# Silk Road: How FBI closed in on suspect Ross Ulbricht



## regular (Oct 3, 2013)

US  authorities believe that 29-year-old Ross William Ulbricht, arrested on  Wednesday, is Dread Pirate Roberts (DPR) - the administrator of the  notorious Silk Road online marketplace.

It was an underground website where people from all over the world were able to buy drugs.

         In the months leading up to Mr Ulbricht's arrest,  investigators undertook a painstaking process of piecing together the  suspect's digital footprint, going back years into his history of  communicating with others online.

The detail of how the FBI has built its case was outlined in a court complaint document published on Wednesday.

         The search started with work from Agent-1, the codename given  to the expert cited in the court documents, who undertook an "extensive  search of the internet" that sifted through pages dating back to  January 2011.

         The trail began with a post made on a web forum where users discussed the use of magic mushrooms.

         In a post titled "Anonymous market online?", a user nicknamed Altoid started publicising the site.

"I came across this website called Silk Road," Altoid wrote. "Let me know what you think."

         The post contained a link to a site hosted by the popular  blogging platform Wordpress. This provided another link to the Silk  Road's location on the so-called "dark web".

Records obtained by Agent-1 from Wordpress discovered,  unsurprisingly, that the blog had been set up by an anonymous user who  had hidden their location.

But then Altoid appeared in another place: a discussion site about virtual currency, bitcointalk.org.

         Altoid - who the FBI claimed is Mr Ulbricht - was using  "common online marketing" tactics. In other words, he was trying to make  Silk Road go viral.

         Months later, in October, Altoid appeared again - but made a slip-up, granting investigators a major lead.

         In a post asking seeking to find an IT expert with knowledge  of Bitcoin, he asked people to contact him via rossulbricht@gmail.com.

         With a Gmail address to hand, Agent-1 linked this address to  accounts on the Google+ social network and YouTube video site. There he  discovered some of Mr Ulbricht's interests.

Among them, according viewing history, was economics. In  particular, Mr Ulbricht's account had "favourited" several clips from  the Ludwig von Mises Institute, a renowned Austrian school of economics.

         Years later, on the Silk Road discussion forums, Dread Pirate  Roberts would make several references to the Mises Institute and its  work.

   San Fran streets           
According to the court complaint document, it was the  discovery of the rossulbricht@gmail.com email address that gave  investigators a major boost in their search.

         Through records "obtained from Google", details of IP  addresses - and therefore locations - used to log into Mr Ulbricht's  account focused the search on San Francisco. Specifically, an internet  cafe on Laguna Street. 

Furthermore, detailed analysis of Silk Road's source code  highlighted a function that restricted who was able to log in to control  the site, locking it down to just one IP address.

As would be expected, Dread Pirate Roberts was using a VPN -  virtual private network - to generate a "false" IP address, designed to  cover his tracks.






Mr Ulbricht said to have been running Silk Road from Hickory Street in San Francisco   

       However, the provider of the VPN was subpoenaed by the FBI.

         While efforts had been made by DPR to delete data, the VPN  server's records showed a user logged in from an internet cafe just 500  yards from an address on Hickory Street, known to be the home close  friend of Mr Ulbricht's, and a location that had also been used to log  into the Gmail account.

         At this point in the investigation, these clues,  investigators concluded, were enough to suggest that Mr Ulbricht and DPR  - if not the same person - were at the very least in the same location  at the same time.

*Fake IDs           *
The court complaint went into detail about further leads that followed.

In July of this year, by coincidence, a routine border check  of a package inbound from Canada discovered forged documents for several  fake identities all containing photographs of the same person.

It was headed to San Francisco's  15th Street. Homeland security visited the address, and found the man in  the photographs - Mr Ulbricht.

He told officers that the people he lived with knew him  simply as Josh - one housemate described him as being "always home in  his room on the computer".

Around the same time, investigators working on the Silk Road  case later discovered, DPR had been communicating with users privately  to ask for advice on obtaining fake IDs - needed in order to purchase  more servers.

         Further activity attributed to Mr Ulbricht took place on  Stack Overflow - a question and answer website for programmers - where a  user named Frosty asked questions about intricate coding that later  became part of the source code of Silk Road.

         In another apparent slip-up, one of Frosty's messages  initially identified itself as being written by Ross Ulbricht - before  being quickly corrected.

"I believe that Ulbricht changed his username to 'frosty' in  order to conceal his association with the message he had posted one  minute before," lead 
prosecutor Christopher Tarbell wrote in court  documents. 

"The posting was accessible to anyone on the internet and implicated him in operating a Tor hidden service."

*What was the Silk Road?                              *

Silk Road took its name from the historic trade routes spanning Europe, Asia and parts of Africa.

News reports and other internet chatter helped it become  notorious. However, most users would not have been able to stumble upon  the site as the service could only be accessed through a service called  Tor - a facility that routes traffic through many separate encrypted  layers of the net to hide data identifiers.

Tor was invented by the US Naval Research Laboratory and has  subsequently been used by journalists and free speech campaigners, among  others, to safeguard people's anonymity. 

But it has also been used as a means to hide illegal activities, leading it to be dubbed "the dark web".

         Payments for goods on Silk Road were made with the virtual currency Bitcoin, which can be hard to monitor.

Court documents from the FBI said the site had just under a  million registered users, but investigators said they did not know how  many were active.

         Earlier this year Carnegie Mellon University estimated that  over $1.22m (£786,183) worth of trading took place on the Silk Road  every month.


*How bitcoins work*

Bitcoin is often referred to as a new kind of currency. 

         But it may be better to think of its units as being virtual  tokens that have value because enough people believe they do and there  is a finite number of them.

         Each of the 11 million Bitcoins currently in existence is represented by a unique online registration number.

These numbers are created through a process called "mining", which involves a computer solving a difficult mathematical problem.

Each time a problem is solved the computer's owner is rewarded with 25 Bitcoins. 

To receive a Bitcoin, a user must also have a Bitcoin address  - a randomly generated string of 27 to 34 letters and numbers - which  acts as a kind of virtual postbox to and from which the Bitcoins are  sent.

         Since there is no registry of these addresses, people can use them to protect their anonymity when making a transaction.

These addresses are in turn stored in Bitcoin wallets, which  are used to manage savings. They operate like privately run bank  accounts - with the proviso that if the data is lost, so are the  Bitcoins contained.


----------



## regular (Oct 3, 2013)

This is a great read: http://www1.icsi.berkeley.edu/~nweaver/UlbrichtCriminalComplaint.pdf


----------



## #TheMatrix (Oct 3, 2013)

just like that....a gmail address.

****.   I need a safe mail.


----------



## coltmc4545 (Oct 3, 2013)

So is this the same gay ass dred pirate Roberts from fagology?


----------



## Spongy (Oct 3, 2013)

I don't think so.  Dread Pirate Roberts was a character from a movie, so it's more than likely a coincidence.  



coltmc4545 said:


> So is this the same gay ass dred pirate Roberts from fagology?


----------



## LeanHerm (Oct 3, 2013)

We'll I hope it is. He's a dbag just like stone.


----------



## ram97 (Oct 3, 2013)

I guess this goes to show that bigger isnt always better. If they want to figure things out the govt will.


----------



## 502 (Oct 3, 2013)

Damn, that's kinda scary. I knew when that shit got too public it'd get popped eventually.


----------



## AlphaD (Oct 3, 2013)

I just read this last night this is F'in insane.  I read the site generated $1.2 million in sales and 80million in commission for him........Finally the feds actually nab someone selling hardcore drugs.......however if he would have had 2 viles of test on him and 60 pills, it would have been in the news as a steroid bust!


----------



## grind4it (Oct 3, 2013)

What I get from this is: if they want you, they will get you. I would like to think that had he not created a gmail account he would've not been caught. The reality is, they were going to get his ass....and they did


----------



## regular (Oct 3, 2013)

Spongy said:


> I don't think so.  Dread Pirate Roberts was a character from a movie, so it's more than likely a coincidence.



They aren't the same person. However, the DOJ would have surely investigated this account. If you read the criminal complaint, the DOJ claim they searched the web for different combinations of information pertaining to Dread Pirate Roberts and the first instances of the silk road being advertised. The DOJ does launder intelligence from sources they aren't supposed to have access to, so it's difficult to know how they actually caught him. 

https://www.eff.org/deeplinks/2013/08/dea-and-nsa-team-intelligence-laundering


----------



## 69nites (Oct 3, 2013)

I always thought DPR was multiple people.


----------



## #TheMatrix (Oct 3, 2013)

69nites said:


> I always thought DPR was multiple people.



it still may very well be mustiple identities...and one got hammered.


----------



## regular (Oct 3, 2013)

69nites said:


> I always thought DPR was multiple people.



Are you referring to administrator of the silk road or the brilliant person who decided to use the same nickname as a guy controling a market which sold almost any illegal item or service?


----------



## 69nites (Oct 3, 2013)

regular said:


> Are you referring to administrator of the silk road or the brilliant person who decided to use the same nickname as a guy controling a market which sold almost any illegal item or service?


Silk road admin.


----------



## PFM (Oct 3, 2013)

regular said:


> Are you referring to administrator of the silk road or the brilliant person who decided to use the same nickname as a guy controling a market which sold almost any illegal item or service?



Jesus Regs WTF was this Silk Road all about? More than just some magic mushrooms I take it.


----------



## regular (Oct 3, 2013)

69nites said:


> Silk road admin.



I have no idea if he did or not. I don't see why he would share his account with someone else though. The DOJ got access to his PMs and he was trying to put hits on people via PM. That seems like information someone would want to keep limited to as few people as possible.



PFM said:


> Jesus Regs WTF was this Silk Road all about? More than just some magic mushrooms I take it.



Put simply it was an online market accessible only via tor proxy where someone could buy or sell almost  anything they wanted. Think of it like ebay for illegal products and services. It was public so anyone could join. There were listings for every rec imaginable, gear, weapons, and fake IDs. There were also services like money laundering, computer hacking, etc. The owner, DPR, collected a commission on all of the products and services being sold there.


----------



## Spongy (Oct 4, 2013)

Do you think this will be the end of the dark web regs?  Seems like it's folding in on itself more and more frequently lately.


----------



## amore169 (Oct 4, 2013)

Dread Pirates from Ology I been several persons, the name has been pass on by several people from what I read on Ology.


----------



## SFGiants (Oct 4, 2013)

regular said:


> I have no idea if he did or not. I don't see why he would share his account with someone else though. The DOJ got access to his PMs and he was trying to put hits on people via PM. That seems like information someone would want to keep limited to as few people as possible.
> 
> 
> 
> Put simply it was an online market accessible only via tor proxy where someone could buy or sell almost  anything they wanted. Think of it like ebay for illegal products and services. It was public so anyone could join. There were listings for every rec imaginable, gear, weapons, and fake IDs. There were also services like money laundering, computer hacking, etc. The owner, DPR, collected a commission on all of the products and services being sold there.



What a stupid thing to make public let lone have on the web, just goes to show the stupidity in people.

You start making that kind of money illegal your just asking for your ass to get handed to you, when Uncle Sam ain't getting none of that millions your going to get busted!


----------



## regular (Oct 9, 2013)

Spongy said:


> Do you think this will be the end of the dark web regs?  Seems like it's folding in on itself more and more frequently lately.



No, because there are still significant advantages to using these technologies as opposed to not using them. 

Security is a process. Someone can't rely on a proxy to 100% defend themselves. This guy had an enormous overt site dealing in extremely illegal products and services. Not only did he draw the attention of the US government he annoyed other governments too. He was an international menace in their eyes. Think of it this way, is it possible for one guy to out tech the entire world? Even security experts like Theo de Raadt and his team of developers who manage OpenBSD are not without fault. Their operating system has from time to time been found to contain security holes. 

At the the end of the day, a tor site is just a server in a rack somewhere. Private contractors and security experts can be hired to exploit the site itself 24 hours a day. It's very difficult to defend yourself against a government with virtually unlimited assets. The larger and more complex a site is the more susceptible to attack it is. 

The DOJ is claiming they caught him by simply searching for the origins of the site and subpoenaing information based upon their search results from the clear net. No proxy is going to defend someone if they leave a trail of their true identity all over the net. The guy used a gmail address which included his real name to approach people for coding his site. When he first started the site maybe he didn't comprehend how intense the scruteny of him was going to be. I'm sure there was a technical attack occurring alongside the traditional gumshoe approach which is not mentioned in the criminal complaint. The DOJ launders intelligence so it's difficult to know how the government actually caught him.


----------



## Cobra Strike (Oct 17, 2013)

Ya its crazy...no matter what you do to hide yourself if they want you they will get you.


----------



## hulksmash (Nov 12, 2013)

Just noticed this thread

It was all a scam to get a shitload of bitcoins

The FBI didn't shut the shit down lol

Edit:bitcoins*


----------



## BigTruck (Feb 15, 2014)

Great little read. Bitcoins are risky but definitely serve their purpose. And I believe that people will learn from ross's mistakes and keep the deep Web markets going. I don't think there's much le can do to stop it. Especially when other countries aren't on the same page. I mean what if he was running Silk road from a hut in samolia or better yet Cuba lol.  Don't think seal team 6 would be sent to take out every dark Web site curator lol. 

Sent from my SCH-I545 using Tapatalk


----------



## Texan69 (Jan 16, 2018)

#TheMatrix said:


> just like that....a gmail address.
> 
> ****.   I need a safe mail.


Gmail tracks everything. Google in general does. I’ve hear they’ll give leads to LE agencies if they suspect illegal activity in a google account but I think their focus is on child porn which I have no issues with get those sick ****s in jail but idk about how serious they take steroid purchasing via gmail. I too need to get a secure email but not twice savvy so idk where to start


----------



## Gibsonator (Jan 16, 2018)

Texan69 said:


> Gmail tracks everything. Google in general does. I’ve hear they’ll give leads to LE agencies if they suspect illegal activity in a google account but I think their focus is on child porn which I have no issues with get those sick ****s in jail but idk about how serious they take steroid purchasing via gmail. I too need to get a secure email but not twice savvy so idk where to start



and now you are setup with proton so ur good dude


----------

