agents found Ulbricht after Canadian border authorities routinely checked a package intended for his San Francisco home and discovered nine fake identification cards within, which Ulbricht allegedly was seeking to obtain to rent more servers to power Silk Road as it massively expanded." Link: http://www.forbes.com/sites/alexkonrad/2013/10/02/feds-shut-down-silk-road-owner-known-as-dread-pirate-roberts-arrested/
It didn't stop them from abusing the crap out of the law when they got Kim Dotcom. That said, Kim might walk because there was so much prosecutorial misconduct.
I read the internet for the articles.
Using the word "evildoers" in a context other then a Saturday morning cartoon means that he is brainwashed.
It sure doesn't read like TOR was compromised. It was the Gmail account DPR left when first advertising SR on a shrooms site. The FBI (if they aren't just covering for the NSA) do seem to have caught DPR through old fashioned sleuth work. Yes, they managed to copy a server but they still couldn't get the names out of it, only link the messages and transaction dates to other events they tracked down to DPR after tentatively identifying him using Gmail, Google+ and LinkedIn. Ouch.
It's not a "lucky coincidence". I'm Canadian and I buy some stuff online. Here's why they tend to open packages:
1. Canadian Border Services gets $5 for every package they open. (I call this the "putting their dick in it" fee.) You can not appeal this fee.
2. As you have more stuff sent to you, they tend to open more of your packages. My ex-wife ordered lots of stuff online (mostly knitting supplies) and towards the end of her interest in her hobby, they were opening 90% of her packages. Mine were rarely opened.
3. They get a little more openy when you're doing your own brokerage. FedEx and UPS charge about $40 for brokerage, so some people do it themselves for $10. This requires you to go down to the border (or quasi-border), which in my city is the airport.
So it wasn't a tip-off, it was just CBS looking for extra cash.
---
ECHELON is a government program to find words like bomb, jihad, plutonium, assassinate, and anarchy.
Every incoming (or, I guess, in the case of Canada, outgoing) mail parcel goes through an x-ray (I'm not saying they actually pay a lot of attention to each one; it's kind of luck-of-the-draw.) If the inspector sees a package containing a bunch of plastic cards and something that looks like a passport, they are naturally going to wonder what that's doing being sent via international mail. It's not as if you can accidentally leave your passport at home when leaving the country.
Because customs facilities are on international borders, they don't need anything but the barest suspicion to take a peek in your package, certainly not a warrant.
But yeah, hosting SR in SanFran was not very bright. Of course, given that what he was doing would get him arrested in pretty much every country in the land, there's not really any good location for the servers. Even in Russia, you would have needed some pretty good underworld connections to keep those servers out of govt. hands.
So you feel it is ironic that the NSA didn't catch something that the NSA has publicly stated they are not looking for? NSA isn't law enforcement, they may sometimes help them out or give them info they have found, but it isn't their job to collect data for busts like this.
http://www.reuters.com/article/2013/08/05/us-dea-sod-idUSBRE97409R20130805
We already know the NSA is sharing information about illicit drug trafficing with the DEA, and asking the DEA to obfuscate where the information is coming from.
#DeleteChrome
> Or sell it off for legit cash and move somewhere offshore.
Previous interviews with Roberts indicate that, just like his namesake, he indeed was not the founder but a guy who became involved and later purchased it from the founder. If the stories are to be believed, he was the first person to break their security and then, played ethical hacker and told them how he broke in and helped them fix the problem.
http://www.forbes.com/sites/andygreenberg/2013/08/14/meet-the-dread-pirate-roberts-the-man-behind-booming-black-market-drug-website-silk-road/
"I opened my eyes, and everything went dark again"
Look up "Parallel Construction". Regardless of how much they originally had on him through NSA channels or whatever, I assure they have a clean paper trail with enough to take him to trial for stuff he did after they already had warranted phone taps and e-mail, etc.
Peter predicted that you would "deliberately forget" creation 2000 years ago...
The US govt seized my bitcoins which silk road kept for me. I am not a US citizen. I have not committed a crime involving us soil or citizens. Will I be able to reclaim my bitcoins? I was actually keeping them there as a safe haven.
You will probably not be able to get your coins back. They have been seized via civil forfeiture. To get your coins back, you will need to establish proof that you are the owner of the coins and that you qualify for an "innocent owner" defense under 18 USC 983(d). Specifically, you will need to show that you "(i) did not know of the conduct giving rise to forfeiture; or (ii) upon learning of the conduct giving rise to the forfeiture, did all that reasonably could be expected under the circumstances to terminate such use of the property."
So, can you show that you did not know that drugs and other illicit materials were being traded on Silk Road? If not, can you show that you tried to get your coins out as soon as you learned this was the case? If not, then goodbye money. You shouldn't have knowingly comingled funds with criminals.
Beyond the unlikelihood of successful recovery, I would point out that attempting to claim your coins may put you at risk of criminal charges for your own actions. I note that you specifically mention that you "have not committed a crime involving us soil or citizens" (emphasis added). If you have used your coins to participate in a crime elsewhere or have participated in activity that is legal elsewhere but criminal in the US (e.g. trade in controlled substances), you may run afoul of money laundering charges (18 USC 1956-1957) and RICO (18 USC 1961-1968).
I highly recommend you consult a real attorney first. (I am not one!) Be honest with them; you have attorney-client privilege in the US and in many other countries, and they cannot give good legal advice without all the facts. Don't be reckless, though. Since you're a foreign national, any calls to the US will most likely be monitored according to recent news, and the DEA is accused of using information they can't legally obtain to fake up a "clean" evidence trail that can't be constitutionally impeached. If possible, you may wish to seek an attorney local to your country who works with US law internationally.
Final note: I am not a lawyer. This should not be construed as legal advice, and I may be quite wrong on several aspects of the above. If you are in serious trouble, consult a real attorney and not Slashdot.
If it's for-profit but free, you're not the customer -- you're the product (e.g., the Slashdot Beta's "audience").
Now, onto how he got caught... An agent involved in the investigation ("Agent-1"), found the first few references to SR on the internet from somebody only identified as "altoid", attempting to promote the site in its beginning days, in January of 2011.
In October of the same year, a user also going by the name of "altoid" made a posting on Bitcoin Talk titled "a venture backed Bitcoin startup company", which directed interested users to "rossulbricht at gmail dot com".
That email address is what led to DPR's downfall.
---
After identifying "altoid", they started connecting the "DPR" identity to Ulbricht pretty quickly.
Ulbricht's Google+ page and YouTube profile both make multiple references to the a website dubbed the "Mises Institute". DPR's signature on the SR forums contained a link to the Mises Institute.
DPR cited the "Austrian Economic theory" along with the works of Ludwig von Mises and Murray Rothbard, all of which are closesly associated with the Mises Institute.
Server logs show that someone logged onto the SR administration panel from San Fransisco around the same time that Ulbricht was staying in San Fransisco.
Multiple fake IDs were intercepted by U.S. Customs & Border Patrol while on their way to an address which Ulbricht was living at the time.
These IDs all carried photos of Ulbricht but had false names and details. This was around the same time that DPR stated in a message that he was acquiring some fake IDs to buy new servers.
When questioned by Homeland Security about the fake IDs, he refused to answer any questions but then stated that anyone could purchase such things using "Silk Road" and "Tor".
The address which Ulbricht was staying at was being rented in cash and he was living with housemates who knew him under a name which corresponded with one of the fake IDs.
He posted on StackOverflow using his real name, inquiring about how to use curl/PHP to grab things off Tor, before quickly changing the name to "frosty" (with a fake email: frosty@frosty.com)
Thought my money is on NSA and parallel construction.
You can encrypt what you're saying, but someone has to know who you're talking to.
Actually, no. Someone has to know who you are, and someone has to know who's being talked to, but they needn't be the same person. The way Tor works is that there are at least two "interior", routing-only nodes. Let's call the sender A and the receiver D; the interior nodes are B and C. A opens an encrypted connection to B, and tells it to connect to C. A then opens an encrypted channel to C using B as a relay, and yet another encrypted channel to D relaying through both B and C. B knows about A and C; C knows about B and D; and D knows about C. Unless the nodes are sharing information, none of B, C, or D know that A is communicating with D.
Note that this bust didn't result from compromising Tor; the SR operator was discovered through old-fashioned customs inspections.
"The state is that great fiction by which everyone tries to live at the expense of everyone else." - Bastiat
"Judging by every metric, decriminalization in Portugal has been a resounding success," says Glenn Greenwald, an attorney, author and fluent Portuguese speaker, who conducted the research. "It has enabled the Portuguese government to manage and control the drug problem far better than virtually every other Western country does."
It's fine to hypothesize whatever, but from what I can tell, hard evidence suggests there are easy solutions. I have yet to see any case studies that show prohibition working, in contrast.
Legalization of heroin or other highly addictive drugs would be disastrous
Sorry, this experiment has been run (Portugal) and decriminalizing and getting people treatment drops the usage rate by more than half in just a couple years and greatly reduces crime.
Ignorance like yours is what keeps the level of addiction up as well as the crime rate. You should feel bad.
My God, it's Full of Source!
OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
> I'm still flabbergasted that he was using servers in the U.S.
He may have used some servers in the U.S. but the server the FBI grabbed was overseas. From the complaint, page 14, item 22:
There's a list of U.S. Mutual Legal Assistance Treaties here. Who's got a guess?
This guy, Ross Ulbricht, made a number of critical mistakes irrespective of his use of TOR. For example, he posted on the shroomery.org forums using the user name "altoid" and then again a few days later on bitcointalk.org with the same user name. The court documents aren't clear on whether or not he was using TOR at the time he made those posts or when or how he created those accounts in the first place. Apparently, these were some of the earliest public posts promoting what would ultimately become the Silk Road. Eight months after that, the "altoid" identity was used again on the bitcointalk forum to advertise for an "IT pro in the Bitcoin community" to hire for a job with a "venture backed Bitcoin startup company". This was critical because the email address for the job posting was rossulbricht at gmail. So this guy used his real email address (which contained his real name) posting as "altoid", the same account that had earlier promoted the Silk Road concept on both shroomery and bitcointalks: epic fail. . From there it was proverbial cake for the authorities to monitor his Google accounts and trace the IP address of his logins to an Internet cafe in San Francisco. They also found that he had an account on the Mises Institute website (an Austrian Economics organization) under Ross Ulbricht and the Silk Road website also linked to the Mises Institute website. Yet more evidence, albeit circumstantial, that Ulbricht was the one behind Silk Road. Game, Set and Match to the the 3 letter agencies and the USSS. Have a nice day.