Silk Road got shut down today not because the NSA slurped up secret information and not because the site admin-turned-admin got flipped while trying to flee the country. The site came tumbling down after someone at the FBI decided to do about 20 minutes of Google. Maybe a bit of Bing too, who knows.
Here’s some facts about Silk Road and what charges this guy is facing!
Interesting things from the document so far:
- Cryptography was really good, and the complaint states that the TOR network makes it “practically impossible” to trace users.
- The tumbler worked. It “frustrates attempts to track transactions back to the blockchain and makes it practically impossible to trace users.”
- There were 9 MILLION bitcoins worth of transactions that passed through the system over time.
- The server was in a foreign country. The report does not say where.
- There were 957k registered silkroad accounts.
- 146k unique buyer accounts.
- It’s unstated from when the investigation started, but they received a complete copy of the Silk Road web server on the 23rd of July 2013. This was all done under the Mutual Legal Assistance Treaty, which implies that they had access to current site information up until the point they shut the site down.
- This included user account and transaction information. It’s unclear whether or not this covers addresses and other sensitive transaction information. **This also apparently covers at least 60 days worth of messages from the period where the site was copied. It seems from the information, PGP messages were probably ok given that the document said PGP makes it practically impossible to trace the users.
- Silkroad maintained a small staff of admins, it wasn’t just DPR.
- It is not certain that PGP worked for DPR, they have messages between the staff and DPR from “forensic analysis of the server.” Unless he was not using PGP.
- DPR solicited murder for hire. Someone was able to obtain thousands of usernames, passwords, and personal info of silkroad users. It is assumed the feds have this, because they speak about the sample messages of names that the hacker sent. As a result, DPR attempted to have him killed. It is not known if the guy ever was indeed killed.
- The silk road was basically made from the shroomery.com, it was the first place he visited. They traced him by finding his old posts on various forums where he advertised it, not as the owner, just saying “I found this site, what do you think about it?”
- They caught Ross Ulbricht through simple web sleuthing and a few subpoenas.
- He did his web administrating from an internet cafe on Laguna Street in San Fransisco.
- Canada intercepted fake ID’s going to his home. This was used to match with fake ID requests.
- For all the money he made, he lived in a small apartment with room mates for under 1000 a month.
- Here is the blockchain transaction for the “hit”:http://blockchain.info/en/tx/4a0a5b6036c0da84c3eb9c2a884b6ad72416d1758470e19fb1d2fa2a145b5601
- youtube URL: http://www.youtube.com/user/ohyeaross
- Interview between him and a friend: https://www.youtube.com/watch?v=Olib3jnvSmw
- The site where he made his first mistake and gave out his email address in PMs with his name.https://bitcointalk.org/index.php?PHPSESSID=tt9mt8nqt3lfm0ff1reoduo8j6&topic=47811.msg568744#msg568744
So how did they track him down? This buffoon decided to solicit for help building his site posting his [email protected] address! Used an insecure internet cafe … 500 feet from his house! He even told the feds about Silk Road during an earlier altercation with zero provocation!
I didn’t compile this, direct quote from the SR forums. (Which are still working)
- Posted Gmail address containing his real name using same forum account handle used to advertise for SR when it started.
- Logged into the VPN used to access SR and his gmail address from the same IP. I repeat, he did NOT use Tor to administer SR.
- Use same public wifi to access internet 500ft from his house.
- Disclosed that his timezone was PST in a message.
- Wrote in his linkden profile that he had left his field to focus on “creating an economic stimulation designed to give people a first-hand experience of what it would be like to live in a world without systemic use of force by institutions and government”.
- Ordered fake ID’s internationally to his home address (to setup more SR servers). The fake id’s contained his picture, which considering what they were to be used for doesnt make any sense.
- Told the DHS when they showed up at his door for the fake IDs that “anyone can go onto SILK ROAD and order fake ids”.
- Solicited the hitman “redandwhite” for fake ID’s using his DPR account. Hitman obviously FED/RAT.
- Asked on clearnet helpsite Stackoverflow for help with programming for a hidden service.
- Changed his real name to a pseudonym a minute before asking.
- Used code that he posted on Stackoverflow in SR’s code.
- Increased ire of LEO by doing a Forbes interview. Revealed too much about his character.
Also here is a link to the transaction to hire the hitman:http://blockchain.info/en/tx/4a0a5b6036c0da84c3eb9c2a884b6ad72416d1758470e19fb1d2fa2a145b5601
Edit: Link to supposed conversation with hitman http://oi39.tinypic.com/jizyah.jpg
I guess the only piece of advice I can offer is this:
(Summary pulled from Reddit)